Nanog and Susan Harris

"Evil does seek to maintain power by suppressing the truth."

"Or by misleading the innocent."
Spock and McCoy, "And The Children Shall Lead", stardate 5029.5.

According to Nanog's web page:

"Nanog evolved from the NSFNET "regional-techs" meetings, where technical staff from the regional networks met to discuss operational issues of common concern with the Merit engineering staff. At the February 1994 regional techs meeting in San Diego, the group revised its charter to include a broader base of network service providers, and subsequently adopted NANOG as its new name. "

Much of the defamation described on IADL.ORG pages involves Nanog participants.

• Ancient History 1997 - 2000
• Legal History
• Current History or more Spam, Lies, and the Internet
• Scientific Fraud Anycast
• Summary
• Public Interest Abused

The discussions about "some dodgey cartell" found documented in the MAPS Story took place in 1996, and are very relevant to the discussions in 1997. Anderson, however, was unaware of the 1996 discussions.

On November 25th, 1997, Dean Anderson subscribes to Nanog-post. Over the next two years, there are occasional arguments about open relays, scanning, the Computer Fraud and Abuse Act, and the Electronic Communications Privacy Act.

ECPA

January 21, 1998 A reasonable message that blocking packets violates the ECPA and Wiretap Act
The message is supported by facts.

January 22, 1998 John Levine says that ECPA and Wiretap Act don't apply to ISPs
Levine changes the subject to "re: ridiculous misreadings of laws". Levine is refuted on list in 1998, and by Court cases cited below. Levine subsequently becomes chair of the IETF Anti-Spam Research Group. See also John Levine

January 22, 1998 Jeremy Porter threatens Anderson on the "ridiculous misreadings of laws" thread:

"Maybe with any luck he'll show up at the next nanog meeting and be suprised in a dark alley. I tend to find spammers and spam supporteds to be of such low moral character that they don't have they courage to stand up supporting it in public. "

Nanog Staff (Susan Harris) take no action on the threats. Anderson does not attend the Washington D.C. meeting because of threats and lack of response.

January 23, 1998 Jay Ashworth objects to the threats
Ashworth disagrees, but is civil.

Ashworth will eventually be banned from Nanog by Harris. Porter remains a frequent poster as of January 2006.

December 4, 1998 Anderson suggests that RBL are subject to laws

December 4, 1998 James D. Wilson says: No court cases means no laws.
This is a common opinion among Nanog participants. Nanog does not provide any education on the subject of internet law as necessary for network operators.

Wilson says:

There are multiple cases out there which validate the right of a provider to block mail services from whomever they want. Remember Spamford?

Actually, those cases did not prove Wilson's point. In fact, Sanford "Spamford" Wallace won a temporary injunction against AGIS:

AGIS is ENJOINED from terminating Cyber's service through October 16, 1997 or until such time as Cyber notifies me and AGIS that it has secured comparable Internet access service whichever is sooner.

The disconnection was prompted by a "ping flood" DDOS attack against Cyberpromo (from text of Injuction):

The controversy began on September 16, 1997 when AGIS terminated Cyber's connection to the Internet without prior notice. The termination followed a massive "ping attack" on AGIS's network which it maintains appeared to be directed at Cyber's computers.

Wilson seems to consider the "ping" DDOS attack on Sanford Wallace to be a success.Wait: DDOS attack a success??? Nanog staff continue to encourage the notion that there are no laws that apply to the internet, and that these sort of activities are appropriate for network operators.

Feburary 1st, 1999 Ravi Pina (Part of Joshua and the Cleveland spam gang) works for ISP Qual.net, which was later aquired by Verio. Pina announces "spam whore, norcal-systems.net", and posts the result of traffic he has intercepted from the alleged "spammer".

A discussion ensues over the next several days. Anderson responds to accusations of being pro-spam, and of slandering Verio.

Feburary 26, 1999 Anderson suggests there is a need for automated system with authentication/trust relationship for NOCs to communicate with other NOCs.

Anderson does not make any further more posts until May, 1999, whereupon a "problem" is discovered.

