Utah governor signs Net-porn bill
C|Net: "Utah's governor signed a bill on Monday that would require Internet providers to block Web sites deemed pornographic and could also target e-mail providers and search engines." http://news.com.com/Utah+governor+signs+Net-porn+bill/2100-1028_3-5629067.ht... - ferg -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg@netzero.net or fergdawg@sbcglobal.net
Could someone find out what the actual mandated requirements are? At one point it sounded a lot like just putting PICs lables on published URLs.
On Mar 22, 2005, at 8:13 AM, Eric Brunner-Williams in Portland Maine wrote:
Could someone find out what the actual mandated requirements are? At one point it sounded a lot like just putting PICs lables on published URLs.
Taking the assumption that we have all decided that Utah has asked us to do something that cannot definitively be done, it seems to me that the folks who offer ISP services in Utah need to decide what in fact can be done. I am told (not my expertise) that there are labels that can be put on web pages to prevent search engines from searching them, and that a certain class of pornographer actually uses such. Keeping them out of the search engines is a good thing. That said, not all such do, so one is forced to have a plan B. BTW, HTML PICS don't especially help with virus-bot-originated spam. It seems to me that a simple approach would be to provide a second DNS service in parallel with the first, and advise Utah that if it would be so kind as to inform us of the DNS names of the spam services that they want treated specially, those names will be put into the new DNS service as "the address of this system is 127.0.0.1". Customers can now decide which kind of DNS service they want. Alternatively, and better perhaps for dealing with the email issues, one could put two VRFs on every router - one that has full routes and one that has a number of null routes. If the State of Utah would be so kind as to specify the list of prefixes to be null-routed... The key thing here is to provide a service that in fact works for some definition of that term, and tell Utah that unfunded mandates don't especially help. They have the power to pass any law they want, but in context they have an obligation to the SPs affected to provide an objective way to determine whether the SP is in compliance, and by extension, to provide a reasonable definition of and way to implement the service.
On Tue, 22 Mar 2005, Baker Fred wrote:
I am told (not my expertise) that there are labels that can be put on web pages to prevent search engines from searching them, and that a certain class of pornographer actually uses such. Keeping them out of the search engines is a good thing. That said, not all such do, so one is forced to have a plan B. BTW, HTML PICS don't especially help with virus-bot-originated spam.
Internet Explorer has had provisions to use RSAC ratings forever. One thing that the competing browsers (which I like better) have *never* had. -- JustThe.net - Apple Valley, CA - http://JustThe.net/ - 888.480.4NET (4638) Steven J. Sobol, Geek In Charge / sjsobol@JustThe.net / PGP: 0xE3AE35ED "The wisdom of a fool won't set you free" --New Order, "Bizarre Love Triangle"
In message <200503221613.j2MGDUeh015281@nic-naa.net>, Eric Brunner-Williams in Portland Maine writes:
Could someone find out what the actual mandated requirements are? At one point it sounded a lot like just putting PICs lables on published URLs.
The news.com article links to the bill: http://www.le.state.ut.us/~2005/htmdoc/hbillhtm/hb0260s03.htm --Prof. Steven M. Bellovin, http://www.cs.columbia.edu/~smb
* Steven M. Bellovin:
The news.com article links to the bill: http://www.le.state.ut.us/~2005/htmdoc/hbillhtm/hb0260s03.htm
Given that the bill tries to outlaw the distribution of pornography (which means that it won't withstand judicial review), I think it's astonishingly ISP-friendly. For example, it doesn't seem to make you responsible for transit traffic in general, like many ISP contracts do. 8-)
Steven M. Bellovin wrote:
The news.com article links to the bill: http://www.le.state.ut.us/~2005/htmdoc/hbillhtm/hb0260s03.htm
Steven M. Bellovin wrote:
That is, in fact, similar to a Pennsylvania law that was struck down by a Federal court. CDT's analysis of the Utah law is at http://www.cdt.org/speech/20050307cdtanalysis.pdf
--Prof. Steven M. Bellovin, http://www.cs.columbia.edu/~smb
Thankfully, Steve's on the ball, and folks should read those. Presumably, every ISP is a financial supporter of EFF and CDT. If not, now's the time! But the bill goes a lot farther than reported. (1) It takes current Utah prohibition on "pornography" and raises the penalty from a misdemeanor to a felony. Every ISP operator can look forward to MONTHS and YEARS (instead of the previous 7 days) in jail. (2) It adds "harmful to minors" -- and makes it a state attorney general decision on whatever that might be. This is a silly nebulous term that has been used lately by the peeping tom religious right, because every other legal term they've tried has already been struck down by the courts. Just like shrub's administration made up the new term "enemy combatants" instead of the old term "prisoner of war". AFAIK, no court has ever found ANYTHING to be harmful to minors. Making this an attorney general decision is an attempt at bypassing public hearings. Note the list itself will be "access restricted electronic format" -- that is, secret. (3) A new criminal penalty for a content provider's failure to properly rate content. Looks like every hosting provider will have to leave the state. You'll probably have to shut down all outside access to any universities, schools, and libraries. And every corporation will need to move it's data and web presence out of state. (4) Every ISP will have to make sure they have fewer than 7500 customers, because that's the level at which you can charge them for the millions it's going to cost to defend your lawsuits. Presumably, you can do this by creating separate subsidiaries. Alert your CEOs now. -- William Allen Simpson Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
On Tue, 22 Mar 2005, Fergie (Paul Ferguson) wrote: : : "Utah's governor signed a bill on Monday that would : require Internet providers to block Web sites deemed : pornographic and could also target e-mail providers : and search engines." : : http://news.com.com/Utah+governor+signs+Net-porn+bill/2100-1028_3-5629067.ht... Politician lip flappage for votes. It has no chance of passing. scott
----- Original Message ----- From: "Scott Weeks" <surfer@mauigateway.com> To: <nanog@merit.edu> Sent: Tuesday, March 22, 2005 11:18 AM Subject: Re: Utah governor signs Net-porn bill
On Tue, 22 Mar 2005, Fergie (Paul Ferguson) wrote:
: : "Utah's governor signed a bill on Monday that would : require Internet providers to block Web sites deemed : pornographic and could also target e-mail providers : and search engines." : :
http://news.com.com/Utah+governor+signs+Net-porn+bill/2100-1028_3-5629067.ht...
