[Chapter-delegates] Great powers bring great responsibilities

Sat Sep 8 17:56:16 PDT 2018

Victoriano,

this doubtless looks like overkill. It certainly seems justified to block
the misbehaving servers but the whole domain is likely too much. "Necessary
and proportionate" come to mind. Also all of us would benefit from
remembering this extroardinarily solid paper by ICANN's Security Advisory
Committe, signed by Stever Crocker among others, on the risks and impact of
blocking and filtering based on the DNS:
https://www.icann.org/en/system/files/files/sac-050-en.pdf (link opens a
PDF file.)

I have taken the liberty to send your note to a contact in Google who may
be able to assist in solving this problem soon; it is horrible to see that
your site still can't be reached. I hope you have taken measures to not
only block the misbehaving servers but to hardening all of your site as
much as possible (working at the National University of Mexico and having
been its academic computing director I know it is **hard**.) Further,
making it known to the university's commuity that one miscreant has wrought
so much damage to the whole may instill some hygiene (another parenthesis:
while OTOH we know that it will increase the stimulus for other
miscreants!; our social pact is weak in this respect and while peer
pressure may help most, it is increasingly creating incentives for
pranksters and evildoers.)

Yours,

Alejandro Pisanty

On Sat, Sep 8, 2018 at 1:43 PM Victoriano Giralt <victoriano at uma.es> wrote:

> On 08/09/18 20:27, Richard Barnes wrote:
> > I realize you may just be venting, but it's important to keep your
> > situation in the context of the overall security of the web.
>
> And that's why I insist that they have gone two far or the programmer
> did not understand that there maybe organizations outside "the big five"
> that have many different servers under their domains.
>
> > Operating a web server that anyone on the web can access is also a power
> > that entails responsibilities.  If the servers providing malware were
> > serving it on the https://uma.es domain, then Google was correct to
> > block that domain.
>
> No, the affected server were NOT server http://uma.es. The were
> secondary server under their own uma.es subdomains. I will not protect
> the guilty:
>
> http://observa-e.una.es
> http://www.jornadasavancehepatologia.uma.es
>
> We have hundreds of different servers with their own names and
> subdomains with their own administrators.
>
> > Safe Browsing has huge benefit to the overall security of the web.
> > Keeping it up to date given how quickly malware moves around is a
> > monumental task, and that team does well at it.  There will be
> > inevitable false positives; your case may be one.  Hopefully Google will
> > be responsive to your request.
>
> I fully agree with this position, but actions should be proportionate.
>
> --
> Victoriano Giralt                             CIO
>                                               University of Malaga
> +34952131415                                  SPAIN
> ==================================================================
> Note: signature.asc is the electronic signature of present message
> A: Yes.
> > Q: Are you sure ?
> >> A: Because it reverses the logical flow of conversation.
> >>> Q: Why is top posting annoying in email ?
>
> _______________________________________________
> As an Internet Society Chapter Officer you are automatically subscribed
> to this list, which is regularly synchronized with the Internet Society
> Chapter Portal (AMS): https://portal.isoc.org
>

-- 
- - - - - - - - - - - - - - - - - - - - - - - - - - -
     Dr. Alejandro Pisanty
Facultad de Química UNAM
Av. Universidad 3000, 04510 Mexico DF Mexico
+52-1-5541444475 FROM ABROAD
+525541444475 DESDE MÉXICO SMS +525541444475
Blog: http://pisanty.blogspot.com
LinkedIn: http://www.linkedin.com/in/pisanty
Unete al grupo UNAM en LinkedIn,
http://www.linkedin.com/e/gis/22285/4A106C0C8614
Twitter: http://twitter.com/apisanty
---->> Unete a ISOC Mexico, http://www.isoc.org
.  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://elists.isoc.org/mailman/private/chapter-delegates/attachments/20180908/847599e2/attachment.htm>