From mjdb at dorevale.demon.co.uk Fri Jan 1 10:01:27 2010 From: mjdb at dorevale.demon.co.uk (M J D Brown) Date: Fri, 1 Jan 2010 10:01:27 -0000 Subject: FYI: The Guardian | Mobile phone security cracked, says German hacker. References: <752118611.20091229185432@originalthinktank.org.uk><4B3A6765.8020703@zen.co.uk> <87y6kkwr2o.fsf@mid.deneb.enyo.de><20091230142409.GK70754@davros.org> <871viasozj.fsf@mid.deneb.enyo.de> Message-ID: <7CFED79205904D8A827ED95C4E4EE472@Powerstation> ----- Original Message ----- From: "Florian Weimer" To: Sent: Thursday, December 31, 2009 11:28 PM Subject: Re: FYI: The Guardian | Mobile phone security cracked,says German hacker. >* Clive D. W. Feather: > >> Florian Weimer said: >>>> A question: Is she correct, and would it be illegal in the UK? >>> >>> Very doubtful. There are patents on third party GSM interception in >>> the UK, and this wouldn't be possible if the technology could only >>> be >>> used illegally ("contry to public policy or morality"). >> >> But some interceptions (for example, those done with a warrant) are >> legal. > > I strongly suspect you need both a warrant and a law that says what > you are doing is legal, provided you have got a warrant. (I'm not > that familiar the Common Law system, though.) A warrant which calls > for an illegal act does not magically provide legality. > >> So there would be legal uses, even if interception of the public >> network by the public is illegal. > > Those legal uses came only into existence after the patent was > granted. > Patents create private intellectual property. Thus unauthorised employment of patented information creates a basis for a civil lawsuit to prevent further use and/or to recover costs and damages. Patent infringement, as such, does not create an illegal act in terms of the criminal law. Under Common Law the Defence of the Realm and preservation of the Queen's Peace are the highest imperatives that have been held formerly to justify and legitimise whatever actions are deemed necessary by the responsible authorities. Before the brief-hungry lawyers got to work, the prevention and detection of crime was a sufficient justification for communications interception. Our present problems stem, in my view, from the replacement of the common sense of the Common Law by Statute Law (eg RIPA), requiring a precision in definition and expression that has clearly eluded the Parliamentary draughtsmen and their external advisers. Mike. From fw at deneb.enyo.de Fri Jan 1 10:35:35 2010 From: fw at deneb.enyo.de (Florian Weimer) Date: Fri, 01 Jan 2010 11:35:35 +0100 Subject: FYI: The Guardian | Mobile phone security cracked, says German hacker. In-Reply-To: <7CFED79205904D8A827ED95C4E4EE472@Powerstation> (M. J. D. Brown's message of "Fri, 1 Jan 2010 10:01:27 -0000") References: <752118611.20091229185432@originalthinktank.org.uk> <4B3A6765.8020703@zen.co.uk> <87y6kkwr2o.fsf@mid.deneb.enyo.de> <20091230142409.GK70754@davros.org> <871viasozj.fsf@mid.deneb.enyo.de> <7CFED79205904D8A827ED95C4E4EE472@Powerstation> Message-ID: <87bphet8nc.fsf@mid.deneb.enyo.de> * M. J. D. Brown: > Patents create private intellectual property. Thus unauthorised > employment of patented information creates a basis for a civil lawsuit > to prevent further use and/or to recover costs and damages. Patent > infringement, as such, does not create an illegal act in terms of the > criminal law. It's not about patent infringement. According to the Patents Act, you cannot patent something that is "contrary to public policy or morality" (which probably includes all things illegal). If third-party comms interception was inherently illegal (as the GSMA spokesperson claimed), a device which facilities such interception could not be subject to a patent. There's a problem with this argument, though: it was not brought up during a court case asking for invalidation of one of the IMSI catcher patents. Perhaps the requirement in the Patents Act is just some sort of archaic relict which does not constrain patentable subject matter at all. From lists at internetpolicyagency.com Fri Jan 1 10:35:00 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Fri, 1 Jan 2010 10:35:00 +0000 Subject: FYI: The Guardian | Mobile phone security cracked, says German hacker. In-Reply-To: <7CFED79205904D8A827ED95C4E4EE472@Powerstation> References: <752118611.20091229185432@originalthinktank.org.uk> <4B3A6765.8020703@zen.co.uk> <87y6kkwr2o.fsf@mid.deneb.enyo.de> <20091230142409.GK70754@davros.org> <871viasozj.fsf@mid.deneb.enyo.de> <7CFED79205904D8A827ED95C4E4EE472@Powerstation> Message-ID: <5hwORlfU$cPLFA6P@perry.co.uk> In article <7CFED79205904D8A827ED95C4E4EE472 at Powerstation>, M J D Brown writes >Our present problems stem, in my view, from the replacement of the >common sense of the Common Law by Statute Law (eg RIPA), requiring a >precision in definition and expression that has clearly eluded the >Parliamentary draughtsmen and their external advisers. The interception provisions in RIPA are a replacement for IOCA-85, not for common law. Read all about it here: http://www.cyber-rights.org/interception/ioca99.htm In article <871viasozj.fsf at mid.deneb.enyo.de>, Florian Weimer writes >I strongly suspect you need both a warrant and a law that says what >you are doing is legal, provided you have got a warrant. A RIPA interception warrant does exactly both. -- Roland Perry From mjdb at dorevale.demon.co.uk Fri Jan 1 10:54:36 2010 From: mjdb at dorevale.demon.co.uk (M J D Brown) Date: Fri, 1 Jan 2010 10:54:36 -0000 Subject: FYI: The Guardian | Mobile phone security cracked, says German hacker. References: <752118611.20091229185432@originalthinktank.org.uk><4B3A6765.8020703@zen.co.uk> <87y6kkwr2o.fsf@mid.deneb.enyo.de><20091230142409.GK70754@davros.org> <871viasozj.fsf@mid.deneb.enyo.de><7CFED79205904D8A827ED95C4E4EE472@Powerstation> <5hwORlfU$cPLFA6P@perry.co.uk> Message-ID: ----- Original Message ----- From: "Roland Perry" To: Sent: Friday, January 01, 2010 10:35 AM Subject: Re: FYI: The Guardian | Mobile phone security cracked,says German hacker. > In article <7CFED79205904D8A827ED95C4E4EE472 at Powerstation>, M J D > Brown > writes >>Our present problems stem, in my view, from the replacement of the >>common sense of the Common Law by Statute Law (eg RIPA), requiring a >>precision in definition and expression that has clearly eluded the >>Parliamentary draughtsmen and their external advisers. > > The interception provisions in RIPA are a replacement for IOCA-85, not > for > common law. Read all about it here: > > http://www.cyber-rights.org/interception/ioca99.htm Thanks for the reference. OK, so RIPA replaces Common Law at one step removed. Makes no difference to the principle that legislative drafting cannot always catch the common sense of interpreted Common Law. Do you doubt my general conclusion that it would often be well-advised not to replace Common Law by Statute? Mike. From mjdb at dorevale.demon.co.uk Fri Jan 1 10:56:22 2010 From: mjdb at dorevale.demon.co.uk (M J D Brown) Date: Fri, 1 Jan 2010 10:56:22 -0000 Subject: FYI: The Guardian | Mobile phone security cracked, says German hacker. References: <752118611.20091229185432@originalthinktank.org.uk><4B3A6765.8020703@zen.co.uk> <87y6kkwr2o.fsf@mid.deneb.enyo.de><20091230142409.GK70754@davros.org> <871viasozj.fsf@mid.deneb.enyo.de><7CFED79205904D8A827ED95C4E4EE472@Powerstation> <87bphet8nc.fsf@mid.deneb.enyo.de> Message-ID: ----- Original Message ----- From: "Florian Weimer" To: Sent: Friday, January 01, 2010 10:35 AM Subject: Re: FYI: The Guardian | Mobile phone security cracked,says German hacker. >* M. J. D. Brown: > >> Patents create private intellectual property. Thus unauthorised >> employment of patented information creates a basis for a civil >> lawsuit >> to prevent further use and/or to recover costs and damages. Patent >> infringement, as such, does not create an illegal act in terms of the >> criminal law. > > It's not about patent infringement. According to the Patents Act, you > cannot patent something that is "contrary to public policy or > morality" (which probably includes all things illegal). If > third-party comms interception was inherently illegal (as the GSMA > spokesperson claimed), a device which facilities such interception > could not be subject to a patent. > > There's a problem with this argument, though: it was not brought up > during a court case asking for invalidation of one of the IMSI catcher > patents. Perhaps the requirement in the Patents Act is just some sort > of archaic relict which does not constrain patentable subject matter > at all. > You are quite right, but I think the preceding argument was predicated upon the existence of a relevant patent on the interception technology. Mike. From lists at internetpolicyagency.com Fri Jan 1 10:57:05 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Fri, 1 Jan 2010 10:57:05 +0000 Subject: FYI: The Guardian | Mobile phone security cracked, says German hacker. In-Reply-To: <87bphet8nc.fsf@mid.deneb.enyo.de> References: <752118611.20091229185432@originalthinktank.org.uk> <4B3A6765.8020703@zen.co.uk> <87y6kkwr2o.fsf@mid.deneb.enyo.de> <20091230142409.GK70754@davros.org> <871viasozj.fsf@mid.deneb.enyo.de> <7CFED79205904D8A827ED95C4E4EE472@Powerstation> <87bphet8nc.fsf@mid.deneb.enyo.de> Message-ID: In article <87bphet8nc.fsf at mid.deneb.enyo.de>, Florian Weimer writes >If third-party comms interception was inherently illegal (as the GSMA >spokesperson claimed), a device which facilities such interception >could not be subject to a patent. Compare with the situation regarding a patent for a better automatic rifle. These are "inherently illegal" for members of the public to carry around (in the UK), but are legally used by the police and army. When deciding if interception by a member of the public is illegal (as in a criminal offence), the first test is whether it took place on a public or private network. Typically, the pico-cell arrangements used to give mobile coverage inside large warehouses counts as private, because only people registered with the system can access. Here's an example: http://www.anvilhosted.co.uk/22.html -- Roland Perry From invitations at boxbe.com Fri Jan 1 09:38:05 2010 From: invitations at boxbe.com (Jo Sa) Date: Fri, 1 Jan 2010 01:38:05 -0800 (PST) Subject: Jo Sa wants to share approved contacts on Boxbe Message-ID: <1311280820.5889023.1262338685250.JavaMail.prod@app002.boxbe.com> I use Boxbe to manage my inbox. I think Boxbe can help you, too! Here's the link: https://www.boxbe.com/register?tc=1189305711_1517474673 -Jo Please do not reply directly to this email. This message was sent at the request of jsaviri at gmail.com. Boxbe will not use your email address for any other purpose. Click the link below if you would prefer not to receive any further invitations from Boxbe members: https://www.boxbe.com/unsubscribe?email=ukcrypto at chiark.greenend.org.uk&tc=1189305711_1517474673 Boxbe integrates with Yahoo!, Gmail, Google Apps, and AOL. Get Boxbe today! Boxbe, Inc. | 2390 Chestnut Street #201 | San Francisco, CA 94123 -------------- next part -------------- An HTML attachment was scrubbed... URL: From lists at internetpolicyagency.com Fri Jan 1 14:18:32 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Fri, 1 Jan 2010 14:18:32 +0000 Subject: FYI: The Guardian | Mobile phone security cracked, says German hacker. In-Reply-To: References: <752118611.20091229185432@originalthinktank.org.uk> <4B3A6765.8020703@zen.co.uk> <87y6kkwr2o.fsf@mid.deneb.enyo.de> <20091230142409.GK70754@davros.org> <871viasozj.fsf@mid.deneb.enyo.de> <7CFED79205904D8A827ED95C4E4EE472@Powerstation> <5hwORlfU$cPLFA6P@perry.co.uk> Message-ID: In article , M J D Brown writes >> The interception provisions in RIPA are a replacement for IOCA-85, >>not for common law. Read all about it here: >> >> http://www.cyber-rights.org/interception/ioca99.htm > >Thanks for the reference. > >OK, so RIPA replaces Common Law at one step removed. Makes no >difference to the principle that legislative drafting cannot always >catch the common sense of interpreted Common Law. Do you doubt my >general conclusion that it would often be well-advised not to replace >Common Law by Statute? RIPA was needed because of rapid developments in the area of Human Rights (private life) and technology (phones and email replacing postal services). In this instance I think it was necessary to start with a clean slate, in particular as a way of clarifying those things the state is not allowed to do. -- Roland Perry From mjdb at dorevale.demon.co.uk Fri Jan 1 14:33:26 2010 From: mjdb at dorevale.demon.co.uk (M J D Brown) Date: Fri, 1 Jan 2010 14:33:26 -0000 Subject: FYI: The Guardian | Mobile phone security cracked, says German hacker. References: <752118611.20091229185432@originalthinktank.org.uk><4B3A6765.8020703@zen.co.uk> <87y6kkwr2o.fsf@mid.deneb.enyo.de><20091230142409.GK70754@davros.org> <871viasozj.fsf@mid.deneb.enyo.de><7CFED79205904D8A827ED95C4E4EE472@Powerstation><5hwORlfU$cPLFA6P@perry.co.uk> Message-ID: ----- Original Message ----- From: "Roland Perry" To: Sent: Friday, January 01, 2010 2:18 PM Subject: Re: FYI: The Guardian | Mobile phone security cracked,says German hacker. > In article , M J D > Brown writes > >>> The interception provisions in RIPA are a replacement for IOCA-85, >>> not for common law. Read all about it here: >>> >>> http://www.cyber-rights.org/interception/ioca99.htm >> >>Thanks for the reference. >> >>OK, so RIPA replaces Common Law at one step removed. Makes no >>difference to the principle that legislative drafting cannot always >>catch the common sense of interpreted Common Law. Do you doubt my >>general conclusion that it would often be well-advised not to replace >>Common Law by Statute? > > RIPA was needed because of rapid developments in the area of Human > Rights (private life) and technology (phones and email replacing > postal services). In this instance I think it was necessary to start > with a clean slate, in particular as a way of clarifying those things > the state is not allowed to do. > -- > Roland Perry > We will not disagree about that, though I still think it a pity that we seem to be dismantling the Common Law. Mike. From zenadsl6186 at zen.co.uk Fri Jan 1 23:29:24 2010 From: zenadsl6186 at zen.co.uk (Peter Fairbrother) Date: Fri, 01 Jan 2010 23:29:24 +0000 Subject: FYI: The Guardian | Mobile phone security cracked, says German hacker. In-Reply-To: References: <752118611.20091229185432@originalthinktank.org.uk> <4B3A6765.8020703@zen.co.uk> <87y6kkwr2o.fsf@mid.deneb.enyo.de> <20091230142409.GK70754@davros.org> <871viasozj.fsf@mid.deneb.enyo.de> <7CFED79205904D8A827ED95C4E4EE472@Powerstation> <5hwORlfU$cPLFA6P@perry.co.uk> Message-ID: <4B3E8554.60101@zen.co.uk> Roland Perry wrote: > In article , M J D Brown > writes > >>> The interception provisions in RIPA are a replacement for IOCA-85, >>> not for common law. Read all about it here: >>> >>> http://www.cyber-rights.org/interception/ioca99.htm >> >> Thanks for the reference. >> >> OK, so RIPA replaces Common Law at one step removed. Makes no >> difference to the principle that legislative drafting cannot always >> catch the common sense of interpreted Common Law. Do you doubt my >> general conclusion that it would often be well-advised not to replace >> Common Law by Statute? > > RIPA was needed because of rapid developments in the area of Human > Rights (private life) and technology (phones and email replacing postal > services). RIPA was actually needed because the EU required the UK to codify and modify the law on investigatory practices. In this instance I think it was necessary to start with a > clean slate, in particular as a way of clarifying those things the state > is not allowed to do. Agreed, but they didn't do that. As far as interception goes, they just tried (badly) to codify what they wanted to do - for instance there seems to be no enforcement mechanism for non-state interceptions. It's called the regulation of investigatory powers act because it codified investigatory powers, but it didn't properly address interception in general. Hmm, could you prosecute an interceptor for breaching the right to privacy? Would that be under the HRA or common law? -- Peter Fairbrother From clive at davros.org Fri Jan 1 23:36:14 2010 From: clive at davros.org (Clive D.W. Feather) Date: Fri, 1 Jan 2010 23:36:14 +0000 Subject: FYI: The Guardian | Mobile phone security cracked, says German hacker. In-Reply-To: References: <5hwORlfU$cPLFA6P@perry.co.uk> Message-ID: <20100101233614.GC96350@davros.org> M J D Brown said: > OK, so RIPA replaces Common Law at one step removed. Makes no > difference to the principle that legislative drafting cannot always > catch the common sense of interpreted Common Law. Do you doubt my > general conclusion that it would often be well-advised not to replace > Common Law by Statute? Actually, I do. I see no evidence that the Common Law protected our privacy at all, and nor did the ECtHR. -- Clive D.W. Feather | If you lie to the compiler, Email: clive at davros.org | it will get its revenge. Web: http://www.davros.org | - Henry Spencer Mobile: +44 7973 377646 From fm-lists at st-kilda.org Sat Jan 2 01:13:00 2010 From: fm-lists at st-kilda.org (Fearghas McKay) Date: Sat, 2 Jan 2010 01:13:00 +0000 Subject: FYI: The Guardian | Mobile phone security cracked, says German hacker. In-Reply-To: <20100101233614.GC96350@davros.org> References: <5hwORlfU$cPLFA6P@perry.co.uk> <20100101233614.GC96350@davros.org> Message-ID: <7476DE80-DF44-449F-A49C-3D814F719BF8@st-kilda.org> On 1 Jan 2010, at 23:36, Clive D.W. Feather wrote: > Actually, I do. I see no evidence that the Common Law protected our > privacy > at all, and nor did the ECtHR. and just to be tedious and boring - English Common Law only applies in England, plus assorted other regions/principalities et al, not automagically the rest of the UK. ( I would list the list of included regions/principalities but then I would need to be sure of all the corner cases :-) +1 for Clive's view regarding the situation in England, and appropriate locations covered by Common Law etc... f From pwt at iosis.co.uk Sat Jan 2 07:59:45 2010 From: pwt at iosis.co.uk (Peter Tomlinson) Date: Sat, 02 Jan 2010 07:59:45 +0000 Subject: FYI: The Guardian | Mobile phone security cracked, says German hacker. In-Reply-To: <20100101233614.GC96350@davros.org> References: <5hwORlfU$cPLFA6P@perry.co.uk> <20100101233614.GC96350@davros.org> Message-ID: <4B3EFCF1.7010408@iosis.co.uk> Clive D.W. Feather wrote: > M J D Brown said: > >> OK, so RIPA replaces Common Law at one step removed. Makes no >> difference to the principle that legislative drafting cannot always >> catch the common sense of interpreted Common Law. Do you doubt my >> general conclusion that it would often be well-advised not to replace >> > Common Law by Statute?Actually, I do. I see no evidence that the Common Law protected our privacy > at all, and nor did the ECtHR. A year or so ago I looked up which countries have entirely statute law, which have a hybrid system, and which are basically Common Law. The UK is a Common Law country on that search (which was primarily a search of USA material on the web), and so is the USA. But it seems from the discussion in this thread that we are quite rapidly becoming a hybrid country, pushed by the EU, fuelled by the fetish of the last 10 years for making more statute law, and moved along by legal drafters who flounder. And its not a very comfortable position to be in. But I do also remember reading some years ago that the old parliamentary drafting team had been pushed aside. Peter From mjdb at dorevale.demon.co.uk Sat Jan 2 09:37:21 2010 From: mjdb at dorevale.demon.co.uk (M J D Brown) Date: Sat, 2 Jan 2010 09:37:21 -0000 Subject: FYI: The Guardian | Mobile phone security cracked, says German hacker. References: <5hwORlfU$cPLFA6P@perry.co.uk> <20100101233614.GC96350@davros.org> Message-ID: ----- Original Message ----- From: "Clive D.W. Feather" To: "UK Cryptography Policy Discussion Group" Sent: Friday, January 01, 2010 11:36 PM Subject: Re: FYI: The Guardian | Mobile phone security cracked,says German hacker. >M J D Brown said: >> OK, so RIPA replaces Common Law at one step removed. Makes no >> difference to the principle that legislative drafting cannot always >> catch the common sense of interpreted Common Law. Do you doubt my >> general conclusion that it would often be well-advised not to replace >> Common Law by Statute? > > Actually, I do. I see no evidence that the Common Law protected our > privacy > at all, and nor did the ECtHR. Are you trying to say that RIPA covered properly all the nuances of activities comprising electronic surveillance and investigation? Really? Common Law deals with crimes that exist in the sight of the citizens comprising a jury, as advised by the learned judge. It has flexibility to deal with actual situations as they arise, and is not constrained by the limitations of statute drafting. We must also remember that the highest duty of the State (and indeed individual citizens) under Common Law is the