Michigan First With A Law That Could Outlaw VPNs 554
zaren writes "Holy frell, Taco, we're gonna be criminals! I was checking out Freedom to Tinker after reading the posting about that multi-state anti-VPN-style legislation, and I saw a new posting that says that Michigan has ALREADY passed such legislation, and it goes into effect on MONDAY, MARCH 31, 2003 . Guess I better tighten down the base station and batten down the hatches..."
First the RIAA and now this all in one day? (Score:5, Interesting)
Honestly, I'm starting to feel guilty as soon as I start using a PC. I must be breaking some law as soon as I sit down.
It's about time for the otherwise useless ACLU to start some legal action. Finally, they'll have something to pursue that's worthy of their time.
Also with effect 31 March... (Score:5, Interesting)
Michigan doesn't seem to have made it to the 21st century yet.
FINALLY! (Score:5, Interesting)
Any web browser can be used to access a proxy server making All web browsers illegal in Michigan. Since IE is so integrated into the software (that it can't possibly be removed), it makes all windows OS's illegal!
Of course this applies to all linux browsers, but we can remove those.
Ahh yes, the crap is piling up, and it aint the dairy cows.
Not concealing anything. (Score:5, Interesting)
What else do they need to know?
"Your honour, at what layer of the OSI Network Layer model is this bill to be enforced?"
"Er, case dismissed."
Defeating Stupidity? (Score:2, Interesting)
It strikes me that the reason why this legislation appears in the states that it does is perhaps a particular ISP has something to gain by it. Close that loop, and you'll probably find who lobbied for it.
To defeat this kind of legislation sounds like it'll need some kind of federal-level class action movement against it. Perhaps something along the lines of a significant breach-of-contract in bad faith with your ISP, or the fact that the legislation attempts to explicitly modify a contract(s) in-force presently, which may be a no-no for states.
One thing that might wake up ISP's to this, is if people started requesting copies of their contracts in writing to be snail mailed to them as proof of that contract-in-place before the law comes into effect. I would think in most states you have a legal right to a printed copy of a contract?
This gets to the fundamental question of who owns the customer-end of the IP pipe into your home, and corporate America wants as much control over that as they can. To us geeks, it is readily apparent to us that once the wire gets to us, we ought to be able to hook up the coffee machine or the computer to it. This makes me wonder of how this set of legislation violates any anonimity statues, or guarantees of privacy businesses have offered on the web. If you can't VPN, or go through a proxy or firewall, and your IP address is your machine in some way, shape, or form, those sites cannot in any way state the information they collect is anonymous.
Re:Haha, This could be the end of NAT! (Score:5, Interesting)
All this does is make the isp aware of how many machines I have.
A while back the ma-bells tried to charge for every phone you had in your house, and they succeded for several years.
This is another in a long line of atrocities commited by our elected representatives.
Telemarketers? (Score:5, Interesting)
Chill out a bit! (Score:2, Interesting)
This seems to be a roll up to give the cable, telephone, and broadband companies a bit of legal tooth for threatening people stealing cable modem access, DSL access, reprogrammming their cable modems, etc.
I highly doubt the legislature would push a bill so obviously inspired by the broadband people while being totally oblivious to the fact that many of these same providers offer things like broadband firewalls/NATs as parts of value-added-service packages. I know six months ago, AT&T in some areas would gladly sell you a router/firewall, as would Comcast and a couple DSL providers. There are even next-gen modems on the market that plug into a network uplink and do the NAT themselves. So suddenly Linksys, Motorola, 3Com, Cisco, etc, are all criminals, as well as every store that sells consumer broadband firewalls?
I can't wait to see CompUSA try to get out of it. "Well, we didn't know they could be used to cheat Verizon!" "Lessee. It offers NAT, the box reads in big blue letters that it's 'Designed for DSL!', and you sold how many of these? Fifty last month? That's 2000 times 50."
I'm secure in the fact my provider doesn't even offer multiple IP addresses in any cost range out here.. I can't cheat them of money they were unable to earn in the first place for lack of offering the service.
