[MLB-WIRELESS] Wardriving illegal in two US states + VPN, crypto, anon

Clae clae at tpg.com.au
Mon Mar 31 02:11:39 EST 2003


>Date: Sun, 30 Mar 2003 10:02:12 -0500
>To: politech at politechbot.com
>From: Declan McCullagh <declan at well.com>
>Subject: FC: An analysis of Michigan and Colorado "mini-DMCA" bills
>Reply-To: declan at well.com
>
>Previous Politech message:
>http://www.politechbot.com/p-04602.html
>
>---
>
>Date: Sun, 30 Mar 2003 09:32:21 -0500
>From: Michael Powe <michael at trollope.org>
>To: Declan McCullagh <declan at well.com>
>Subject: mini-DMCA
>
>section 1b unambiguously makes vpns and some sorts of connection encryption
>software illegal.  anonymous remailers are now illegal in michigan.
>it may even affect ssl connections.
>
>section 1c makes wardriving illegal, along with making connections to
>open wireless networks.
>
>section 1c.2 makes illegal installing vpn software &c.
>
>note that this wording is different from that of other bills mentioned
>earlier.  other bills made the distinction that the 'concealment' had
>to be tied to attempts to defraud the service provider.  this bill
>does not make that distinction.
>
>mp
>
>http://www.michiganlegislature.org/mileg.asp?page=getObject&objName=mcl-750-540c-amended
>
>***** 750.540c.amended THIS AMENDED SECTION IS EFFECTIVE MARCH 31, 2003 *****
>
>750.540c.amended Prohibited conduct with regard to telecommunications
>access device; violation as felony; penalty; amateur radio service;
>forfeiture; order; definitions.  Sec. 540c.
>
>(1) A person shall not assemble, develop, manufacture, possess,
>deliver, offer to deliver, or advertise an unlawful telecommunications
>access device or assemble, develop, manufacture, possess, deliver,
>offer to deliver, or advertise a telecommunications device intending
>to use those devices or to allow the devices to be used to do any of
>the following or knowing or having reason to know that the devices are
>intended to be used to do any of the following:
>
>(a) Obtain or attempt to obtain a telecommunications service with the
>intent to avoid or aid or abet or cause another person to avoid any
>lawful charge for the telecommunications service in violation of
>section 219a.
>
>(b) Conceal the existence or place of origin or destination of any
>telecommunications service.
>
>(c) To receive, disrupt, decrypt, transmit, retransmit, acquire,
>intercept, or facilitate the receipt, disruption, decryption,
>transmission, retransmission, acquisition, or interception of any
>telecommunications service without the express authority or actual
>consent of the telecommunications service provider.
>
>(2) A person shall not modify, alter, program, or reprogram a
>telecommunications access device for the purposes described in
>subsection (1).
>
>(3) A person shall not deliver, offer to deliver, or advertise plans,
>written instructions, or materials for the manufacture, assembly, or
>development of an unlawful telecommunications access device or for the
>manufacture, assembly, or development of a telecommunications access
>device that the person intends to be used or knows or has reason to
>know will be used or is likely to be used to violate subsection
>(1). As used in this subsection, "materials" includes any hardware,
>cables, tools, data, computer software, or other information or
>equipment used or intended for use in the manufacture, assembly, or
>development of an unlawful telecommunications access device or a
>telecommunications access device.
>
>
>
>--
>   Michael Powe                                 Waterbury, CT USA
>-------------------------------------------------------------------
>"It stands to reason that self-righteous, inflexible, single-minded,
>authoritarian true believers are politically organized. Open-minded,
>flexible, complex, ambiguous, anti-authoritarian people would just as
>soon be left to mind their own fucking business." - R.U. Sirius
>
>---
>
>Date: Sat, 29 Mar 2003 11:12:42 -0700
>From: Chris May <chris at westernet.net>
>To: declan at well.com
>Subject: Re: FC: State "mini-DMCA" bills raise alarums
>
>Declan, thanks for the alert.  I sent the following to my representative:
>
>Honorable Representative Mark Larson
>Colorado House of Representatives
>
>Dear Mark,
>
>I've recently been made aware of the following bill, and think you may want to
>consider the effects of a "law of unintended consequence". I quote directly
>the paragraphs I'm concerned about:
>
>http://www.leg.state.co.us/2003a/inetcbill.nsf/fsbillcont/A2F0DA113DF2BFC087256CC2006BFB94?Open&file=1303_ren.pdf
>
>---------------------------
>SECTION 2. 18-9-309, Colorado Revised Statutes, is amended to read:
>---
>(2) A person commits a --- VIOLATION UNDER THIS SECTION if he or she
>knowingly:
>
>(a) --- POSSESSES, USES,  MANUFACTURES, DEVELOPS, ASSEMBLES, DISTRIBUTES,
>TRANSFERS,  IMPORTS INTO THIS STATE, LICENSES, LEASES, SELLS, OFFERS TO SELL,
>PROMOTES, OR ADVERTISES FOR SALE, USE, OR DISTRIBUTION ANY
>COMMUNICATION DEVICE:
>---
>(IV) TO CONCEAL OR TO ASSIST ANOTHER TO CONCEAL FROM ANY COMMUNICATION SERVICE
>PROVIDER, OR FROM ANY LAWFUL AUTHORITY, THE EXISTENCE OR PLACE OF ORIGIN OR
>DESTINATION OF ANY COMMUNICATION THAT UTILIZES A COMMUNICATION DEVICE;
>-----------------------------
>
>Now for my comments:
>
>This bill bans the possession, sale, or use of (or assisting others to use)
>technologies that "conceal from a communication service provider ... the
>existence or place of
>origin or destination of any communication".  An ISP is a communication
>service provider, so anything that concealed the origin or destination of any
>communication
>from an ISP would be illegal -- with no exceptions.  Magnificent simplicity,
