Dyn DDoS this AM?

Ken Chase math at sizone.org
Sat Oct 22 15:23:43 UTC 2016


(Inband signalling - bad except for BGP?)

General comment: why are we blaming the client devices for the lack of security?

This is like Microsoft villifying linux in the late 90s because "there's no
restrictions on use or packet crafting on the client side" - of course there
isn't, in Windows either -- cant trust the client side, ever. Check out online
gaming, so many h4x 'n bots.

Let's stop trying to fix the clients, there'll always be bad actors/crappy coding.

Let's fix the networks. 

Pay-to-play? People are sensitive in the pocketbooks. NetCoin or something to
purchase dataflows? I dont know. Also sounds terrible. ("That's an internet
tax!!!111"). But Something Must Be Done[tm], by us, soon, or we'll be
dealing with govt cures which will be worse than the disease.

Regulating devices will never happen. Have you checked out world trade
regulations?  The US can't get Chinese firms to stop shipping
deadly-to-the-touch chemwep/drug carfentanil, how we gonna enforce security
standards on COTS electronics? (More govt soln's/approvals too. Fear.)

We have control of the networks. Lets do something.

(cant find the carfentanil story on nytimes anymore, pulled?
http://www.nytimes.com/aponline/2016/10/07/world/asia/ap-as-china-chemical-weapons.html )

/kc


On Sat, Oct 22, 2016 at 04:54:47PM +0200, Mikael Abrahamsson said:
  >On Sat, 22 Oct 2016, Alexander Maassen wrote:
  >
  >>Remember ping packets containing +++ATH0 ?
  >
  >THat only worked because of patents:
  >
  >https://en.wikipedia.org/wiki/Time_Independent_Escape_Sequence
  >
  >Inband signaling is bad, mmmkay?
  >
  >-- 
  >Mikael Abrahamsson    email: swmike at swm.pp.se

--
Ken Chase - Guelph Canada



More information about the NANOG mailing list