When a country hires mercenaries to server as an extra military or police force, what is the legal frame work for that? The Italian police hires a mercenary group to take down a target in Lithuania by breaking into a innocent third-party ISP, without a single document by any court.
From what I've read, they were actually trying to get back their own CNC server (which they had somehow lost access to), and the "third-party ISP" (Aruba) was co-operating with them.
I agree that the Italian ROS (which is part of the Carabinieri, a military police force that ended up being the main Italian police force because of accidents of history and a local penchant for fascism) were heavy-handed, as they are all the time. For all our crying about NSA, European law enforcement agencies are typically much worse.
I don't think the role of Aruba (the Italian ISP involved) was the one of the innocent third-party ISP. IANAL, but as far as I know, there is no "secret court" that can ask them to do that.
They did it not because of a break (or so I understand, I'll be happy to be mistaken) but, probably, "to keep the Man quiet". While understandable (to a point) this is definitely not what an "innocent third party" will do.
To me it shows a bit of naivety by the police force. Hopefully Inspector Montalbano was not in charge of this one.
I think in economies where tech is slower to adopt into the mainstream agenda, abuses like this are seen as the digital equivalent of 'reasonable force'. Where there is no existing protocol, there will be fuzzy lines and abuses in order to justify bringing criminals to justice.
I saw this complaint in Ars' comments as well, but I don't have a problem with using Google Translate. If there was any confusion or if the situation was very complicated, then sure, get an actual translator. But for a relatively straightforward situation that Google Translate handles pretty clearly, why bother?
Because this is what happened when I google-translated your comment to Italian and back:
> I saw this complaint in the comments Ars' as well, but I have a problem with using Google Translate. If there was any confusion or if the situation was very complicated, then sure, get a real translator. But for a relatively simple Google Translate handles quite clearly, why bother?
Note the "I don't have a problem" -> "I have a problem". You cannot rely on Google Translate and as a journalist, you should not be so stupid to do so.
Twice is very different than once, as I feel you are probably aware. Once with editing/skimming is normally pretty good and at least obvious where clarification is needed.
BGP and DNS - I can't believe we're still using them. Other pieces of software and protocols definitely have their share of problems, but it's amazing that the two protocols that are so central to the Internet infrastructure are so deeply broken on the conceptual level.
Upstream vendors are the ones that should take flak for allowing the announcement. And they definitively should slap on policy restrictions on this ISP.