In May, 1999, there is a "problem" with Anderson's email. Email isn't getting through. Anderson is subscribed to the proper lists. The problem is resolved without explanation. At the same time, someone begins soliciting abuse of Av8 Internet email servers. This is traced to the "cleveland gang". Several of the gang, Chris Neill, Steve Sobol, and Doug Dever, are frequent Nanog posters on spam topics.

Again, in June 1999, there is another "problem" with Anderson's email. This continued from June 23 through July 13th.Several messages to nanog-support were sent during this period. This problem was also resolved without explanation. The effect of this was to suppress Anderson's input on a discussion issue.

Again in October, 1999, there is yet another "problem" with Anderson's email. This was also resolved without explanation.

In November of 1999, an argument ensues on Nanog over open relay abuse. Kai Schlicting and Chris Neill are involved. Neill is already known to us for having been involved with solicting abuse for open relays in May 1999. Schlicting says or rather threatens our relays "will be found", and that the abuse will come from Korea and other places. Neill gives assurances our legal position is not correct, and that it is OK to abuse open relays.

Susan Harris steps in and responds to a message from 5 days previous. Harris asks just Anderson to take it off-line. It seems Harris is uncertain if the discussion is even going on. Harris does not make an on-list request for the discussion to end. Rather, Harris just wants Anderson's view suppressed. The message she objects to is also telling. A fairly large number of people take part in the discussion. The topic seems to have interest and more importantly, the discussion has an operational impact: A lot of ISPs block ORBS.

ORBS was blocked in November from the US by BBN Planet. On December 16th, 2000, Anderson posted a message that the block had been lifted, and that open relay abuse resurged. It reflects poorly on certain "anti-spam" elements, particularly on the ORBS group. Apparently, some people don't like anything bad to be said about anti-spammer activities. Anderson is peppered with insults and personal attacks that violate the Nanog AUP. Harris does nothing about the abuse of Anderson.

On January 7th, 2000, Anderson open a discussion on Netgate support for ORBS. The core issue is whether someone can or should be held responsible for crimes committed over the internet in another country. Since it reflects poorly on certain anti-spam elements, some people are against this. Anderson is again peppered with insults and personal attacks for criticizing anti-spammers. Harris does nothing about the abuse.

On January 9th, 2000, Harris steps in, and asks Anderson (and just Anderson) to drop out of the discussion. For two more days, Anderson is attacked and belittled, in violation of stated Nanog policies. Harris does nothing about the personal attacks on Anderson. Nor does she stop the topic.

On January 11, 2000, Anderson officially (for the first time) complains about the bashing. Harris still does nothing.

On January 13th, 2000, coindentally, there is a current news story where a russian hacker penetrated a US web site and stole credit cards. He was arrested, thereby proving Anderson's assertion that people can be held responsible for crimes committed over the internet in another country. In other words, Anderson was vindicated.

Instead of acting like a good loser, on January 13th, 2000 Harris blocks Anderson's email. Anderson protests. There is one inaccuracy in the protest lodged by Anderson: He complains of 2 days of bashing. In fact, by the 13th, it is actually 4 days. It has been 2 days since his complaint about it on the 11th. It is interesting how fast Harris is to block mail of persons with whom she disagrees, while being completely indifferent to upholding the Nanog AUP against personal attacks. A policy of preventing personal attacks is implemented partly to protect unpopular viewpoints, and partly because ad hominem personal attacks represent a fallacy: Even if the personal attack were true, it doesn't make the person's argument wrong. Later, Anderson questions fairness again, and asks if there is someone above Harris to mediate the dispute.

In response, Harris sends a message with 3 points,claiming there is no unfairness. And before a response to this message can be made, Harris blocks all email from dean@av8.com to all of merit.edu. (The bounce message shows Harris's 3 points). She refuses to identify her supervisors. There will be no "going above her head". This block also halts the participation of Av8 in the Merit RADB project. The RADB is a routing database project. The block to Merit.edu and its programs still continues as of 2005.

Anderson criticizes Nanog (and Merit) on several issues:

• failing to educate network operators in internet business law.
• failing to teach proper ethical attidudes to network operators
• failing to provide vendor-neutral routing database services.
• failing to provide a vendor-neutral forum for the exchange of ideas and views
• failing to be accountable to the community it serves.