Re:Not one but two !!! (Score:5, Interesting)
well, the ONLY good news is... (Score:3, Interesting)
An analysis of what comes out of state government and local MI city and township governments via Internet should be adequate to provide conclusive evidence of massive violation of this law.
I mean, looking at their E-mail, websites, anyone know about VPNs or crypto use by the legislature? While the law only forbids decrypt, encryption isn't a hell of a lot of use without decryption at the other end.
The problem is forcing action on the complaints. Taxpayer suits? Don't know, I think it's time for input from EFF and/or any telecommunications lawyers reading this thread.
Re:Not concealing anything. (Score:5, Interesting)
He violates no law, including this one, operating VPN tunnels via his ISP. He has the right to send and receive IP traffic. The law mentions nothing about the content of the traffic he sends or receives. Presumably he has permission from whoever is at the other end of the VPN to use it.
You, and the rest of you hypersensitive zealots, need to do better than highlighting some piece of legislation to make your point. It is plainly obvious to me that NAT, VPN, SSL, SSH, HTTP proxies or any of the other mechanisms you folks claim will be made illegal by this law are simply not.
But have your fun. It's what you're all about...
make the dog vomit up its tail (Score:5, Interesting)
This is easy for me to write, I'm in Europe so can't participate; however, there have been calls for geeks to politicise, to make their voices heard...
If every university and college student turned him/her self into the police on Monday morning for being in violation of this new law, the system would choke. It'd get a hell of a lot of media attention too. Something has to be done... these laws, largely unenforceable, continue to be passed... each one errodes the rights of ordinary people...
I simply can't fathom how a law this monomentally stupid has been passed... but it's got to be challenged. A mass protest would certainly expedite it and might prevent similar laws from being passed in other states where they're being considered.
The Ma Bell similarity (Score:5, Interesting)
Back in the bad old days (prior to Jan. 1, 1984), you could only get a phone from AT&T. They owned Western Electric, which was the only manufacturer of telephone equipment. They owned the lines (there were some exceptions where GTE had a local market). If you wanted a phone, you had to accept the whole package.
You had to lease your phones from them -- you couldn't buy them. You had to pay extra for DTMF (Touch-Tone [TM]). Your monthly bill was based on the base rate times the number of phones plus the base local call charge plus the incredibly overpriced long distance calls, which themselves worked on a minimum of three minutes and charges were rounded up to the next whole minute.
They stifled technology much more so than IBM, even when it hurt them. It became cheaper and easier for them to have customers using DTMF, but because people wanted it rather than the damned dialing wheels, they kept on charging premiums, which meant they had to keep those old number nine crossbars in the COs rather than (or in addition to) the electronic switches.
The whole idea of ringer equivalence existed so they could shoot a charge down your line and know how many phones you had. If it didn't match, they'd come over for a "technical visit". If they saw signs that you had more than the paid/claimed number of phones, they'd either hardwire the phone in the jack or remove other jacks. You had to let them; it was their equipment.
People used to huddle around a phone to listen and talk at the same time because Ma Bell wanted you to pay twice as much to have two people at home talk to a caller at the same time.
ISPs are trying this game, requiring you to use their hardware, accept their version of "normal use", and pay per computer rather than for the amount of data transfer so they can claim "unlimited" or "flat-rate service. It may be illegal based on the same decision which finally allowed people to buy their own phones, have as many as they wanted and use them as they saw fit.
This needs to be stopped quickly. Lawyers need to compare these laws to the Orders from Judge Harold Greene which stopped AT&T doing this, and have this bad legislation removed. You people in Michigan need to get started!
woof.
Re:Not concealing anything. (Score:3, Interesting)
Re:The Ma Bell similarity (Score:4, Interesting)
You mean, you could only legally get a phone from AT&T. Lots of people, my family included, had "bootleg" phones. I distinctly remember my parents telling me, as a little kid, to keep quiet about the 4 extensions my father had wired up, should anyone in any kind of uniform ask about them.
I don't see the problem... (Score:3, Interesting)
More importantly, define "source" and "destination".
