Belgian court rules that ISPs must block file-sharing
http://www.pcworld.com/article/id,134159-c,internetlegalissues/article.html Note that this is based on their interpretation of EU law. --Steve Bellovin, http://www.cs.columbia.edu/~smb
Steven M. Bellovin wrote:
http://www.pcworld.com/article/id,134159-c,internetlegalissues/article.html
Note that this is based on their interpretation of EU law.
--Steve Bellovin, http://www.cs.columbia.edu/~smb
Does that mean they block Fedora Core? (via BitTorrent) I guess it is easy. Just zero route their gouvernement, so they wont see anything illegal :) Cheers Peter and Karin -- Peter and Karin Dambier Cesidian Root - Radice Cesidiana Rimbacher Strasse 16 D-69509 Moerlenbach-Bonsweiher +49(6209)795-816 (Telekom) +49(6252)750-308 (VoIP: sipgate.de) mail: peter@peter-dambier.de mail: peter@echnaton.arl.pirates http://iason.site.voila.fr/ https://sourceforge.net/projects/iason/ http://www.cesidianroot.com/
On Thu, 5 Jul 2007, Steven M. Bellovin wrote:
http://www.pcworld.com/article/id,134159-c,internetlegalissues/article.html
Note that this is based on their interpretation of EU law.
and a hearty 'good luck' to them... :( I suppose someone could point the Belgian's over to the Panamanians (who tried to block VoIP, thanks C&W PTT for that 'fun'). Hurray, more clue- legislation... On the good side I suppose it's nice to see 'phonographs' being protected along with them new fangled CeeDees and DeeVeeDees. With a penalty of only 3400 USD/day after 6 months it's going to take a while before it's cost effective to comply (given a decent DPI solution is still hundreds of thousands of dollars/gigabit)... Oh, and how does this all work with the 'current' crop of BitTorrent clients that encrypt all transmissions? :( Probably not the end of the interweb, just the end of sanity for some poor ISP lawyer types in belgium :( -Chris
On Fri, 6 Jul 2007, Chris L. Morrow wrote:
On Thu, 5 Jul 2007, Steven M. Bellovin wrote:
http://www.pcworld.com/article/id,134159-c,internetlegalissues/article.html
Note that this is based on their interpretation of EU law.
and a hearty 'good luck' to them... :( I suppose someone could point the Belgian's over to the Panamanians (who tried to block VoIP, thanks C&W PTT for that 'fun'). Hurray, more clue- legislation...
Does anyone have an english language translation of the eleven methods proposed by the "expert" to implement this order? I don't think it is going to be pratical, especially since the NSA hasn't solved the problem of covert channels in decades. But maybe this "expert" has come up with something novel. Or maybe not. But I'd like to see what was proposed before passing judgement on it.
On Thu, 5 Jul 2007, Sean Donelan wrote:
On Fri, 6 Jul 2007, Chris L. Morrow wrote:
On Thu, 5 Jul 2007, Steven M. Bellovin wrote:
http://www.pcworld.com/article/id,134159-c,internetlegalissues/article.html
Note that this is based on their interpretation of EU law.
and a hearty 'good luck' to them... :( I suppose someone could point the Belgian's over to the Panamanians (who tried to block VoIP, thanks C&W PTT for that 'fun'). Hurray, more clue- legislation...
Does anyone have an english language translation of the eleven methods proposed by the "expert" to implement this order?
it'd be interesting, perhaps someone can pry the translation out of a nanog-belgian-speaker for a beer or 3?
I don't think it is going to be pratical, especially since the NSA hasn't solved the problem of covert channels in decades. But maybe this "expert" has come up with something novel. Or maybe not.
But I'd like to see what was proposed before passing judgement on it.
sure.
On 6/07/2007, at 1:19 PM, Sean Donelan wrote:
On Fri, 6 Jul 2007, Chris L. Morrow wrote:
On Thu, 5 Jul 2007, Steven M. Bellovin wrote:
http://www.pcworld.com/article/id,134159-c,internetlegalissues/ article.html
Note that this is based on their interpretation of EU law.
and a hearty 'good luck' to them... :( I suppose someone could point the Belgian's over to the Panamanians (who tried to block VoIP, thanks C&W PTT for that 'fun'). Hurray, more clue- legislation...
