Re: IPv4 Hijacking For Idiots

[Mark Andrews <marka () isc org>]

In message <1496816542.3628250.1001312328.70DF4DB2 () webmail messagingengine com>
, Scott Christopher writes:
> Mark Andrews wrote: 
>
> > but we do have the tech to do this.
>
> I wholeheartedly agree.
>
> > All it takes is a couple of transit providers to no longer accept word-of-m
> outh and
> > the world will transition overnight.
>
> This is the hard part. 
>
> It seems trivial - being probably only a handful of transit providers -
> but then again, these providers have massive infrastructure spread
> globally, often ancient legacy systems that still work, and management
> has a legal responsibility in most places to maximize the profits of
> their shareholders.
>
> Look at the rollout of EMV in the U.S.: the world "has done had that
> tech to do that" for decades (in Europe) but it only arrived in the U.S.
> two years ago. And the U.S. doesn't do the (more secure) chip-and-pin
> like the rest of the world (that costs too much money according to the
> banks) but rather chip-and-signature. 
>
> Whereas U.S. banks are (sometimes) liable for fraud on their systems,
> transit providers don't have any liability for anything in the U.S. And
> they are actively fighting for their right to transit some packets
> faster than others - for an additional fee, of course!
 
Actually they do have liability. It just needs someone to sue them
for them to wake up.  The injured party isn't a customer of the
transit provider so there isn't any weasle worded contract to sace
the transit provider.

> I think the solution is legislation + regulations.
>
> -- 
> Regards,
>   S.C.
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka () isc org