There clearly is appetite at most levels of government for a restricted internet. Obvious crime, paedophilia, terrorism, etc but increasingly, you're seeing direct-to-consumer sites like Alibaba and Wish flogging knock-off crap over borders without paying taxes, without consumer safety checks and often without having license to make and sell that stuff in the first place.
It's not going to be long before somebody legislates that you're only allowed to peer a network if you agree to cut anybody off who enables that, including other peers who ignore abuse across their network. It'll effectively limit what "the internet" is allowed to contain. Essentially embargoing bad actors and those that enable them, and all in a very pro-active way.
It will —and should— put the fear of iJesus into consumer ISPs. They could easily cut off customers with computers operating within botnets, alerting them to infections, etc. At the peril of having your peerings cut off, you'd expect them to be a lot more pro-active too.
I honestly don't how I'd feel about this. It seems safer but if life has taught me anything, that usually just means it's not, and somebody's just quietly getting rich in the corner.
Making ISPs more proactive is only doable with either heavy restrictions what communication is allowed or heuristics (that fail). That sounds like anyone out of the ordinary (so a majority of this site's users) will get flagged as suspicious. The fun thing is that I've seen both methods already applied and either me or someone I know has been encumbered by them.
There's not a single piece of me that feels that this would somehow end up positive in total.
And everybody on the Internet knows this. When somebody brutes your login page or SSH server, what do you do? Nothing. It should be trivial to report IPs and timestamps back to ISPs. Many ISPs are already required to log connections at some level (destination and port) so this stands to verify the abuse report. Get a number of these shoot through for a single customer (IPs are unimportant at this point), and it's time for a nasty conversation.
The machinery to make this work already exists. It's the ISP that's the problem. Threaten non-compliance of continued abuse (or a lack of reduction in botnet activity, whatever) with disconnection to the parent peer, so the ISP takes it seriously, and we'll see reporting rates rocket.
Monitored at local level (FCC, Ofcom, etc), per existing ISP complaints.
But yeah, no ISP is going to do this without serious threat of action.
I'm sure there is still scope for abuse, but letting ISPs ignore abuse reports isn't working out well for the rest of the internet either.
But yes, maybe attaching some real personal perjury liability —unlike the watered down DMCA abuse liability— might be a good idea. Good network admins know what abuse looks like and have logs to corroborate.
I do see your argument for a slippery slope, but in this case the example given is clearly in the core competency of the company. There's no morals needed; this is how the internet is supposed to work, and you've bypassed that. Kick him out.
We don't think about slippery slopes when a renter starts burning the house down; it's clearly within the homeowners rights to start evicting.
The process of deciding that sort of law would be awful but if everybody focussed on serious and network focussed crime and not protecting Mickey Mouse et al, something good could come from it.
But you are probably right. The US —esp with current leadership— could very easily force protectionist terms on others. Nobody would want to be separated from the US. Switzerland would have no leverage. African countries would have no leverage. The EU and China might have a chance, but the latter especially stands to lose a lot more than it could gain. China still needs access to a global market.
It's definitely has potential to be deeply insidious. But with the value of the network, I'm just surprised people aren't suggesting more things like this.
To be clear, I'm not advocating this. I just see it as an inevitability.
https://news.ycombinator.com/item?id=17501201 (56 comments)
Bad actors can often be identified. Their upstream should just disconnect them. Or their upstream should. Draw a boundary around them and their intransigent collaborators, and cut them out of the network like a cancer.
In general I think it is a very bad idea to give this kind of policing power in the hands of private companies. They tend to be very conservative to avoid legal liability and they can also take arbitrary decisions. When Cloudfront decided to cutoff the Daily Stormer they crossed a line and many people were justifiably upset. It's the job of the legal system.
The real problem is economic; for any given ISP, they are going to side with their customers over some rando complainer most of the time. You don't get rich by disconnecting your own customers unless you absolutely have to.
Sometimes, this is good, if you're the one who might get disconnected (Cox was a great ISP to have, because for many years they would blithely ignore Bittorrent complaints and give you a dozen or so 'strikes' without consequence); it's awful and obnoxious if you are on the receiving end of an attack, and some shitlord low-budget VPS reseller or datacenter operator won't unplug the control server or whatever, or drags their feet to a ridiculous extent.
All about whose ox is getting gored.
Sure, that seems like it could never be abused at all.
As others have stated this isn't about blocking content, this is about cutting off an entity that was actively damaging infrastructure.
Were any honest actors harmed by this 'shunning'? Seems unlikely that this 'Bitcanal' web-hosting company was used exclusively by malicious parties.
Also, if this 'shunning' idea were to really catch on, couldn't it end up colliding with net-neutrality laws?
IPV4 addresses in 'known bad' ranges can be totally benign, I know this because I've been the owner/steward of a whole pile of such addresses over the years. Typically the hosting providers where our stuff was colocated would be the likes of Leaseweb and Dynamic Pipe which had a lot of porn customers and spammers as customers.
It would not be rare at all to be blocked either on entire class C's or ports from those blocks of addresses in spite of never having had interaction with certain parties before.
Kudos to the people at Spamhaus who never blocked us and went out of their way to ensure they only hit the boxes of the spammers with surgical precision.
Finally, 'distant past behavior' is what caused me to have to jump through all kinds of hoops to reclaim the IP address of my present day mail server.
There is no set protocol to register a change of tenancy for an IP address and I'm pretty sure if such a protocol did exist that spammers would abuse it but it is super annoying to have to go begging cap in hand to the likes of Google, Apple and Microsoft for clemency when you've done nothing wrong (and to be ignored...).
Yes there is. It's called the SWIP  process and if you buy an IP block, you are required to submit SWIP forms to register the reallocation with ARIN or RIPE. 
Of course, this only applies when the ownership of the range is changing. If you're using a hosting provider who owns the block, and another customer on the block was a spammer, then you're right -- there is no way to transfer. But you also don't really own the IP range in that case.
That said, providers generally do keep records of which IP is associated with which customer at which time. That information is just not publicly available in real time.
This is really upsetting. The imbalance of power is especially pronounced here as they don't really care whether you deliver you mail or not - you do. You're totally at their mercy. That's why lots of people nowadays say "it's too much hurdle to maintain my own e-mail server, I'll just use some service" - and in this way they give even more power to Google and the rest.
We'll wake up one day and realize e-mail is no longer as free as it used to be, but it will be too late.
I'm dreading the day that I have to switch my personal mail server's IP address.
(important disclaimer: it's been a while since I had to deal with un-blacklisting, so maybe things have changed since?)
We're talking single emails, in reply, from whitelisted addresses, being blocked because they come from (paraphrasing) "a server associated with a server whose IP address was previously a spam source".
That's a shared hosting experience. Mind you we were trying to send a flood of perhaps 10 emails a month to ourselves, so you can understand why they'd ignore our whitelisting./s
Because the provider says: "If you are on a network that is known for allowing email marketing to occur, you may be out of luck as well. If you aren't doing email marketing consider a different network." I haven't yet gone through and actually contacted them especially since my IP is included in their "worst" category. It's also the only place I've had a problem with so far, so not worth the hassle yet.
Suppose you're a microservice that does caching, fast-track authentication or similar. If you block a user, that user will have to spend several or even many seconds on reauthentication and/or cache refreshing, but that's the whole cost. Is your proper threshold for blocking high or low?