This just means that, from now on, I "intend" every packet going through my NAT box to actually go to or come from that box. The fact that my NAT box has to talk to the outside world to serve that data doesn't matter, since the ISP can fully well see that part of the transaction.
Or, to put it another way...
I consider my ISP as nothing more than the "communication service provider" to my NAT box. I provide the service from my NAT box to my real PCs (did my ISP come in and lay CAT5 between them, or provide the power or the signal flowing over that CAT5?), and I can see the source and destination of everything on the internal LAN just fine. So no problem exists.
Somehow, though, I doubt the law will see it that clearly, and this crap will end up effectively yet another random-and-ubiquitously-enforceable-at-will weapon in the government's arsenal of ways to screw otherwise law-abiding citizens.
Damn, and I can't even blame Bush or Ashcroft for this one.
Re:FINALLY! (Score:1, Interesting)
I'm pretty sure they'd go after the proxies and NAT machines-- if those-- before they worried about the browsers, MS or otherwise.
Still, it's a funny idea that John Lettice wrote about in The Register. The article's called Use a firewall, go to jail, and send Bill Gates too [theregister.co.uk].
Re:The Ma Bell similarity (Score:5, Interesting)
Another sick side of the stifling of technology was number tracing. It became a hackneyed device for all mysteries and thrillers, but the real-life side of it really did cause a lot of headaches. Ma Bell claimed they couldn't internally check connections. The police would have to call to prepare for a trace on a known line and Bell would send some poor schlub into the pits to physically trace a number.
A really good lineman with a lot of luck on certain equipment might have been able to find the line in question and track its connection within four minutes, hence the ubiquitous three minute minimum trace times in both film and reality. A lot of kidnappers and other criminals could have been caught were it not for Bell's refusal to acknowledge that they had the means to to immediately identify a call's path.
I forgot the obligatory link before: Bell System Property - Not For Sale" [bellsystemmemorial.com]. Surf around that site for lots of other information and neat stuff.
I haven't been able to find the Orders and Decrees from the actual case, but I'm pretty sure they're on-line somewhere.
woof.
Unenforcable (Score:4, Interesting)
(1) A person shall not assemble, develop, manufacture, possess, deliver, offer to deliver, or advertise an unlawful telecommunications access device or assemble, develop, manufacture, possess, deliver, offer to deliver, or advertise a telecommunications device intending to use those devices or to allow the devices to be used to do any of the following or knowing or having reason to know that the devices are intended to be used to do any of the following:
Establishes that owning, creating, or publishing information on how to create a device that violates any of the following items is a felony. The item in question is:
(a) Obtain or attempt to obtain a telecommunications service with the intent to avoid or aid or abet or cause another person to avoid any lawful charge for the telecommunications service in violation of section 219a.
Yet the bill does not put a limit on what telecommunications services are allowed to charge for. Therefore, if you're local ISP decided to charge for say each HTTP request, they could sue Microsoft for Internet Explorer's ability to download an unlimited number of webpages (since it is avoiding any lawful charge for telecommunications service).
A half-way decent lawyer should have a field day with this bill...
Re:Toll Bypass? (Score:3, Interesting)
Consider if you are an organisation (commercial or otherwise) who has offices in different places. You want to link your offices up either by direct leased lines or some kind of VPN over the public internet. For your telephones you get a modern integrated PBX. Which is hooked up to some phone lines and the network. Any interoffice calls go over the WAN, incomming calls might also wind up being sent to a different office and outgoing calls will use phone lines in the office nearest their destination.
There's at least one thing they'll have to reconcile: It's not considered a "long distance" service if I interact with a remote server from my local ISP connection, but somehow, it magically turns into a "long distance" issue if voice data is involved. What do you bet that they propose slapping a charge on ALL interstate internet traffic
International as well as interstate. Anyway it's quite often the case that telephone call charges have little relation to the route the call takes,
Re:Not concealing anything. (Score:4, Interesting)
but what makes you think the isp, cops, judge, or jury would comprehend that ?
