Discuss mailing list

["Mikhail Elias" <mikhail AT mikhailelias.net>]

Its a good idea to separate defense of privacy as a human right from abusive 
practices such as misuse of technology for human exploitation and botnet 
operations.

Botnets are designed specifically to violate the privacy of those very same 
people whose freedoms OpenNIC is intended to defend. Many botnets may in fact 
be operated by law enforcement and security researchers - but should one ever 
distinguish between 'good' and 'bad' botnets?

Namecoin just had a hard crash - about 90% - in trading price in recent 
weeks. Noticed any changes in network traffic patterns?

 


On Tue, 04 Dec 2018 18:07:51 -0500 (EST), "Daniel Quintiliani" 
<danq AT runbox.com> wrote:

> You also have to remember that since OpenNIC and Namecoin are niche things 
> run by people concerned about privacy and democracy, it's easy for an 
> outsider to confuse them with shady darknet stuff. (Not that we should care 
> what other people think.)
> 
> --
> 
> -Dan Q
> 
> On Tue, 4 Dec 2018 13:38:12 -0600, Jonah Aragon <jonah AT opennic.org> wrote:
> 
> > Good points. While I do currently operate the .bit peering bridge (ns9), 
> > I’m not really a huge fan of their operation and would be fine with 
> > unpeering their services if the community agreed.
> > 
> > Regarding law enforcement, I am not a lawyer, but I believe that from a 
> > legal perspective we couldn’t be held responsible for the content you 
> > mention for the same reason the Tor Project and ICANN aren’t responsible 
> > for illegal content on their networks. It would be a different situation 
> > if we were hosting said content. It however, seems very possible to me 
> > that law enforcement could coerce us or individual Tier 2 operators to 
> > begin logging user queries, which would be a troubling development. Of 
> > course, they could require us to do so anyways for content related to 
> > anything on OpenNIC domains, not just bit, but that’s the scenario that 
> > might worry me more.
> > 
> > One thing to consider potentially in favor of keeping .bit, is that I 
> > know of at least one cybersecurity firm using OpenNIC to find and 
> > sinkhole C2 (botnet) related domains on the .bit network. I received an 
> > email from a security researcher at MWR Labs 
> > (https://www.mwrinfosecurity.com/), which appears to be a part of 
> > F-Secure, regarding our .bit peering. I didn’t really do that much 
> > verification, but they do look like a legitimate entity and SPF/DMARC 
> > tests passed on the email I received, so I have no reason to believe he 
> > wasn’t a legitimate security researcher. It’s possible that if we remove 
> > .bit, we could hinder some operations in that space.
> > 
> > Jonah
> > 
> > > On Dec 4, 2018, at 12:34 PM, Jeff Taylor <shdwdrgn AT sourpuss.net> wrote:
> > > 
> > > Over the past year .bit domains have started being used as malware hubs 
> > > due to their anonymous nature.  Since there is no way to contact the 
> > > owner of those domains, it creates a backscatter effect and a number of 
> > > people running public T2 servers have seen domains blacklisted, emails 
> > > blocked, and shutdown notices from their providers.
> > > 
> > > As an example I've recently been trying to track today why one of my 
> > > domains was being blacklisted by malwarebytes, and was provided this 
> > > link:
> > > https://www.hybrid-analysis.com/sample/9226d08158c1536dfa7c4f15bbed9fd6b0d6e59880eeaae2143e9025436123a0?environmentId=100
> > > 
> > > If you scroll down near the bottom to the memory forensics, you'll see 
> > > a list of what I believe are DNS servers that this virus was using.  I 
> > > also recognize several other entries in there, including some from .fur.
> > > 
> > > We know that spamhaus is also blocking IP addresses based on resolving 
> > > certain .bit domains, and there is no telling how many others may also 
> > > be blocking based on this sort of information.  The one common thing 
> > > about all of these malware scanners is that none of them have the 
> > > courtesy to so much as send an email to abuse@domain to let you know 
> > > that a problem was detected (one of my own pet peeves, that they claim 
> > > to be trying to protect the internet but don't give the victims a 
> > > chance to fix the problems).
> > > 
> > > We've already seen plenty of malware spread across .bit domains, but 
> > > there is one other possible scenario to consider... What if law 
> > > enforcement were to take up the same stance as the malware scanners?  
> > > There is the possibility of child pornography also being spread across 
> > > .bit domains, and since the owners of that content cannot be found it 
> > > could come back to us (opennic) as the responsible party for making 
> > > that content more easily available on the internet.  I'm not saying 
> > > this HAS happened, just that it is worth considering as a worst-case 
> > > scenario.
> > > 
> > > So I want to ask if anyone else feels a need to call a vote on dropping 
> > > .bit specifically, and/or consider a resolution to not peer with groups 
> > > which have no ability to hold a specific party responsible for the 
> > > content of their domains.  Yes Opennic is supposed to be an open 
> > > platform, but keep in mind that by providing .bit domains we are 
> > > directly responsible for the creation of a whole new class of malware.
> > > 
> > > 
> > > --------
> > > You are a member of the OpenNIC Discuss list. 
> > > You may unsubscribe by emailing 
> > > discuss-unsubscribe AT lists.opennicproject.org
> > 
> > 
> > --------
> > You are a member of the OpenNIC Discuss list. 
> > You may unsubscribe by emailing 
> > discuss-unsubscribe AT lists.opennicproject.org
> 
> 
> --------
> You are a member of the OpenNIC Discuss list. 
> You may unsubscribe by emailing discuss-unsubscribe AT lists.opennicproject.org