Survey on the impact of software regulation on DNS systems

[Michael De Roover]

Hi Peter, I really appreciate this discourse too. With what's happening in the world now 
and with this particular executive order affecting even something as niche as DNS, I like 
how it offers a vessel to have this public discussion.

On Tuesday, April 8, 2025 7:40:44 PM CEST Peter 'PMc' Much wrote:
> So what You are saying is, it might still work to just talk to these
> people?
> In earlier times that was usually my stance when discussing matters
> in the underground - I might say, why do we not just make a date and
> actually talk to the concerned people, as basically they're also
> humans, like you and me? And occasionally things did indeed work
> out pleasantly that way...
> 
> But given the development of recent years, I mostly lost my
> optimism. Like a fellow mystician put it: <Adam Kadmon has been tied
> up upside down> and it is difficult to cope with sheer madness - I
> even made it onto the death-list of some activists ---

This is something I've been thinking about a lot recently, and does deserve some nuance. 
In one of the events that I previously mentioned, it was FSFE inviting me over and the rest 
of the practical bits essentially just lining up. The choice to rent out a hotel floor in 
Brussels, was quite smart. This meant that, just as I could easily go there from Antwerp, 
the politicians could also quite easily go there from their offices in "de Wetstraat / Rue de 
la Loi" (the street where their offices are located) to what was Hotel Le Grand Central at 
Rue Beillard 190. Being just 1.5km apart, it could even be walked to. The rest is really just a 
matter of pinging the right people.

What it makes me think about in Europe right now though, is how much that proximity 
has affected my ability to be there. Or for that matter, how much being a Belgian resident - 
the host country of these administrative buildings - has affected my ability to reach out to 
these people in the correspondence about the Chips Act. Unlike the GitHub lobby, that was 
just me voicing my concerns in response to a press release.

The reason why this is significant to me, is that when I visit Portugal (which I often do), 
suddenly I am a lot further away from these administrative affairs. It feels a lot more 
distant, because it is. Rather than 50km, suddenly it's 2000. And that is reflected in the 
media as well. So if I were born Portuguese and not just stay there for a couple of years, 
would I have the same beliefs about Brussels? Would I have the same access? In an ideal 
world, of course I should, every EU citizen should. But would that be reality?

That is where I turn my gaze across the pond, and the various executive orders that have 
been ratified so far. Going back to what started this thread, that was one of them. The 
event called "Liberation Day" was another. In response to that, even the EU's executive 
branch themselves have attempted to enter dialogue, by undoing their 2% tariff to the US. 
And it was, unsurprisingly, met with more dismissal. From politicians to politicians, 
organizations that by all accords, should be on the same level. This was never about 
reciprocity. And not even just across the pond, even inside the US there are various 
concerned speeches from presidential figures like Bernie Sanders and Barack Obama now.

Obama's presentation, as published by Hamilton College:
https://www.youtube.com/watch?v=nU3E8r0n27w[1]

So what could be done about it in the US, that is rapidly heading towards a fascist 
dictatorship? For us Europeans, I think it's most important to acknowledge how fragile 
democracy really is, and how history taught us how important it is to be upheld. For 
Americans meanwhile, the precedent has been an attempted insurrection, an attempted 
assassination, blatantly ignoring the rule of law, and crashing the stock market. In 2020, 
the US has also gotten very close to a civil war. To merely call it a state of turmoil, would be 
a grave understatement. Its administration is a loose cannon, willing to burn every bridge 
made with every single ally across centuries. As an onlooker, it's an ongoing exercise to 
remember that the administration is not its people.

Meanwhile for organizations like ISC and the IETF, perhaps the expression of dissent by 
adopting primary/secondary was more than just "social justice" as what I opposed it for 
way back when. If that is one of the few ways that American people and organizations can 
still reach their government, that is praiseworthy. Better than a swasticar, that much is for 
sure. And for nonprofit organizations like ISC, it's even more genuine because the added 
work would've been a net liability. That is in stark contrast with for-profits, who may well 
only care about public perception to not harm sales. So for nonprofits to enact these 
things, that is truly admirable. Coming to terms with that, has been long overdue. I 
should've known better.

> ! > will be not far into the future that safety-critical material ends
> ! > up there - probably unnoticed until some accident happens. And after
> ! > the accident the outcry for regulations will be imminent.
> !
> ! Fascinating. Just the other day, I did experience a denial of service
> attack, ! that turned out to be performed by none other than OpenAI. It was
> against my ! Gitea server, with OpenAI's crawlers requesting an
> unreasonable amount of zip ! and bundle archives from it. Those were
> generated, (presumably) transferred ! and saved to disk. This took down my
> Gitea instance twice so far, in both ! cases due to storage being depleted.
> 
> Ah, yeah, I've seen these. I don't think it is intentional DoS, rather
> just recklessness. I have a cgit public, and I found them there,
> downloading utterly worthless copies of the Berkeley sources.
> It seems to work similiar to the California gold rush - they think the
> more worthless garbage they download from the web, the richer they
> will get (for whatever rationale I do not understand). So they ignore
> any robots.txt, and fetch every url they can construct, no matter how
> useless it might be.
> 
> I openend a thread here:
> https://forums.freebsd.org/threads/how-valuable-is-the-freebsd-source.96962/
> 
> Bottomline so far: I switched my server to IPv6 only, and the spook
> was gone entirely. So this is not any technologically advanced party,
> and rather some make-money-fast gangs.

It's kind of funny how we each, independently, came to the same conclusion. While I 
would've compared to the Australian gold rush and pretty much the only money-making 
organizations being those selling shovels, the parallels are striking. I appreciate that you 
mention IPv6-only to be a possible solution to this. Other than that, I've so far also seen 
writings from Cloudflare about protection from this being available in their free tier. I'm 
still contemplating whether I want Cloudflare to front my web presence, but if it gets 
unmanageable, I'll have to bite the market consolidation bullet.

Heh, come to think of it... That link to Cloudflare was one posted in your FreeBSD forum 
thread. Swings and roundabouts huh :)

> Anyway, recklessness has greatly increased nowadays. Gotten rid of
> this one, I already found the next: somebody is sending thousands and
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20250409/662156e1/attachment-0001.htm>