Err. That's not VPN (Score:2, Interesting)
+5 Informative?
Basicly, VPN gives you a secure and encrypted tunnel to some host (a VPN concentrator) somewhere on the net. All or some of your traffic will go through this tunnel and emerge at the concentrator, where it is sent to it's real destination.
The effect is that for the rest of the net, that traffic will appear to be coming from the concentrator (or the lan of the concentrator). This is useful for example for universities or companies that have some resources that are unsafe for the rest of the net, but is perfectly acceptable through an encrypted tunnel. Samba for example.
I haven't bothered to read the articles, since this sounds like complete and utter bollocks. But if they're targetting NAT too, then I guess that their thing is with "misdirection" through IP. Sounds to me like they would have to ban proxies etc. as well.
Are you people paranoid? (Score:5, Interesting)
First off disguising origin. Anyone with half a brain knows you cannot get a location from an IP address. What they mean by it is IP Spoofing. If I'm a Comcast customer, I can't set my network to trick others into thinking I'm on Verizon, AOL/TW's, etc. If I am a Comcast customer, then I cannot disguise my IP to say otherwise. If the law needs my physical location, they can go through the legal channels and get it from Comcast.
CID blocking is iffy. I do not think this wouild be affected as it would force SBC and such to discontinue services like Privacy Manager. Second the biggest concern is telemarketing. The FCC is setting up the National Do Not Call list in July with enforcement in September. Why worry?
VPNs would be legal at this point because a) No state legislature is going to tell a corporation (Borders, the big 3 auto makers come to mind) that they can no longer use thier legit VPNs. And if they go after legit personal VPNs, one could claim discrimination based on that. Now if your ISP bans VPNs (which is thier right) then this law is moot anyways. b) Comcast et al do not ban VPNs to my knowledge nor do they ban use of NAT. I bet they love NAT because instead of charging you $10-15 for more IPs, they can charge you and others $40/mo for other individuals. Last I heard, Comcast only cares about multiple computers if they are hogging bandwidth or if non-customers are getting regular access (meaning sharing with neighbors via 802.11, etc.)
Can you think of any modern applications that this law is really targeting? Cell phone cloning and cable descramblers come to mind fast.
Re:Haha, This could be the end of NAT! (Score:3, Interesting)
Nah. Read the first paragraph. It all depends on the definition of what an "illegal telecommunications device" is. If you read the definition of this, you will find that it's a hacked cell phone.
This has zero, zip, zilch, nothing to do with NAT, VPN or anything similar.
Firewall/VPN...prove it... (Score:2, Interesting)
It's funny...I went back and read the service agreement for my ISP and while it prohibits creating a LAN with "un-approved" equipment, it also states that it is the subscriber's responsiblity to secure the machines he/she places on the network. So, a firewall used to shield the subscriber from the ton of port scans received daily, but really shouldn't be there because the subscriber has 3 machines on the LAN? Seems like a paradox to me and pretty much impossible to prove. Not that it makes the law, written as it is, good or valid.
Re:The Ma Bell similarity (Score:3, Interesting)
I still have an old "Property of.." marked phone. With a rotary dial, no less.
(Wonder how many people here have ever even seen a rotary dial
Re:Not concealing anything. (Score:3, Interesting)
--
With that wording i also expect that all cordless phone would be illegal as it is in fact retransmitting your phone line. Also illegal would be those UHF transmitters you can use to watch tv in the attic if you dont want to run a cable there.
Re:What were they thinking??? (Score:3, Interesting)
Does this even apply to consumers? (Score:3, Interesting)
Umm, doesn't this apply to the company manufacturing NAT and similar devices, rather than common citizens? If that's the case, Michigan would need to drag Linksys, Cisco, CompUSA, Circuit City, and about 10,000 other manufacturers and distributors into court.
Re:What about content regulation/restriction (Score:4, Interesting)
Doesn't pretty much every ISP include, in their terms of service, a disclaimer that they take no responsibility in any way for any data travelling over their network?
