North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: DNS Hijacking by Cox

  • From: Joe Greco
  • Date: Mon Jul 23 11:45:08 2007

> On Mon, 23 Jul 2007, Joe Greco wrote:
> > I'll accept that argument once you've explained to all your family
> > members how to do it - and they've actually done it, successfully.
> >
> > Let's be real now.
> 
> If we're going to be "real now," consider how rarely ISPs have done this
> over the last several years.
> 
> Its very hard to wake the dragon.  Yes, ISPs can do all sorts of awful 
> things, but the reality is most of the big ISPs are extremely conservative 
> at taking any steps that disrupts customers traffic.  While they sometimes 
> make a mistake, it takes a lot to get big ISPs to do anything.  Since 2005
> when ISPs started doing this, how many false positives have come up?
> 
> I don't think it is "real" to think big ISPs are going to redirect 
> customer traffic in order to steal customer credit card numbers or destroy
> a competitor.

I can't help but notice you totally avoided responding to what I wrote;
I would have to take this to mean that you know that it is fundamentally
unreasonable to expect users to set up their own recursers to work around
ISP recurser brokenness (which is essentially what this is).

That was my point.

And, incidentally, I do consider this a false positive.  If any average
person might be tripped up by it, and we certainly have a lot of average
users on IRC, then it's bad.  So, the answer is, "at least one false
positive."

... JG
-- 
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
"We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.