Politician lip flappage for votes. It has no chance of passing.
perhaps i'm missing something, but it's passed the state legislature and was signed by the governor. what else would it have to pass, then? -p --- paul galynin
On Tue, 22 Mar 2005 06:18:57 -1000, Scott Weeks said:
On Tue, 22 Mar 2005, Fergie (Paul Ferguson) wrote: : "Utah's governor signed a bill on Monday that would : require Internet providers to block Web sites deemed : pornographic and could also target e-mail providers : and search engines." : : http://news.com.com/Utah+governor+signs+Net-porn+bill/2100-1028_3-5629067.ht... Politician lip flappage for votes. It has no chance of passing.
Umm... but the Governor *signed* it already? Sort of ups its chances just a tad? Hopefully, it has no chance of surviving a judicial review...
On Tue, 22 Mar 2005 Valdis.Kletnieks@vt.edu wrote:= : On Tue, 22 Mar 2005 06:18:57 -1000, Scott Weeks said: : > : "Utah's governor signed a bill on Monday that would : > : require Internet providers to block Web sites deemed : > : pornographic and could also target e-mail providers : > : and search engines." : > : : > : http://news.com.com/Utah+governor+signs+Net-porn+bill/2100-1028_3-5629067.ht... : > : : > Politician lip flappage for votes. It has no chance of passing. : : Umm... but the Governor *signed* it already? Sort of ups its chances just a tad? : Hopefully, it has no chance of surviving a judicial review... On Tue, 22 Mar 2005, Paul G wrote: : perhaps i'm missing something, but it's passed the state legislature and : wassigned by the governor. what else would it have to pass, then? Ok, passing wasn't the correct term. IANAL. Here's what I saw: "I am having a hard time seeing how this law will survive a constitutional challenge, given the track record of state anti-Internet porn laws--which are routinely struck down as violating the First Amendment and the dormant Commerce Clause," Eric Goldman, a professor at the Marquette University Law School in Milwaukee, Wis., wrote in a critique of the law. and A federal judge struck down a similar law in Pennsylvania last year. That is what I meant, but it has been pointed out that this extract is not accurate anyway. Damn journalists... :-) scott
On Tue, Mar 22, 2005 at 06:18:57AM -1000, Scott Weeks said something to the effect of:
On Tue, 22 Mar 2005, Fergie (Paul Ferguson) wrote:
: : "Utah's governor signed a bill on Monday that would : require Internet providers to block Web sites deemed : pornographic and could also target e-mail providers : and search engines." : : http://news.com.com/Utah+governor+signs+Net-porn+bill/2100-1028_3-5629067.ht...
Politician lip flappage for votes. It has no chance of passing.
scott
Agreed. I'm thinking...this *might* (big, fat, bloated, grinning *might*) have a shot if "Internet Service Provider" referred to the party offering up subscribers to an Internet requesting user service, or if "Internet access" described access the Internet initiated, configured, and maintained to unwitting users' homes and businesses. When the connection is forged the other way around, the more logical... nay, undeniably less absurd and nonsensical prescription seems to be a firewall, subscription-based service, local DNS black/whitelisting, or some such other solution. If you don't know how to use those things, ask someone who does. Unlike other ills posed to some by connectivity, I know of no "can-porn" legistlation or other successful "do-not-pr0n" list. I don't think that demanding that the Internet clean up its act is going to pack much of a punch. your pr0n may vary, --ra -- k. rachael treu, CISSP rara@navigo.com ..quis custodiet ipsos custodes?.. (this email has been brought to you by the letters 'v' and 'i'.)
Scott Weeks wrote:
On Tue, 22 Mar 2005, Fergie (Paul Ferguson) wrote: : : "Utah's governor signed a bill on Monday that would : require Internet providers to block Web sites deemed : pornographic and could also target e-mail providers : and search engines." : : http://news.com.com/Utah+governor+signs+Net-porn+bill/2100-1028_3-5629067.ht...
Politician lip flappage for votes. It has no chance of passing.
I consider it proof positive, that our medical system is in dire need of an overhaul. Apparently, mental illness isn't being detected, and treated, as often as it should be. :P
scott
On Tue, Mar 22, 2005 at 11:50:12AM -0500, Richard Irving wrote:
I consider it proof positive, that our medical system is in dire need of an overhaul.
Apparently, mental illness isn't being detected, and treated, as often as it should be.
I always assumed it was working fine and we were sending the Crazies to Utah.
On Tue, Mar 22, 2005 at 08:55:21AM -0800, John Kinsella said something to the effect of:
On Tue, Mar 22, 2005 at 11:50:12AM -0500, Richard Irving wrote:
I consider it proof positive, that our medical system is in dire need of an overhaul.
Apparently, mental illness isn't being detected, and treated, as often as it should be.
I always assumed it was working fine and we were sending the Crazies to Utah.
Get demented, early and often! whee, --ra -- k. rachael treu, CISSP rara@navigo.com ..quis custodiet ipsos custodes?.. (this email has been brought to you by the letters 'v' and 'i'.)
CNET's extract is wrong. The article states The measure, SB 260, says: "Upon request by a consumer, a service provider may not transmit material from a content provider site listed on the adult content registry." Its entirely voluntary on the part of the consumer. Roy Engehausen Fergie (Paul Ferguson) wrote:
C|Net:
"Utah's governor signed a bill on Monday that would require Internet providers to block Web sites deemed pornographic and could also target e-mail providers and search engines."
http://news.com.com/Utah+governor+signs+Net-porn+bill/2100-1028_3-5629067.ht...
- ferg
-- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg@netzero.net or fergdawg@sbcglobal.net
----- Original Message ----- From: "Roy" <garlic@garlic.com> To: "Fergie (Paul Ferguson)" <fergdawg@netzero.net> Cc: <nanog@merit.edu> Sent: Tuesday, March 22, 2005 12:03 PM Subject: Re: Utah governor signs Net-porn bill
CNET's extract is wrong.