That could easily be interpreted as giving up their rights to deny permission, as it's not their permission to give, after they state that.
Anti WiFi? (Score:3, Interesting)
There has been a controversy in the WiFi arena about whether commercial WiFi services will take off or whether free access via "warchalking" etc is going to make it impossible to make a profit from commercial wireless access. Mostly it is the ISPs who are operating these commercial services (in partnerships with some national companies that set up the technology). And these same ISPs have anti-sharing clauses in their end-user contracts that are widely ignored.
This Michigan law, like the others that have been proposed, would make it arguably illegal to operate a free, public wireless access point without permission from your ISP. And if your ISP is trying to sell commercial wireless that you'd be competing with, you certainly won't get permission.
This law puts teeth in that prohibition. It could doom free wireless. A very big deal indeed.
Article/Editorial illegal use (Score:2, Interesting)
Re:Schools? (Score:5, Interesting)
Let a few teachers pack a gun under their shirt, or on their ankle. We're talking about college educated people who have decided to pick a career to help children rise to their full potential here, not Joe Blow off the street. School's a friggen danger zone. Some nut job wants to pop a few children in the head, where's he gonna go? A school! You're guaranteed to have to wait for the police to get there before you can get taken down. You'd have time to reload your pistol over and over again as you mowed them all down.
I think we should allow guns in school for the safety of the children. Personally, any gun-free zone is a horribly unsafe place if you ask me. If you disagree I suggest you slap a sign in your front yard saying, "This is a gun free zone!". If any would-be criminals are casing for a place to rob, or murder, it's probably going to be yours.
Think about the children!
Re:The Ma Bell similarity (Score:5, Interesting)
One REN (Ringer Equivalence Number) represents a single ringer load of 7000 ohms (6929 Ohms resistance in series with 8F capacitance). U.S. (and most other) phones run at 48V (RMS) on-hook and 96V at ring.
Most phones ring at 20Hz and the REN carries the suffix 'A'; devices which ring at any (permitted) frequency have the suffix 'B'. The math gets complicated when you figure you're forcing 96VAC (RMS) down a few miles of occasionally looping copper, split out, to a device with leading and resistive components before a reactant load.
IIRC, most of Ma Bell's phones had 0.8A RENs. I don't have one here (nor any of the manuals -- I did say I was doing this from memory), so I can't check. But remember that you leased your phones from Ma Bell and they knew that the load you should have had. Generally, it was about 5600 Ohms times the number of phones. Even if you had paid for five phones, the difference in the load with an additional phone was notable.
Of course, in our house we only had "two phones", which we claimed we carried from room to room. We had a couple real old phones with much lower RENs (although we didn't know about the technical side until I became a phreak). Because my parents both worked back then in the 60s (not so common then), we were able to force Ma Bell's inspectors to visit Saturday. Friday night the rest of the phones disappeared into hiding places that even the LAPD with search warrants would have had a hard time finding.
Again, current RENs vary greatly, but back before 1984, there were standards. I was constantly hounded by my parents to disconnect my modem (300 baud acoustic) from the line when I wasn't using it.
Luckily, I got a job for a company that made, among other things, modems, and got a (then $3K+) 300/1200 jobber with an REN of 0.8 or so and which separated the phone pass-through from the circuit, allowing the modem to "replace" the basement phone.
I spent hours explaining that one to my father.
The IETF will get busted... (Score:3, Interesting)
How entertaining.
Re:The Ma Bell similarity (Score:3, Interesting)
Way back in 1975, I moved on short notice -- called the phone company to come collect their phone -- they couldn't get a guy out that day, so they said to just cut the wire and bring it in when I got around to it. So I did. But when they went to mark it off on their ledger, it showed as already turned in. So they refused to accept it. Hence, I still have it. It still works.
It was set up for a party line (only choice I had at the time). Imagine the bafflement that gave the PacBell guy when he came to hook up my new line in Calif. He'd never seen one before and had to call the main office to get instructions on how to rewire its innards for single line.
One thing about those old phones, they're a helluva lot easier to hear on than the newer ones.