Does anyone have an english language translation of the eleven methods proposed by the "expert" to implement this order?
I don't think it is going to be pratical, especially since the NSA hasn't solved the problem of covert channels in decades. But maybe this "expert" has come up with something novel. Or maybe not.
But I'd like to see what was proposed before passing judgement on it.
The PCWorld article mentions some "Audible Magic" solution as one them. Google finds: http://www.audiblemagic.com/solutions/isps.asp Including a product called "CopySense", which has the following features: * Log and analyze the P2P load on your network * Limit P2P traffic to only use an allocated portion of bandwidth * Filter P2P traffic: o Block all P2P file transfers, or... o Block only transfers containing copyrighted content, and/ or... o Block transfers containing illegal child pornography, and/or... o Block transfers containing other pornographic or offensive content * Filter WWW traffic: o Block known malicious websites, and/or... o Block illegal sites containing child pornography, and/or... o Block other pornographic or offensive sites I wonder if they did a proof of concept at all, or if they just read the glossies.. -- Nathan Ward
On Fri, 6 Jul 2007, Nathan Ward wrote:
I wonder if they did a proof of concept at all, or if they just read the glossies..
Surely you jest? they, of course, did a full scale mock up on their E1 connected lab in belgium. Perish the thought that they may have attempted anything less. Best of all, this 'test' was probably conducted by a paid-for consultant to the belgian gov't, probably at the equivalent 4-500 USD/hr :( The State-of-PA folks 'back-when' did their proof-of-concept testing in a lab connected via T1... their legislation was equally as clue- :(
If any Belgian govt officials are reading this via their Echelon feed I'd be willing to test this whateveritis for a couple of months for $500 an hour. -- Leigh Chris L. Morrow wrote:
On Fri, 6 Jul 2007, Nathan Ward wrote:
I wonder if they did a proof of concept at all, or if they just read the glossies..
Surely you jest? they, of course, did a full scale mock up on their E1 connected lab in belgium. Perish the thought that they may have attempted anything less. Best of all, this 'test' was probably conducted by a paid-for consultant to the belgian gov't, probably at the equivalent 4-500 USD/hr :(
The State-of-PA folks 'back-when' did their proof-of-concept testing in a lab connected via T1... their legislation was equally as clue- :(
We (Internet Storm Center) are getting scattered reports of Yahoo being down, and problems with Verizon's networks. Anybody else seeing this? Marc -- Marc Sachs SANS ISC {The handlers@sans.org email address is an alias for a mailing list of approximately 35 volunteer incident handlers. You may receive responses from other individuals on that list. Please include the handlers@sans.org address in any replies so that everyone is kept "in the loop".}
We have started receiving some reports related to yahoo as well. We're seeing some latency it would appear at the Level3 hand-off to yahoo. 13 * 70 ms 77 ms ge-0-3-0-69.bbr2.sanjose1.level3.net [4.68.18.2] 14 * 78 ms 71 ms so-14-0.hsa4.sanjose1.level3.net [4.68.114.158] 15 487 ms 449 ms 459 ms hanaro.hsa4.level3.net [4.79.60.22] 16 * * * Request timed out. 17 * * * Request timed out. 18 * 586 ms * te-8-1.bas-a2.sp1.yahoo.com [209.131.32.19] 19 * 570 ms * f1.www.vip.sp1.yahoo.com [209.131.36.158] 20 * * 591 ms f1.www.vip.sp1.yahoo.com [209.131.36.158] Trace complete. Mike -----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of Marcus H. Sachs Sent: Friday, July 06, 2007 10:05 AM To: 'Nanog' Cc: handlers@sans.org Subject: Yahoo/Verizon issues? We (Internet Storm Center) are getting scattered reports of Yahoo being down, and problems with Verizon's networks. Anybody else seeing this? Marc -- Marc Sachs SANS ISC {The handlers@sans.org email address is an alias for a mailing list of approximately 35 volunteer incident handlers. You may receive responses from other individuals on that list. Please include the handlers@sans.org address in any replies so that everyone is kept "in the loop".}
I saw similar up until about 5 mins ago. All seems well now. -Jim P. On Fri, 2007-07-06 at 10:16 -0400, Mike Callahan wrote:
We have started receiving some reports related to yahoo as well. We're seeing some latency it would appear at the Level3 hand-off to yahoo.