The article states
The measure, SB 260, says: "Upon request by a consumer, a service provider may not transmit material from a content provider site listed on the adult content registry."
Its entirely voluntary on the part of the consumer.
does pulling the plug on the user's connection count? <g> "your honor, we were just making sure our sinners^H^H^H^H^H^H^Husers couldn't access lecherous content that hasn't made it onto the registry!" -p --- paul galynin
On Tue, Mar 22, 2005 at 09:03:17AM -0800, Roy said something to the effect of:
CNET's extract is wrong.
The article states
The measure, SB 260, says: "Upon request by a consumer, a service provider may not transmit material from a content provider site listed on the adult content registry."
Isn't that demanding that an ISP provide, free of charge, a managed firewall service? I might be expecting too much, but wouldn't it stand to reason that link-chasing and downloading inherently constitute a request *to* receive content? At the risk of sounding like a proponent for public indecency <snicker> if Junior or Hubby or Wifey or whomever is hoarding porn and "must be protected/stopped/brought back into the fold", I don't think it's really the responsibility of the ISP to care. Note to Utah (tm)*: the pervasion of perversion is nigh! ;) Buy a firewall and keep an eye on your kids. Neither the schools nor the ISPs are meant to raise them. bah, --ra *UT is OK with me. The disgruntled ramblings in here refer only to those whining to the ISPs to save them from their own Internet connection.
Its entirely voluntary on the part of the consumer.
Roy Engehausen
Fergie (Paul Ferguson) wrote:
C|Net:
"Utah's governor signed a bill on Monday that would require Internet providers to block Web sites deemed pornographic and could also target e-mail providers and search engines."
http://news.com.com/Utah+governor+signs+Net-porn+bill/2100-1028_3-5629067.ht...
- ferg
-- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg@netzero.net or fergdawg@sbcglobal.net
-- k. rachael treu, CISSP rara@navigo.com ..quis custodiet ipsos custodes?.. (this email has been brought to you by the letters 'v' and 'i'.)
> The measure, SB 260, says: "Upon request by a consumer, a service provider > may not transmit material from a content provider site listed on the adult > content registry." > > Its entirely voluntary on the part of the consumer. It's also voluntary on the part of the service provider. Of course no one would be so foolish as to try to legislate the operation of the Internet without having read RFC 2119, and anyone familiar with that document would understand the difference between "MAY not" and "MUST NOT". :-) -Bill
Bill Woodcock wrote:
> The measure, SB 260, says: "Upon request by a consumer, a service provider > may not transmit material from a content provider site listed on the adult > content registry." > > Its entirely voluntary on the part of the consumer.
It's also voluntary on the part of the service provider.
What !?! Surely you Jest! So, it is voluntary on _both_ sides, _and_ it was made into a _law_ ? Can anyone confirm this ?
Of course no one would be so foolish as to try to legislate the operation of the Internet without having read RFC 2119, and anyone familiar with that document would understand the difference between "MAY not" and "MUST NOT".
:-)
-Bill
> > It's also voluntary on the part of the service provider. > What !?! Surely you Jest! Uh, yes, I was joking. Unfortunately, I do believe, on credible evidence, that there are people stupid enough to be trying to legislate the operation of the Internet without having first understood how it's done right now. Case in point. -Bill
On Tue, Mar 22, 2005 at 09:33:44AM -0800, Bill Woodcock said something to the effect of:
> > It's also voluntary on the part of the service provider. > What !?! Surely you Jest!
Uh, yes, I was joking. Unfortunately, I do believe, on credible evidence, that there are people stupid enough to be trying to legislate the operation of the Internet without having first understood how it's done right now. Case in point.
-Bill
What do you mean?! I'm writing an email right now to my service provider, demanding that I get *only* porn. I want all pr0n, all the time. No need to wast bandwidth on this smtp garbage, or any other http-type hooey, for that matter. I want my OPoIP (only porn over IP)! I want it secured, even! Encrypted porn with an SLA I can wave SLA about if anything else slips through like pesky news or children's pages or something icky. Are you telling me my provider reserves the right to refuse me this service? <sniff> --ra ;) -- k. rachael treu, CISSP rara@navigo.com ..quis custodiet ipsos custodes?.. (this email has been brought to you by the letters 'v' and 'i'.)
On Tue, 22 Mar 2005, Bill Woodcock wrote:
Uh, yes, I was joking. Unfortunately, I do believe, on credible evidence, that there are people stupid enough to be trying to legislate the operation of the Internet without having first understood how it's done right now. Case in point.
Can ISPs get around this by declaring themselves to be private clubs? ;) There was a rather poorly attended NANOG meeting in Salt Lake City a couple years ago. Between bars, er, private clubs, that required (very cheap) memberships to get in the door, the no more than one watered down beer on the table at a time rule, the guys who looked like secret service agents video taping the the gay pride people (all three of them...) outside the Temple, and the repeated "you want to rent a car? On a Sunday?!?" responses from people in the viscinity of the closed car rental counters, it was a cultural expeience. Regardless of the legal and technical merits of the plan, requiring a watered down web doesn't seem inconsistent. Ignoring the legal and commercial questions and focusing on the technical requirements, there are several ways they could have done this. China and Saudi Arabia accomplish this (China for political content, and Saudi Arabia for "porn") with national firewalls. So, if the same content were going to be blocked for all users in Utah, and if porn sites could somehow be prevented from operating in Utah, a monopoly transit proivder for all Utah ISPs with a big porn blocking firewall in front of it might do the trick. I hear it works in Saudi Arabia... But in this case, Utah hasn't chosen to use China or Saudi Arabia as its model, nor have they copied the first round of attempts at this sort of thing by various US states, which tended to give ISPs the burden of figuring out whether packets flowing through their network were "indecent" and imposed requirements on people in other states. I suspect this will make Utah different enough that a lot of national networks will decide it's not worth doing business there. But for Utah-focused ISPs who can figure out how to make a firewall or proxy server speak the same protocol as the state-run database, this should be an opportunity to charge higher prices in the face of reduced competition. This seems like something that could be implemented on a per-user basis with a little bit of policy based routing. Is it a good idea? Certainly not. Is it legal? I hope not. But is it so badly conceived as to be unimplementable if it ever gets to the enforcement stage? I don't think so. -Steve
----- Original Message ----- From: "Steve Gibbard" <scg@gibbard.org> To: <nanog@merit.edu> Sent: Tuesday, March 22, 2005 2:57 PM Subject: Re: Utah governor signs Net-porn bill --- snip ---
Regardless of the legal and technical merits of the plan, requiring a watered down web doesn't seem inconsistent.