Looking back with the benefit of 6+ years of hindsight and subsequent Court cases, Anderson's ideas and assertions of fact that Harris et al sought to block and suppress were right on target. Anderson has been vindicated by the passage of time, but more so by the passage of Court cases.

January 21, 1998 Dean Anderson reports blocking packets violates the ECPA and Wiretap Act
Anderson presentation is supported by facts.

January 22, 1998 John Levine says that ECPA and Wiretap Act don't apply to ISPs
Levine changes the subject to "re: ridiculous misreadings of laws". Levine is refuted on list in 1998, and by Court cases cited below. Levine subsequently becomes chair of the IETF Anti-Spam Research Group.

In January, 1998 Brad Councilman directs employees to begin sureptiously making copies of email belonging to users of Interloc. This is eventually discovered, and results in a criminal prosecution United States V. Councilman. In 2005, the Appelate Court finds that the Wiretap Act does apply to email in transit, and uses the same sources used by Anderson in 1998. Anderson is vindicated

In 2001, Konop V. Hawaiian Airlines demonstrated that having a password does not imply one has authorization. This also vindicates Anderson's claims about the ECPA.

In 2001, MAPS is sued by a bulk commercial emailer and charged with anti-trust, extortion, violation of Colorado Communications Privacy law, interference with contract, and other issues. MAPS lawyer claims only First Amendment defense. A motion by MAPS to dismiss based on First Amendment privileges is rejected and the Court chastises the attorney. MAPS settles during the recess. The settlement is secret, but reportedly MAPS agreed never to block Exactis, and to pay specific damages if it ever does.

In 2001, ORBS was sued and lost 3 separate lawsuits for defamation and false statements. In one news report:

The judge was also unimpressed by the fact that when Mr Brown was offered the chance to apologise, he reacted by making further defamatory allegations. The judge also said that a key motivator behind Mr Brown was the financial welfare of his ISP.

The judge said of comments made on the Internet: "I must say I know of no forum in which an individual citizen has the freedom to say what he likes and in any manner he wishes about another individual citizen with immunity from suit for all consequences." And so he made sure there wasn't.

ISPs begin to listen. Nanog meeting attendance drops. After hitting a peak of 622 attendees in February, 2001, attendence drops to 274 attandees at its June 2003 Meeting. Nanog begins to listen back:

In October, 2000, Nanog has a seminar on Law and the Internet. Strange, given that Harris thought the subject of Law and the Internet was off-topic for Nanog in January, 2000. Apparently, operators do want to know their legal obligations.

In 2002, Steven Bellovin says that the Wiretap Act only applies to Telephone companies. He says it again, and cites converstations with unnamed prosecutors, and cites a 2000 Nanog presentation given by a DOJ attorney. Bellovin specificially cites "slide 12" which includes a statement by Atty Eckenwiler that "phone companies more restricted than ISPs". Plainly, Eckenwiler's statement does not imply Bellovin's assertion that the Wiretap Act only applies to Telephone companies. In fact, Eckenwiler's statement implies just the opposite: that the ECPA and Wiretap Act do apply to ISPs. [As Anderson said they did]

Compare Bellovin's claims with United States V. Councilman. Compare both to Anderson's assertions that both the Wiretap Act and the ECPA apply to ISPs. Plainly, Anderson made the correct analysis. The response by Harris to Anderson and Bellovin is entirely different. Yet, in 2005, Harris is still disparaging Anderson.

In late 2003, Open Relay blacklists shutdown, and open relay abuse virtually halted.

In 2003, the CAN-SPAM Act was passed. Most commercial bulk emailer's comply.

In 2005, Brian McWilliams reports in "SPAM Kings" that two former MAPS employees and Ohio anti-spammer were working in 2003 for Scott Richter, a known spammer, performing "listwashing" services. Anti-spammers helping spammers spam! Hmm. Quite an ethical problem for the anti-spammer, helping the "enemy" avoid spam traps, isn't it? Well, ethical dilemma's don't seem to pose much problem for these anti-spammers.