Defence of the Realm. If interception was required to prevent or detect crime (ie a breach of the Queen's Peace) by the relevant authorities, then no crime would have been committed. The Common Law would not explicitly recognise any general concept of rights to privacy. Mike. -- From mjdb at dorevale.demon.co.uk Sat Jan 2 09:55:30 2010 From: mjdb at dorevale.demon.co.uk (M J D Brown) Date: Sat, 2 Jan 2010 09:55:30 -0000 Subject: FYI: The Guardian | Mobile phone security cracked, says Germanhacker. References: <5hwORlfU$cPLFA6P@perry.co.uk> <20100101233614.GC96350@davros.org> <4B3EFCF1.7010408@iosis.co.uk> Message-ID: <6B74986F40B5422CBE468555D5584666@Powerstation> As far as I know, Eire is also a Common Law country but in the EU Roman-Dutch or Napoleonic or thence-derived legal codes seem to be pretty near universal. The litmus test is whether the investigatory process is directed by an examining judge. Fearghas McKay makes a distinction of /English/ Common Law absent from my original posting. Unless he is trying to tell us that Scottish Law is historically a statute system, then the national distinction is irrelevant. The underlying principle of Common Law is universal, albeit its application in a particular jurisdiction reflects historical circumstances and cultural traditions. I think we are getting away from discussing the vulnerability of mobile phone security, though it has been interesting to expose the fundamental dichotomy between the notion of a privacy right and unlimited investigatory powers. Depending upon which side of that divide one stands, agreement will probably elude the respective protagonists. Mike. ----- Original Message ----- From: "Peter Tomlinson" To: "UK Cryptography Policy Discussion Group" Sent: Saturday, January 02, 2010 7:59 AM Subject: Re: FYI: The Guardian | Mobile phone security cracked, says Germanhacker. > Clive D.W. Feather wrote: >> M J D Brown said: >> >>> OK, so RIPA replaces Common Law at one step removed. Makes no >>> difference to the principle that legislative drafting cannot always >>> catch the common sense of interpreted Common Law. Do you doubt my >>> general conclusion that it would often be well-advised not to >>> replace >> Common Law by Statute?Actually, I do. I see no evidence that the >> Common Law protected our privacy >> at all, and nor did the ECtHR. > A year or so ago I looked up which countries have entirely statute > law, which have a hybrid system, and which are basically Common Law. > The UK is a Common Law country on that search (which was primarily a > search of USA material on the web), and so is the USA. But it seems > from the discussion in this thread that we are quite rapidly becoming > a hybrid country, pushed by the EU, fuelled by the fetish of the last > 10 years for making more statute law, and moved along by legal > drafters who flounder. And its not a very comfortable position to be > in. But I do also remember reading some years ago that the old > parliamentary drafting team had been pushed aside. > > Peter > > > From matthew at pemble.net Sat Jan 2 10:03:20 2010 From: matthew at pemble.net (Matthew Pemble) Date: Sat, 2 Jan 2010 10:03:20 +0000 Subject: FYI: The Guardian | Mobile phone security cracked, says German hacker. In-Reply-To: <4B3EFCF1.7010408@iosis.co.uk> References: <5hwORlfU$cPLFA6P@perry.co.uk> <20100101233614.GC96350@davros.org> <4B3EFCF1.7010408@iosis.co.uk> Message-ID: 2010/1/2 Peter Tomlinson : > A year or so ago I looked up which countries have entirely statute law, > which have a hybrid system, and which are basically Common Law. The UK is a > Common Law country on that search (which was primarily a search of USA > material on the web), and so is the USA. England and Wales, yes, Nor'n Ireland, yes. Scotland? Really? > But it seems from the discussion in > this thread that we are quite rapidly becoming a hybrid country, pushed by > the EU, fuelled by the fetish of the last 10 years for making more statute > law, and moved along by legal drafters who flounder. And its not a very > comfortable position to be in. But I do also remember reading some years ago > that the old parliamentary drafting team had been pushed aside. Agreed. 2010/1/2 M J D Brown : > Fearghas McKay makes a distinction of /English/ Common Law absent from > my original posting. Unless he is trying to tell us that Scottish Law > is historically a statute system, then the national distinction is > irrelevant. The underlying principle of Common Law is universal, albeit > its application in a particular jurisdiction reflects historical > circumstances and cultural traditions. Yes, Scotland was a code rather than common law country, historically (i.e. with the development of the Statute Laws from C13 onwards), with strong appeals to Roman Law where there was no specific Scottish statute. Matthew -- Matthew Pemble Technical Director, Idrach Ltd Mobile: +44 (0) 7595 652175 Office: + 44 (0) 1324 820690 From lists at internetpolicyagency.com Sat Jan 2 10:28:27 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Sat, 2 Jan 2010 10:28:27 +0000 Subject: FYI: The Guardian | Mobile phone security cracked, says German hacker. In-Reply-To: <4B3E8554.60101@zen.co.uk> References: <752118611.20091229185432@originalthinktank.org.uk> <4B3A6765.8020703@zen.co.uk> <87y6kkwr2o.fsf@mid.deneb.enyo.de> <20091230142409.GK70754@davros.org> <871viasozj.fsf@mid.deneb.enyo.de> <7CFED79205904D8A827ED95C4E4EE472@Powerstation> <5hwORlfU$cPLFA6P@perry.co.uk> <4B3E8554.60101@zen.co.uk> Message-ID: <07ntnQDL$xPLFAqX@perry.co.uk> In article <4B3E8554.60101 at zen.co.uk>, Peter Fairbrother writes >> RIPA was needed because of rapid developments in the area of Human >>Rights (private life) and technology (phones and email replacing >>postal services). > >RIPA was actually needed because the EU required the UK to codify and >modify the law on investigatory practices. Which EU requirement applied to the section of RIPA related to interception, and which to the other relevant sections (on Comms Data and Surveillance)? >In this instance I think it was necessary to start with a >> clean slate, in particular as a way of clarifying those things the >>state is not allowed to do. > >Agreed, but they didn't do that. As far as interception goes, they just >tried (badly) to codify what they wanted to do - for instance there >seems to be no enforcement mechanism for non-state interceptions. I don't understand what you are getting at. It's illegal for members of the public to intercept communications on public networks, and here have been cases enforcing that. >It's called the regulation of investigatory powers act because it >codified investigatory powers, but it didn't properly address >interception in general. This is very unclear - what's "interception in general"? >Hmm, could you prosecute an interceptor for breaching the right to >privacy? Would that be under the HRA or common law? Are you in fact expressing disappointment that there isn't a general right to privacy with criminal sanctions? -- Roland Perry From lists at internetpolicyagency.com Sat Jan 2 10:32:04 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Sat, 2 Jan 2010 10:32:04 +0000 Subject: FYI: The Guardian | Mobile phone security cracked, says German hacker. In-Reply-To: References: <5hwORlfU$cPLFA6P@perry.co.uk> <20100101233614.GC96350@davros.org> Message-ID: <6JMObeEkCyPLFA5g@perry.co.uk> In article , M J D Brown writes >Are you trying to say that RIPA covered properly all the nuances of >activities comprising electronic surveillance and investigation? I don't think that even its most fervent admirers would claim that any law, as drafted, covers "all the nuances". Isn't that what we have caselaw for? -- Roland Perry From fjmd1a at gmail.com Sat Jan 2 10:38:35 2010 From: fjmd1a at gmail.com (Francis Davey) Date: Sat, 2 Jan 2010 10:38:35 +0000 Subject: FYI: The Guardian | Mobile phone security cracked, says German hacker. In-Reply-To: References: <5hwORlfU$cPLFA6P@perry.co.uk> <20100101233614.GC96350@davros.org> Message-ID: <874d91c1001020238p242325cdn4662505ea919ebf9@mail.gmail.com> 2010/1/2 M J D Brown : > Common Law deals with crimes that exist in the sight of the citizens > comprising a jury, as advised by the learned judge. ?It has flexibility > to deal with actual situations as they arise, and is not constrained by > the limitations of statute drafting. I'd strongly recommend reading a introduction to English legal history (Professor Baker's is a popular starting point) before getting dewy eyed about common law. Common law did some things well, but many things badly, sometimes very badly. It was (and is) difficult for the judiciary to develop the law coherently - case law builds incrementally. Those with any experience of large software projects (and the law is best thought of as a vast example of such a thing) will know that sometimes you have to re-write large chunks of code as the only reasonable way of fixing systemic problems. For instance: I'm quite glad that real property can be bought and sold. Neither is possible at common law - they are only permitted as a result of the statute Quia Emptores. Indeed we have an extremely well developed statute law concerning the ownership of land. Without it things would be much, much worse. Or, I personally like that one has a right of appeal against a conviction (strictly: for a conviction on indictment one must seek permission to do so - but the process is there). There are no common law rights of appeal - they rely on statute entirely. Indeed the whole structure of our court system would be very much more confused and impossibly hard to deal with without extensive statutory intervention. Read "Bleak House" to get a feel (all be it through Dickens's exaggeration) of the appalling mess we were in in the 19th century. And it goes on.... Common Law contained many strange, inconsistent or to our mind unjust rules. Without statute we would live in a regime that would be hard for most people who aren't specialist legal historians to imagine, and one that no-one would like except, perhaps, those of us who specialise in helping people solve their legal problems. I hardly think "more work for lawyers" is a good reason to recommend a general policy. Sure, there are bad statutes - I write about them frequently - but there's no general reason why they are bad. Sometimes we are all helped by codification. The Theft Act 1968 is a much better bit of law than the preceding law of larceny etc. It has its faults, but it is much more coherent and *anyone* can read the act and understand the law, which they would have found much more difficult pre-codification. The common law applied to wire-tapping was that there was no law against it: anyone could intercept anyone else's communications lawfully. The majority of people do not wish that to be the law, so some kind of statutory intervention was necessary. -- Francis Davey From pwt at iosis.co.uk Sat Jan 2 11:54:00 2010 From: pwt at iosis.co.uk (Peter Tomlinson) Date: Sat, 02 Jan 2010 11:54:00 +0000 Subject: FYI: The Guardian | Mobile phone security cracked, says German hacker. In-Reply-To: <874d91c1001020238p242325cdn4662505ea919ebf9@mail.gmail.com> References: <5hwORlfU$cPLFA6P@perry.co.uk> <20100101233614.GC96350@davros.org> <874d91c1001020238p242325cdn4662505ea919ebf9@mail.gmail.com> Message-ID: <4B3F33D8.60706@iosis.co.uk> Francis Davey wrote: > > > The common law applied to wire-tapping was that there was no law > against it: anyone could intercept anyone else's communications > lawfully. The majority of people do not wish that to be the law, so > some kind of statutory intervention was necessary. Thanks, Francis - very helpful (and thanks to those who reminded me about Scotland - there is a Scottish branch of my family, but the only person left on it has lived in Italy for many years, so I don't get direct reminders from that direction). A little local anecdote: in the local pub a few days ago, a young lady behind the bar was telling us that she had come back from Xmas away to face having been rostered to work the 31st until 2 am on New Year's Day, then be back on duty at 10 am. She was, however, sure that this is legal under the law - I happen to know that (a) she was away over Xmas with her mother, and (b) her mother is a lawyer. Now anyone within earshot can listen in to any conversation that I have, face to face, with another. But putting a microphone in my house I do not like, and I think that for a long time the courts have not liked that either - unless the perpretator can show just cause. So I think that Common Law has understood privacy. Why could not the judges develop Common Law to encompass the internet, key stroke sniffers, etc? There is of course the lag between development of virtual world technologies and the understanding of them by enough members of a jury (and a massive lack of understanding of the same by large numbers of public servants). It would be very good if those developing esoteric technology could be required to explain to a judge and jury exactly what is going on and what safeguards are included. Peter From mjdb at dorevale.demon.co.uk Sat Jan 2 12:16:29 2010 From: mjdb at dorevale.demon.co.uk (M J D Brown) Date: Sat, 2 Jan 2010 12:16:29 -0000 Subject: FYI: The Guardian | Mobile phone security cracked, says German hacker. References: <5hwORlfU$cPLFA6P@perry.co.uk><20100101233614.GC96350@davros.org> <6JMObeEkCyPLFA5g@perry.co.uk> Message-ID: <795EBA1C1F9A47679F0A5438EF4E6CCE@Powerstation> ----- Original Message ----- From: "Roland Perry" To: Sent: Saturday, January 02, 2010 10:32 AM Subject: Re: FYI: The Guardian | Mobile phone security cracked,says German hacker. > In article , M J D > Brown writes >>Are you trying to say that RIPA covered properly all the nuances of >>activities comprising electronic surveillance and investigation? > > I don't think that even its most fervent admirers would claim that any > law, as drafted, covers "all the nuances". Isn't that what we have > caselaw for? Exactly so! Caselaw stems from the Common Law tradition as a means of encapsulating custom and practice down the ages. Caselaw /should/ not be necessary under a codified statute law system. Thus we are stumbling into a hybrid legal system, the worst of all possible worlds, to accommodate the different traditions of continental EU countries. Mike. > -- > Roland Perry > From lists at internetpolicyagency.com Sat Jan 2 12:18:30 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Sat, 2 Jan 2010 12:18:30 +0000 Subject: FYI: The Guardian | Mobile phone security cracked, says German hacker. In-Reply-To: <4B3F33D8.60706@iosis.co.uk> References: <5hwORlfU$cPLFA6P@perry.co.uk> <20100101233614.GC96350@davros.org> <874d91c1001020238p242325cdn4662505ea919ebf9@mail.gmail.com> <4B3F33D8.60706@iosis.co.uk> Message-ID: In article <4B3F33D8.60706 at iosis.co.uk>, Peter Tomlinson writes >It would be very good if those developing esoteric technology could be >required to explain to a judge and jury exactly what is going on and >what safeguards are included. Is that prior to being granted a "licence" of some sort to deploy that technology, or only if a case comes to court where that technology is involved? -- Roland Perry From fjmd1a at gmail.com Sat Jan 2 12:22:55 2010 From: fjmd1a at gmail.com (Francis Davey) Date: Sat, 2 Jan 2010 12:22:55 +0000 Subject: FYI: The Guardian | Mobile phone security cracked, says German hacker. In-Reply-To: <4B3F33D8.60706@iosis.co.uk> References: <5hwORlfU$cPLFA6P@perry.co.uk> <20100101233614.GC96350@davros.org> <874d91c1001020238p242325cdn4662505ea919ebf9@mail.gmail.com> <4B3F33D8.60706@iosis.co.uk> Message-ID: <874d91c1001020422i3ac63125i9a6c62bb8b77134@mail.gmail.com> 2010/1/2 Peter Tomlinson : [snip] > > Now anyone within earshot can listen in to any conversation that I have, > face to face, with another. But putting a microphone in my house I do not > like, and I think that for a long time the courts have not liked that either > - unless the perpretator can show just cause. So I think that Common Law has Putting a microphone in someone's house would be a trespass to land. Unsurprisingly something that has been unlawful for a very long time. Being in a public place and passively hearing something that someone else is saying is as a general rule, lawful. But the discussion here is of a middle position: neither infringing someone's property rights, nor being the innocent and accidental recipient of information. Intercepting communication is something else. It is that area which required legislative intervention. > understood privacy. Why could not the judges develop Common Law to encompass > the internet, key stroke sniffers, etc? There is of course the lag between > development of virtual world technologies and the understanding of them by > enough members of a jury (and a massive lack of understanding of the same by > large numbers of public servants). It would be very good if those developing > esoteric technology could be required to explain to a judge and jury exactly > what is going on and what safeguards are included. You overestimate the ability and willingness of judges to develop entirely new areas of law and I don't mean new technology. The problem is rarely that there is new technology, but that people want to invent new legal principles because of cultural understandings of that technology. Take the law of negligence for an example. This is (almost) entirely judge-made. It is essentially technology neutral. There is no difficulty adapting it to new technology any more than there is any other situation. The problem with interception of communications is that there was no pre-existing legal principle that prohibited it. Judges could not proceed by analogy and say, well, the Post Office tapping wires is like a messenger opening an envelope and looking inside, because neither was unlawful. We did not have a common law of privacy. There was a law of confidentiality (strictly speaking a product of equity not common law, but that's a pedantic niggle), but that would only come into play if confidential information was intercepted and then *used* in a way to injure or profit from the person communicating it. Similarly there might be a breach of contract by the messenger/Post Office if they were foolish enough to agree not to look at your messages. What happened was that in Malone v Commissioner of the Metropolitan Police [1979] Ch 344, a defendant to criminal proceedings challenged the interception of his telephone communications by the Home Office (which were used to obtain a conviction against him). The High Court found that this was entirely lawful (and would have been lawful for you and I with the cooperation of the Post Office). The case was well argued on both sides and the decision (in my view) exactly correct. You might say - why didn't the judge invent a legal principle that says you cannot intercept information? The problem with that is that it might make a lot of things unlawful that were lawful before - the judge can't possibly work out what is and is not a sensible line to draw, and there are good constitutional reasons for not wanting judges to decide to make things unlawful. That is something we, rightly, want some democratic control over. It took Parliament's intervention to change the legal position. -- Francis Davey From pwt at iosis.co.uk Sat Jan 2 12:43:28 2010 From: pwt at iosis.co.uk (Peter Tomlinson) Date: Sat, 02 Jan 2010 12:43:28 +0000 Subject: FYI: The Guardian | Mobile phone security cracked, says German hacker. In-Reply-To: <874d91c1001020422i3ac63125i9a6c62bb8b77134@mail.gmail.com> References: <5hwORlfU$cPLFA6P@perry.co.uk> <20100101233614.GC96350@davros.org> <874d91c1001020238p242325cdn4662505ea919ebf9@mail.gmail.com> <4B3F33D8.60706@iosis.co.uk> <874d91c1001020422i3ac63125i9a6c62bb8b77134@mail.gmail.com> Message-ID: <4B3F3F70.7060106@iosis.co.uk> Francis Davey wrote: > The problem with interception of communications is that there was no > pre-existing legal principle that prohibited it. Judges could not > proceed by analogy and say, well, the Post Office tapping wires is > like a messenger opening an envelope and looking inside, because > neither was unlawful. We did not have a common law of privacy. Was that because we were subjects of the Crown? (We believe that we are citizens now, of course, but I wonder if the law naming us as such really changed anything.) From lists at internetpolicyagency.com Sat Jan 2 12:54:09 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Sat, 2 Jan 2010 12:54:09 +0000 Subject: FYI: The Guardian | Mobile phone security cracked, says German hacker. In-Reply-To: <795EBA1C1F9A47679F0A5438EF4E6CCE@Powerstation> References: <5hwORlfU$cPLFA6P@perry.co.uk> <20100101233614.GC96350@davros.org> <6JMObeEkCyPLFA5g@perry.co.uk> <795EBA1C1F9A47679F0A5438EF4E6CCE@Powerstation> Message-ID: In article <795EBA1C1F9A47679F0A5438EF4E6CCE at Powerstation>, M J D Brown writes >> I don't think that even its most fervent admirers would claim that any >> law, as drafted, covers "all the nuances". Isn't that what we have >> caselaw for? > >Exactly so! Caselaw stems