13 * 70 ms 77 ms ge-0-3-0-69.bbr2.sanjose1.level3.net [4.68.18.2]
14 * 78 ms 71 ms so-14-0.hsa4.sanjose1.level3.net [4.68.114.158]
15 487 ms 449 ms 459 ms hanaro.hsa4.level3.net [4.79.60.22] 16 * * * Request timed out. 17 * * * Request timed out. 18 * 586 ms * te-8-1.bas-a2.sp1.yahoo.com [209.131.32.19] 19 * 570 ms * f1.www.vip.sp1.yahoo.com [209.131.36.158] 20 * * 591 ms f1.www.vip.sp1.yahoo.com [209.131.36.158]
Trace complete.
Mike
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of Marcus H. Sachs Sent: Friday, July 06, 2007 10:05 AM To: 'Nanog' Cc: handlers@sans.org Subject: Yahoo/Verizon issues?
We (Internet Storm Center) are getting scattered reports of Yahoo being down, and problems with Verizon's networks. Anybody else seeing this?
Marc
-- Marc Sachs SANS ISC
{The handlers@sans.org email address is an alias for a mailing list of approximately 35 volunteer incident handlers. You may receive responses from other individuals on that list. Please include the handlers@sans.org address in any replies so that everyone is kept "in the loop".}
Thanks, everybody. Got lots of confirmations that there was a problem but no pinpoint on what the specific issue was. Yahoo seems to be reachable now. (One of our earlier reports said that "Verizon" was having network issues, but they did not say "which Verizon". Sorry, Chris! :) ) Marc -- Marc Sachs SANS ISC
On Fri, 6 Jul 2007, Marcus H. Sachs wrote:
(One of our earlier reports said that "Verizon" was having network issues, but they did not say "which Verizon". Sorry, Chris! :) )
just makes it simpler to ask the right person(s) about issues :) I'm sure ATT has the same issues as does L3 and lots of other non-US folks... glad it got worked out though.
On Fri, 6 Jul 2007, Mike Callahan wrote:
We have started receiving some reports related to yahoo as well. We're seeing some latency it would appear at the Level3 hand-off to yahoo.
remember too that www.yahoo.com looks to be akamaized as well so, for instance when I query: 198.6.1.5 and 198.6.1.1 I get different results, one in DFW and one in 'washington' (looks like ashburn). So 'which yahoo' maybe as well would be helpful.
On Fri, 6 Jul 2007, Marcus H. Sachs wrote:
We (Internet Storm Center) are getting scattered reports of Yahoo being down, and problems with Verizon's networks. Anybody else seeing this?
and 'verizon' means dsl/fios in this discussion? (cause yahoo looks up to me, atleast finance.yahoo)
We (Internet Storm Center) are getting scattered reports of Yahoo being down, and problems with Verizon's networks. Anybody else seeing this?
Marc
-- Marc Sachs SANS ISC
{The handlers@sans.org email address is an alias for a mailing list of approximately 35 volunteer incident handlers. You may receive responses from other individuals on that list. Please include the handlers@sans.org address in any replies so that everyone is kept "in the loop".}
For what its worth, I lost my Yahoo IM connection several times in the 9AM-10AM EST hour. Eric
On 7/6/07, ekagan@axsne.com <ekagan@axsne.com> wrote:
We (Internet Storm Center) are getting scattered reports of Yahoo being down, and problems with Verizon's networks. Anybody else seeing this?
