Re: Fwd: [cooperation-wg] Massive IP blockings in Russia

[Yuri Slobodyanyuk]

Thanks for sharing,
Note of caution - there is a mess going on with this blocking so if some IP
range/domain is not in any list it doesn't necessary mean it is not
blocked. Lists are created/updated pretty sporadically (e.g. the list does
not say so but there are reports of blocked DigitalOCean nets 167.99.0.0/16
& 206.189.0.0/16 https://www.securitylab.ru/news/492749.php) .
My 2 cents - once Russian Internet authorities get tired of chasing their
own tail (any sysadmin knows you can't block ain't nothing by IP addresses
today) they will stop this fruitless effort (but of course they cannot do
it right now and lose the face) and things will be back to normal.

On Thu, Apr 19, 2018 at 9:39 PM, Bryan Fields  wrote:

> On 4/19/18 1:36 PM, Sandra Murphy wrote:
>
> > Russian ISPs MUST fully block all traffic to such networks. The list is
> > frequently updated and gets automatically propagated to ISP every once
> in a
> > while, failure to block any address may result in 1500eur fine.
>
> Per day?  That's a cost of doing business.  Can we donate to pay it
> somewhere?
>
> > The
> > infrastructure listed above is being added to the blocklist under
> > “counter-terrorist and counter-extremist” order of the General Prosecutor
> > Office, #27-31-2015/Id4082-15, issued in 2015 and often used for blocking
> > an arbitrary unwanted content. The real reason for such blocking is an
> > attempt to cut access to Telegram messenger, which refused to provide
> > end-to-end encryption keys to the Federal Security Service (previously
> > known as KGB).
>
> Necessity is the plea for every infringement of human liberty.
> It is the argument of tyrants; it is the creed of slaves.
> -- William Pitt
> --
> Bryan Fields
>
> 727-409-1194 - Voice
> http://bryanfields.net
>



-- 
Taking challenges one by one.
http://yurisk.info

Re: Fwd: [cooperation-wg] Massive IP blockings in Russia

[Bryan Fields]

On 4/19/18 1:36 PM, Sandra Murphy wrote:

> Russian ISPs MUST fully block all traffic to such networks. The list is
> frequently updated and gets automatically propagated to ISP every once in a
> while, failure to block any address may result in 1500eur fine. 

Per day?  That's a cost of doing business.  Can we donate to pay it somewhere?

> The
> infrastructure listed above is being added to the blocklist under
> “counter-terrorist and counter-extremist” order of the General Prosecutor
> Office, #27-31-2015/Id4082-15, issued in 2015 and often used for blocking
> an arbitrary unwanted content. The real reason for such blocking is an
> attempt to cut access to Telegram messenger, which refused to provide
> end-to-end encryption keys to the Federal Security Service (previously
> known as KGB). 

Necessity is the plea for every infringement of human liberty.
It is the argument of tyrants; it is the creed of slaves.
-- William Pitt
-- 
Bryan Fields

727-409-1194 - Voice
http://bryanfields.net

Re: Fwd: [cooperation-wg] Massive IP blockings in Russia

[Alejandro Acosta]

I guess this is already a big issue + this is going to be a problem for
people attending the FIFA World Cup using information from the cloud
(few people, no?)


Ale,



El 19/4/18 a las 1:36 p. m., Sandra Murphy escribió:
> Of possible interest to this group.  
>
> Forwarding at Alexander’s suggestion, who says he has already shared info in 
> the NANOG facebook group "(with updated prefixlist)".
>
> —Sandy
>
>> Begin forwarded message:
>>
>> From: Alexander Isavnin 
>> Subject: [cooperation-wg] Massive IP blockings in Russia
>> Date: April 17, 2018 at 1:36:33 PM EDT
>> To: cooperation...@ripe.net
>>
>> Dear colleagues!
>>
>> I’m not pleased to inform you that RosComNadzor, a Russian Communication 
>> supervisory body, has started blocking huge ranges of IPs belonging to 
>> different cloud infrastructures, mostly Amazon and Google Cloud.
>> Those ranges include: 13.52.0.0/14, 13.56.0.0/14, 18.184.0.0/15, 
>> 18.194.0.0/15, 18.196.0.0/15, 34.192.0.0/10, 34.240.0.0/13, 34.248.0.0/13, 
>> 35.156.0.0/14, 35.160.0.0/13, 35.176.0.0/15, 52.0.0.0/11, 52.192.0.0/11, 
>> 52.208.0.0/13, 52.28.0.0/15, 52.58.0.0/15, 54.144.0.0/12, 54.160.0.0/12, 
>> 54.228.0.0/15, 54.72.0.0/15, 54.88.0.0/16.
>>
>> Russian ISPs MUST fully block all traffic to such networks. The list is 
>> frequently updated and gets automatically propagated to ISP every once in a 
>> while, failure to block any address may result in 1500eur fine.  
>> The infrastructure listed above is being added to the blocklist under 
>> “counter-terrorist and counter-extremist” order of the General Prosecutor 
>> Office, #27-31-2015/Id4082-15, issued in 2015 and often used for blocking an 
>> arbitrary unwanted content.
>> The real reason for such blocking is an attempt to cut access to Telegram 
>> messenger, which refused to provide end-to-end encryption keys to the 
>> Federal Security Service (previously known as KGB). This is a case similar 
>> to San-Bernardino shooter’s, where the FBI was denied access to the 
>> shooter’s iPhone, but courts in Russia have made completely opposite 
>> decision.
>> Telegram’s infrastructure is being blocked by a different decision by 
>> RosKomNadzor, #2-1779/2018.
>> Cloud infrastructures are being blocked for massive proxy and VPN hosting 
>> used to dodge messenger blocking.
>>
>> It is said, that more Apple and Google networks may be blocked soon for apps 
>> updates and push notifications delivery for Telegram.  
>>
>> We hope to still have the global IP connectivity to keep you informed about 
>> how the situation develops.
>> Do not be surprised if some of your services placed in cloud infrastructures 
>> will miss Russian customers.
>>
>> You can monitor the number of IP addresses, domains and URLs to be blocked 
>> in Russia at the https://2018.schors.spb.ru/ page (run by the famous ENOG 
>> community member Phil Kulin).
>> Detailed information (also via API) is available at the 
>> https://reestr.rublacklist.net run by RosKomSvoboda civil society group.
>>
>> Kind regards,
>> Alexander Isavnin
>>
>> Sent via RIPE Forum -- https://www.ripe.net/participate/mail/forum