EU plans IP address snatch to battle cybercrime An international cybercrime centre will be able to revoke domain names and IP addresses under new proposals by European governments. The EU Council of Ministers announced the plan yesterday. They want a new body, possibly based at Europol, the EU police agency, to take on an array of tasks to combat cybercrime. The most eye- …
... is pretty easy. Provide a BGP feed of addresses which need /dev/nulling, and get all the big ISPs to peer with it (which costs nothing and takes about 5 minutes to configure).
Anti-spam blacklists have been providing a similar service for years.
How exactly the EU will create a more accurate or timely service, and what the appeals process will be for people wrongly listed, is another matter entirely.
I think this is an excellent idea and I have always wondered why it wasn't done years ago. They should also extend it to spammers, of course - it would have a huge impact on the problem.
The big problem, of course (and you mentioned this) is that while domain names are pretty easy to revoke, IP addresses are not. They are controlled by many organisations, and they, of course, chop up their IP allocations into blocks which they then allocate to other organisations, which then chop their allocation into smaller blocks ...you get the idea. So, tracing the administration of a single IP address could involve many many layers of administration. They need to find a way of short-circuiting this.
I wonder if they understand the consequences of null routing blocks of addresses? Suppose an IP address has been identified as serving up content worthy of being added to their list. Do you block that IP address of the allocated block to which it belongs?
What happens when a whois query shows that the address in question is part of a /20 of dynamic addresses? Block them all and wait for the phone calls? Or just block the one and wait for the person behind the address to power cycle their modem and get a shiny new address to play with plus a series of phone calls about random mysterious problems from other users of the same block?
Using BGP to null route problem addresses sounds sensible but might not scale too well if you start trying to block the number of entries in a typical DNS RBL as /32s. I guess that's just a technical issue though, so not worth worrying about...
... if they set up centralised monitoring of all internet traffic, obviously surveillance would be proportional to the task and non-intrusive, and co-ordinated this with a uniform framework across all Member States, then they could make serious inroads into various types of trans-border crime that are an anathema to a modern society, control the theft of copyright be a minority which so seriously hampers economic growth, and ensure that safe and open access is available to all citizens.
An IP address black list may sound dandy to someone who knows nothing about networks.
If global revoking of an IP address is desired, it makes no sense to do this anywhere other than from the originating ISP (they cannot really expect millions of routers, web sites, and ISPs to give a toss about their black list?).
If they execute the block through the originating ISP, then it makes more sense just to block the account and recycle the IP.
IP addresses simply do not represent specific computers, much less individuals.
It could be implemented just like DNS, except it would be subtractive. If anyone blacklists an IP address then that is propergated over the whole Internet so no one can get it. It should also be law that people in authority have to use this service. The rest of us can use the real Internet whilst the idiots are stuck on the ever shrinking lower case internet.
Is a problem when they are dynamically assigned.
DDNS and DHCP are going to cause you issues on one side, vhosted websites on the other.
Besides, I'm struggling to control my own national government. As democracies grow in size they represent me less. Why would I want to put policing and law-enforcement further from my control?
They are idiots tinkering with occult knowledge. The Internet is constantly evolving. It's only by convention that we have a DNS system and an IP address system. IP addresses can be dynamic and still work. People can set up their own DNS system which could be outside of governemnt control.
People in the know will simply make sure they are also connected to the shadow Internet, which is where all the good stuff (bad stuff) will be found. Most likely it will be distrubuted virtual servers running as services on peoples PCs. I expect it already running. Ever wondered what all those updates are for?
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