In 2005, United States V. Councilman demonstrated that an ISP cannot read the email of its customers. Councilman, an executive of the ISP Interloc, was found guilty of criminal violation of the Wiretap Act. The Appeals Court also found that Councilman was not entitled to the rule of Lenity or to any fair warning doctrine. The rule of Lenity is:

The Supreme Court in Staples v. United States, 511 U.S. 600, 619, n. 17 (1994) described the "rule of lenity" as a doctrine which provides that an "ambiguous criminal statute is to be construed in favor of the accused."

In other words, the assertion that making copies and reading customers email is illegal is not something that is ambigous.

Another thing: "listwashing" is really just a database match. One merely takes the list of spam-trap addresses and removes those addresses from the spammer's database. It doesn't take 3 people to do that. Extortion anyone? Incidentally, Exactis also listed emails from MAPS that pressured Exactis to move unreasonably quickly, and then threatened Exactis with a permanent blacklist entry if they contacted attorneys. Hmm. Do you suppose they anticipated that Exactis might say "we are understaffed", and that MAPS might say "hire these three people, and we won't blacklist you, and we'll listwash your email lists." Hmm. That is speculation, since Exactis called their attorneys. And then won, for all practical purposes.

Since 2002, ISC and RIPE have been advocating the use of DNS Root Anycast. The history of the DNS Root Anycast history is documented at http://www.av8.net/IETF-watch/DNSRootAnycast/History.html. Anderson has argued that Anycast is unsafe for TCP. Particularly, that an increasingly useful and common fast switching technique call "Per-Packet Load Balancing" will send packets from the same TCP stream to different Anycast servers.

October, 2004 Verisign presents a paper to the Nanog 32 meeting that demonstrates that duplicate IPs show up at different DNS Anycast sites. Warns people not to use Anycast for TCP. Verisigns. Data matches Anderson's analysis to PPLB and fast switching. Verisigns presentation:.

Page 27
Interesting Behaviors
+ Looked at sites that were seen in two or more anycast sites
+ 3.69% of all traffic over three days was seen at two or more sites
+ More than expected
+ Looked at a couple of examples…
Traffic from one IP seen at multiple sites
Take home
+ Expected to see a saw tooth distribution –
instead have a noisy distribution in many cases
+ Does not affect UDP
+ DO NOT RUN Anycast with Stateful Transport
+ Will “No Export” mitigate this behavior?

This pretty much vindicates Anderson's analysis, and that of others, including Iljitsch van Beijnum. Is it "Game over" for TCP DNS Anycast? It should be. But, no. As we will see, the pressure will really be turned up.

In January 2005, operators had had enough of Harris: Reform was demanded http://www.nanog-reform.org (emphasis added):

There has been a large amount of discussion lately about problems with the NANOG mailing list and meetings.

The current system of moderating the mailing list has involved repeated suspensions of the ability of valuable participants to post to the list, without oversight or any form of due process. While perhaps sometimes necessary for the continued smooth operation of the list, this has had several undesirable effects. List members are now deprived of the points of view of several members of the operations community, some of them quite knowledgeable and well-respected. Even among those who have not been warned or banned, there is a widespread fear of sanction. Some useful discussions may have been suppressed. The list has at times become overwhelmed by arguments over censorship. There is a perception that NANOG members are being treated like children in need of supervision, rather than professionals sharing information.

We also have some serious concerns about the current state of the NANOG meetings, which have over the last few years suffered from a lack of interesting presentations and content relevant to the network operations community. Indeed, we note that on the current 18 member NANOG program committee, there are only four people who are currently network operators, as compared to seven current or former employees of Merit.

We are concerned that there has been a perception of powerlessness on the part of the operations community to change the operations of the NANOG organization. There is little public view into behind the scenes control of the mailing list, outside of the increasingly frequent blow-ups on the list over the actions of the list moderator, and it is very unclear how an interested party would affect the direction of the organization.

After the Nanog-Reform group gained some steam, Anderson and many others were restored to Nanog. Nanog email was moved to another server. Anderson still cannot send to Merit directly.

The following refers many times to "ad hominem" attacks. An ad hominem attack is "against the person". It is unacceptable because it is a logical fallacy. The fallacy is that some personal characteristic of the person has some logical relevance to the issue being debated. To qualify as an "ad hominem", two conditions are necessary:

1. It must be personal.
2. It must be irrelevant.

What isn't a ad hominem or personal attack:

• Valid criticism is not a personal attack.
• Valid complaint is not a personal attack.