from the Common Law tradition as a means of >encapsulating custom and practice down the ages. Caselaw /should/ not >be necessary under a codified statute law system. Hopelessly optimistic, I'm afraid. As someone nearly said, you can't predict the exact circumstances a law will be required in, especially those circumstances which occur in the future. >Thus we are stumbling into a hybrid legal system, the worst of all >possible worlds, to accommodate the different traditions of continental >EU countries. You are welcome to your opinion, but don't expect it to be shared by everyone. -- Roland Perry From fm-lists at st-kilda.org Sat Jan 2 18:34:10 2010 From: fm-lists at st-kilda.org (Fearghas McKay) Date: Sat, 2 Jan 2010 18:34:10 +0000 Subject: FYI: The Guardian | Mobile phone security cracked, says German hacker. In-Reply-To: <4B3F33D8.60706@iosis.co.uk> References: <5hwORlfU$cPLFA6P@perry.co.uk> <20100101233614.GC96350@davros.org> <874d91c1001020238p242325cdn4662505ea919ebf9@mail.gmail.com> <4B3F33D8.60706@iosis.co.uk> Message-ID: <2A037D06-96B6-483F-B1BF-57097BF49B2A@st-kilda.org> On 2 Jan 2010, at 11:54, Peter Tomlinson wrote: > So I think that Common Law has understood privacy. Why could not the > judges develop Common Law to encompass the internet, key stroke > sniffers, etc? There is of course the lag between development of > virtual world technologies and the understanding of them by enough > members of a jury (and a massive lack of understanding of the same > by large numbers of public servants). Do you really want Lord Justice Eady setting laws ? Based on his application of the English Defamation laws I am not sure I would. f From fjmd1a at gmail.com Sat Jan 2 18:45:55 2010 From: fjmd1a at gmail.com (Francis Davey) Date: Sat, 2 Jan 2010 18:45:55 +0000 Subject: FYI: The Guardian | Mobile phone security cracked, says German hacker. In-Reply-To: <2A037D06-96B6-483F-B1BF-57097BF49B2A@st-kilda.org> References: <5hwORlfU$cPLFA6P@perry.co.uk> <20100101233614.GC96350@davros.org> <874d91c1001020238p242325cdn4662505ea919ebf9@mail.gmail.com> <4B3F33D8.60706@iosis.co.uk> <2A037D06-96B6-483F-B1BF-57097BF49B2A@st-kilda.org> Message-ID: <874d91c1001021045r7e8151c6u8a8e28509bb2cc01@mail.gmail.com> 2010/1/2 Fearghas McKay : > > On 2 Jan 2010, at 11:54, Peter Tomlinson wrote: > >> So I think that Common Law has understood privacy. Why could not the >> judges develop Common Law to encompass the internet, key stroke sniffers, >> etc? There is of course the lag between development of virtual world >> technologies and the understanding of them by enough members of a jury (and >> a massive lack of understanding of the same by large numbers of public >> servants). > > Do you really want Lord Justice Eady setting laws ? Based on his application > of the English Defamation laws I am not sure I would. > Mr Justice Eady, rather than Lord Justice (which would mean he was a rung up the hierarchy and usually sat in the Court of Appeal). I was slightly worried that I'd missed his promotion for a moment. And the general point is a good one: whether you like or do not like the way that Eady J has been developing the law, there's a general worry: any development requires decisions of policy (eg "should this be lawful") and its probably not a good idea to leave that in the hands of the judiciary. Its not what they are trained for. Juries have a minimal effect on the development of the common law, if any. -- Francis Davey From juha-matti.laurio at netti.fi Sat Jan 2 20:10:51 2010 From: juha-matti.laurio at netti.fi (Juha-Matti Laurio) Date: Sat, 2 Jan 2010 22:10:51 +0200 (EET) Subject: FYI: The Guardian | Mobile phone security cracked, says German hacker. Message-ID: <7280678.2592881262463051855.JavaMail.juha-matti.laurio@netti.fi> GSMA's statement "on media reports relating to the breaking of GSM encryption" has been posted to http://www.gsm.org/newsroom/press-releases/2009/4490.htm The contect is something we expected. Juha-Matti From pwt at iosis.co.uk Sat Jan 2 20:23:09 2010 From: pwt at iosis.co.uk (Peter Tomlinson) Date: Sat, 02 Jan 2010 20:23:09 +0000 Subject: FYI: The Guardian | Mobile phone security cracked, says German hacker. In-Reply-To: <7280678.2592881262463051855.JavaMail.juha-matti.laurio@netti.fi> References: <7280678.2592881262463051855.JavaMail.juha-matti.laurio@netti.fi> Message-ID: <4B3FAB2D.70409@iosis.co.uk> From looking at my keyboard (English, not Finnish), I think that the intent might have been to type "context". But correct me if "content" was meant. Juha-Matti Laurio wrote: > GSMA's statement "on media reports relating to the breaking of GSM > encryption" has been posted to > http://www.gsm.org/newsroom/press-releases/2009/4490.htm > > The contect is something we expected. > > Juha-Matti > > From fm-lists at st-kilda.org Sat Jan 2 20:26:42 2010 From: fm-lists at st-kilda.org (Fearghas McKay) Date: Sat, 2 Jan 2010 20:26:42 +0000 Subject: FYI: The Guardian | Mobile phone security cracked, says German hacker. In-Reply-To: <874d91c1001021045r7e8151c6u8a8e28509bb2cc01@mail.gmail.com> References: <5hwORlfU$cPLFA6P@perry.co.uk> <20100101233614.GC96350@davros.org> <874d91c1001020238p242325cdn4662505ea919ebf9@mail.gmail.com> <4B3F33D8.60706@iosis.co.uk> <2A037D06-96B6-483F-B1BF-57097BF49B2A@st-kilda.org> <874d91c1001021045r7e8151c6u8a8e28509bb2cc01@mail.gmail.com> Message-ID: <9ACB718F-EB18-4410-B88D-6594F91733BE@st-kilda.org> On 2 Jan 2010, at 18:45, Francis Davey wrote: > Mr Justice Eady, rather than Lord Justice (which would mean he was a > rung up the hierarchy and usually sat in the Court of Appeal). I was > slightly worried that I'd missed his promotion for a moment. If a judge was setting policy I think he would probably be a Lord Justice. And I forgot to add an allegedly at the end of my comment regarding a non-existent possible judge/person's interpretation of the law... Cheers f From lists at internetpolicyagency.com Sat Jan 2 21:39:32 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Sat, 2 Jan 2010 21:39:32 +0000 Subject: FYI: The Guardian | Mobile phone security cracked, says German hacker. In-Reply-To: <7280678.2592881262463051855.JavaMail.juha-matti.laurio@netti.fi> References: <7280678.2592881262463051855.JavaMail.juha-matti.laurio@netti.fi> Message-ID: In article <7280678.2592881262463051855.JavaMail.juha-matti.laurio at netti.fi>, Juha-Matti Laurio writes >GSMA's statement "on media reports relating to the breaking of GSM encryption" has been posted to >http://www.gsm.org/newsroom/press-releases/2009/4490.htm > >The contect is something we expected. I stopped reading it when I got to the "20km high stack of books". If they introduce a distraction as blatant as that, there must be something behind what they are attempting to refute! -- Roland Perry From juha-matti.laurio at netti.fi Sat Jan 2 22:54:31 2010 From: juha-matti.laurio at netti.fi (Juha-Matti Laurio) Date: Sun, 3 Jan 2010 00:54:31 +0200 (EET) Subject: FYI: The Guardian | Mobile phone security cracked, says German hacker. Message-ID: <27635895.2595651262472872186.JavaMail.juha-matti.laurio@netti.fi> Thanks for noticing this. Yes, "content" was meant. Juha-Matti Peter Tomlinson [pwt at iosis.co.uk] kirjoitti: > From looking at my keyboard (English, not Finnish), I think that the > intent might have been to type "context". But correct me if "content" > was meant. > > Juha-Matti Laurio wrote: > > GSMA's statement "on media reports relating to the breaking of GSM > > encryption" has been posted to > > http://www.gsm.org/newsroom/press-releases/2009/4490.htm > > > > The contect is something we expected. > > > > Juha-Matti > > From igb at batten.eu.org Sun Jan 3 08:45:35 2010 From: igb at batten.eu.org (Ian Batten) Date: Sun, 3 Jan 2010 08:45:35 +0000 Subject: FYI: The Guardian | Mobile phone security cracked, says German hacker. In-Reply-To: References: <7280678.2592881262463051855.JavaMail.juha-matti.laurio@netti.fi> Message-ID: <6A91452F-E76A-4457-8364-F6BA7EE44AB8@batten.eu.org> On 2 Jan 2010, at 21:39, Roland Perry wrote: > In article <7280678.2592881262463051855.JavaMail.juha-matti.laurio at netti.fi > >, Juha-Matti Laurio writes >> GSMA's statement "on media reports relating to the breaking of GSM >> encryption" has been posted to >> http://www.gsm.org/newsroom/press-releases/2009/4490.htm >> >> The contect is something we expected. > > I stopped reading it when I got to the "20km high stack of books". > > If they introduce a distraction as blatant as that, there must be > something behind what they are attempting to refute! Indeed. Not that many years ago I signed off 2TB of file server capacity which cost something approaching ?150K. Now I could nip up to PC World and buy it for ?150. Performance of a pair of 1TB SATA drives (max, say, 150 ops/sec in RAID 0) might not match that of however-many-it-was 36GB drives (max, say, 5000 ops/sec aggregate in RAID 5) but I probably don't care for this application. ian From lists at internetpolicyagency.com Mon Jan 4 18:05:07 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Mon, 4 Jan 2010 18:05:07 +0000 Subject: Possible 2010 bug in Smartcard Message-ID: I say "possible"; it's the best explanation I have at the moment. Probably not applicable to all the cards in question, or presumably they'd have noticed by now. Nottingham 'corporation' buses have a number of Smartcard ticketing options, and I have the one which is a prepay carnet of day tickets. You load it with credit in days (the more you buy the cheaper they get) and then use them on random days by "touching in" on a bus - which deducts your credit by one day and allows unlimited travel for the rest of the day. Mine is a very early one - perhaps five years old but obtained as soon as that variant was offered for sale. It's worked perfectly up to now. But today, the first time I've tried to use it this year, it was rejected with a message that said the card was "Expired" (leaving about ?40 of credit orphaned). I attempted to visit their enquiry centre, but there was such an unusually long queue (60-70 people with the same problem, maybe?) that I didn't stop. I've emailed them, it'll be interesting to see what they say. -- Roland Perry From pwt at iosis.co.uk Mon Jan 4 18:32:34 2010 From: pwt at iosis.co.uk (Peter Tomlinson) Date: Mon, 04 Jan 2010 18:32:34 +0000 Subject: Possible 2010 bug in Smartcard In-Reply-To: References: Message-ID: <4B423442.6080209@iosis.co.uk> Roland Perry wrote: > I say "possible"; it's the best explanation I have at the moment. > Probably not applicable to all the cards in question, or presumably > they'd have noticed by now. > > Nottingham 'corporation' buses have a number of Smartcard ticketing > options, and I have the one which is a prepay carnet of day tickets. > > You load it with credit in days (the more you buy the cheaper they > get) and then use them on random days by "touching in" on a bus - > which deducts your credit by one day and allows unlimited travel for > the rest of the day. Mine is a very early one - perhaps five years old > but obtained as soon as that variant was offered for sale. It's worked > perfectly up to now. > > But today, the first time I've tried to use it this year, it was > rejected with a message that said the card was "Expired" (leaving > about ?40 of credit orphaned). I attempted to visit their enquiry > centre, but there was such an unusually long queue (60-70 people with > the same problem, maybe?) that I didn't stop. > > I've emailed them, it'll be interesting to see what they say. Nottingham was expected to have converted to the ITSO specification by now, although for some reason the migration has been delayed. But in the mid December announcement by DfT [1] Nottingham with Nottinghamshire are listed as beneficiaries of ?2.2M of funding for the new back office system (9 schemes, ?20M overall). The 15th December Press Release [2] is interesting: "Within the next five years passengers on public transport in England's major urban areas will be able to travel without a paper ticket, Transport Secretary Andrew Adonis announced today." Roland, you might not get an answer tomorrow (but those who don't pay but should pay are already travelling without a paper ticket, or indeed any ticket). Peter [1] http://www.dft.gov.uk/pgr/regional/smart-integrated-ticketing/ [2] http://nds.coi.gov.uk/clientmicrosite/Content/Detail.aspx?ClientId=202&NewsAreaId=2&ReleaseID=409585&SubjectId=36 From tony.naggs at googlemail.com Mon Jan 4 19:53:39 2010 From: tony.naggs at googlemail.com (Tony Naggs) Date: Mon, 4 Jan 2010 19:53:39 +0000 Subject: Possible 2010 bug in Smartcard In-Reply-To: References: Message-ID: Hi Roland Lots of Smartcard transport schemes have a clause whereby the outstanding balance on the card is forfeited after a period of non-use. As far as I can see online NCT does not have such a condition attached. Possibly you are being affected by Nottingham City Transport's move from having its own cards to having an electronic purse application on Nottingham City Council's "Citycard"? A NCT press release from 25th September 2009 says: "By the end of the year 140,000 new style Easyrider Citycards will have been replaced and will be in use". Ref: http://www.nctx.co.uk/about/news/2009/EasyriderCC.asp Cheers, Tony 2010/1/4 Roland Perry : > I say "possible"; it's the best explanation I have at the moment. Probably > not applicable to all the cards in question, or presumably they'd have > noticed by now. > ... > From lists at internetpolicyagency.com Mon Jan 4 19:56:50 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Mon, 4 Jan 2010 19:56:50 +0000 Subject: Possible 2010 bug in Smartcard In-Reply-To: <4B423442.6080209@iosis.co.uk> References: <4B423442.6080209@iosis.co.uk> Message-ID: In article <4B423442.6080209 at iosis.co.uk>, Peter Tomlinson writes >Roland, you might not get an answer tomorrow (but those who don't pay >but should pay are already travelling without a paper ticket, or indeed >any ticket). I'm having problems parsing this. And... I've had a reply to my email (very promptly, so that's useful): "Please accept our apologies for any inconvenience caused due to the expiry of your card." "You will need to come to the Travel Centre to replace your existing card with a new style card, any days you have remaining will be placed on to the new card." Which doesn't answer why this card has expired without notice (especially since I last topped it up as recently as December, which can only be done at their office, and you might expect them to have noticed that a predicted life-expiry was about to kick in). There's nothing on their website either. So it's still a possibility that the expiry of "old style" cards (whatever that means) was an unexpected Y2010 feature. -- Roland Perry From lists at internetpolicyagency.com Mon Jan 4 20:53:55 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Mon, 4 Jan 2010 20:53:55 +0000 Subject: Possible 2010 bug in Smartcard In-Reply-To: References: Message-ID: In article , Tony Naggs writes >Hi Roland > >Lots of Smartcard transport schemes have a clause whereby the >outstanding balance on the card is forfeited after a period of >non-use. As far as I can see online NCT does not have such a condition >attached. I've had successful periods of non-use amounting to months, but in this case I both used and topped it up in December. >Possibly you are being affected by Nottingham City Transport's move >from having its own cards to having an electronic purse application on >Nottingham City Council's "Citycard"? My original impression was that you could add the bus card to a City-resident card, but it seems maybe you can do the reverse (which is slightly odd as I'm a non-resident). However, the bus company happily topped my card up in December (in person) and said nothing about it being about to expire. I don't see anything about expiry on their website. That's why I'm wondering if this Y2010 expiry thing is actually a bug they are covering up by pretending retrospectively that it was always planned on happening. And wouldn't they have briefed the bus drivers to say something to passengers other than a generic "your card has expired", like, for example "sorry, but didn't you upgrade your card to the new style like we were recommending for several months last year"? >A NCT press release from 25th September 2009 says: "By the end of the >year 140,000 new style Easyrider Citycards will have been replaced and >will be in use". Why are they replacing the new-style ones so soon? I think they mean something subtly different! >Ref: http://www.nctx.co.uk/about/news/2009/EasyriderCC.asp I'm also fascinated by the concept that I can download one of the new style cards from the website :) >2010/1/4 Roland Perry : >> I say "possible"; it's the best explanation I have at the moment. Probably >> not applicable to all the cards in question, or presumably they'd have >> noticed by now. -- Roland Perry From lists at internetpolicyagency.com Tue Jan 5 12:04:04 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Tue, 5 Jan 2010 12:04:04 +0000 Subject: Possible 2010 bug in Smartcard In-Reply-To: References: Message-ID: In article , Roland Perry writes >And wouldn't they have briefed the bus drivers to say something to >passengers other than a generic "your card has expired", like, for >example "sorry, but didn't you upgrade your card to the new style like >we were recommending for several months last year"? They've replied again (I'm still very impressed with their speed at doing this) saying: "We were not aware that the cards were about to expire and this only came to light on Saturday 2nd December." Which must mean 2nd Jan, as 2nd December was a Wednesday. They didn't run a service on 1st Jan. And also: "We have made drivers aware of this problem and they should not make you pay for your travel but if they do please retain your ticket(s)." Although the drivers I encountered yesterday afternoon weren't aware. There's a secondary issue that they only accept exact-change fares, and if you have a card with you, that's mainly (in my case) to avoid having to carry the exact change. Which just leaves us with the question: is this a Y2010 bug, or was it a co-incidence that whatever bug it was[1], hit on 1/1/2010? [1] eg a "6 years after 1/1/2004" bug. -- Roland Perry From david.goodenough at btconnect.com Tue Jan 5 12:54:01 2010 From: david.goodenough at btconnect.com (David Goodenough) Date: Tue, 5 Jan 2010 12:54:01 +0000 Subject: Possible 2010 bug in Smartcard In-Reply-To: References: Message-ID: <201001051254.01639.david.goodenough@btconnect.com> On Tuesday 05 January 2010, Roland Perry wrote: > In article , Roland Perry > writes > > >And wouldn't they have briefed the bus drivers to say something to > >passengers other than a generic "your card has expired", like, for > >example "sorry, but didn't you upgrade your card to the new style like > >we were recommending for several months last year"? > > They've replied again (I'm still very impressed with their speed at > doing this) saying: > > "We were not aware that the cards were about to expire and this > only came to light on Saturday 2nd December." > > Which must mean 2nd Jan, as 2nd December was a Wednesday. They didn't > run a service on 1st Jan. > > And also: > "We have made drivers aware of this problem and they should not > make you pay for your travel but if they do please retain your > ticket(s)." > > Although the drivers I encountered yesterday afternoon weren't aware. > There's a secondary issue that they only accept exact-change fares, and > if you have a card with you, that's mainly (in my case) to avoid having > to carry the exact change. > > Which just leaves us with the question: is this a Y2010 bug, or was it a > co-incidence that whatever bug it was[1], hit on 1/1/2010? > > [1] eg a "6 years after 1/1/2004" bug. > While obviously you can not get Windows Mobile on a SmartCard, it might be a problem with the readers if they are running Windows Mobile, or they might have this problem as well (hence the exact-change fares only). There have been reports today of some versions of Windows Mobile sending out texts dated 2016 since Jan 1. There are then problems with ATMs/POS terminals in Australia which think it is 2016 and are thus rejecting most cards as expired. The reports do not indicate what they are running. David From igb at batten.eu.org Tue Jan 5 12:57:19 2010 From: igb at batten.eu.org (Ian Batten) Date: Tue, 5 Jan 2010 12:57:19 +0000 Subject: Possible 2010 bug in Smartcard In-Reply-To: References: Message-ID: > > Which just leaves us with the question: is this a Y2010 bug, or was > it a > co-incidence that whatever bug it was[1], hit on 1/1/2010? It may not be a bug at all, of course. cf. SecureID tags. ian From bdm at fenrir.org.uk Tue Jan 5 13:01:46 2010 From: bdm at fenrir.org.uk (Brian Morrison) Date: Tue, 5 Jan 2010 13:01:46 +0000 Subject: Possible 2010 bug in Smartcard In-Reply-To: <201001051254.01639.david.goodenough@btconnect.com> References: <201001051254.01639.david.goodenough@btconnect.com> Message-ID: <20100105130146.00006f77@surtees.fenrir.org.uk> On Tue, 5 Jan 2010 12:54:01 +0000 