i think i remember hearing about a municipal fast-e man and ftth deployment in salt lake city. who needs 100meg for dictionary.com lookups? ;] -p --- paul galynin
On Tue, Mar 22, 2005 at 11:57:43AM -0800, Steve Gibbard said something to the effect of:
On Tue, 22 Mar 2005, Bill Woodcock wrote:
Uh, yes, I was joking. Unfortunately, I do believe, on credible evidence, that there are people stupid enough to be trying to legislate the operation of the Internet without having first understood how it's done right now. Case in point.
Can ISPs get around this by declaring themselves to be private clubs? ;)
Good point..! Could they charge a membership fee and be forgiven compliance? Because ISPs certainly don't reap the government bail-outs or assurances (yet) that are afforded to public utilities, either... Regulated as public, levied against as private...where *is* the safe zone or loophole for ISPs? :? <speculative_musing> I'm unclear as to how this level of regulation can be applied to the rolling fields of porn and not swiftly expanded to accommodate other categories of information deemed to be objectionable. (I haven't yet read the complete bill, but will be interested to see how clearly codified the parameters for branding content as "adult" are.) On the other hand...what doors will this open for the converse...for entities who wish to have the government step in and mandate that the ISPs restrict delivery of content *from* them, of their content, or of content to others? This hydra could have many heads...one that looks like the DMCA, one like the RIAA, one that looks like pr0n-haters not wanting anyone to view it, one for each religious or political zealot group out there, one for each brand name... Poorly-conceived bills like this may set precedent for a number of slippery slopes. </speculative_musing> How, exactly, *did* this pass, anyway? --ra
There was a rather poorly attended NANOG meeting in Salt Lake City a couple years ago. Between bars, er, private clubs, that required (very cheap) memberships to get in the door, the no more than one watered down beer on the table at a time rule, the guys who looked like secret service agents video taping the the gay pride people (all three of them...) outside the Temple, and the repeated "you want to rent a car? On a Sunday?!?" responses from people in the viscinity of the closed car rental counters, it was a cultural expeience. Regardless of the legal and technical merits of the plan, requiring a watered down web doesn't seem inconsistent.
Ignoring the legal and commercial questions and focusing on the technical requirements, there are several ways they could have done this. China and Saudi Arabia accomplish this (China for political content, and Saudi Arabia for "porn") with national firewalls. So, if the same content were going to be blocked for all users in Utah, and if porn sites could somehow be prevented from operating in Utah, a monopoly transit proivder for all Utah ISPs with a big porn blocking firewall in front of it might do the trick. I hear it works in Saudi Arabia...
But in this case, Utah hasn't chosen to use China or Saudi Arabia as its model, nor have they copied the first round of attempts at this sort of thing by various US states, which tended to give ISPs the burden of figuring out whether packets flowing through their network were "indecent" and imposed requirements on people in other states. I suspect this will make Utah different enough that a lot of national networks will decide it's not worth doing business there. But for Utah-focused ISPs who can figure out how to make a firewall or proxy server speak the same protocol as the state-run database, this should be an opportunity to charge higher prices in the face of reduced competition. This seems like something that could be implemented on a per-user basis with a little bit of policy based routing.
Is it a good idea? Certainly not. Is it legal? I hope not. But is it so badly conceived as to be unimplementable if it ever gets to the enforcement stage? I don't think so.
-Steve
-- k. rachael treu, CISSP rara@navigo.com ..quis custodiet ipsos custodes?.. (this email has been brought to you by the letters 'v' and 'i'.)
--- Rachael Treu <rara@navigo.com> wrote:
<speculative_musing> I'm unclear as to how this level of regulation can be applied to the rolling fields of porn and not swiftly expanded to accommodate other categories of information deemed to be objectionable. (I haven't yet read the complete bill, but will be interested to see how clearly codified the parameters for branding content as "adult" are.)
Disclaimer: I lived in and around Salt Lake City for 10 years, no I'm not Mormon, and I have always thought that Utah is the best place in the world to get a flat tire, becuase everyone will fall all overthemselves to help you. That said, I've seen this kind of thing from Utah politicians before - they were some of the driving factors behind the "V-Chip" and in mandating that cablecos offered a service which was "all the channels except those which regularly show adult content", which, believe it or not, was not common when they offered it. I would be VERY surprised if they also added any (non-pr0n) other topics to this block-list. There is a strong distinction made in UT between pr0n and everything else: no one ever tried to expand the concept wrt the cablecos to any of the other objectionable things they may show. I remember when "The Last Temptation of Christ" showed in a movie theatre there, so they're not so bad as it may at first seem.
How, exactly, *did* this pass, anyway?
that's EASY: there is hyperconcern for the welfare of children in Utah, and they've had some success in restricting other public displays of adult activities (believe it or not, there used to be strip clubs within 4 blocks of the mormon temple there - the city council rezoned, and they moved 3 miles downroad). David Barak Need Geek Rock? Try The Franchise: http://www.listentothefranchise.com NEW ALBUM, "The Sound and the Furry" available at http://www.cdbaby.com/thefranchise __________________________________ Do you Yahoo!? Yahoo! Small Business - Try our new resources site! http://smallbusiness.yahoo.com/resources/
that's EASY: there is hyperconcern for the welfare of children in Utah,
Finally, someone who recognizes what this bill is all about. It merely asks ISPs to provide parents with a filtering tool that cannot be overridden by their children because the process of filtering takes place entirely outside the home. Once Utah ISPs come up with a good way to do this, I suspect there will be a market for such services elsewhere in the USA as well. And while the law focuses on the blocking aspect, i.e. blacklisting, let's not forget that the same service can also be used in a whitelisting mode. Can you imagine an Internet service in which parents subscribe to various "channels" by choosing from a menu of whitelists? I can. This is not your father's Internet any more... --Michael Dillon
Finally, someone who recognizes what this bill is all about. It merely asks ISPs to provide parents with a filtering tool that cannot be overridden by their children because the process of filtering takes place entirely outside the home.