Marc
-- Marc Sachs SANS ISC
{The handlers@sans.org email address is an alias for a mailing list of approximately 35 volunteer incident handlers. You may receive responses from other individuals on that list. Please include the handlers@sans.org address in any replies so that everyone is kept "in the loop".}
For what its worth, I lost my Yahoo IM connection several times in the 9AM-10AM EST hour.
Eric
It's worth nothing, much like the original post.
On 2007-07-06 10:04-0400, Marcus H. Sachs wrote:
We (Internet Storm Center) are getting scattered reports of Yahoo being down, and problems with Verizon's networks. Anybody else seeing this?
Hey Marc, tried on outages@whitestar ?
Marc
-- Marc Sachs SANS ISC
{The handlers@sans.org email address is an alias for a mailing list of approximately 35 volunteer incident handlers. You may receive responses from other individuals on that list. Please include the handlers@sans.org address in any replies so that everyone is kept "in the loop".}
On Fri, 6 Jul 2007, Chris L. Morrow wrote:
I wonder if they did a proof of concept at all, or if they just read the glossies..
Surely you jest? they, of course, did a full scale mock up on their E1 connected lab in belgium. Perish the thought that they may have attempted anything less. Best of all, this 'test' was probably conducted by a paid-for consultant to the belgian gov't, probably at the equivalent 4-500 USD/hr :(
The State-of-PA folks 'back-when' did their proof-of-concept testing in a lab connected via T1... their legislation was equally as clue- :(
It shouldn't be a surprise, since most of it is marketing fluff. Same as the Antivirus vendors, Intrusion Detection vendors, Spam blocking vendors, etc. They all seem to have the same problems when trying working in public ISP networks. And all have done the dog and pony show trying to get politicians to force ISPs to buy their products, whether or not the products are actually effective or safe. An university using these systems said "works great, we receive less complaints from the RIAA, but sometimes we interrupt student's other network traffic such as VOIP calls." For example is it Safe: Will it block traffic to emergency services, e.g. 9-1-1 or 1-1-2 if the caller has a radio playing copyrighted music in the background? I'm sorry your call can not be completed to 9-1-1 until you turn off your radio even if you are being murdered in your home. or is it Effective: Will it block copyrighted music transmissions mixed with other things such as a voice call with a radio playing in the background. If you leave other communication channels operating, people will find a way to use them. Good for venture capilists funding these companies, because you have to constantly pay for new and improved.
I get a warm, fuzzy feeling every time this sort of stuff comes up because I go back and read about the time @Home came within inches of receiving the Usenet Death Penalty. http://news.com.com/2100-1033-235788.html Gotta love the implied righteous outrage in this article - " The self-appointed administrators of Usenet ..." - the nerve of it, those people who own and operate systems, deciding what is and isn't an acceptable use thereof. I sometimes wish for an IPv4 death penalty - organizations making nonsense pronouncements like this would benefit from a little quiet time to contemplate the nature of their foolishness. Oh, that would impinge on national sovereignty and then we'd see a concerted effort on the part of these increasingly irrelevant nation states, so we'll let the distributed, disinterested nature of IPv4 space blunt and exhaust folly, but its nice to dream ... Sean Donelan wrote:
On Fri, 6 Jul 2007, Chris L. Morrow wrote:
I wonder if they did a proof of concept at all, or if they just read the glossies..
Surely you jest? they, of course, did a full scale mock up on their E1 connected lab in belgium. Perish the thought that they may have attempted anything less. Best of all, this 'test' was probably conducted by a paid-for consultant to the belgian gov't, probably at the equivalent 4-500 USD/hr :(
The State-of-PA folks 'back-when' did their proof-of-concept testing in a lab connected via T1... their legislation was equally as clue- :(
It shouldn't be a surprise, since most of it is marketing fluff. Same as the Antivirus vendors, Intrusion Detection vendors, Spam blocking vendors, etc. They all seem to have the same problems when trying working in public ISP networks. And all have done the dog and pony show trying to get politicians to force ISPs to buy their products, whether or not the products are actually effective or safe.