>but let's put it in perspective.
>
>If you send or receive your email via an encrypted connection, it's a
>violation, because the "To" and "From" lines of the emails are concealed from
>the ISP by
>encryption.  (The encryption conceals the destinations of outgoing messages,
>and the sources of incoming messages.)  I should point out that in cable
>modem,
>satellite and wireless systems, all communications are fully encrypted while
>travelling on that medium, and for good reason: it protects from tampering or
>observing.
>On the net, the same happens when you engage in a financial transaction, such
>as with Amazon or your bank.
>
>Worse yet, Network Address Translation (NAT), a technology widely used for
>enterprise security, operates by translating the "from" and "to" fields of
>Internet
>packets, thereby concealing the source or destination of each packet, and
>hence violating these bills. Most firewalls use NAT, so if you use a firewall,
>you're clearly
>in violation.  Another method is Proxy, and it has the same effect: all
>packets from users behind the Proxy Server have the address of the Proxy
>Server while
>transiting the net.  This bill would make networks more vulnerable by removing
>these very important and universally used security tools.
>
>Companies such as banks and larger corporations also use VPN, Virtual Private
>Networking, to connect remote offices to the company network, using a "tunnel"
>
>through the net in which all traffic is completely hidden by encryption.
>Again, this is a clear violation under this bill, yet their intent is simple:
>to preserve the integrity
>and security of their own data while it is passing through a public medium.
>
>If you have a home DSL router, or if you use the "Internet Connection Sharing"
>feature of your favorite operating system product, you're in violation because
>these
>connection sharing technologies use NAT.   Most operating system products
>(including every version of Windows introduced in the last five years, and
>virtually all
>versions of Unix) would also apparently be banned, because they support
>connection sharing via NAT. Many home users use this technique to allow the
>family to
>share a single connection, be it high speed or standard.  The purpose is to
>lower their connection costs, and we are fully supportive of this.
>
>How prevalent are these techniques?  Let me speak from experience.  As you may
>remember, we were the first to offer cable modem service in the state, some
>four
>years ago.  That by itself would make us the most egregious violator, so I
>guess I'm offering myself up for the first prosecution.  ;-^)
>
>It's my experience that 50% of my customers use the sharing feature at home,
>since it allows each child to have his own computer and use it
>simultaneously.  100%
>of businesses, government offices, schools and nonprofits use either NAT or
>share.
>
>On our cable modem network, all transmissions are thoroughly encrypted.  We
>are thus guilty for 100% of our users, since that is how our architecture
>works.
>
>Additionally, our customers fall into two classes: Firewalled or Dedicated
>IP.  Most prefer the security offered by our firewall, so we are guilty again
>for each of
>them.  Those who have Dedicated IP all have firewalls to protect from
>malicious users, but since they operate them themselves, you will have to slam
>them for that.
>Of course, I am guilty of sending them to companies that provide firewalls,
>such as ZoneAlarm ( http://www.zonelabs.com/ ) and Tiny (
>http://www.tinysoftware.com/home/tiny2?la=EN ) You may see a scope of the
>offerings at http://www.spirit.com/cgi-new/report.pl?dbase=fw&function=view
>I
>guess I just racked up another count for "(II) KNOWINGLY ASSISTING OTHERS IN
>SUCH ACTIVITY.", namely, by giving you this dangerous information.
>
>Less than 10% of our users use VPN, but they account for a significant portion
>of our traffic.  Since the responsible parties are corporate executives around
>the state
>and nation, I hope you will attach a rider to this bill funding resort prisons
>with decent golf and other facilities.
>
>For myself, all I ask in my prison cell is good TV, preferably from a locally
>owned cable TV system, and a high speed data connection on a secure network.
>Oops,
>I guess that will be impossible!
>
>If I can help in any way, please feel free to contact me.
>
>Chris May
>Rural Route Video & Westernet
>POB 640
>Ignacio CO 81137-0640
>
>
>
>-------------------------------------------------------------------------
>POLITECH evening reception in New York City at 7 pm, April 1, 2003 at CFP:
>http://www.politechbot.com/events/cfp2003/
>-------------------------------------------------------------------------
>POLITECH -- Declan McCullagh's politics and technology mailing list
>You may redistribute this message freely if you include this notice.
>To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
>This message is archived at http://www.politechbot.com/
>Declan McCullagh's photographs are at http://www.mccullagh.org/
>Like Politech? Make a donation here: http://www.politechbot.com/donate/
>-------------------------------------------------------------------------


-- 
Arthur C. Clarke wrote "Any sufficiently advanced technology is 
indistinguishable from magic" and for those who don't study science, 
the "sufficiently advanced" bar is low enough that scientific 
credibility can attach to unscientific belief. 
http://www.chipcenter.com/columns/rci/tesla/tesla4.html

To unsubscribe: send mail to majordomo at wireless.org.au
with "unsubscribe melbwireless" in the body of the message



More information about the Melbwireless mailing list