The problem is the state isn't specifying that ISP's provide some software module that the state wrote to accomplish this, instead what they are doing is telling a transport provider they must provide something other than transport, they must provide some unspecified piece of software. It's like if parents required the state provide some piece of hardware to prevent kids from speeding in their cars because the state provides the roads. Geo.
Oki all, Over the holidays I had the opportunity to pick up some pin money experting for a case involving just this business model and the media ignored sides of some rather well-known persons who work the church markets in the US.
that's EASY: there is hyperconcern for the welfare of children in Utah,
Finally, someone who recognizes what this bill is all about. It merely asks ISPs to provide parents with a filtering tool that cannot be overridden by their children because the process of filtering takes place entirely outside the home.
In the instance of policy and mechanism I reviewed, this was "deinstall AOL and all others, install <name withheld pending>, stuff some obscure bits into hidden files on DOS boxen to prevent replay with a possibly different permissible policy threshold, and prompt the adult/user/owner/installer for threshold definition". Clunky, IMHO, because the step after "mistake" is "reinstall OEM os", but tastes vary.
Once Utah ISPs come up with a good way to do this, I suspect there will be a market for such services elsewhere in the USA as well.
In the instance of policy and mechanism I reviewed, this was "interpose a proxy on all http methods, and evalute some property of some of object according to some rule(s). If permissible (above), forward to the edge, if not, do something else. It could have been localized ad insertion, or bandwidth aware content frobbing, instead of ... what it was. Is it "easy" as a business proposition? Everything was on the rising side of the bubble. On the falling side of the bubble even AOL had to work its numbers. With "more moralists" dominant in public policy, market plans that replace public morality policy with private morality policies seem to me to be less likely to penetrate the "high" morality affinity-based markets than when "less moralists" dominant in public policy. To paraphrase my friend Bill, why would the little asshats settle for a private Idaho or Utah when the big asshats have promissed them the whole enchilada? Anyway, it was presents for the kiddies and some of the winter's heating oil, and I now know more about some people than I wanted to. Eric
On Wed, 23 Mar 2005 Michael.Dillon@radianz.com wrote:
that's EASY: there is hyperconcern for the welfare of children in Utah,
Finally, someone who recognizes what this bill is all about. It merely asks ISPs to provide parents with a filtering tool that cannot be overridden by their children because the process of filtering takes place entirely outside the home.
Are you absolutely sure that that's all the bill will actually do? -- JustThe.net - Apple Valley, CA - http://JustThe.net/ - 888.480.4NET (4638) Steven J. Sobol, Geek In Charge / sjsobol@JustThe.net / PGP: 0xE3AE35ED "The wisdom of a fool won't set you free" --New Order, "Bizarre Love Triangle"
On Wed, 23 Mar 2005 Michael.Dillon@radianz.com wrote:
that's EASY: there is hyperconcern for the welfare of children in Utah,
Finally, someone who recognizes what this bill is all about. It merely asks ISPs to provide parents with a filtering tool that cannot be overridden by their children because the process of filtering takes place entirely outside the home.
To Quote Peter Tolan (Cowriter of the TV Show "Rescue me") on another censorship issue: "The idea that government feels they have to regulate this stuff because the people they're governing can't turn it off is insulting" Why is it the ISP's responsibility to assume an operational burden of enforcing the religious morality of one group? I think the phrase "Chilling effect" has been used in this thread previously, and I believe it was apt. If there's a demand to an alternative internet service by, for example, Mormons, why not start an ISP with filtering, and offer it? Niche businesses service narrow segments of the market have been very successful, even if they charge slightly more, based on their specialized appeal. If aol/comcast/rboc/etc see that they are loosing customers to competition, they may choose to offer similar services or choose to let the customers go.
On March 23, 2005 at 10:44 Michael.Dillon@radianz.com (Michael.Dillon@radianz.com) wrote:
Finally, someone who recognizes what this bill is all about. It merely asks ISPs to provide parents with a filtering tool that cannot be overridden by their children because the process of filtering takes place entirely outside the home.
I assume one can opt out of this statutory filtering voluntarily. What's to stop their children (think teens not infants) from doing that as easily as they might disable a local filter? Ok, require ISPs to figure out how to secure against that, password management or whatever. Oh good, another arms race as kids pass around how to by-pass the filters at school...I know, use unlimited national cell rates to dial an out of state ISP. Or find a remote proxy to use. etc. It's not very hard, and if one kid figures it out the others just have to follow the formula. I have a better idea, why doesn't the Utah legislature just outlaw cancer. Wouldn't that do a lot more people a lot more good? Are those lawmakers in favor of people, CHILDREN!, suffering and dying of cancer? Shame on them! -- -Barry Shein Software Tool & Die | bzs@TheWorld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: 617-739-0202 | Login: 617-739-WRLD The World | Public Access Internet | Since 1989 *oo*
On Tue, Mar 22, 2005 at 02:59:20PM -0600, Rachael Treu wrote:
How, exactly, *did* this pass, anyway?