David Goodenough wrote: > While obviously you can not get Windows Mobile on a SmartCard, it > might be a problem with the readers if they are running Windows > Mobile, or they might have this problem as well (hence the > exact-change fares only). There have been reports today of some > versions of Windows Mobile sending out texts dated 2016 since Jan 1. > > There are then problems with ATMs/POS terminals in Australia which > think it is 2016 and are thus rejecting most cards as expired. The > reports do not indicate what they are running. That suggests that they are interpreting the "10" part of 2010 as a hex value doesn't it? So possibly simply down to poor coding practices. -- Brian Morrison From igor at hybrid-lab.co.uk Tue Jan 5 15:03:13 2010 From: igor at hybrid-lab.co.uk (Igor Mozolevsky) Date: Tue, 5 Jan 2010 15:03:13 +0000 Subject: Possible 2010 bug in Smartcard In-Reply-To: References: Message-ID: Possibly related: http://www.theregister.co.uk/2010/01/05/windows_mobe_bug/ Cheers, -- Igor From Stephen.Morris at nominet.org.uk Tue Jan 5 13:00:01 2010 From: Stephen.Morris at nominet.org.uk (Stephen.Morris at nominet.org.uk) Date: Tue, 5 Jan 2010 13:00:01 +0000 Subject: Possible 2010 bug in Smartcard In-Reply-To: References: Message-ID: Roland Perry wrote on 05/01/2010 12:04:04: > Which just leaves us with the question: is this a Y2010 bug, or was it a > co-incidence that whatever bug it was[1], hit on 1/1/2010? > > [1] eg a "6 years after 1/1/2004" bug. > -- > Roland Perry As Y2010 problems don't appear to be unique (see http://www.theregister.co.uk/2010/01/05/symantec_y2k10_bug) - I would guess the former. Stephen -------------- next part -------------- An HTML attachment was scrubbed... URL: From nigel.metheringham at dev.intechnology.co.uk Tue Jan 5 12:36:01 2010 From: nigel.metheringham at dev.intechnology.co.uk (Nigel Metheringham) Date: Tue, 5 Jan 2010 12:36:01 +0000 Subject: Possible 2010 bug in Smartcard In-Reply-To: References: Message-ID: On 5 Jan 2010, at 12:04, Roland Perry wrote: > > Which just leaves us with the question: is this a Y2010 bug, or was it a > co-incidence that whatever bug it was[1], hit on 1/1/2010? > > [1] eg a "6 years after 1/1/2004" bug. Some of these bugs have been theorised to be down to misreading a BCD field as hex, so the 10 in 2010 is read as 16.... Don't know if thats an appropriate failure in this case. Nigel. -- [ Nigel Metheringham Nigel.Metheringham at InTechnology.com ] [ - Comments in this message are my own and not ITO opinion/policy - ] From lists at internetpolicyagency.com Tue Jan 5 17:49:12 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Tue, 5 Jan 2010 17:49:12 +0000 Subject: Possible 2010 bug in Smartcard In-Reply-To: References: Message-ID: In article , Ian Batten writes >> Which just leaves us with the question: is this a Y2010 bug, or was >>it a co-incidence that whatever bug it was[1], hit on 1/1/2010? > >It may not be a bug at all, of course. cf. SecureID tags. If the cards have always been programmed to expire on this particular 1st January (or indeed on *any* 1st January somehow related to the age of the card), I would hope and expect that they would have known about that in advance. -- Roland Perry From lists at internetpolicyagency.com Tue Jan 5 17:52:16 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Tue, 5 Jan 2010 17:52:16 +0000 Subject: Possible 2010 bug in Smartcard In-Reply-To: <201001051254.01639.david.goodenough@btconnect.com> References: <201001051254.01639.david.goodenough@btconnect.com> Message-ID: In article <201001051254.01639.david.goodenough at btconnect.com>, David Goodenough writes >While obviously you can not get Windows Mobile on a SmartCard, it might >be a problem with the readers if they are running Windows Mobile, Other types of smartcard were being accepted, as far as I could see. The kind I have isn't particularly popular - the discount it offers isn't very high, currently at 17% if you buy ?45 of pre-pay, and can only be topped up at one central location; moreover it's only targeted at occasional users. >or they might have this problem as well (hence the exact-change fares >only). The exact-fares-only rule is for cash fares, and has been the case for many years (since before I moved to the area). -- Roland Perry From lists at internetpolicyagency.com Tue Jan 5 17:55:26 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Tue, 5 Jan 2010 17:55:26 +0000 Subject: Possible 2010 bug in Smartcard In-Reply-To: References: Message-ID: In article , Stephen.Morris at nominet.org.uk writes >As Y2010 problems don't appear to be unique (see >http://www.theregister.co.uk/2010/01/05/symantec_y2k10_bug) That's similar to the Spam Assassin y2010 bug where all emails posted after 1/1/2010 are rejected as "dated too far in the future". -- Roland Perry From lists at internetpolicyagency.com Tue Jan 5 17:58:53 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Tue, 5 Jan 2010 17:58:53 +0000 Subject: Possible 2010 bug in Smartcard In-Reply-To: References: Message-ID: In article , Igor Mozolevsky writes >Possibly related: > >http://www.theregister.co.uk/2010/01/05/windows_mobe_bug/ "Card scanners in thousands of Australian shops have also been hit, as we reported yesterday. Bank of Queensland systems, believing it was 2016, rejected most payment cards because they'd passed their expiry date." Except my smartcard isn't supposed to have any expiry date. (See also my comments that the scanner appear to be accepting other forms of smartcard OK - indeed if they weren't accepting any smartcards there'd surely have been total chaos much sooner. And the bus company claims that swapping the card will fix it). -- Roland Perry From bdm at fenrir.org.uk Tue Jan 5 21:09:17 2010 From: bdm at fenrir.org.uk (Brian Morrison) Date: Tue, 5 Jan 2010 21:09:17 +0000 Subject: Possible 2010 bug in Smartcard In-Reply-To: References: Message-ID: <20100105210917.31701e2f@peterson.fenrir.org.uk> On Tue, 5 Jan 2010 17:55:26 +0000 Roland Perry wrote: > In article > >, Stephen.Morris at nominet.org.uk writes > >As Y2010 problems don't appear to be unique (see > >http://www.theregister.co.uk/2010/01/05/symantec_y2k10_bug) > > That's similar to the Spam Assassin y2010 bug where all emails posted > after 1/1/2010 are rejected as "dated too far in the future". Ah, but that got fixed very quickly, I just had to do an extra sa-update run to correct it. -- Brian Morrison bdm at fenrir dot org dot uk "Arguing with an engineer is like wrestling with a pig in the mud; after a while you realize you are muddy and the pig is enjoying it." GnuPG key ID DE32E5C5 - http://wwwkeys.uk.pgp.net/pgpnet/wwwkeys.html -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 190 bytes Desc: not available URL: From lists at internetpolicyagency.com Tue Jan 5 21:20:22 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Tue, 5 Jan 2010 21:20:22 +0000 Subject: Possible 2010 bug in Smartcard In-Reply-To: <20100105210917.31701e2f@peterson.fenrir.org.uk> References: <20100105210917.31701e2f@peterson.fenrir.org.uk> Message-ID: In article <20100105210917.31701e2f at peterson.fenrir.org.uk>, Brian Morrison writes >> >As Y2010 problems don't appear to be unique (see >> >http://www.theregister.co.uk/2010/01/05/symantec_y2k10_bug) >> >> That's similar to the Spam Assassin y2010 bug where all emails posted >> after 1/1/2010 are rejected as "dated too far in the future". > >Ah, but that got fixed very quickly, I just had to do an extra >sa-update run to correct it. I think most (y2k bugs too) are fixed easily once you know it's there. The downside is the damage or inconvenience while it's being fixed - which will vary obviously. -- Roland Perry From lists at internetpolicyagency.com Wed Jan 6 08:20:39 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Wed, 6 Jan 2010 08:20:39 +0000 Subject: Possible 2010 bug in Smartcard In-Reply-To: References: <20100105210917.31701e2f@peterson.fenrir.org.uk> Message-ID: In article , Roland Perry writes >I think most (y2k bugs too) are fixed easily once you know it's there. > >The downside is the damage or inconvenience while it's being fixed - >which will vary obviously. Apparently it's taking these Germans until next Monday to fix their Y2010 bug (reportedly in the cards not the ATMs, but does otherwise sound the same as the Australian bug): http://www.dw-world.de/dw/article/0,,5088075,00.html There's reports of other software rolling over from 2009 to 2100, and understandably causing problems. Symantic's fix to their problem is apparently to date all of its NAC updates as 31/12/09, until they fix the underlying issue. -- Roland Perry From otcbn at callnetuk.com Wed Jan 6 09:10:32 2010 From: otcbn at callnetuk.com (Pete Mitchell) Date: Wed, 06 Jan 2010 09:10:32 +0000 Subject: Unpersons Message-ID: <4B445388.5030704@callnetuk.com> Trying to access the Islam4UK website (the people who are promoting this Wootton Bassett march) I get a DNS lookup failure. Google cached the home page as recently as 29 Dec, although I can't access the cached copy there either. -- Pete Mitchell From matthew at pemble.net Wed Jan 6 09:21:18 2010 From: matthew at pemble.net (Matthew Pemble) Date: Wed, 6 Jan 2010 09:21:18 +0000 Subject: Unpersons In-Reply-To: <4B445388.5030704@callnetuk.com> References: <4B445388.5030704@callnetuk.com> Message-ID: Folks, 2010/1/6 Pete Mitchell : > Trying to access the Islam4UK website (the people who are promoting this > Wootton Bassett march) I get a DNS lookup failure. I have been having 403 errors for a couple of days - and can still get to the site (on local cached DNS): "Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 Phusion_Passenger/2.2.4 FrontPage/5.0.2.2635 mod_bwlimited/1.4 mod_auth_passthrough/2.1 Server at www.islam4uk.com Port 80" Getting "SERVFAIL" on dig and NS1 & NS2.islamforuk.com are both timing out ... Matthew -- Matthew Pemble Technical Director, Idrach Ltd Mobile: +44 (0) 7595 652175 Office: + 44 (0) 1324 820690 From james2 at jfirth.net Wed Jan 6 10:40:49 2010 From: james2 at jfirth.net (James Firth) Date: Wed, 6 Jan 2010 10:40:49 -0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> Message-ID: <004801ca8ebc$b6ca0850$245e18f0$@net> > > Trying to access the Islam4UK website (the people who are promoting > this > > Wootton Bassett march) I get a DNS lookup failure. > > I have been having 403 errors for a couple of days - and can still get > to the site (on local cached DNS): > Looks like both their DNS servers are down. Tried routing through corporate VPN on various exit nodes and still nothing. The IPs of their DNS servers seem to be Canadian. At this stage looking more like cock-up rather than conspiracy. James Firth --- www.daltonfirth.co.uk Dalton Firth Limited is registered in England, number 5601773 From igb at batten.eu.org Wed Jan 6 10:49:16 2010 From: igb at batten.eu.org (Ian Batten) Date: Wed, 6 Jan 2010 10:49:16 +0000 Subject: Unpersons In-Reply-To: <4B445388.5030704@callnetuk.com> References: <4B445388.5030704@callnetuk.com> Message-ID: <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> On 06 Jan 10, at 0910, Pete Mitchell wrote: > Trying to access the Islam4UK website (the people who are promoting > this Wootton Bassett march) I get a DNS lookup failure. It's going to be one of the problems of our times, and one I alluded to in a presentation at UKNOF and LINX last year. There's currently no right of web publication, nor any legislation covering it, so an ISP or other hosting provider can remove an organisation's or an individual's ability to public at a stroke with no due process whatsoever. One could argue that this is analogous to printers refusing to take your business, and that might have been true back in the day, but today anyone who wants to print up a few thousand handbills to pass out in the street can do so themselves for about the cost of getting a printer to do it. And even "back in the day", carbon paper, Banda and Gstetner duplicators [*], re-typing and the general methods of samizdat made self-publishing practical, and 5p/sheet photocopying with no controls on content has been available for a generation or more. The ability of random people to cut off legal organisations without any legal review is worrying, because it allows governments to exert pressure in a completely non-transparent way. ian [*] My parents are teachers, and they saw themselves as the king and queen of the high-quality handout. Both specialised in multi-colour Banda work, where the master has the soluble ink from several top sheets so you only need one printing pass to get several colours, but as well as two Banda machines we also had a Gstetner machine at home. Happy times. From bdm at fenrir.org.uk Wed Jan 6 11:36:47 2010 From: bdm at fenrir.org.uk (Brian Morrison) Date: Wed, 6 Jan 2010 11:36:47 +0000 Subject: Unpersons In-Reply-To: <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> Message-ID: <20100106113647.00001f1b@surtees.fenrir.org.uk> On Wed, 6 Jan 2010 10:49:16 +0000 Ian Batten wrote: > but as well as two Banda machines we also had a Gstetner machine at > home. Happy times. Presumably due to inhaling the fumes! -- Brian Morrison From jya at pipeline.com Wed Jan 6 11:59:46 2010 From: jya at pipeline.com (John Young) Date: Wed, 06 Jan 2010 06:59:46 -0500 Subject: Unpersons In-Reply-To: <20100106113647.00001f1b@surtees.fenrir.org.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <20100106113647.00001f1b@surtees.fenrir.org.uk> Message-ID: Google has removed the "full version" cache of islam4uk files but the "text version" remains cached. Archive.org has files only from 2008. Here are a few dozen of them: http://cryptome.org/islam4uk/islam4uk.htm Google banned downloads after a couple of dozen stating "We're sorry... but your computer or network may be sending automated queries. To protect our users, we can't process your request right now." From matthew at pemble.net Wed Jan 6 11:42:41 2010 From: matthew at pemble.net (Matthew Pemble) Date: Wed, 6 Jan 2010 11:42:41 +0000 Subject: Unpersons In-Reply-To: <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> Message-ID: Folks, 2010/1/6 Ian Batten : > There's currently no right of web > publication, nor any legislation covering it, so an ISP or other hosting > provider can remove an organisation's or an individual's ability to public > at a stroke with no due process whatsoever. Surely they had a contract? The DNS Server IP addresses belong to iWeb Technologies in Montreal (how they were linked to this - through Fasthosts (domain reg for islamforuk.com) or otherwise, I am not sure. > One could argue that this is analogous to printers refusing to take your > business, and that might have been true back in the day, but today anyone > who wants to print up a few thousand handbills to pass out in the street can > do so themselves for about the cost of getting a printer to do it. Actually, it's more like the printer taking the business (and the money) and then the courier accepting the box but refusing to deliver the leaflets to you but that doesn't make your point invalid. And, without extending the analogy, there are plenty of DNS providers - even Google (who have a reputation, deserved or not, for not capitulating to govt demands. Except in China!) > And even > "back in the day", carbon paper, Banda and Gstetner duplicators [*], > re-typing and the general methods of samizdat made self-publishing > practical, and 5p/sheet photocopying with no controls on content has been > available for a generation or more. ? The ability of random people to cut > off legal organisations without any legal review is worrying, because it > allows governments to exert pressure in a completely non-transparent way. But setting up new hosting in the USA, with the 1st Amendment protections (which US ISPs are relatively keen to use as an excuse for inaction, in my experience) surely takes hours rather than days, assuming you have a backup :) And this doesn't explain the 403 result from the web-server (although my cached DNS has expired so I can't see even that any more.) Matthew -- Matthew Pemble Technical Director, Idrach Ltd Mobile: +44 (0) 7595 652175 Office: + 44 (0) 1324 820690 From fw at deneb.enyo.de Wed Jan 6 16:46:14 2010 From: fw at deneb.enyo.de (Florian Weimer) Date: Wed, 06 Jan 2010 17:46:14 +0100 Subject: Possible 2010 bug in Smartcard In-Reply-To: (Roland Perry's message of "Wed, 6 Jan 2010 08:20:39 +0000") References: <20100105210917.31701e2f@peterson.fenrir.org.uk> Message-ID: <87iqbfkwq1.fsf@mid.deneb.enyo.de> * Roland Perry: > Apparently it's taking these Germans until next Monday to fix their > Y2010 bug (reportedly in the cards not the ATMs, but does otherwise > sound the same as the Australian bug): > > http://www.dw-world.de/dw/article/0,,5088075,00.html It's apparently a bug in cards manufactured by Gemalto. ETA for a real fix has still not been published. Currently, card readers are changed to perform a downgrade to bypass the more secure but non-working chip-based authentication, relying on the magnetic stripe instead. But this is only a very temporary solution. From otcbn at callnetuk.com Thu Jan 7 17:28:56 2010 From: otcbn at callnetuk.com (Pete Mitchell) Date: Thu, 07 Jan 2010 17:28:56 +0000 Subject: Unpersons In-Reply-To: <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> Message-ID: <4B4619D8.6000101@callnetuk.com> Ian Batten wrote on 6-01-10 10:49: > It's going to be one of the problems of our times, and one I alluded to > in a presentation at UKNOF and LINX last year. There's currently no > right of web publication, nor any legislation covering it, so an ISP or > other hosting provider can remove an organisation's or an individual's > ability to public at a stroke with no due process whatsoever. I doubt if many people would support a "right of web publication". But they might well support the idea that people must not stop others publishing on the web; subject to the usual rules of justice, law and due process. The ECHR and the Human Rights Act pretty much declare that, in the case where the state is doing the preventing. -- Pete Mitchell From mjdb at dorevale.demon.co.uk Thu Jan 7 18:37:59 2010 From: mjdb at dorevale.demon.co.uk (M J D Brown) Date: Thu, 7 Jan 2010 18:37:59 -0000 Subject: Unpersons References: <4B445388.5030704@callnetuk.com><00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> Message-ID: <1BEA602E6B1849E48279E004020C08A6@Powerstation> We do need protection from the rantings of bigots (def: someone whose mind cannot be changed and who won't change the subject). Just imagine there was a right to web publication which would, of course, have to include email. Would we really be happy to see the end of spam filtering? A similar example of the law of unintended consequences affects the rather more popular issue of a general privacy law that has engaged this mailing list in the last week or so. One suspects that the principal benefactors would be big companies and sundry dodgy geezers with deep pockets, tame lawyers, and something to hide. Though I am in full agreement with Pete Mitchell's comments, I just wanted to add a few points, interpolated in his posting below Mike. ----- Original Message ----- From: "Pete Mitchell" To: "UK Cryptography Policy Discussion Group" Sent: Thursday, January 07, 2010 5:28 PM Subject: Re: Unpersons > Ian Batten wrote on 6-01-10 10:49: >> It's going to be one of the problems of our times, and one I alluded >> to in a presentation at UKNOF and LINX last year. There's currently >> no right of web publication, nor any legislation covering it, so an >> ISP or other hosting provider can remove an organisation's or an >> individual's ability to public at a stroke with no due process >> whatsoever. > > I doubt if many people would support a "right of web publication". > But they might well support the idea that people must not stop others > publishing on the web; subject to the usual rules of justice, law and > due process. How could we define such a right without opening the floodgates to the bigots and spammers? > The ECHR and the Human Rights Act pretty much declare that, in the > case where the state is doing the preventing. The whole business of censorship would be likely to go underground. My old US colleagues used to say that much of their official busines was conducted verbally or on their personal office folders, destroyed on their outposting, and not subject to FOI requests. That is rather a long time ago now, so that particular loohole may well have been closed. > -- > Pete Mitchell > > From james2 at jfirth.net Thu Jan 7 19:08:35 2010 From: james2 at jfirth.net (James Firth) Date: Thu, 7 Jan 2010 19:08:35 -0000 Subject: Unpersons In-Reply-To: <1BEA602E6B1849E48279E004020C08A6@Powerstation> References: <4B445388.5030704@callnetuk.com><00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> Message-ID: <00cc01ca8fcc$cffb1740$6ff145c0$@net> > We do need protection from the rantings of bigots (def: someone whose > mind cannot be changed and who won't change the subject). Just imagine > there was a right to web publication which would, of course, have to > include email. Would we