> From nanog-bounces+bonomi=mail.r-bonomi....@nanog.org Tue Sep 27 15:54:37 > 2011 > Date: Tue, 27 Sep 2011 13:54:26 -0700 > From: JC Dill <jcdill.li...@gmail.com> > To: NANOG list <nanog@nanog.org> > Subject: Re: Nxdomain redirect revenue > > On 27/09/11 7:20 AM, William Allen Simpson wrote: > > > > > >> Most likely the ISPs' lawyers were smart enough to include a clause > >> in the ToS/AUP allowing > >> the ISP to intercept, blackhole, or redirect access to any hostname or > >> IP address. > >> > > It's not legal to insert a clause allowing criminal conduct. There's > > no safe haven for criminal conduct. > > > I'm not sure that it's *illegal to insert a clause* for conduct that is > forbidden by law. I'm pretty sure you can claim almost anything in the > contract. What is illegal is enforcement of an illegal clause. Law > trumps contract terms - that's WHY we have civil laws - to protect > people from unscrupulous business dealings. And that's why most > contracts have a clause that says if a particular clause in the contract > is found invalid the rest of the contract still stands - because so many > contracts DO have invalid clauses. For example, many employment > contracts have non-compete clauses that forbid the employee from going > to work for a competitor. But in many states these clauses violate the > state's right-to-work laws. The company lawyers KNOW the clause is > illegal, but they insert it in the employment contracts anyway, to try > to fool employees into thinking they will get sued if they go to work > for a competitor. > > > >> The name for an ISP intercepting traffic from its own users is not > >> "interference" or "DoS", > >> because they're breaking the operation of (er) only their own network. > >> > > No, they're breaking the operation of my network and my computers. My > > network connects to their network. > > But you have no recourse, their network, their rules. (Right?) You > *might* have recourse if they were modifying traffic you sent to their > customer, but in this case they are modifying traffic that originates > FROM their customer. I'm not convinced that redirecting this traffic is > any different from blocking it (e.g. firewall to prevent employees from > accessing facebook or torrents). > > I believe the only entity who has recourse is the entity who is paying > them for service - e.g. their (paying) customer.
In the specific case of 'falsifying' a DNS return for what would have been a NXDOMAIN, that is "mostly' correct. but consider whqat happens when you get into the situation of querying a DNSBL operator -- where an 'error' result _is_ a desired return value. Now, when the provider returns 'false and misleading' data for what would be, under normal conditions, a SUCCESSFUL query -- say, returning a 'bogus' address for a well-known search-engine, so as to bee able to manipulate the results -- then the party whose traffic is being 'stolen', and sent to the bogus server, THAT party may well have grounds for a civil suit for 'tortuous interference with a business relationship'. In this situation, there are also possible criminal sanctions, under 'wiretapping' prohibitions, among others.
