On Tue, 23 Apr 2024 08:59:07 +0200 Gert Doering via swinog swinog@lists.swinog.ch wrote:
On Tue, Apr 23, 2024 at 08:55:49AM +0200, Serge Droz via swinog wrote:
Yes, I understand the technical issues. And yes it's ugly. But do you have a better solution?
Since this is not a "solution", just a new sort of problem, it doesn't even qualify for a comparison.
Even IF it would have a relevant impact on the spread of malware (and I agree with you that it definitely CAN'T), triggering actions that you CAN'T know the further consequences of is not a good idea.
And furthermore, breaking protocols is usually an approach to do as much damage as you want. It is not technically intended for providers to do this. There is no interface to indicate that you are bending DNS for security reasons.
In the end, this is just another approach to justify interfering with the network. Once the lever has been successfully applied because of cybercrime or malware, this will be extended more and more politically. All experience to date simply shows that.
The Russians are evil? So block the network. The Chinese are evil? So network blocking. Wikileaks is evil? Network blocking. Because the users are poor sheep that we have to protect from evil information. And it's not the users who decide what information is evil.
Best Regards Oli