really be happy to see the end of spam > filtering? How about rights at the transport layer? I don't believe service providers should be compelled to host services or publish material, however once a service provider has consented and the stream is available, should ISPs who act as mere intermediaries in the get/response transaction (mere conduits) be obliged to carry out the transaction and get the web page requested? Also I'm still not sure what happened in the particular case of islamforuk.com name servers. Do we now have proof that the service provider has withdrawn service or is it simply a case of crashed DNS servers and incompetence? When I last looked I didn't detect a transatlantic hand of god. The web server seemed active but neither of the listed name servers were working. And this tested from various exit nodes. James Firth From igb at batten.eu.org Thu Jan 7 19:40:46 2010 From: igb at batten.eu.org (Ian Batten) Date: Thu, 7 Jan 2010 19:40:46 +0000 Subject: Unpersons In-Reply-To: <4B4619D8.6000101@callnetuk.com> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> Message-ID: On 7 Jan 2010, at 17:28, Pete Mitchell wrote: > Ian Batten wrote on 6-01-10 10:49: >> It's going to be one of the problems of our times, and one I >> alluded to in a presentation at UKNOF and LINX last year. There's >> currently no right of web publication, nor any legislation covering >> it, so an ISP or other hosting provider can remove an >> organisation's or an individual's ability to public at a stroke >> with no due process whatsoever. > > I doubt if many people would support a "right of web publication". Why not? I certainly would. A right to publish what you want on a website, subject to existing laws, and payment on non-discriminatory terms: what's so radical about that? ISPs are very quick to fall behind the common carrier argument; why not make them common carriers? > But they might well support the idea that people must not stop > others publishing on the web; subject to the usual rules of justice, > law and due process. > The ECHR and the Human Rights Act pretty much declare that, in the > case where the state is doing the preventing. But the point now is that ISPs are in the position of knights stood near a king wanting to rid himself of a turbulent priest. ian From igb at batten.eu.org Thu Jan 7 19:43:59 2010 From: igb at batten.eu.org (Ian Batten) Date: Thu, 7 Jan 2010 19:43:59 +0000 Subject: Unpersons In-Reply-To: <1BEA602E6B1849E48279E004020C08A6@Powerstation> References: <4B445388.5030704@callnetuk.com><00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> Message-ID: On 7 Jan 2010, at 18:37, M J D Brown wrote: > > We do need protection from the rantings of bigots (def: someone whose > mind cannot be changed and who won't change the subject). No, we don't. You just don't read it. A right to free speech for people you agree with is no stretch. > Just imagine > there was a right to web publication which would, of course, have to > include email. Would we really be happy to see the end of spam > filtering? Why would it ``of course'' have to include email? > > How could we define such a right without opening the floodgates to the > bigots and spammers? The idea that freedom of speech doesn't extend to `bigots' is bizarre. ian -------------- next part -------------- An HTML attachment was scrubbed... URL: From casparb at microsoft.com Thu Jan 7 21:34:37 2010 From: casparb at microsoft.com (Caspar Bowden) Date: Thu, 7 Jan 2010 21:34:37 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> Message-ID: <87A6D89C0D9E3E4E94253D25B8F9B2E712938C@DB3EX14MBXC316.europe.corp.microsoft.com> >> bounces at chiark.greenend.org.uk] On Behalf Of Ian Batten > On 7 Jan 2010, at 17:28, Pete Mitchell wrote: > > > Ian Batten wrote on 6-01-10 10:49: ... > > I doubt if many people would support a "right of web publication". > > Why not? I certainly would. A right to publish what you want on a website, > subject to existing laws, and payment on non-discriminatory > terms: what's so radical about that? "If I might presume to advise them upon this great affair, I should dissuade them from any direct attempt upon the liberty of the press, which is the darling of the common people, and, therefore, cannot be attacked without immediate danger. They may proceed by a more sure and silent way, and attain the desired end without noise, detraction, or oppression. There are scattered over this kingdom several little seminaries, in which the lower ranks of people, and the youngest sons of our nobility and gentry are taught, from their earliest infancy, the pernicious arts of spelling and reading, which they afterwards continue to practise, very much to the disturbance of their own quiet, and the interruption of ministerial measures. These seminaries may, by an act of parliament, be, at once, suppressed; and that our posterity be deprived of all means of reviving this corrupt method of education, it may be made felony to teach to read without a license from the lord chamberlain. This expedient, which I hope will be carefully concealed from the vulgar, must infallibly answer the great end proposed by it, and set the power of the court not only above the insults of the poets, but, in a short time, above the necessity of providing against them. The licenser, having his authority thus extended, will, in time, enjoy the title and the salary without the trouble of exercising his power, and the nation will rest, at length, in ignorance and peace." http://www.readbookonline.net/readOnLine/30184/ (Samuel Johnson) From jya at pipeline.com Thu Jan 7 19:11:14 2010 From: jya at pipeline.com (John Young) Date: Thu, 07 Jan 2010 14:11:14 -0500 Subject: Unpersons In-Reply-To: <1BEA602E6B1849E48279E004020C08A6@Powerstation> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> Message-ID: Presumably protection from rantings of bigots should not be done by government for that would require principal government office holders, their lobbyists and financial supporters to shut themselves up. Since that is a totally unreasonable prospect it would likely be better to rely upon elections, shaming, ridiculing, exposes, even imprisonment of official bigots when they abuse power to implement bigotry concerning war, sex, marriage, freedom of information, transparency, responsibility, democracy, candor, prevarication, honesty, ethics, sloth, assassination by covert agents, not to dare say inherited privilege, rank, wealth and contempt for the hoi polloi. Now there will be those who for fat fees abjectly apologize for the bigots, pronouncing rights of man must be granted to the vilest of them who can pay the piperr, though not in turn the most deprived unable to pay the apoligists's fees, but for those privateers raiding the public weal with highest of avowed purpose, it very well could be desirable to charge them some75% of their bloated fees to use public-paid infrastructure to peddle their Janusic spew. Not conceivable in this lifetime that bigoted judicials be guillotined. Still, practice runs could be entertaining. From zenadsl6186 at zen.co.uk Fri Jan 8 05:56:22 2010 From: zenadsl6186 at zen.co.uk (Peter Fairbrother) Date: Fri, 08 Jan 2010 05:56:22 +0000 Subject: Unpersons In-Reply-To: <1BEA602E6B1849E48279E004020C08A6@Powerstation> References: <4B445388.5030704@callnetuk.com><00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> Message-ID: <4B46C906.8050203@zen.co.uk> M J D Brown wrote: > We do need protection from the rantings of bigots (def: someone whose > mind cannot be changed and who won't change the subject). What we need is the ability to not have to read them - which we have. We also need to have the liberty for them to rant, else free speech is lost. Someone whose mind cannot be changed and who won't change the subject may be correct and a dedicated campaigner for the truth. Boring maybe, but necessary. > Just imagine > there was a right to web publication which would, of course, have to > include email. Why would it have to include email? > Would we really be happy to see the end of spam > filtering? Yes - if you mean filtering by ISPs. I have no objection to people doing their own filtering, but if ISPs do it they are looking at all *my* email traffic, which is interception dubiously made lawful by 3(3). [1] This dubious legality has been spreading to other areas, eg Phorm - 3(3) should be strictly limited to what's needed to pass packets. An ISP shouldn't even be allowed to look at the type of traffic, port number etc, as it doesn't need to to pass packets. Nobody should, without a warrant. If a chap does his own filtering though, that's a different matter. Filtering software could be sold and used a bit like security software, updated as and when. Which is pretty much like not having to read the "rantings of etc" ... [1] for those who don't know, 3(3) is a clause in RIPA which allows ISPs to look at traffic when they need to to provide their service, like the Post Office can open letters when they can't deliver them in order to see what to do with them, eg find a return address. 3(3) is widely abused however, for purposes including "legitimising" spam filtering, and much worse. -- Peter Fairbrother From mjdb at dorevale.demon.co.uk Fri Jan 8 10:04:56 2010 From: mjdb at dorevale.demon.co.uk (M J D Brown) Date: Fri, 8 Jan 2010 10:04:56 -0000 Subject: Unpersons References: <4B445388.5030704@callnetuk.com><00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com><1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> Message-ID: ----- Original Message ----- From: "Peter Fairbrother" To: "UK Cryptography Policy Discussion Group" Sent: Friday, January 08, 2010 5:56 AM Subject: Re: Unpersons >M J D Brown wrote: > >> We do need protection from the rantings of bigots (def: someone whose >> mind cannot be changed and who won't change the subject). > > What we need is the ability to not have to read them - which we have. > > We also need to have the liberty for them to rant, else free speech is > lost. > > Someone whose mind cannot be changed and who won't change the subject > may be correct and a dedicated campaigner for the truth. > > Boring maybe, but necessary. > >> Just imagine there was a right to web publication which would, of >> course, have to include email. > > Why would it have to include email? This list is transmitted by email. We enjoy free speech on this list. How would you draft legislation (or equivalent process) to outlaw free speech on this list *without* affecting other forms of transmission or publication? I think our US friends have long ago discovered that freedom of speech covers more than most people here would imagine. >> Would we really be happy to see the end of spam filtering? > > Yes - if you mean filtering by ISPs. > > I have no objection to people doing their own filtering, but if ISPs > do it they are looking at all *my* email traffic, which is > interception dubiously made lawful by 3(3). [1] On my ISP (Demon) their spam filtering service (pretty good, by the way) is an option at the subscriber's choice. Legally, I have delegated to them the task of filtering my email for spam. RIPA is irrelevant to my right to delegate that function and thus taking a first look at my inbox. Actually, as I understand the process, the spam filtering process they use involves seeding the internet with bogus email addresses which, if subsequently appearing in mass emails, are a strong indication of spamming activity, so that only a look at the 'from' field in the header is needed to detect and rusticate the spam. > > This dubious legality has been spreading to other areas, eg Phorm - > 3(3) should be strictly limited to what's needed to pass packets. > > An ISP shouldn't even be allowed to look at the type of traffic, port > number etc, as it doesn't need to to pass packets. Nobody should, > without a warrant. I do not want anybody interfering with my right to delegate spam filtering. > If a chap does his own filtering though, that's a different matter. > Filtering software could be sold and used a bit like security > software, updated as and when. > > Which is pretty much like not having to read the "rantings of etc" ... > > > [1] for those who don't know, 3(3) is a clause in RIPA which allows > ISPs to look at traffic when they need to to provide their service, > like the Post Office can open letters when they can't deliver them in > order to see what to do with them, eg find a return address. > > 3(3) is widely abused however, for purposes including "legitimising" > spam filtering, and much worse. The "I" in RIPA stands for "investigation". It seems to me that RIPA is being over used as an argument justifying or against activities that have nothing to do with investigation - a bit like the Health and Safety at Work Act has got completely out of hand to regulate things that have nothing to do with people at work. Mike. From otcbn at callnetuk.com Fri Jan 8 10:40:20 2010 From: otcbn at callnetuk.com (Pete Mitchell) Date: Fri, 08 Jan 2010 10:40:20 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> Message-ID: <4B470B94.5030005@callnetuk.com> Ian Batten wrote on 7-01-10 19:40: > > On 7 Jan 2010, at 17:28, Pete Mitchell wrote: > >> Ian Batten wrote on 6-01-10 10:49: >>> It's going to be one of the problems of our times, and one I alluded >>> to in a presentation at UKNOF and LINX last year. There's currently >>> no right of web publication, nor any legislation covering it, so an >>> ISP or other hosting provider can remove an organisation's or an >>> individual's ability to public at a stroke with no due process >>> whatsoever. >> >> I doubt if many people would support a "right of web publication". > > Why not? I certainly would. The general libertarian argument against rights to do things that require the positive assistance (or at least cooperation) of other people. > A right to publish what you want on a > website, subject to existing laws, and payment on non-discriminatory > terms: what's so radical about that? I don't think we need a new "right", just a law making it an offence to try to prevent anyone publishing anything they choose, except by due process of law. This law would of course have to provide especially severe punishments for individuals who commit such offences on behalf of the state. -- Pete Mitchell From tony.naggs at googlemail.com Fri Jan 8 10:55:14 2010 From: tony.naggs at googlemail.com (Tony Naggs) Date: Fri, 8 Jan 2010 10:55:14 +0000 Subject: More info on Y2K+10 problems reported in Risks Digest 25.89 Message-ID: E.g.: Y2K+10 problem 1. German contactless bank cards (Debora Weber-Wulff) Y2K+10 problem 2: Symantec (PGN) Y2K+10 problem 3: Bank of Queensland Eftpos system (Jared Gottlieb) Y2K+10 problem 4: SpamAssassin tags "2010" e-mail as spammish (Danny Burstein) Y2K+10 Bug, for those who thought that Y2K was a made up crisis (Bob Gezelter) For full details see: http://catless.ncl.ac.uk/Risks/25.89.html From lists at internetpolicyagency.com Fri Jan 8 11:10:16 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Fri, 8 Jan 2010 11:10:16 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> Message-ID: In article , M J D Brown writes >The "I" in RIPA stands for "investigation". It seems to me that RIPA is >being over used as an argument justifying or against activities that >have nothing to do with investigation With hindsight Part 1 Chapter 1 might have been better extracted as a separate Act and named "IOCA 2000". But we are where we are. There are several things in the recent Coronors Act which are nothing to do with dead bodies! -- Roland Perry From Ian.Johnson at uwe.ac.uk Fri Jan 8 09:52:00 2010 From: Ian.Johnson at uwe.ac.uk (Ian Johnson) Date: Fri, 8 Jan 2010 09:52:00 -0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> Message-ID: <9A2E0E236DB94053B346A60BDF784DD2@enigma> >On Behalf Of Ian Batten: >Sent: 07 January 2010 19:41 > >But the point now is that ISPs are in the position of knights >stood near a king wanting to rid himself of a turbulent priest. > An excellent point, and one that is relevant to most threads. Almost all attacks on privacy/free expression are aimed at the ISP not their customer. Legislating for ISPs to simply carry uninspected packets would I feel be great, but highly unlikely to happen! Ian From igor at hybrid-lab.co.uk Fri Jan 8 11:44:54 2010 From: igor at hybrid-lab.co.uk (Igor Mozolevsky) Date: Fri, 8 Jan 2010 11:44:54 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree Message-ID: "The Met asked us to take these domain names out of action so we suspended them, meaning that the websites were no longer available but that they couldn't be re-registered and used again." Later, in the article, Nominet claim that the "suspension" was justified due to a breach of contract in not providing correct contact details, although AFAIK, breach of contract does not itself void the contract. Apparently, the fact that there were only 20 complaints from the domain owners, and such, and only two domains were reinstated is a sign that the action was justified... http://www.out-law.com/page-10652 Cheers, -- Igor From igb at batten.eu.org Fri Jan 8 11:55:39 2010 From: igb at batten.eu.org (Ian Batten) Date: Fri, 8 Jan 2010 11:55:39 +0000 Subject: Unpersons In-Reply-To: <4B470B94.5030005@callnetuk.com> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <4B470B94.5030005@callnetuk.com> Message-ID: On 08 Jan 10, at 1040, Pete Mitchell wrote: > Ian Batten wrote on 7-01-10 19:40: >> On 7 Jan 2010, at 17:28, Pete Mitchell wrote: >>> Ian Batten wrote on 6-01-10 10:49: >>>> It's going to be one of the problems of our times, and one I >>>> alluded to in a presentation at UKNOF and LINX last year. >>>> There's currently no right of web publication, nor any >>>> legislation covering it, so an ISP or other hosting provider can >>>> remove an organisation's or an individual's ability to public at >>>> a stroke with no due process whatsoever. >>> >>> I doubt if many people would support a "right of web publication". >> Why not? I certainly would. > > The general libertarian argument against rights to do things that > require the positive assistance (or at least cooperation) of other > people. If you think that a libertarian argument like that would resonate with `many people' then I have a copy of Atlas Shrugged to sell you. >> A right to publish what you want on a website, subject to existing >> laws, and payment on non-discriminatory terms: what's so radical >> about that? > > I don't think we need a new "right", just a law making it an offence > to try to prevent anyone publishing anything they choose, except by > due process of law. This law would of course have to provide > especially severe punishments for individuals who commit such > offences on behalf of the state. The distinction between that and a right to publication is angels on pin-heads stuff. Because it probably requires a non-discrimination clause in ISPs that wish to avail themselves of common-carrier protection, which in turns bypasses your first point. ian From igb at batten.eu.org Fri Jan 8 12:08:10 2010 From: igb at batten.eu.org (Ian Batten) Date: Fri, 8 Jan 2010 12:08:10 +0000 Subject: Unpersons In-Reply-To: <9A2E0E236DB94053B346A60BDF784DD2@enigma> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <9A2E0E236DB94053B346A60BDF784DD2@enigma> Message-ID: <54D7F073-4EFB-434A-84DE-CC230934E6E7@batten.eu.org> On 08 Jan 10, at 0952, Ian Johnson wrote: >> On Behalf Of Ian Batten: >> Sent: 07 January 2010 19:41 >> >> But the point now is that ISPs are in the position of knights >> stood near a king wanting to rid himself of a turbulent priest. >> > > An excellent point, and one that is relevant to most threads. > Almost all attacks on privacy/free expression are aimed at the > ISP http://www.theregister.co.uk/2010/01/08/nominet_disconnection/ From pwt at iosis.co.uk Fri Jan 8 12:41:33 2010 From: pwt at iosis.co.uk (Peter Tomlinson) Date: Fri, 08 Jan 2010 12:41:33 +0000 Subject: More info on Y2K+10 problems reported in Risks Digest 25.89 In-Reply-To: References: Message-ID: <4B4727FD.9030703@iosis.co.uk> Tony Naggs wrote: > E.g.: > Y2K+10 problem 1. German contactless bank cards (Debora Weber-Wulff) > Y2K+10 problem 2: Symantec (PGN) > Y2K+10 problem 3: Bank of Queensland Eftpos system (Jared Gottlieb) > Y2K+10 problem 4: SpamAssassin tags "2010" e-mail as spammish (Danny Burstein) > Y2K+10 Bug, for those who thought that Y2K was a made up crisis (Bob Gezelter) > > For full details see: > http://catless.ncl.ac.uk/Risks/25.89.html > Gemalto Press Release 6th Jan: Payment cards in Germany Amsterdam - Jan 6, 2010 - Recent publications report that some German payment cardholders were unable to conduct transactions after the turn of the New Year. Gemalto (Euronext NL0000400653 - GTO), as a major supplier to German banks, has been working with its customers on investigating and fixing the situation since first informed on Sunday afternoon. Gemalto and the German banks are actively developing together a corrective process that avoids the replacement of the affected cards in Germany. At this stage, according to ZKA (Zentraler Kreditausschuss ? the German Central Credit Committee), acceptance of the concerned cards by the ATM (Automated Teller Machines) and point of sales terminals is widely re-established in the country. Gemalto payment cards issued for other countries are not affected. Olivier Piou, Chief Executive Officer, added: ?We are fully focused on minimizing the inconvenience for the cardholders. As a partner, we will of course meet our contractual obligations, and continue to support our clients. We trust that we will promptly deploy a solution with our German customers to return to full normal operation.? From lists at internetpolicyagency.com Fri Jan 8 12:47:39 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Fri, 8 Jan 2010 12:47:39 +0000 Subject: Unpersons In-Reply-To: <9A2E0E236DB94053B346A60BDF784DD2@enigma> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <9A2E0E236DB94053B346A60BDF784DD2@enigma> Message-ID: In article <9A2E0E236DB94053B346A60BDF784DD2 at enigma>, Ian Johnson writes >Legislating for ISPs to simply carry uninspected packets would I feel >be great, but highly unlikely to happen! Much of the Ecommerce Directive appears to be putting the ISPs into this position. -- Roland Perry From jya at pipeline.com Fri Jan 8 13:02:42 2010 From: jya at pipeline.com (John Young) Date: Fri, 08 Jan 2010 08:02:42 -0500 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: References: Message-ID: Isn't standard official tradecraft to use the capacious round-up to cloak and exaggerate the specific, even to redirect attention away from failure? Obama has done just that in recent days. Not alone he in this. From Ian.Johnson at uwe.ac.uk Fri Jan 8 13:46:04 2010 From: Ian.Johnson at uwe.ac.uk (Ian Johnson) Date: Fri, 8 Jan 2010 13:46:04 -0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> Message-ID: <00D8A99FF3764B75861B5EE6A244ECD6@enigma> > >>M J D Brown wrote: >> > >This list is transmitted by email. We enjoy free speech on this list. We don't - We have access to this list under the sufferance of chiark's administrator. If he wished, he could prevent our access to this list, we have no right to write here. Ian From otcbn at callnetuk.com Fri Jan 8 14:54:22 2010 From: otcbn at callnetuk.com (Pete Mitchell) Date: Fri, 08 Jan 2010 14:54:22 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <4B470B94.5030005@callnetuk.com> Message-ID: <4B47471E.90100@callnetuk.com> Ian Batten wrote on 8-01-10 11:55: > > On 08 Jan 10, at 1040, Pete Mitchell wrote: > >> Ian Batten wrote on 7-01-10 19:40: >>> On 7 Jan 2010, at 17:28, Pete Mitchell wrote: >>>> I doubt if many people would support a "right of web publication". >>> Why not? I certainly would. >> >> The general libertarian argument against rights to do things that >> require the positive assistance (or at least cooperation) of other >> people. > > If you think that a libertarian argument like that would resonate with > `many people' then I have a copy of Atlas Shrugged to sell you. I would have thought it quite a widely held view. I myself wouldn't want to be compelled to publish other people's political opinions. Perhaps I shouldn't have used the word "libertarian". It does have some associations that trigger adverse reactions among the Guardian-reading left. >>> A right to publish what you want on a website, subject to existing >>> laws, and payment on non-discriminatory terms: what's so radical >>> about that? >> >> I don't think we need a new "right", just a law making it an offence >> to try to prevent anyone publishing anything they choose, except by >> due process of law. This law would of course have to provide >> especially severe punishments for individuals who commit such offences >> on behalf of the state. > > The distinction between that and a right to publication is angels on > pin-heads stuff. Only if you dismiss all jurisprudence and political thinking as silly nitpicking that real men don't bother with. Personally I do not much like the concept of legislating by the granting of rights; it implies that we only have the right to do things that TPTB explicitly allow us to do. I prefer Magna Carta's (did she die in vain?) idea that we can do anything we like, except what the law specifically forbids. Although her scheme would be improved by some additional constitutional restrictions on what TPTB are allowed to forbid, as happens in America. > Because it probably requires a non-discrimination > clause in ISPs that wish to avail themselves of common-carrier > protection, which in turns bypasses your first point. I wouldn't object to that, but I don't think it's a necessary condition for my law. No (non-monopolistic) ISP would be able to prevent me publishing something; I could always go to another. Nominet is of course another matter altogether. -- Pete Mitchell From lists at internetpolicyagency.com Fri Jan 8 14:53:56 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Fri, 8 Jan 2010 14:53:56 +0000 Subject: Unpersons - and unwebsites In-Reply-To: <00D8A99FF3764B75861B5EE6A244ECD6@enigma> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> Message-ID: In article <00D8A99FF3764B75861B5EE6A244ECD6 at enigma>, Ian Johnson writes >>This list is transmitted by email. We enjoy free speech on this list. > >We don't - We have access to this list under the sufferance of chiark's >administrator. If he wished, he could prevent our access to this list, >we have no right to write here. And if one of the conditions was we didn't post under a false name... . -- Roland Perry From bdm at fenrir.org.uk Fri Jan 8 15:44:38 2010 From: bdm at fenrir.org.uk (Brian Morrison) Date: Fri, 8 Jan 2010 15:44:38 +0000 Subject: Unpersons - and unwebsites In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> Message-ID: <20100108154438.00003188@surtees.fenrir.org.uk> On Fri, 8 Jan 2010 14:53:56 +0000 Roland Perry wrote: > In article <00D8A99FF3764B75861B5EE6A244ECD6 at enigma>, Ian Johnson > writes > >>This list is transmitted by email. We enjoy free speech on this > >>list. > > > >We don't - We have access to this list under the sufferance of > >chiark's administrator. If he wished, he could prevent our access > >to this list, we have no right to write here. > > And if one of the conditions was we didn't post under a false name... > . Doesn't English law permit someone to be known by any name they choose? -- Brian Morrison From clive at davros.org Fri Jan 8 16:03:15 2010 From: clive at davros.org (Clive D.W. Feather) Date: Fri, 8 Jan 2010 16:03:15 +0000 Subject: Unpersons - and unwebsites In-Reply-To: <20100108154438.00003188@surtees.fenrir.org.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <20100108154438.00003188@surtees.fenrir.org.uk> Message-ID: <20100108160315.GB43720@davros.org> Brian Morrison said: >> And if one of the conditions was we didn't post under a false name... >> . > Doesn't English law permit someone to be known by any name they choose? Yes. Except for fraudulant purposes. -- Clive D.W. Feather | If you lie to the compiler, Email: clive at davros.org | it will get its revenge. Web: http://www.davros.org | - Henry Spencer Mobile: +44 7973 377646 From fjmd1a at gmail.com Fri Jan 8 16:02:24 2010 From: fjmd1a at gmail.com (Francis Davey) Date: Fri, 8 Jan 2010 16:02:24 +0000 Subject: Unpersons - and unwebsites In-Reply-To: <20100108154438.00003188@surtees.fenrir.org.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <20100108154438.00003188@surtees.fenrir.org.uk> Message-ID: <874d91c1001080802n56b2930u5821b945c265a067@mail.gmail.com> 2010/1/8 Brian Morrison : > > Doesn't English law permit someone to be known by any name they choose? > At various levels of pedantry: no, but that's irrelevant. The most germane point is that you are not allowed to pretend to be someone who you aren't, either by misleading someone else so as to amount to fraud, or by passing yourself off as another. Names are not primary keys for people, so its not so much the name that is important as whether you imply you are someone else. Of course there are someones (legal persons) most of whom do have unique ID's and who are supposed to declare them almost all the time. -- Francis Davey From pwt at iosis.co.uk Fri Jan 8 16:08:59 2010 From: pwt at iosis.co.uk (Peter Tomlinson) Date: Fri, 08 Jan 2010 16:08:59 +0000 Subject: Unpersons - and unwebsites In-Reply-To: <20100108154438.00003188@surtees.fenrir.org.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <20100108154438.00003188@surtees.fenrir.org.uk> Message-ID: <4B47589B.1020007@iosis.co.uk> Brian Morrison wrote: > On Fri, 8 Jan 2010 14:53:56 +0000 > Roland Perry wrote >> In article <00D8A99FF3764B75861B5EE6A244ECD6 at enigma>, Ian Johnson >> writes >> >>>> This list is transmitted by email. We enjoy free speech on this >>>> list. >>>> >>> We don't - We have access to this list under the sufferance of >>> chiark's administrator. If he wished, he could prevent our access >>> to this list, we have no right to write here. >>> >> And if one of the conditions was we didn't post under a false name... >> . >> > Doesn't English law permit someone to be known by any name they choose? > Or none, e.g. comments posted anonymously. Of course the email address of the poster is known to the site owner, and the ISP knows in whose name the source account was registered. That takes us round the circle and back again, because I read the El Reg article to mean that Nominet found that the domains were registered with false names and addresses - but surely they paid somehow, so the funding source should be known. Or can I walk into a registrar or agent with the folding stuff or the electronic version (a pre-loaded gift card) and register a domain in any name and with any address (perhaps Buck House? or Tranquility Base?) that I please? Peter From james.davis at ja.net Fri Jan 8 14:38:08 2010 From: james.davis at ja.net (James Davis) Date: Fri, 08 Jan 2010 14:38:08 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: References: Message-ID: <4B474350.1090609@ja.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Igor Mozolevsky wrote: > Later, in the article, Nominet claim that the "suspension" was > justified due to a breach of contract in not providing correct contact > details, although AFAIK, breach of contract does not itself void the > contract. I don't know about the legal aspects, but what else are they meant to do in order to enforce the use of correct contact details? By definition they can't easily contact the registrant to get them to provide correct details. James - -- James Davis +44 1235 822 229 PGP: 0xD1622876 JANET CSIRT 0870 850 2340 (+44 1235 822 340) Lumen House, Library Avenue, Didcot, Oxfordshire, OX11 0SG -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFLR0NQhZi14NFiKHYRAsY3AJwIiwvMUryTGuj0isOPZfCGewONqgCfSaX7 aswkW6DOLMF5yCl+C64lEro= =M6Zy -----END PGP SIGNATURE----- JANET(UK) is a trading name of The JNT Association, a company limited by guarantee which is registered in England under No. 2881024 and whose Registered Office is at Lumen House, Library Avenue, Harwell Science and Innovation Campus, Didcot, Oxfordshire. OX11 0SG From David_Biggins at usermgmt.com Fri Jan 8 16:36:52 2010 From: David_Biggins at usermgmt.com (David Biggins) Date: Fri, 8 Jan 2010 16:36:52 -0000 Subject: Unpersons In-Reply-To: <4B47471E.90100@callnetuk.com> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <4B470B94.5030005@callnetuk.com> <4B47471E.90100@callnetuk.com> Message-ID: > -----Original Message----- > From: ukcrypto-bounces at chiark.greenend.org.uk [mailto:ukcrypto- > bounces at chiark.greenend.org.uk] On Behalf Of Pete Mitchell > Sent: 08 January 2010 14:54 > To: UK Cryptography Policy Discussion Group > Subject: Re: Unpersons > > I prefer Magna Carta's (did she die in vain?) idea that we can do > anything we like, except what the law specifically forbids. Though the limits of that were music-hall fodder some time ago... and surprisingly up to date in several ways... ... "For John, from the moment they crowned him, Started acting so cunning and sly, Being King, of course, he couldn't do wrong, But, by gum, he'd a proper good try." ... "And it's through that there Magna Charter, As were signed by the Barons of old, That in England today we can do what we like, So long as we do what we're told." Marriott Edgar - 1937. http://oldpoetry.com/opoem/7925-Marriott-Edgar-Magna-Charta D. From igor at hybrid-lab.co.uk Fri Jan 8 16:47:54 2010 From: igor at hybrid-lab.co.uk (Igor Mozolevsky) Date: Fri, 8 Jan 2010 16:47:54 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: <4B474350.1090609@ja.net> References: <4B474350.1090609@ja.net> Message-ID: 2010/1/8 James Davis : > I don't know about the legal aspects, but what else are they meant to do > in order to enforce the use of correct contact details? By definition > they can't easily contact the registrant to get them to provide correct > details. The question is whether they have actually tried to contact all of the 1200 domain owners at all. Judging by the article, it sounds like the Met gave Nominet a list and Nominet just pushed a few buttons. The domains were clearly registered through some other organisation, so have Nominet tried contacting them? Or, for that matter, what reasonable steps have Nominet taken prior to the suspension of the domains? What if one of the domains was a bona fide domain the suspension lead to loss of business? We now know that at least two domains were reinstated for whatever reasons! Also, what is the definition of "correct contact details"? Is it the details of the person who actually owns the domain, or a way of contacting the person who owns the domain? I certainly know of cases where A asked B to register a domain for A and the domain contact details are that of B and not A, is that in violation of Nominet's T&Cs? Cheers, -- Igor From lists at internetpolicyagency.com Fri Jan 8 16:47:59 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Fri, 8 Jan 2010 16:47:59 +0000 Subject: Unpersons - and unwebsites In-Reply-To: <20100108154438.00003188@surtees.fenrir.org.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <20100108154438.00003188@surtees.fenrir.org.uk> Message-ID: In article <20100108154438.00003188 at surtees.fenrir.org.uk>, Brian Morrison writes >> And if one of the conditions was we didn't post under a false name... >> . > >Doesn't English law permit someone to be known by any name they choose? But one name at a time, surely? And within certain limits. I recently found a website registered to a "Sir Topham Hat", or is "Sir" a legitimate forename now? -- Roland Perry From igb at batten.eu.org Fri Jan 8 16:55:13 2010 From: igb at batten.eu.org (Ian Batten) Date: Fri, 8 Jan 2010 16:55:13 +0000 Subject: Unpersons - and unwebsites In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <20100108154438.00003188@surtees.fenrir.org.uk> Message-ID: On 08 Jan 10, at 1647, Roland Perry wrote: > In article <20100108154438.00003188 at surtees.fenrir.org.uk>, Brian > Morrison writes >>> And if one of the conditions was we didn't post under a false >>> name... >>> . >> >> Doesn't English law permit someone to be known by any name they >> choose? > > But one name at a time, surely? Cherie Booth, Cherie Blair? ian From nbohm at ernest.net Fri Jan 8 17:02:07 2010 From: nbohm at ernest.net (Nicholas Bohm) Date: Fri, 08 Jan 2010 17:02:07 +0000 Subject: Unpersons - and unwebsites In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <20100108154438.00003188@surtees.fenrir.org.uk> Message-ID: <4B47650F.4070804@ernest.net> An HTML attachment was scrubbed... URL: From nbohm at ernest.net Fri Jan 8 17:05:21 2010 From: nbohm at ernest.net (Nicholas Bohm) Date: Fri, 08 Jan 2010 17:05:21 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: References: <4B474350.1090609@ja.net> Message-ID: <4B4765D1.6060407@ernest.net> An HTML attachment was scrubbed... URL: From lists at internetpolicyagency.com Fri Jan 8 17:09:02 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Fri, 8 Jan 2010 17:09:02 +0000 Subject: Unpersons - and unwebsites In-Reply-To: <20100108160315.GB43720@davros.org> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <20100108154438.00003188@surtees.fenrir.org.uk> <20100108160315.GB43720@davros.org> Message-ID: In article <20100108160315.GB43720 at davros.org>, Clive D.W. Feather writes >> Doesn't English law permit someone to be known by any name they choose? > >Yes. > >Except for fraudulant purposes. Is that Fraud in the strict meaning of the criminal offence, or a general description of nefarious activity, for example including handling stolen goods? -- Roland Perry From lists at internetpolicyagency.com Fri Jan 8 17:16:02 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Fri, 8 Jan 2010 17:16:02 +0000 Subject: Unpersons - and unwebsites In-Reply-To: <4B47589B.1020007@iosis.co.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <20100108154438.00003188@surtees.fenrir.org.uk> <4B47589B.1020007@iosis.co.uk> Message-ID: In article <4B47589B.1020007 at iosis.co.uk>, Peter Tomlinson writes >Or can I walk into a registrar or agent with the folding stuff or the >electronic version (a pre-loaded gift card) and register a domain in >any name and with any address (perhaps Buck House? or Tranquility >Base?) that I please? You'd almost certainly be dealing with an intermediary, and they have many ways that you can pay, and identify (or fail to properly identify) yourself. In rare cases you may be required to provide paperwork to justify your identity and credentials, but most of the time it's essentially self certification. You can even Tweet a domain registration (I am not accusing the people who provide this service of any wrongdoing!) -- Roland Perry From nbohm at ernest.net Fri Jan 8 17:19:36 2010 From: nbohm at ernest.net (Nicholas Bohm) Date: Fri, 08 Jan 2010 17:19:36 +0000 Subject: Unpersons - and unwebsites In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <20100108154438.00003188@surtees.fenrir.org.uk> <20100108160315.GB43720@davros.org> Message-ID: <4B476928.2050903@ernest.net> An HTML attachment was scrubbed... URL: From mjdb at dorevale.demon.co.uk Fri Jan 8 16:54:41 2010 From: mjdb at dorevale.demon.co.uk (M J D Brown) Date: Fri, 8 Jan 2010 16:54:41 -0000 Subject: Unpersons References: <4B445388.5030704@callnetuk.com><00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org><4B4619D8.6000101@callnetuk.com><1BEA602E6B1849E48279E004020C08A6@Powerstation><4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> Message-ID: <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> This is not a moderated list. Subject to legality of expression, chiark's administrator would have no cause to intervene. As we all know well, there is a big difference between custom & practice and strict rights. Would a presumption in practice of free speech on this list better describe the situation? Absent any relevant precedents, one might hazard a guess that chiark might be estopped from suddenly and selectively censoring otherwise legal expression. Always open to discussion, of course - I am just trying to establish the boundaries of an otherwise apparent general concensus. Discussing common ground rarely elucidates new insights. Mike. ----- Original Message ----- From: "Ian Johnson" To: "'UK Cryptography Policy Discussion Group'" Sent: Friday, January 08, 2010 1:46 PM Subject: RE: Unpersons > >> >>>M J D Brown wrote: >>> >> >>This list is transmitted by email. We enjoy free speech on this list. > > We don't - We have access to this list under the sufferance of > chiark's > administrator. If he wished, he could prevent our access to this > list, > we have no right to write here. > > Ian > > From fjmd1a at gmail.com Fri Jan 8 17:46:23 2010 From: fjmd1a at gmail.com (Francis Davey) Date: Fri, 8 Jan 2010 17:46:23 +0000 Subject: Unpersons - and unwebsites In-Reply-To: References: <4B445388.5030704@callnetuk.com> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <20100108154438.00003188@surtees.fenrir.org.uk> <20100108160315.GB43720@davros.org> Message-ID: <874d91c1001080946h4da07508v555ef1f4a8f7ac68@mail.gmail.com> 2010/1/8 Roland Perry : > In article <20100108160315.GB43720 at davros.org>, Clive D.W. Feather [snip] >> Except for fraudulant purposes. > > Is that Fraud in the strict meaning of the criminal offence, or a general > description of nefarious activity, for example including handling stolen > goods? Neither because "Except for fraudulant purposes" is wrong. There are all sorts of reasons why you might not be allowed to use a specific name in a specific context, where by "not allowed" I mean either that it might be criminal, unlawful or in some way actionable. A clear example of this would be fraud contrary to the Fraud Act 2006 where you intended to mislead etc, but another common example would be where using a name amounted to "passing off", which is a tort not a crime. If you pass yourself off as me, I might be able to sue you. I am sure there are many many more such examples. There is nothing unlawful or improper in having many names. Lots of people do and use multiple names in multiple contexts. English law is completely unbothered about that. All it