On March 27, 2005, Anderson responded to a thread about Sorbs.net. The thread began on March 15. Anderson wrote about his experiences with SORBS, This is a factual reference to negative experiences with SORBS and Matthew Sullivan. People ask for references all the time, and get positive and negative references in response. This isn't an ad hominem, but rather valid criticism and complaint.

On March 28, 2005, Harris writes to Nanog-admin and to Anderson, that "Anderson is nuts" and that the 3/27 post is an ad hominem. Of course, Harris' message is something of an ad hominem itself. That same day, a member of the admin team contacts me about "the beaut that Harris just sent". The nanog-admin member agrees that Harris' message was unacceptable.

One March 30, 2005, Harris sends an apology.

Dean, I owe you a huge apology for this.  I've made many mistakes in the
past, but this is by far the worst.

I'm glad you and Martin corresponded about this, and again, I'm so sorry
for making an idiot of myself.

        --Susan Harris, for the NANOG list admin team

Harris' apology is probably among the most insincere messages I have ever received, as the previous 7 years and the next 35 days demonstrate.

On April 19, 2005, Paul Ferguson posted to Nanog that he thought some providers were ignoring DNS TTL. Anderson noticed that the confusion was simply the result of DNS Anycast. Anderson explains how this happens and why its confusing.

But on April 20, 2005,Gilmore claims TCP Anycast has been working for HTTP for a decade. Gilmore doesn't offer any evidence of such operation. Patrick Gilmore says Anderson is insane. Gilmore's message is an ad hominem. Harris does nothing. On May 3, 2005, Gilmore admits that his company does not do HTTP Anycast.

On April 22, 2005, Anderson responds, with more politeness than Gilmore probably deserves.

On April 24, 2005 Harris attacks Anderson again, and makes another false claim of ad hominem. Harris says that Anderson's April 22 message is an ad hominem attack on Gilmore! There is no ad hominem attack by Anderson. Nothing in Anderson's message is irrelevant. No personal attribute of Gilmore's is referenced by Anderson.

1. May 2, 2005 Paul Vixie calls Av8 Internet "dv8", and calls Anderson a crackpot. This is an ad hominem on Anderson's assertions about the PPLB/TCP DNS Anycast issue. Calling Anderson names does not make Anderson wrong about the TCP DNS Anycast issue. In 2006, Anderson is ultimately vindicated on the TCP DNS Anycast issue.
2. Steve Champeon joins in
3. Paul Vixie, again
4. Randy Bush doesn't want to be left out.

Incredibly, Harris ignores all this, too.

On May 3, 2005, Anderson complains about these ad hominems. Harris ignores the complaint.

On May 3, 2005, Anderson also responds directly to the attacks. Anderson explains his motivation and previous mistakes in dealing with such attacks. There is no ad hominem in this message.

On May 3, 2005, Regarding Anderson's response to the attacks, Harris makes another false accusation of ad hominem against Anderson! With no hint of shame or irony, Harris actually includes the text calling Anderson a crackpot, in her message to Anderson.

On May 3, 2005, Anderson refutes an explanation by Vixie of why DNS anycast is somehow safe. This is an entirely technical explanation. Vixie has made claims that are irrelevant to the assertions being made about DNS Anycast.

On May 4, 2005, Harris again makes a false accusation of ad hominem against Anderson. But there is no ad hominem in Andersons message. Anderson says Vixie is wrong for entirely technical reasons. Harris also claims that Anderson's message on May 3rd ignored her May 3rd warning. This too is false. Harris' off-list message was queued in with ordinary spam and other email, and was not read until May 4th. Harris is a participant in the fraud of TCP DNS Anycast stability.

So, effective May 4 2005, Harris again banned Anderson. Although the new "reformed" rules require a limit of 6 months, Anderson remains banned as of April 16th, 2006. It seems permanent.

On May 5, 2005, Daniel Karrenberg enters the DNS Anycast fray, and posts a preview of his upcoming paper. Karrenberg is responding to Anderson's message.