An university using these systems said "works great, we receive less complaints from the RIAA, but sometimes we interrupt student's other network traffic such as VOIP calls."
For example is it Safe: Will it block traffic to emergency services, e.g. 9-1-1 or 1-1-2 if the caller has a radio playing copyrighted music in the background? I'm sorry your call can not be completed to 9-1-1 until you turn off your radio even if you are being murdered in your home.
or is it Effective: Will it block copyrighted music transmissions mixed with other things such as a voice call with a radio playing in the background. If you leave other communication channels operating, people will find a way to use them. Good for venture capilists funding these companies, because you have to constantly pay for new and improved.
Thus spake Nathan Ward
The PCWorld article mentions some "Audible Magic" solution as one them.
Google finds: http://www.audiblemagic.com/solutions/isps.asp Including a product called "CopySense", which has the following features: ... I wonder if they did a proof of concept at all, or if they just read the glossies..
I knew it was going to be either them or SafeMedia... http://www.eff.org/share/audible_magic.php http://www.eff.org/share/?f=audible_magic2.html http://www.eff.org/deeplinks/archives/005189.php http://www.freedom-to-tinker.com/?p=1146 These guys are great at marketing their snake oil to the technically ignorant... S Stephen Sprunk "Those people who think they know everything CCIE #3723 are a great annoyance to those of us who do." K5SSS --Isaac Asimov
In article <20070705222812.E6693766064@berkshire.machshav.com> you write:
http://www.pcworld.com/article/id,134159-c,internetlegalissues/article.html
Note that this is based on their interpretation of EU law.
--Steve Bellovin, http://www.cs.columbia.edu/~smb
"The court has confirmed that the ISPs have both a legal responsibility and the technical means to tackle piracy. This is a decision that we hope will set the mold for government policy and for courts in other countries in Europe and around the world," IFPI Chairman and CEO John Kennedy said in a statement. Someone has succeeded in pulling the wool over the court's eyes if it has been convinced that there is a technical mechanism to do this. A ISP does not have access to enough information to determine this. The same file can be both legally and illegally copied over the same network. What determines the legality is the standing of the parties doing the copying not the actual content. Even content that is illegal to possess may still be legally transmitted when such content is evidence. There is only one technological fix that will be 100% effective and that is to shutdown the network. There is absolutely no way that a ISP can determine is any file transfer is illegal or not. This means no HTTP, no SMTP, no anything. Mark
Mark Andrews wrote:
Someone has succeeded in pulling the wool over the court's eyes if it has been convinced that there is a technical mechanism to do this. A ISP does not have access to enough information to determine this. The same file can be both legally and illegally copied over the same network. What determines the legality is the standing of the parties doing the copying not the actual content. Even content that is illegal to possess may still be legally transmitted when such content is evidence.
There is only one technological fix that will be 100% effective and that is to shutdown the network. There is absolutely no way that a ISP can determine is any file transfer is illegal or not.
This means no HTTP, no SMTP, no anything.
Mark
It is actually fairly easy, just restandardize the Evil bit as the Illegal Bit. All network transfers of illegal content must set the Illegal bit and all Belgian ISP's must drop packets with the Illegal bit set. Problem solved.
On Thu, 5 Jul 2007, Joe Maimon wrote:
It is actually fairly easy, just restandardize the Evil bit as the Illegal Bit.
All network transfers of illegal content must set the Illegal bit and all Belgian ISP's must drop packets with the Illegal bit set.
Problem solved.
I'd bet there are penalties if content is transferred though :( so, relying on the 'illegal content users/sharers' to 'do the right thing' isn't likely to get you where you want to be... :(
participants (16)
-
Chris L. Morrow -
ekagan@axsne.com -
Gadi Evron -
Jim Popovitch -
Joe Maimon -
Leigh Porter -
Marcus H. Sachs -
Mark Andrews -
micky coughes -
Mike Callahan -
Nathan Ward -
Neal R -
Peter Dambier -
Sean Donelan -
Stephen Sprunk -
Steven M. Bellovin