Dave Farber comments on Re: Major Labels v. Backbones

Hm, why stop with just backbone networks?

Why shouldn't edge networks, corporate networks, and household
networks chip in to uphold civil judgements against infringers?

Surely I should not object if the RIAA insists that I block
access of my small collection of computers to hosts which exist
solely to distribute infringing material? Surely Dr Farber has
already volunteered to adjust his own border filtering, since it
is no great inconvenience to do so, the case is clear-cut, and
this bad law is still on the books and therefore should continue
to be followed.

  Sean.

The record labels don't want to give you that choice. If you read the
complaint you'll notice the record companies never attempted to contact
the immediate upstream ISP in China. Instead of following international
treaties for the service of process, which would take "months," they are
forum shopping for a "less burdensome" (to them, more burdensome to
everyone else) forum.

It is much easier to get on a "blackhole list" than it is to get off of
one. If you are a non-US ISP, you could find your address space null
routed by major US backbones without notice to you. Even if you later
get rid of the customer, how does the non-US ISP get off the US court
imposed blacklist? Will China Telecom, or the Chinese government need to
hire a US lawyer to petition the US court for permission to have address
space assigned by APNIC to China routed? Will RIPE and APNIC issue
additional address space to a non-US ISP because their previous address
space became unroutable due to US court orders?

Will backbones be expected to only null route addresses within the court's
area of jurisdiction? Worldcom, AT&T, Sprint and C&W operate world-wide
routing domains. How far will the US court's order "leak?" Will Canada
and Europe still be able to reach www.listen4ever.com in China over the
portions of the companies backbones not located in US jurisdiction?
Likewise when German and French courts order backbone providers with
assets in those jurisdictions to block access to illegal websites, how far
will those orders leak? AOL/CompuServe has experienced this in Germany
already.

Dr. Farber's statements to the contrary, I don't think this is trivial to
implement. We have experience with AGIS, Napster, RBLs, etc.

sean@donelan.com (Sean Donelan) writes:

The record labels don't want to give you that choice. If you read the
complaint you'll notice the record companies never attempted to contact
the immediate upstream ISP in China. ...

Am I the only one who finds it odd that it's illegal to export crypto or
"supercomputers" to certain nations or to sell such goods with prior
knowledge that the goods are going to be resold in those nations... or
even to travel to certain nations... yet no law prohibits establishing
a link and a BGP session to ISP's within those nations, or to ISP's who
are known to have links and BGP sessions to ISP's within those nations?

How long, in this new era of homeland security, can we expect it to last?
How long before someone has to say "I'm sorry, I can't peer with you or sell
you transit because you have downstreams or peers inside the axis of evil"?

I'm not sure I'd be opposed to it, since economic blockades do appear to
have some effect, and since data is a valuable import/export commodity. I
think homeland security is a good thing if it means a mandate for IPsec,
DNSSEC, edge RPF, etc... but if we *mean* it, then why are US packets able
to reach ISP's in hostile nations?

(My bet is that within 6.5 minutes of this message going out, there will be
at least one public flame on the topic of "how freedom of information is
the only way to bring down a totalitarian regime". Save it, please -- I can
write, have written, and will write that whitepaper myself. This is not
the same topic. I want to know what the homeland security department is
likely to do about all this, not what is good/bad for the citizens of
hostile nations or even nonhostile nations.)

-----BEGIN PGP SIGNED MESSAGE-----

Digital data is much easier to move that the physical items of economic
blockades which are also restricted not only by customs but by them appearing on
accounts etc which should declare enough info to show a business was acting
illegally by sending to a blockaded nation.

In telecoms (inc ISP) you can simply shift the data through a couple of
intermediaries and circumvent the restriction. With IP, the blockaded nation can
even source IPs that make it look as tho its from another nation - who will find
out.

If its on CDROM again just send through an intermediary, its small and easy
enough, not exactly a logistics puzzle..

And I really dont see the point on restricting software (crypto) which is freely
and publically available in one country (ie US) - its so easy to get the
technology into the restricted countries. Just a waste of bureaucratic cash and
keeping someone in a job somewhere imho.

Why waste time, effort and cash on things so futile! Stick to economic sanctions
which are enforcable!

Steve

> The record labels don't want to give you that choice. If you read the
> complaint you'll notice the record companies never attempted to contact
> the immediate upstream ISP in China. ...

<rant opinion=mine>
Well, maybe the record industry doesn't want to interfere
with the 'anti-copy' oriented Chinese authorities. Unlike
the US, China tightly controls regular xerox copy machines,
book printers and other so called 'free press' which could
easily be subverted to rob copyright holders left an right.
I think the RIAA and the like are right to attack the
problem at its source: Free Speech. Well, you may still be
able to voice your opinion, as long as you pay for it.
</rant>

Am I the only one who finds it odd that it's illegal to export crypto
or "supercomputers" to certain nations or to sell such goods with
prior knowledge that the goods are going to be resold in those
nations... or even to travel to certain nations... yet no law
prohibits establishing a link and a BGP session to ISP's within those
nations, or to ISP's who are known to have links and BGP sessions to
ISP's within those nations?

Well... it is not always legal. The "trade with the enemy" act may
prohibit ISPs from connecting with countries on the list. In the old
times I had a discussion on the subject with Steve Goldstein (regarding
Iran).

I'm not sure I'd be opposed to it, since economic blockades do appear
to have some effect, and since data is a valuable import/export
commodity. I think homeland security is a good thing if it means a
mandate for IPsec, DNSSEC, edge RPF, etc... but if we *mean* it, then
why are US packets able to reach ISP's in hostile nations?

This is silly, because:

a) no one can deny connectivity to "bad guys". You can merely create a
minor annoyance to them, in form of having to use a proxy somewhere in
Europe.

b) all you can really achieve is to restrict access for their populace;
effectively making the job of "bad guys" easier (hint: governments in
non-friendly countries do agressive filtering of access to Western
networks themselves).

It is a known phenomenon that given the Western cultural dominance in the
net, it is one of the best pro-Western propaganda tools around. Propaganda
(in the right direction) is good, because if you can convince someone to
come to your side, you don't have to kill him to prevail.

I can only hope that H.S. Dept will see it this way.

I want to know what the homeland security department is likely to do
about all this, not what is good/bad for the citizens of hostile
nations or even nonhostile nations.

Likely nothing, unless they are complete incompetents. The point is:
there's no feasible way to achieve any gains by restricting access on
per-country basis.

It is a lot more useful to suppress the enemy propaganda by going after
its sources which are easily located. I would suggest going after CNN
first [sarcasm implied].

--vadim

The question has already been asked. If ISPs are interested in how it is
answered, they should participate.

Technology is neutral for the most part. Firewalls can keep bad people
out of your systems, they can also block your access to the Washington
Post news site. The reason people trust public libraries is librarians,
not fancy technology. The reason people trust ISPs is ???

I doubt they are complete incompetents, but they are politicians. Sometimes people who are interested in a sound-bite or press-release do things which look, at least in retrospect, as stupid so they can garner some instant public reaction.

IOW: They may know it will not do any good, but they may do it any way for a front-page headline. Or at least to look like they are doing something.

At least that is my fear.