The Tragedy of the Communications Commons.

3 Antworten [Letzter Beitrag]
amenex
Offline
Beigetreten: 01/03/2015

Spoken language can be heard over limited distances but independent development limits its range.
Sign language is limited to line-of-sight but has the benefit of universality.
Runners have anonymity; and leaders have to learn not to kill the bearers of unwelcome news.
When smoke signals came into use, anyone could watch, including the competitors.
The telegraph can be blocked by cutting the wire and can be intercepted.
Facsimile machines were killed by rampant abuse.
Telephones ... we all know how they are being abused; we don't have to answer.
Radio is limited by the carrier frequenc(ies) and can be traced to its sourc(es).

Images, whether conveying visual information, sound, or writing, are transmitted in minimal
packets that bear an identifying number, a checksum to ensure accuracy, and instructions for
reassembly at the receiver. The numerical addresses are limited in an agreed-upon protocol
requiring registration, and the registered users are granted unlimited access within their
assigned address blocks. They can use names as memory aids to identify specific addresses.
These names are called "pointers" (PTR for short). Some names have special meanings, so there
is a registration process to enable users to gain rights of exclusive use of those special
names, now called "domains." Abusers can lose their access to the address to which the name
is assigned. Pointers are not registered because they need not have special meaning; therefore,
Internet Service Providers (ISP's) who do not sell shared access to a server identified by a
specific pointer have little financial incentive to enforce rules of service within that pointer's
address space.

Major ISP's gain market share by acquiring rights to an ever wider range of addresses.
We now have the situation wherein abusive ISP's, who can name their unshared addresses any
way they wish, can obfuscate individual addresses by giving them identical names. A further
obfuscation can be achieved by using long or complex names that do not accumulate on the
name servers that are part of every individual user's computer software in order to facilitate
quick translation of a name request to that name's specific numerical address by which the
packets being transmitted are identified. An effective obfuscation process gives an abusive
transmitter of information the anonymity to be protected from apprehension. Legitimate need
for anonymity can be granted by a licensing process with constricted terms of service.

The present Internet Protocol is Version 4 (IPv4). You can evaluate its transparency by looking
up the names associated with any given range of addresses. I have done this for addresses with
an historic association with abuse, namely the years 2003-2014. About one-third of those addresses
return different names on successive days; another fraction return the same name for a wide range
of addresses. IPv4 encompasses addresses from 0.0.0.0 through 255.255.255.255, i.e., 256^4.

The protocol of the future is IPv6 (FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF, i.e, 256^16). That's
such a big number that it is incomprehensible how an ISP can go about assigning a name to all of the
addresses within the range of addresses under its control. It's even more difficult to comprehend
how long it would take to make a request for the PTR of every address within an ISP's CIDR block.
However, one can apply a statistical approach by making an inquiry for a number of randomly
selected addresses throughout that block. I can prove for many abusive ISP's within a degree
of relative certainty that their pointers are all of the same name. How do they do that ? By
intercepting every dig -x request with a script that returns that name for all their addresses.

One way of dealing with the threat posed by these degrees of anonymity is to look up the name
associated with each incoming address and then immediately look up the address of the reply.
Another way is to repeat the name lookup at a later time and then compare the results.

There is an accepted practice of load leveling wherein one domain name is assigned a number
of different addresses, not all necessarily on the same server. Proper reqistration dictates
that the second lookup return all the registered addresses. The ubiquity of informal nameservers
confounds that approach. It can be corrected by adding a "/n" indicating the number of addresses
comprising the buffer to the reply for the second lookup. False /n's can be detected by randomly
restricting the second lookup to the formally assigned nameserver(s).

Adobe server software gives users the option of performing hostname lookups of the incoming
packets' addresses. This practice is deprecated for good reason, but most ISP's do it anyway,
probably by reacting to the most vociferous users of the many shared servers. Just like today's
issue with the use of masks that protect surrounding persons from the pandemic's viruses, it's
a matter of science to choose one practice over the other, not aesthetics.

George Langford

commodore256
Offline
Beigetreten: 01/10/2013

That's the tragedy of centralization. The Internet is useful, but I feel it's overrated, we should bring back more traditional methods of information sharing to make the internet less relevant. There's very little physical delivery of information these days.

Develop the LAN and the home study.

amenex
Offline
Beigetreten: 01/03/2015

Regarding centralization, I ran a pair of Internet searches on "reliable news" on Google and DuckDuckGo,
saved the pertinent URL's, performed dig on the hostnames, and then whois on the reported IPv4 addresses
with the following generalized results regarding the server owners:
Google 38 URL's DuckDuckGo 31 URL's
Amazon 23 Cloudflare 9
Cloudflare 5 Amazon 5
Fastly 2 Fastly 5
Automattic 2 Akamai 2
Lee Enterprises 2 Namecheap 2
Cloudaccess 1 Google 2
Pantheon 1 Lee Enterprises 1
Newdream 1 K-Media-Tech 1
Akamai 1 Sucuri 1
Hubspot 1 Qrator 1
European Commission 1
OVH 1
Digitalocean 1

Then, using nmap to look up all the other PTR's on the /24 CIDR blocks of all the reported addresses,
I evaluated the changes that nmap detected on the same CIDR/24 blocks in a pair of scans 14 hours apart,
with the following generalized results:
Google: Some servers are getting turned off and on ==> Mainly amazonaws.com's, then tn-cloud.net and several others, one or two of each, mostly cloud-based.
DuckDuckGo: amazonaws.com's and akamaitechnologies.com's servers are being switched off/on in equal measure, plus one other, a cloud-based server.
Miscellaneous PTR's on both sets of servers appear stable over this short time span.
Amazon, Cloudflare and Fastly appear to dominate the URL's of both sets of search engines.
The dominant country code for the both sets of URL's is US, but DuckDuckGo's results include one each of RU, EU & BG.

panties
Offline
Beigetreten: 02/02/2021

What would you do if Flies invade your home and fly around in front of the display you are watching, fly around you when you are taking a shower, fly around your plate when you are eating, fly around your head when you are sleeping?