From: Stephen Sprunk [mailto:ssprunk@cisco.com] Sent: Tuesday, November 21, 2000 11:16 AM To: Roeland Meyer; 'Shawn McMahon'; nanog@merit.edu Subject: Re: ISPs as content-police or method-police
Thus spake "Roeland Meyer" <rmeyer@mhsc.com>
Please reference any suit regarding breach of contract. Examples abound. Port filtering may be construed as a material
expectation is, that there is to be no port filtering. Access is access, even when the customer doesn't know that they are being restricted in their access. That just assures you that they will go ballistic when
breach when the they
find out.
If filtering is in the contract, it's hardly breach of contract to perform it.
That is not the case that I layed out. The expectation is met in the contract. The contract I stipulated had no wording about filtering, only providing unfettered access to the internet. Ergo, it would be a breach.
Face it guys, you KNOW that this is basically dishonest. As such, it is indefensible. I would almost bet <amount> that none of the transit providers mentions restrictions, on access, in their contracts. I would almost bet <1/2 amount> that NONE of the access providers mention same in THEIR contracts.
AT&T, I believe, was the first major provider to start filtering port 25; here's the relevant part of their contract:
http://www.att.net/general-info/terms.html "AT&T reserves the right to block, filter or delete Unsolicited E-Mails."
Again, where is this relevent to the case example?
Ths is also promising: "don't send materials that contain viruses, worms, or any other destructive elements; ... You may not use or attempt to use the Service to violate its security or the security of systems accessible through it, ... you should secure your computer equipment so that only authorized users can gain access to your Service account."
You could claim that these sections authorize blocking of QAZ et al, since the activity of worms is prohibited. Also, customers are required to secure their computers to prevent intrusion, so leaving any blatantly insecure protocol like SMB enabled might be breach of contract. Wholesale blocking of SMB might even be allowed.
Samba is NOT blatantly insecure. A smart admin CAN secure it. The new Win2K stuff is also pretty good, since one must interact with a secured proprietary login host, in order to gain access. That folks leave the default "Everyone" share premissions intact, is not a fault of the protocol.
Of course, I wouldn't want to use that logic in court, but a good lawyer could probably pull it off. I'd prefer to insert more specific wording into the contract first.
Only if he isn't up against another good lawyer... put the specific words in the contract before risking this one.
Then again, nobody here seems to be suggesting mandatory filtering.
Actually, this is not true. More than one have advocated this, both publically and privately. One has even announced that they've implemented this recently, without telling their customer, and it wasn't in the contract. The five cases he mentioned called the same day. How did they find out? When things quit working, that's how. How many of his customers suffered through multiple day outages, because of his action, and are still spending resources to fix things, assuming they had open pipes like the contract stated?
Why is there such a strong objection to opt-out filters, where a single call or email can get the filters turned off? Is using a phone really that difficult?
Have you ever spent all night debugging an application, only to find out, at 0400 that their MIGHT be an upstream filter and can't raise anyone at the upstream NOC? Even if you could, and get the filter removed. You wouldn't have been there all night if the nimrods had put it into the contract so that you knew about it. Have you ever had to pay the bill for three engineers doing this when it could have been prevented? I have. Three contractors, doing this, in over-time, at Silicon-Valley rates is well over $20K. More than enough to make it worth my while to sue my upstream. Discovering contract breaches the hard way is very expensive.