Re: Anyone notice strange announcements for 174.128.31.0/24

["Nathan Malynn" <neito () nerdramblingz com>]

Here's a question that's been bugging me the whole thread, and it's a
bit of a newbie one. How is this different than someone faking SMTP
headers to make it seem like an email came from my domain when it
didn't? I'm talking in terms of morals, obviously; I understand the
technique is different.

On Thu, Jan 15, 2009 at 9:44 AM, Patrick W. Gilmore <patrick () ianai net> wrote:
> On Jan 15, 2009, at 3:54 AM, Andy Davidson wrote:
> > On 14 Jan 2009, at 16:06, Jeroen Massar wrote:
> >
> > > Simon Lockhart wrote:
> > > > (Yes, I'm in the minority that thinks that Randy hasn't done anything
> > > > bad)
> > >
> > > Nah, I agree with Randy's experiment too. People should protect their
> > > networks better and this is clearly showing that there are a lot of
> > > vulnerable places in the core internet structure.
> >
> > The end sometimes justifies the means, and someone in the research
> > community discovering flaws in bgp implementation (software, protocol, or
> > process - at the bgp stack, in my NOC tools, in the community's
> > understanding) before hackers/spammers/fraudsters do, then I count that as a
> > result.
>
> We disagree.
>
> The 'researcher' does not get to decide whether the information gained by
> yelling fire to see how quickly people react is worth the risk of someone
> getting hurt, or even just missing the rest of the movie.
>
> No reputable research institution's ethics committee would allow an
> "experiment" to proceed which announced a prefix in such a way that every
> network engineer on the planet would assume the prefix traveled through $ASN
> even though the prefix had not, and the researcher did not even notify $ASN
> of the experiment.
>
> --
> TTFN,
> patrick