knows about is that some people have "Christian names" (i.e. names in which they were baptised) something which almost certainly has no practical effect nowadays and never had very much. It therefore makes no sense to talk about "changing" your name in English law as is often observed. -- Francis Davey From fm-lists at st-kilda.org Fri Jan 8 17:59:45 2010 From: fm-lists at st-kilda.org (Fearghas McKay) Date: Fri, 8 Jan 2010 17:59:45 +0000 Subject: Unpersons In-Reply-To: <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> References: <4B445388.5030704@callnetuk.com><00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org><4B4619D8.6000101@callnetuk.com><1BEA602E6B1849E48279E004020C08A6@Powerstation><4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> Message-ID: On 8 Jan 2010, at 16:54, M J D Brown wrote: > This is not a moderated list. It may not be moderated by a human but it certainly used to require certain technical things to work before the machine will accept email, e.g. reverse DNS. Does moderating initial posts count as moderation in your view? Perhaps the question should be looked as 'the right to run a mailing list' rather than the right to use someone's mailing list ? f From igb at batten.eu.org Fri Jan 8 18:03:56 2010 From: igb at batten.eu.org (Ian Batten) Date: Fri, 8 Jan 2010 18:03:56 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com><00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org><4B4619D8.6000101@callnetuk.com><1BEA602E6B1849E48279E004020C08A6@Powerstation><4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> Message-ID: <3E7497D9-C32D-4602-BA03-154963C9FC18@batten.eu.org> On 08 Jan 10, at 1759, Fearghas McKay wrote: > > On 8 Jan 2010, at 16:54, M J D Brown wrote: > >> This is not a moderated list. > > It may not be moderated by a human but it certainly used to require > certain technical things to work before the machine will accept > email, e.g. reverse DNS. > > Does moderating initial posts count as moderation in your view? > > Perhaps the question should be looked as 'the right to run a mailing > list' rather than the right to use someone's mailing list? Exactly. ian From mjdb at dorevale.demon.co.uk Fri Jan 8 18:34:52 2010 From: mjdb at dorevale.demon.co.uk (M J D Brown) Date: Fri, 8 Jan 2010 18:34:52 -0000 Subject: Unpersons References: <4B445388.5030704@callnetuk.com><00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org><4B4619D8.6000101@callnetuk.com><1BEA602E6B1849E48279E004020C08A6@Powerstation><4B46C906.8050203@zen.co.uk><00D8A99FF3764B75861B5EE6A244ECD6@enigma><10A1C9C90C3C44F2832BADA91798C64F@Powerstation> Message-ID: <99CDE7B7502146A7A66A478C0E3CE5B6@Powerstation> ----- Original Message ----- From: "Fearghas McKay" To: "UK Cryptography Policy Discussion Group" Sent: Friday, January 08, 2010 5:59 PM Subject: Re: Unpersons > > On 8 Jan 2010, at 16:54, M J D Brown wrote: > >> This is not a moderated list. > > It may not be moderated by a human but it certainly used to require > certain technical things to work before the machine will accept email, > e.g. reverse DNS. > > Does moderating initial posts count as moderation in your view? I am happy to confess to being confused here. I just cannot recall any particular formalities of this kind when I joined the list pretty much at its inception. > Perhaps the question should be looked as 'the right to run a mailing > list' rather than the right to use someone's mailing list ? That, if I may say so, is a very perceptive question of the sort I had hoped would emerge from this general discussion of the last week. If I am understanding correctly, the point is: (1) who is legally 'speaking' when messages are routed from a mailing list server and; (2) does it make any difference whether the messages are moderated by human agency or some sort of 'naughty words' automated censor? Showing how widely the right of free speech can become interpreted, I am reminded that in the USA exercising the constitutional right to carry arms is a political statement, and thus an expression of free speech, albeit the right to arms is separately enshrined in the US Constitution. Mike. From fm-lists at st-kilda.org Fri Jan 8 19:11:49 2010 From: fm-lists at st-kilda.org (Fearghas McKay) Date: Fri, 8 Jan 2010 19:11:49 +0000 Subject: Unpersons In-Reply-To: <99CDE7B7502146A7A66A478C0E3CE5B6@Powerstation> References: <4B445388.5030704@callnetuk.com><00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org><4B4619D8.6000101@callnetuk.com><1BEA602E6B1849E48279E004020C08A6@Powerstation><4B46C906.8050203@zen.co.uk><00D8A99FF3764B75861B5EE6A244ECD6@enigma><10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <99CDE7B7502146A7A66A478C0E3CE5B6@Powerstation> Message-ID: <6959254B-AF18-4BD7-B83F-81E753A922F9@st-kilda.org> On 8 Jan 2010, at 18:34, M J D Brown wrote: >> Does moderating initial posts count as moderation in your view? > > I am happy to confess to being confused here. I just cannot recall > any > particular formalities of this kind when I joined the list pretty much > at its inception. well if your message was approved quickly there is no reason that you would have noticed the delay. On the low volume lists I moderate, we normally approve within 5 mins of getting the notification, which is well within the timescale of a message stuck in a mail queue somewhere. f From juha-matti.laurio at netti.fi Fri Jan 8 16:00:19 2010 From: juha-matti.laurio at netti.fi (Juha-Matti Laurio) Date: Fri, 8 Jan 2010 18:00:19 +0200 (EET) Subject: FYI: The Guardian | Mobile phone security cracked, says German hacker. Message-ID: <9421745.39071262966419994.JavaMail.juha-matti.laurio@netti.fi> And this week 'Cellular group says mobile calls safe from hackers': "The London-based GSM Association said on Thursday that it has spent the past few years figuring out ways to thwart hackers who might try to tap into wireless calls using Nohl's research, which it first learned of in 2007. GSM Association engineers have figured out a short-term solution to block eavesdroppers, said James Moran, head of security for the association. It involves making slight changes to the settings in each wireless operator's network. Carriers can quickly make those adjustments by tweaking existing features in the technology, Moran said in an interview." --clip-- http://www.reuters.com/article/idUSTRE60641G20100107 Juha-Matti From lists at internetpolicyagency.com Fri Jan 8 20:45:46 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Fri, 8 Jan 2010 20:45:46 +0000 Subject: Unpersons - and unwebsites In-Reply-To: <4B476928.2050903@ernest.net> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <20100108154438.00003188@surtees.fenrir.org.uk> <20100108160315.GB43720@davros.org> <4B476928.2050903@ernest.net> Message-ID: In article <4B476928.2050903 at ernest.net>, Nicholas Bohm writes >>Is that Fraud in the strict meaning of the criminal offence, or a >>general description of nefarious activity, for example including >>handling stolen goods? >I think the point is that to use a name in order to pretend to be >someone else and thereby gain some advantage (or cause someone else a >loss) is a crime of which the use of the name is a component. > >Those charged with handling stolen goods aren't likely to be charged >additionally with using a false name while they did so, and I doubt >that it would be a separate offence unless they were trying to >incriminate another person of the same name The use of a false name in this context is merely to cover your tracks, and to distance yourself from any adverse reputation that an earlier assumed name of yours had gathered. -- Roland Perry From lists at internetpolicyagency.com Fri Jan 8 20:48:00 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Fri, 8 Jan 2010 20:48:00 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> Message-ID: In article , Fearghas McKay writes >> This is not a moderated list. > >It may not be moderated by a human but it certainly used to require >certain technical things to work before the machine will accept email, >e.g. reverse DNS. Even putting that aside, don't you have to use a pre-registered email address to post from? That's commonplace for lists like this. -- Roland Perry From k.brown at bbk.ac.uk Fri Jan 8 21:08:38 2010 From: k.brown at bbk.ac.uk (ken) Date: Fri, 08 Jan 2010 21:08:38 +0000 Subject: Unpersons In-Reply-To: <4B470B94.5030005@callnetuk.com> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <4B470B94.5030005@callnetuk.com> Message-ID: <4B479ED6.308@bbk.ac.uk> Pete Mitchell wrote: Why not? I certainly would. > > The general libertarian argument against rights to do things that > require the positive assistance (or at least cooperation) of other people. [...] > I don't think we need a new "right", just a law making it an offence to > try to prevent anyone publishing anything they choose, except by due > process of law. But that's what the right to publish *means*. No-one thinks that your right to free speech can be used to force me to print ten thousand copies of your latest rant and mail it to every CofE vicar in England. I see no reason why freedom of speech should be more curtailed by law in one medium than another. Its just a red herring to suggest that there should be no right to speak freely online because there should be no rights to demand the positive assistance of other people. (Though of course English law does recognise the right to demand assistance in some situations - if you are a witness to a crime for example) From Ian.Johnson at uwe.ac.uk Fri Jan 8 21:17:51 2010 From: Ian.Johnson at uwe.ac.uk (Ian Johnson) Date: Fri, 8 Jan 2010 21:17:51 -0000 Subject: Unpersons In-Reply-To: <99CDE7B7502146A7A66A478C0E3CE5B6@Powerstation> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <99CDE7B7502146A7A66A478C0E3CE5B6@Powerstation> Message-ID: <9B490865B68D4B26B4DB24313BBB4970@enigma> On Behalf Of M J D Brown: >This is not a moderated list. Subject to legality of expression, chiark's administrator >would have no cause to intervene. As we all know well, there is a big difference >between custom & practice and strict rights. Indeed, but without strict rights you're playing with somebody else's toys. They are always free to take them home/destroy them/stop you playing. In the not so distant past the freedom of the press belonged to those who owned the presses - although in theory you could publish and be dammed. >Would a presumption in practice of free speech on this list >better describe the situation? Absent any relevant precedents, one might hazard a >guess that chiark might be estopped from suddenly and selectively censoring otherwise >legal expression. I'm sure a lawyer will be along in a moment :) but unless you're arguing that you're being discriminated against on one of the prohibited by statute grounds I can't see any basis. I'd assume trying to force a newspaper to print your letter would be a good analogy. Ian From fjmd1a at gmail.com Fri Jan 8 21:33:08 2010 From: fjmd1a at gmail.com (Francis Davey) Date: Fri, 8 Jan 2010 21:33:08 +0000 Subject: Unpersons In-Reply-To: <9B490865B68D4B26B4DB24313BBB4970@enigma> References: <4B445388.5030704@callnetuk.com> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <99CDE7B7502146A7A66A478C0E3CE5B6@Powerstation> <9B490865B68D4B26B4DB24313BBB4970@enigma> Message-ID: <874d91c1001081333y7613ed42n8c796d8454d782@mail.gmail.com> 2010/1/8 Ian Johnson : > >>Would a presumption in practice of free speech on this list >>better describe the situation? Absent any relevant precedents, one might > hazard a >>guess that chiark might be estopped from suddenly and selectively censoring > otherwise >>legal expression. > > I'm sure a lawyer will be along in a moment :) but unless you're arguing > that you're > being discriminated against on one of the prohibited by statute grounds I > can't see > any basis. ?I'd assume trying to force a newspaper to print your letter > would be a > good analogy. I'd be astonished if there was any way of using the law to prevent one's emails from being blocked on this list. Estoppel can't be used in that way (trust me on this) and its very unlikely any form of discrimination legislation would work either, though its conceivably possible. -- Francis Davey From colinthomson1 at o2.co.uk Sat Jan 9 02:12:52 2010 From: colinthomson1 at o2.co.uk (Tom Thomson) Date: Sat, 9 Jan 2010 02:12:52 -0000 Subject: Unpersons - and unwebsites In-Reply-To: <4B47650F.4070804@ernest.net> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <20100108154438.00003188@surtees.fenrir.org.uk> <4B47650F.4070804@ernest.net> Message-ID: <3AE3BC73456F47C58E61A4ACFB3B1247@your41b8d18ede> This is probably off topic, but someone said:- > Doesn't English law permit someone to be known by any name they choose? Well, yes. Although it doesn't excuse the use of a name to claim the reputation or benefits of someone else who uses that name (that's probably fraud). If a state like the UK wanted to enforce single names for all it would have to first ban translation of names between the various languages (Cymraeg, English, Gaidhlig, Gaeilge, Gaelk, Kernewek, Romanes, etc) that are used there because these translations would of course deliver different versions of the names. Then it would have to mandate that in any given language only one naming convention could exist - the existence or married women using their maiden name alongside married women using their husband's surname for example would break the single name rule, since a woman could choose to use both names. I can't imagine any UK government trying to impose such rules (perhaps Blair and cabinet wanted to, but they didn't dare to try it - maybe they thought that the UK people weren't yet prepared for that sort of totalitarianism). After that they would have to either demand that everyone learned to pronounce the other six languages (or more, if we add recent linguistic arrivals) as well as their own, which seems rather impossible - even the dialect of the next village is usually regarded as incomprehensible and unpronounceable - or legislate to require everyone to use one particular language and ban the use of any of the others (Blair and crew did something rather close to that in their changes to the nationality act, although I would have thought it impossible to get the British people to support such a move - I'm sad, most of the British people didn't even notice). English law isn't the only law relevant to ukcrypto - look at Scottish law, for example; or NI law. In Scotland a married woman explicitly has two names and it is common practise in many documents to use both (so a mortgage deed for example would normally refer to a woman as "Jane Doe or Swine" if her maiden name were "Doe" and her husband's surname "Swine"). If I understand it correctly, until about a century and a half ago this would change if the husband predeceased her, and she would then be called in most documents "Jane the Widow Swine" - ie her maiden name would disappear, until her death when the death certificate and the gravestone would normally show the name "Jane Doe" - her marriage name would then have disappeared. And although our Anglophone overlords usually ignored the existence of Gaelic names it was always a legal right for Gaelic speakers to use the native form as well as the Anglicised form of their names. So it is fairly common in Scotland for people to use multiple different names, and it's all perfectly legal. The use of Gaelic names makes for people having many names as Gaelic continues to use actual patronymics instead of or as well as frozen ones (maybe the same happens in Welsh, I don't know) - for example M?cheal Chailein is an acceptable name for M?cheal MacThomais because his father was Cailean MacThomais (or Cailean Thomson, or ....), M?cheal Chailein MacThomais is also correct and is less likely to be mis-matched because it supplies a frozen patronymic as well as the current one; most of his credit cards (because banks are largely Anglophone) have "Tom Thomson" (because no English speaker is going to cope with the switch between nominative M?cheal and vocative "Mh?cheil", even if they could pronounce M?cheal in the first place, so "Tom" is preferred) on them; some have "CM Thomson"; and some have "Colin Thomson" (because some banks apparently don't care that they haven't actually got the correct Christian name, and/or don't realise that because English genitives precede the noun they govern the father's name comes first); and at least one (miracle) gets the translation to English right and has "Michael Thomson" (and a couple spell "Thomson" with a spurious "P", because people from anywhere south of mid-Argyll were, apparently, some time ago incapable of pronouncing the sequence "ms" without interpolating an epenthetic "p"). All in all this person has about 10 different names, all in current use and all perfectly legal (in England and in Spain as well as in Scotland - amusingly the Spanish are more upset by the change of a passport number when it expires after ten years than by multiple different names, so I guess they have no issues with multiple names at all) and he hasn't seen any problem with this since 1999 when an uneducated bank clerk (in England) wanted to refuse to pay a crossed cheque made out to "Tom Thompson" into the account of "C M?cheal Thomson" (she changed her mind when instructed not to be silly by the duty manager in the bank branch, who knew about working names and other names and understood that there are common spelling problems caused by some people writing epenthetic consonants while others won't write them, and most of us - even most of those who write them - don't even, in these days, pronounce them). M. From zenadsl6186 at zen.co.uk Sun Jan 10 00:22:44 2010 From: zenadsl6186 at zen.co.uk (Peter Fairbrother) Date: Sun, 10 Jan 2010 00:22:44 +0000 Subject: Unpersons In-Reply-To: <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> References: <4B445388.5030704@callnetuk.com><00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org><4B4619D8.6000101@callnetuk.com><1BEA602E6B1849E48279E004020C08A6@Powerstation><4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> Message-ID: <4B491DD4.1030402@zen.co.uk> M J D Brown wrote: > This is not a moderated list. Yes it is (or was), though Stephen has a very light touch. Most posts from subscribers (apart from first posts by a new subscriber) are not moderated before being sent out, but if you get too off-topic, or rude, you'll get a reminder, and maybe your subsequent posts will be moderated. Or at least the first happened to me some years ago, and the latter happened to Roland's posts for a while - I think because of the volume of them. Not that it makes much difference to the original point, a right to publication (assuming you pay for it, and can find someone to host it etc). Such a right need not apply to email, posts could be put up on a webpage. A right of electronic publication does not mean that people are forced to receive a publication, just that they can receive it. You aren't forced to buy and read a book or a newspaper, after all. One other point arising, on the "right" to outsource email spam filtering to your ISP. It's common practice for this to occur, but there is no right to it, and it has one disadvantage - I can't send you an email without it being intercepted by your ISP. Once you have received it you can post it on the 'net, or tell anyone about it - but if you later decide that you don't want it intercepted, it's too late. An example might be sending you a spam for comment or research - or perhaps something more private. A couple of legal points here, feel free to ignore from now on. RIPA says that for interception by consent *both* parties, the sender and recipient, must consent, which I agree with for the reasons above. Spam filtering by ISPs is done under RIPA s.3(3), under the more than somewhat dubious grounds that it is necessary for the operation of the message-passing service. In theory you might not be allowed to repost a message as-is on the 'net for copyright reasons, if it has artistic merit, eg an original poem, but you can legally tell anyone the gist of the contents of a message you have received. It's polite not to repost other people's posts from private lists though. -- Peter Fairbrother From pwt at iosis.co.uk Sun Jan 10 06:58:10 2010 From: pwt at iosis.co.uk (Peter Tomlinson) Date: Sun, 10 Jan 2010 06:58:10 +0000 Subject: Unpersons In-Reply-To: <4B491DD4.1030402@zen.co.uk> References: <4B445388.5030704@callnetuk.com><00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org><4B4619D8.6000101@callnetuk.com><1BEA602E6B1849E48279E004020C08A6@Powerstation><4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> Message-ID: <4B497A82.2000308@iosis.co.uk> Peter Fairbrother wrote: > RIPA says that for interception by consent *both* parties, the sender > and recipient, must consent, which I agree with for the reasons above. Virgin (who now operate the cable service to my house, and whose SMTP service I use to send emails) has simply told me that I will be transferred to a 'new account', that email will be scanned for 'viruses', and then they list the restrictions that apply. For example, I cannot send .exe files (not that I want to), but can send zipped files as long as they are not password protected. So they are intercepting my outgoing email and I am not given any opportunity to assent or not assent. Is RIPA worth the effort that has gone into it? Of course I could transfer to ADSL, since I also have a BT landline. Given the exorbitant price that Virgin now charge, maybe I will do just that - but I don't want to lose my blueyonder mailboxes. Does PlusNet have the same rules, I wonder? Quite separately, I note the number of Sky dishes that have recently sprouted in my street, where many homes used to use the cable service (originally blueyonder, operated by Telewest) - Virgin seems to have a death wish around here. Peter From roger at hayter.org Sun Jan 10 08:56:26 2010 From: roger at hayter.org (Roger Hayter) Date: Sun, 10 Jan 2010 08:56:26 +0000 Subject: Unpersons In-Reply-To: <4B491DD4.1030402@zen.co.