Any bill with "anti-pornography" as its title is going to be a freight train in the Utah legislature. Nobody is going to get in front of it for fear of being portrayed as "pro-pornography". I knew this sobering fact early on in the life of this bill. In its original form, it would have used IP addresses for blocking and would have introduced criminal penalties on ISPs if anything managed to slip by. Regardless of whether the ISP's filter was being circumvented or not. The bill's sponsor was good in working with me, the only ISP here that knew or was willing to come out against the bill. However, I was well aware that all I could strive for was to reduce the ISP impact of the bill, not make large deletions or changes. There were also a handful of individuals here who had direct experience with commercial software who were appalled at the nature of the bill and also worked against it. Large nationwide ISPs, who were involved in discussions early on, were strangely silent, instead letting the Internet Alliance write a letter for them. I do not believe the Attorney General's office here knows what they are signing up for. You may remember they had a "porn-czar" a few years back whose position was dissolved over lack of funding. Somehow the AG believes that maintaining and arbitrating an Internet blacklist will be easier and cheaper. In the end the bill itself doesn't have a big impact on this ISP's business. We have used Dansguardian for many years now along with URLblacklist.com for our customers that request filtering. The fact that its lists and software are open for editing and inspection is the reason I chose this over other commercial methods. This bill is a waste of time and money. It also does further damage to the Utah tech industry, portraying it as an idiotic backwater. Please do not generalize and think everyone here agrees with the methods promoted by a select few.
pashdown wrote:
On Tue, Mar 22, 2005 at 02:59:20PM -0600, Rachael Treu wrote: <snip> This bill is a waste of time and money. It also does further damage to the Utah tech industry, portraying it as an idiotic backwater.
The finger isn't pointing at the -Techs- being the illiterates, but the Politicians.
Please do not generalize and think everyone here agrees with the methods promoted by a select few.
The Moral Majority were Neither.
maybe i am slow or jaded, but i am not learning much new from this rather large thread. yes, politicians grandstand on 'moral' issues. yes, it is popular to legislate rather than educate 'morals' (thanks lucy for the reference to <http://www.philip-pullman.com/pages/content/index.asp?PageID=113> and these things seem to play out in the courts, not the mailing lists. <yawn> randy
On Tue, 22 Mar 2005, Randy Bush wrote:
maybe i am slow or jaded, but i am not learning much new from this rather large thread. yes, politicians grandstand on 'moral' issues. yes, it is popular to legislate rather than educate 'morals' (thanks lucy for the reference to <http://www.philip-pullman.com/pages/content/index.asp?PageID=113> and
for those of you who don't have the time to read this whole thing, two tasty bits: "So the relationship with books and plays and stories we develop in the school of morals is a profoundly, intensely, essentially democratic one, and it`s characterised by mutual responsibility. It places demands on the reader, because that is the nature of a democracy: citizens have to play their part. If we don`t bring our own best qualities to the encounter, we will take little away. Furthermore, it isn`t static: there is no final, unquestionable, unchanging authority. It`s dynamic. It changes and develops as our understanding grows, as our experience of reading - and of life itself - increases. Books we once thought great come to seem shallow and meretricious; books we once thought boring reveal their subtle treasures of wit, their unsuspected shafts of wisdom. And this progress is real progress; it`s not the endless regression of shifting sand underfoot and the shimmering falsity of a mirage endlessly retreating ahead, it`s solid stepping stones, and clear understanding. And it`s voluntary. Because this is the thing I really want to get across: the school of morals works best when it doesn`t work like a school. The way real reading happens, the way in to the school of morals, goes through the gateway of delight." AND "I haven`t mentioned simple human wickedness. Or laziness, or greed, or fear, or the strongest regiment of all in the army of darkness: stupidity. Any of those can bring down the school of morals in a day. I haven`t mentioned death. I haven`t mentioned hazard, or the environmental recklessness that will do for us all if we don`t change our way of life. These are mighty forces, and I think they will defeat the school of morals, in the end. But that doesn`t mean we should give up and surrender. Nor does it mean we should turn the school of morals into a fortress, and surround it with rules and systems and procedures, and look out over the ramparts with suspicion and hostility. That would be a different kind of surrender. I think we should act as if. I think we should read books, and tell children stories, and take them to the theatre, and learn poems, and play music, as if it would make a difference. I think that while believing that the school of morals is probably doomed, we should act as if it were not. We should act as if the universe were listening to us and responding; we should act as if life were going to win. We should act as if we were celebrating a wedding: we should act as if we were attending the marriage of responsibility and delight."
On Tue, Mar 22, 2005 at 03:49:44PM -0700, pashdown wrote:
In the end the bill itself doesn't have a big impact on this ISP's business. We have used Dansguardian for many years now along with URLblacklist.com for our customers that request filtering. The fact that its lists and software are open for editing and inspection is the reason I chose this over other commercial methods.
What is the plan -- if any -- to deal with the hosting of the porn sites on the computers of the people who they're supposed to be blocked from? What I'm referring to is the occasional spammer tactic of downloading web site contents into a hijacked Windows box ("zombie") and then using either redirectors, or rapidly-updating DNS, or just plain old IP addresses in URIs to send HTTP traffic there. This seems to be a tactic of choice on those occasions when the content is of a dubious nature: kiddie porn, warez, credit card numbers, identity theft tools, that sort of thing. Even *detecting* such things is difficult, especially when they're transient in nature and hosted on boxes with dynamic IP addresses. So how is any ISP going to be able to block customer X from a web site that's on customer X's own system? Or on X's neighbor Y's system? Oh...and then we get into P2P distribution mechanisms. How is any ISP supposed to block content which is everywhere and nowhere? ---Rsk
Rich Kulawiec wrote:
Oh...and then we get into P2P distribution mechanisms. How is any
ISP supposed to block content which is everywhere and nowhere?
This would only be possible by whitelisting content, which is not what most would accept. (although there are countries where this is the norm, but their citizens are not exactly happy with the norm either) With technologies which do pseudonymous random routing over tunnel broker service, applet brought to you similarly to Flash or Shockwave "plugin", intrusive technologies become even harder to implement reliably. And it's probably the older kids who use this technology before the ISP or the parents. The numbers are still in thousands, but in the P2P world, going from minority to majority is 12 to 18 months. Pete
On Wed, Mar 23, 2005 at 11:23:12AM -0500, Rich Kulawiec wrote:
What is the plan -- if any -- to deal with the hosting of the porn sites on the computers of the people who they're supposed to be blocked from?
