terminology: "capitalism" versus "commerce"

People start out being satisfied with having 'enough plus a small cushion'. A small portion of them want more. And more. And greed sets in and they start wanting everything: all the voice, all the money, all the control. It's the nature of the beast.

In unfettered capitalism, greed reigns supreme. Greedy capitalists spend inordinate amounts of money buying regulation that benefits them. It really comes down to, "I got mine. Gitcher own." Governance has failed when capitalism has removed its own fetters.

My philosophy is that any internet host that tries something nefarious on my network or gateway is to be blocked completely. I currently block 1.25M domains and (sometimes) up to 50 000 IP addresses. They are all hosts that I don't want to have any contact with anything on my private internet (internetwork of LANs), in or out. I'll soon be adding snort/suricata alerts to block more IP addresses. I recently blocked a number of Vietnamese and Chinese netblocks (which were possibly hijacked); they were the source of most of the constant 5 000 guests on my forum hammering away doing whatever they were doing; normal guest count is less than 5. The count is recently back up to 500; time for me to scrape the logs again. From the other side, cloud and virtual host providers should also identify and prevent scammer, spammers, fishers and other miscreants from accessing the internet.

My conclusion is that the enshitternet is broken. Anything goes as long as the goal is profit. It is not possible to identify most hosts or domains on the worldwide net. DNS is wholly insufficient. RDAP/whois is inconsistent around the world (thus broken). We need a relational database of domains, owners/operators, and assigned addresses and netblocks (from the top all the way down to end users) and a freely accessible UI so we, the people, can verify who is (trying to) accessing our systems. We need to shut down all stolen netblocks and prevent further hijackings (fix BGP management). We need to be able to mark unused (or idle) netblocks as such so those addresses cannot be routed. We need to identify and shut down access from businesses who cry, "We're port-scanning your networks and services for your own good!" when it's really only for *their* profit. End-to-end encryption precludes private internetwork owners from performing their required duties to prevent malware, bots, malcontents and others from crossing their perimeter firewalls; it should be replaced with host-to-host, host-to-gateway and gateway-to-gateway encryption (OE). Network protection must be a multi-level undertaking. It is a grave mistake to reduce that task to operate only on end hosts. Otherwise, the only solution will be for groups of like-minded people to set up their own virtual internets and block out all who are not part of their group. And that will only further the interests of the chaotics (communists, fascists, atheists, anarchists, national socialists, capitalists and news media) who strive to prevent us from discussing issues among ourselves and deciding for ourselves.

These are my opinions. I may be right. Or wrong. But that's for all y'all to decide.