What I'm referring to is the occasional spammer tactic of downloading web site contents into a hijacked Windows box ("zombie") and then using either redirectors, or rapidly-updating DNS, or just plain old IP addresses in URIs to send HTTP traffic there. This seems to be a tactic of choice on those occasions when the content is of a dubious nature: kiddie porn, warez, credit card numbers, identity theft tools, that sort of thing.
"That's simple: just block inbound access to port 80 on the customer machines!" Cheers, -- jra -- Jay R. Ashworth jra@baylink.com Designer Baylink RFC 2100 Ashworth & Associates The Things I Think '87 e24 St Petersburg FL USA http://baylink.pitas.com +1 727 647 1274 If you can read this... thank a system adminstrator. Or two. --me
Were I running an ISP of which Utah subscribers were not a large portion of my customer base, I would probably seriously consider simply disconnecting all of my Utah customers. Owen --On Tuesday, March 22, 2005 9:18 AM -0800 Bill Woodcock <woody@pch.net> wrote:
> The measure, SB 260, says: "Upon request by a consumer, a service provider > may not transmit material from a content provider site listed on the adult > content registry." > > Its entirely voluntary on the part of the consumer.
It's also voluntary on the part of the service provider. Of course no one would be so foolish as to try to legislate the operation of the Internet without having read RFC 2119, and anyone familiar with that document would understand the difference between "MAY not" and "MUST NOT".
:-)
-Bill
-- If it wasn't crypto-signed, it probably didn't come from me.
On Tue, 22 Mar 2005, Owen DeLong wrote:
Were I running an ISP of which Utah subscribers were not a large portion of my customer base, I would probably seriously consider simply disconnecting all of my Utah customers.
Of course, you're making sure none of the web servers under your purview are reachable from Utah either. ...Right? -- JustThe.net - Apple Valley, CA - http://JustThe.net/ - 888.480.4NET (4638) Steven J. Sobol, Geek In Charge / sjsobol@JustThe.net / PGP: 0xE3AE35ED "The wisdom of a fool won't set you free" --New Order, "Bizarre Love Triangle"
On (22/03/05 20:41), Steven J. Sobol wrote:
On Tue, 22 Mar 2005, Owen DeLong wrote:
Were I running an ISP of which Utah subscribers were not a large portion of my customer base, I would probably seriously consider simply disconnecting all of my Utah customers.
Of course, you're making sure none of the web servers under your purview are reachable from Utah either.
...Right?
well, actually, it sounds as if that would be your (the utah isp's) responsibility - unless the state of utah starts trying to apply its law(s) to other states (countries)... /joshua -- A common mistake that people make when trying to design something completely foolproof is to underestimate the ingenuity of complete fools. - Douglas Adams -
joshua sahala wrote:
On (22/03/05 20:41), Steven J. Sobol wrote:
On Tue, 22 Mar 2005, Owen DeLong wrote:
Were I running an ISP of which Utah subscribers were not a large portion of my customer base, I would probably seriously consider simply disconnecting all of my Utah customers.
Yes.
Of course, you're making sure none of the web servers under your purview are reachable from Utah either.
...Right?
well, actually, it sounds as if that would be your (the utah isp's) responsibility - unless the state of utah starts trying to apply its law(s) to other states (countries)...
NO, see 76-10-1233(1) "A content provider that is domiciled in Utah, or generates or hosts content in Utah, "... That's why I mentioned that hosters, and other content generating companies of any kind, will have to move out of the state. The reason that generic hosting facilities have to move is obvious, since nobody screens users -- web pages, blog comments, etc. Why other businesses? For example, no drug companies or pharmacies can have their businesses in Utah; they sell contraceptives, and generate information too sensitive for the tender eyes of minors. Since this law takes effect in January, 2006, the time to begin moving your company is Real Soon Now. Unless you just happen to have FELONY bail bond sitting around cash on hand -- typically $100,000 -- and plenty of funds for lawyers. -- William Allen Simpson Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
Bill, I'll be happy to contact the IT and/or policy people at any or all of the Tribal Governments who's jurisdictions are surrounded by, or proximal to, those of the state of Utah. (a) They could use the business, just like anyone else, and (b) they are not subject to Utah's state law (and before any smarty pants says "PL 280 Utah Code Annotated sections 63-36-9 to 63-36-21, 1991", let me point out that Utah has not amended its state constitutions and, consequently, their claims of jurisdiction are subject to legal challenge, and (deep breath), PL 280 wasn't intended to help missionaries chase foul mouthed apostates and 1st Amendment exercisers out of Indian Country), and quite attached to keeping that difference and keeping it visibly.
NO, see 76-10-1233(1) "A content provider that is domiciled in Utah, or generates or hosts content in Utah, "...
Eric
On Tue, Mar 22, 2005 at 09:03:17AM -0800, Roy wrote:
CNET's extract is wrong.
The article states
The measure, SB 260, says: "Upon request by a consumer, a service provider may not transmit material from a content provider site listed on the adult content registry."
Its entirely voluntary on the part of the consumer.
The question is is it required to be affordable? "Yes, we offer a pr0n-free internet access for a service fee of $9.95/packet". I remember at a previous job trying to bypass one of these filters to determine how easy it would be (during the eval, it's kinda funny to have someone come by and say "try to reach pr0n now!"). The first person to bypass it was the one that handled postmaster@* only takes moments from a spam msg to get there.. short of having a live person (uh, isn't that called a parent?) review the material invovled, there will always be a way to bypass it, someone could hack some major content providers systems and serve out nothing but content that is restricted.. i don't see much that can be done to prevent those that truly want access to obtain it. - jared
Fergie (Paul Ferguson) wrote:
C|Net:
"Utah's governor signed a bill on Monday that would require Internet providers to block Web sites deemed pornographic and could also target e-mail providers and search engines."
http://news.com.com/Utah+governor+signs+Net-porn+bill/2100-1028_3-5629067.ht...
- ferg
-- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg@netzero.net or fergdawg@sbcglobal.net
-- Jared Mauch | pgp key available via finger from jared@puck.nether.net clue++; | http://puck.nether.net/~jared/ My statements are only mine.
Date: Tue, 22 Mar 2005 12:19:40 -0500 From: Jared Mauch <jared@puck.nether.net> Sender: owner-nanog@merit.edu
On Tue, Mar 22, 2005 at 09:03:17AM -0800, Roy wrote:
CNET's extract is wrong.
The article states
The measure, SB 260, says: "Upon request by a consumer, a service provider may not transmit material from a content provider site listed on the adult content registry."
Its entirely voluntary on the part of the consumer.
The question is is it required to be affordable?
"Yes, we offer a pr0n-free internet access for a service fee of $9.95/packet".
I remember at a previous job trying to bypass one of these filters to determine how easy it would be (during the eval, it's kinda funny to have someone come by and say "try to reach pr0n now!").
The first person to bypass it was the one that handled postmaster@*
only takes moments from a spam msg to get there..
short of having a live person (uh, isn't that called a parent?) review the material invovled, there will always be a way to bypass it, someone could hack some major content providers systems and serve out nothing but content that is restricted.. i don't see much that can be done to prevent those that truly want access to obtain it.
The law does not require that pr0n be blocked on customer request, only that access to a list of sites (addresses?) on a published list be blocked. A very different beast and a task that is not too onerous. No more so than SPAM RBLs and bogon address RBLs if handled properly. Any chance that it will block access to pr0n? No. But, within the limited parameters of the law passed, it might be workable. This is not a claim that it is a reasonable law or that it will really serve to any end-user's benefit, only that it's not a huge issue for most ISPs. Of course, if it is upheld and lots of states jump on the bandwagon with similar legislation, the scalability of the system comes into question. There is going to be much hand wringing and gnashing of teeth when parents discover that it really doesn't work and the demand goes out for something "better". They will claim that the state promised, but they won't be taking legal action against the state. :-( -- R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: oberman@es.net Phone: +1 510 486-8634
In message <20050322173939.4F2F45D08@ptavv.es.net>, "Kevin Oberman" writes:
The law does not require that pr0n be blocked on customer request, only that access to a list of sites (addresses?) on a published list be blocked. A very different beast and a task that is not too onerous. No more so than SPAM RBLs and bogon address RBLs if handled properly.
That is, in fact, similar to a Pennsylvania law that was struck down by a Federal court. CDT's analysis of the Utah law is at http://www.cdt.org/speech/20050307cdtanalysis.pdf --Prof. Steven M. Bellovin, http://www.cs.columbia.edu/~smb
(Apparently I am more movd by the topic of saving porn than I ever imagined... ;) ) On Tue, Mar 22, 2005 at 09:39:39AM -0800, Kevin Oberman said something to the effect of:
..snip snip..
The law does not require that pr0n be blocked on customer request, only that access to a list of sites (addresses?) on a published list be blocked. A very different beast and a task that is not too onerous. No more so than SPAM RBLs and bogon address RBLs if handled properly.
In my opinion... Actually, it still is pretty onerous, just not as bad as what was suggested in the former interpretation. Having come from the ISP pool myself, I wouldn't want to have to manage this list. Unlike bogons and RBLs, this sort of thing isn't deployed globally, and would have to be managed inconsistently across interfaces of those who request it. Who will handle the requests? Who will deploy the changes? Should large ISPs' core networking teams be handling requests directly from customers? Will the same teams managing the requests be called in during major infrastructure changes that might impact the deployment of such a solution? What liability will the ISP have if the block list is mistakenly removed from a requester's inteface? All very basic (and far from being a completel list) that suggest lost man hours to deploy and maintain. Perhaps if the government is interested in taking such a matter into its own hands, an agency should be tasked with managing firewall services for these customers, at its own (read: taxpayer :( ) cost. If governing bodies are even going to *try* to legislate morality in this realm, they are going to have to fund at least part of it, I would think... --ra
Any chance that it will block access to pr0n? No. But, within the limited parameters of the law passed, it might be workable. This is not a claim that it is a reasonable law or that it will really serve to any end-user's benefit, only that it's not a huge issue for most ISPs.
Of course, if it is upheld and lots of states jump on the bandwagon with similar legislation, the scalability of the system comes into question. There is going to be much hand wringing and gnashing of teeth when parents discover that it really doesn't work and the demand goes out for something "better". They will claim that the state promised, but they won't be taking legal action against the state. :-( -- R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: oberman@es.net Phone: +1 510 486-8634
-- K. rachael treu, CISSP rara@navigo.com ..quis custodiet ipsos custodes?.. (this email has been brought to you by the letters 'v' and 'i'.)
on 3/22/05 9:19 AM, Jared Mauch wrote:
The question is is it required to be affordable?
"Yes, we offer a pr0n-free internet access for a service fee of $9.95/packet".
According to the bill: (3)(b)(i) Except as provided in Subsection (3)(b)(ii), a service provider may not charge a consumer for blocking material or providing software under this section, except that a service provider may increase the cost to all subscribers to the service provider's services to recover the cost of complying with this section. (3)(b)(ii) A service provider with fewer than 7,500 subscribers may charge a consumer for providing software under Subsection (3)(a)(ii) if the charge does not exceed the service provider's cost for the software. -Richard
The Utah governor's name is Jon Huntsman. Use the word "huntsman" as new slang for some sexual act which would make a dead man blush until people demand that any site using the word "huntsman" be blocked. -Name Withheld By Request
participants (32)
-
Baker Fred
-
Barry Shein
-
Bill Woodcock
-
David Barak
-
Eric Brunner-Williams in Portland Maine
-
Fergie (Paul Ferguson)
-
Florian Weimer
-
Geo.
-
Jared Mauch
-
Jay R. Ashworth
-
John Kinsella
-
joshua sahala
-
Kevin Oberman
-
Lucy E. Lynch
-
Michael.Dillon@radianz.com
-
Owen DeLong
-
pashdown
-
Paul G
-
Petri Helenius
-
Rachael Treu
-
Randy Bush
-
Rich Kulawiec
-
Richard Irving
-
Richard Parker
-
Roy
-
Scott Call
-
Scott Weeks
-
Steve Gibbard
-
Steven J. Sobol
-
Steven M. Bellovin
-
Valdis.Kletnieks@vt.edu
-
William Allen Simpson