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> Message-ID: In message <4B491DD4.1030402 at zen.co.uk>, Peter Fairbrother writes >In theory you might not be allowed to repost a message as-is on the >'net for copyright reasons, if it has artistic merit, eg an original >poem, but you can legally tell anyone the gist of the contents of a >message you have received. Copyright exists, and, in the UK at least, without the necessity to assert it, regardless of the merit of the message. Perhaps there is implied consent to quote this message in any reply, but I retain the copyright. -- Roger Hayter From pwt at iosis.co.uk Sun Jan 10 10:16:59 2010 From: pwt at iosis.co.uk (Peter Tomlinson) Date: Sun, 10 Jan 2010 10:16:59 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> Message-ID: <4B49A91B.9000800@iosis.co.uk> Sometimes I write poetry, but it may not be judged by others to have artistic merit. Peter Roger Hayter wrote: > In message <4B491DD4.1030402 at zen.co.uk>, Peter Fairbrother > writes >> In theory you might not be allowed to repost a message as-is on the >> 'net for copyright reasons, if it has artistic merit, eg an original >> poem, but you can legally tell anyone the gist of the contents of a >> message you have received. > > Copyright exists, and, in the UK at least, without the necessity to > assert it, regardless of the merit of the message. Perhaps there is > implied consent to quote this message in any reply, but I retain the > copyright. From lists at internetpolicyagency.com Sun Jan 10 10:18:51 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Sun, 10 Jan 2010 10:18:51 +0000 Subject: Unpersons In-Reply-To: <4B491DD4.1030402@zen.co.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> Message-ID: In article <4B491DD4.1030402 at zen.co.uk>, Peter Fairbrother writes >RIPA says that for interception by consent *both* parties, the sender >and recipient, must consent, which I agree with for the reasons above. That's 3(1). >Spam filtering by ISPs Not wishing to get into the sort of lengthy debate we've had in the past about virus filters and interception, surely it's not actually an interception to delete emails, or to add a "marker" to them, or to put them into different mailboxes depending on the content. To call it an interception you have to believe that "making them available" to a scoring/sorting-machine is an interception. >is done under RIPA s.3(3), under the more than somewhat dubious grounds >that it is necessary for the operation of the message-passing service. [There's also 3(2), 3(4) & 3(5), although they are of a much more technical nature - hence we don't hear about them so much. And of course 1(5), which is about interception by warrant from the SoS, and 1(6) about operators of private networks.] -- Roland Perry From lists at internetpolicyagency.com Sun Jan 10 10:33:37 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Sun, 10 Jan 2010 10:33:37 +0000 Subject: Unpersons In-Reply-To: <4B497A82.2000308@iosis.co.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B497A82.2000308@iosis.co.uk> Message-ID: In article <4B497A82.2000308 at iosis.co.uk>, Peter Tomlinson writes >Peter Fairbrother wrote: >> RIPA says that for interception by consent *both* parties, the sender >>and recipient, must consent, which I agree with for the reasons above. >Virgin (who now operate the cable service to my house, and whose SMTP >service I use to send emails) has simply told me that I will be >transferred to a 'new account', that email will be scanned for >'viruses', and then they list the restrictions that apply. For example, >I cannot send .exe files (not that I want to), but can send zipped >files as long as they are not password protected. So they are >intercepting my outgoing email and I am not given any opportunity to >assent or not assent. Is RIPA worth the effort that has gone into it? I wonder if it's possible to regard Virgin's outbound SMTP server as the intended first recipient of the emails[1], which by mutual consent examines the emails for breaches of the rules, and then if everything's OK, re-transmits the email to the 'other' recipient whose name you had earlier attached to it? [1] You've deliberately set your email client to send all your emails to them, rather than any other SMTP service, after all. -- Roland Perry From pwt at iosis.co.uk Sun Jan 10 10:50:08 2010 From: pwt at iosis.co.uk (Peter Tomlinson) Date: Sun, 10 Jan 2010 10:50:08 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B497A82.2000308@iosis.co.uk> Message-ID: <4B49B0E0.7010901@iosis.co.uk> Roland Perry wrote: > In article <4B497A82.2000308 at iosis.co.uk>, Peter Tomlinson > writes >> Peter Fairbrother wrote: >>> RIPA says that for interception by consent *both* parties, the >>> sender and recipient, must consent, which I agree with for the >>> reasons above. >> Virgin (who now operate the cable service to my house, and whose SMTP >> service I use to send emails) has simply told me that I will be >> transferred to a 'new account', that email will be scanned for >> 'viruses', and then they list the restrictions that apply. For >> example, I cannot send .exe files (not that I want to), but can send >> zipped files as long as they are not password protected. So they are >> intercepting my outgoing email and I am not given any opportunity to >> assent or not assent. Is RIPA worth the effort that has gone into it? > I wonder if it's possible to regard Virgin's outbound SMTP server as > the intended first recipient of the emails[1], which by mutual consent > examines the emails for breaches of the rules, and then if > everything's OK, re-transmits the email to the 'other' recipient whose > name you had earlier attached to it? > > [1] You've deliberately set your email client to send all your emails > to them, rather than any other SMTP service, after all. I'm fairly certain that Virgin will not let me use another SMTP service via their cable network - a much more internet savvy friend who has always used Virgin over first dialup and now ADSL told me that Virgin (as other ISPs did) blocked that because it was being used as a way to get service for free (I suspect that he now uses BT's SMTP because he worked hard on BT to get ADSL into his village). Peter From paul at jakma.org Sun Jan 10 11:08:36 2010 From: paul at jakma.org (Paul Jakma) Date: Sun, 10 Jan 2010 11:08:36 +0000 (GMT) Subject: Unpersons In-Reply-To: <1BEA602E6B1849E48279E004020C08A6@Powerstation> References: <4B445388.5030704@callnetuk.com><00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> Message-ID: On Thu, 7 Jan 2010, M J D Brown wrote: > > We do need protection from the rantings of bigots (def: someone whose > mind cannot be changed and who won't change the subject). Hmm, that's a horrible road to go down. How do you decide whether or not their logic is superior? Perhaps they won't change their mind cause they are right, and most people are wrong. Perhaps they won't change the subject cause its important. There are many, many positions which were once unpopular and only espoused by those who'd fall into your definition of "bigot", but which are now quite accepted. E.g. respect and rights for various kinds of minorities. For me, your definition re-inforces the critical importance of protecting the rights of "bigots" to rant. regards, -- Paul Jakma paul at jakma.org Key ID: 64A2FF6A Fortune: HTTPD Error 666 : BOFH was here From lists at internetpolicyagency.com Sun Jan 10 11:27:16 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Sun, 10 Jan 2010 11:27:16 +0000 Subject: Unpersons In-Reply-To: <4B49B0E0.7010901@iosis.co.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B497A82.2000308@iosis.co.uk> <4B49B0E0.7010901@iosis.co.uk> Message-ID: In article <4B49B0E0.7010901 at iosis.co.uk>, Peter Tomlinson writes >> [1] You've deliberately set your email client to send all your emails >>to them, rather than any other SMTP service, after all. >I'm fairly certain that Virgin will not let me use another SMTP service >via their cable network With a "transparent" proxy? If that's the case, then my earlier theory would have to be extended to include the assumption that you'd consented to that as well. Which might depend on whether you'd been properly informed it was taking place. >- a much more internet savvy friend who has always used Virgin over >first dialup and now ADSL told me that Virgin (as other ISPs did) >blocked that because it was being used as a way to get service for free That explanation makes no sense to me at all. The main service is shifting packets, and I don't believe there's such a thing as a cable Internet connection you aren't paying for that will nevertheless shift packets to distant SMTP servers. Having said that, I know of at least one provider of classic subscription wifi hotspots that seems to allow Twitter packets through before you've 'logged in' via the web page they bring up. -- Roland Perry From zenadsl6186 at zen.co.uk Sun Jan 10 11:31:55 2010 From: zenadsl6186 at zen.co.uk (Peter Fairbrother) Date: Sun, 10 Jan 2010 11:31:55 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> Message-ID: <4B49BAAB.1040408@zen.co.uk> Roland Perry wrote: > In article <4B491DD4.1030402 at zen.co.uk>, Peter Fairbrother > writes >> RIPA says that for interception by consent *both* parties, the sender >> and recipient, must consent, which I agree with for the reasons above. > > That's 3(1). Your point? >> Spam filtering by ISPs > > Not wishing to get into the sort of lengthy debate we've had in the past > about virus filters and interception, surely it's not actually an > interception to delete emails, or to add a "marker" to them, or to put > them into different mailboxes depending on the content. To call it an > interception you have to believe that "making them available" to a > scoring/sorting-machine is an interception. Yes, it is interception - at least according to the ICO, Lord Bassam, and my reading of the Act it is. Content is made available to the person who operates the machine - if it wasn't, he couldn't operate it. Consider if it wasn't interception - people could delete or change emails for eg political content, if it was done by machine. People could tap your internet connection and do any sort of censorship they wanted, as long as it was done by machine. Not desirable, and not the case. And it's pretty ridiculous to suggest otherwise. >> is done under RIPA s.3(3), under the more than somewhat dubious >> grounds that it is necessary for the operation of the message-passing >> service. > > [There's also 3(2), 3(4) & 3(5), although they are of a much more > technical nature - hence we don't hear about them so much. They are about lawful interception - but it's still interception. And they aren't used much. And of course > 1(5), which is about interception by warrant from the SoS, and 1(6) > about operators of private networks.] -- Peter Fairbrother From bdm at fenrir.org.uk Sun Jan 10 12:41:42 2010 From: bdm at fenrir.org.uk (Brian Morrison) Date: Sun, 10 Jan 2010 12:41:42 +0000 Subject: Unpersons In-Reply-To: <4B49B0E0.7010901@iosis.co.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B497A82.2000308@iosis.co.uk> <4B49B0E0.7010901@iosis.co.uk> Message-ID: <20100110124142.0b2a35f2@peterson.fenrir.org.uk> On Sun, 10 Jan 2010 10:50:08 +0000 Peter Tomlinson wrote: > I'm fairly certain that Virgin will not let me use another SMTP service > via their cable network - a much more internet savvy friend who has > always used Virgin over first dialup and now ADSL told me that Virgin > (as other ISPs did) blocked that because it was being used as a way to > get service for free Needs to set up a VPN to a more enlightened endpoint then.... -- Brian Morrison bdm at fenrir dot org dot uk "Arguing with an engineer is like wrestling with a pig in the mud; after a while you realize you are muddy and the pig is enjoying it." GnuPG key ID DE32E5C5 - http://wwwkeys.uk.pgp.net/pgpnet/wwwkeys.html -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 190 bytes Desc: not available URL: From lists at internetpolicyagency.com Sun Jan 10 12:57:14 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Sun, 10 Jan 2010 12:57:14 +0000 Subject: Unpersons In-Reply-To: <4B49BAAB.1040408@zen.co.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> Message-ID: In article <4B49BAAB.1040408 at zen.co.uk>, Peter Fairbrother writes >>> RIPA says that for interception by consent *both* parties, the >>>sender and recipient, must consent, which I agree with for the >>>reasons above. >> That's 3(1). > >Your point? Simply informing where those particular provisions can be found. >>> Spam filtering by ISPs >> Not wishing to get into the sort of lengthy debate we've had in the >>past about virus filters and interception, Not wishing ... Oh alright then... >Content is made available to the person who operates the machine - if >it wasn't, he couldn't operate it. That doesn't follow at all. The machine can be designed to operate on the emails without any people being able to use that machine to spy on the emails. My own inbound SMTP server in my office also bounces certain emails rather than deliver them to me (based on content), and there's no way I as a person can find out what the content was (although sometimes I wish there was, as I could then verify that the rules I've set up are being applied correctly). >Consider if it wasn't interception - people could delete or change >emails for eg political content, if it was done by machine. People >could tap your internet connection and do any sort of censorship they >wanted, as long as it was done by machine. But RIPA isn't an anti-censorship measure, it's a privacy measure. >>> is done under RIPA s.3(3), under the more than somewhat dubious >>>grounds that it is necessary for the operation of the message-passing >>>service. >> [There's also 3(2), 3(4) & 3(5), although they are of a much more >>technical nature - hence we don't hear about them so much. > >They are about lawful interception - but it's still interception. And >they aren't used much. That's probably why we don't hear about them much ;) -- Roland Perry From fm-lists at st-kilda.org Sun Jan 10 13:05:01 2010 From: fm-lists at st-kilda.org (Fearghas McKay) Date: Sun, 10 Jan 2010 13:05:01 +0000 Subject: Unpersons In-Reply-To: <4B49B0E0.7010901@iosis.co.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B497A82.2000308@iosis.co.uk> <4B49B0E0.7010901@iosis.co.uk> Message-ID: <63CB7D8F-450D-4A6D-B530-67809339E824@st-kilda.org> On 10 Jan 2010, at 10:50, Peter Tomlinson wrote: > I'm fairly certain that Virgin will not let me use another SMTP > service via their cable network - a much more internet savvy friend > who has always used Virgin over first dialup and now ADSL told me > that Virgin (as other ISPs did) blocked that because it was being > used as a way to get service for free (I suspect that he now uses > BT's SMTP because he worked hard on BT to get ADSL into his village). they allow the use of Port 587 - SMTP Submit port as I have several email clients who are on Teleworst^VirginMedia who talk to the mail server fine. f From lists at internetpolicyagency.com Sun Jan 10 13:10:08 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Sun, 10 Jan 2010 13:10:08 +0000 Subject: Unpersons In-Reply-To: <4B497A82.2000308@iosis.co.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B497A82.2000308@iosis.co.uk> Message-ID: <0tkNS0owGdSLFAj2@perry.co.uk> In article <4B497A82.2000308 at iosis.co.uk>, Peter Tomlinson writes >Peter Fairbrother wrote: >> RIPA says that for interception by consent *both* parties, the sender >>and recipient, must consent, which I agree with for the reasons above. >Virgin (who now operate the cable service to my house, and whose SMTP >service I use to send emails) has simply told me that I will be >transferred to a 'new account', that email will be scanned for >'viruses', and then they list the restrictions that apply. For example, >I cannot send .exe files (not that I want to), But Botnets that have taken over your machine want to [1], and that's the point of this restriction. >but can send zipped files as long as they are not password protected. That I don't understand - do you mean you can send ZIP files as long as they *are* password protected? There's no point in a Botnet spamming out password protected malware! >So they are intercepting my outgoing email and I am not given any >opportunity to assent or not assent. Is RIPA worth the effort that has >gone into it? RIPA is there to protect your privacy, not to guarantee deliverability. That's why it isn't (for example) a RIPA offence to delete emails, cut off phone calls, or to throw away letters inside the Royal Mail. [1] I get versions of this rather transparent email several times a day (the senders assuming perry.co.uk is an ISP, obviously) plus some either zipped or *.exe malware Dear user of perry.co.uk, Your account was used to send a large amount of spam during the recent week. We suspect that your computer had been infected by a recent virus and now contains a hidden proxy server. Please follow the instruction in order to keep your computer safe. Have a nice day, The perry.co.uk team. -- Roland Perry From benjamin at py-soft.co.uk Sun Jan 10 13:47:02 2010 From: benjamin at py-soft.co.uk (Benjamin Donnachie) Date: Sun, 10 Jan 2010 13:47:02 +0000 Subject: Unpersons In-Reply-To: <4B49B0E0.7010901@iosis.co.uk> References: <4B445388.5030704@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B497A82.2000308@iosis.co.uk> <4B49B0E0.7010901@iosis.co.uk> Message-ID: <732076a81001100547l254e8050p9675965fd7720320@mail.gmail.com> 2010/1/10 Peter Tomlinson : > I'm fairly certain that Virgin will not let me use another SMTP service via > their cable network Until recently, I had my own smtp server on the end of a Virgin (Formerly NTL) cable connection and it could send and receive over port 25 without problems. Ben From lists at internetpolicyagency.com Sun Jan 10 13:59:25 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Sun, 10 Jan 2010 13:59:25 +0000 Subject: Unpersons In-Reply-To: <732076a81001100547l254e8050p9675965fd7720320@mail.gmail.com> References: <4B445388.5030704@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B497A82.2000308@iosis.co.uk> <4B49B0E0.7010901@iosis.co.uk> <732076a81001100547l254e8050p9675965fd7720320@mail.gmail.com> Message-ID: <573unIz90dSLFAjc@perry.co.uk> In article <732076a81001100547l254e8050p9675965fd7720320 at mail.gmail.com>, Benjamin Donnachie writes >> I'm fairly certain that Virgin will not let me use another SMTP service via >> their cable network > >Until recently, I had my own smtp server on the end of a Virgin >(Formerly NTL) cable connection and it could send and receive over >port 25 without problems. But was it being intercepted(sic) by a transparent proxy, which then applied the kind of rules we are talking about? And then sent on to the original destination if it complied. (Other ISPs also have restrictions designed to stop sender-spoofing). To that extent they would be "allowing you" to use SMTP to places other than their own relay. -- Roland Perry From benjamin at py-soft.co.uk Sun Jan 10 14:08:50 2010 From: benjamin at py-soft.co.uk (Benjamin Donnachie) Date: Sun, 10 Jan 2010 14:08:50 +0000 Subject: Unpersons In-Reply-To: <573unIz90dSLFAjc@perry.co.uk> References: <4B445388.5030704@callnetuk.com> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B497A82.2000308@iosis.co.uk> <4B49B0E0.7010901@iosis.co.uk> <732076a81001100547l254e8050p9675965fd7720320@mail.gmail.com> <573unIz90dSLFAjc@perry.co.uk> Message-ID: <732076a81001100608k567c656ak1eccb24da15a1633@mail.gmail.com> 2010/1/10 Roland Perry : > But was it being intercepted(sic) by a transparent proxy, which then applied > the kind of rules we are talking about? And then sent on to the original > destination if it complied. (Other ISPs also have restrictions designed to > stop sender-spoofing). That's a good point - everything was scanned for viruses before leaving and I don't think it ever handled password protected zips or exe files. Ben From shiny.nickel at gmail.com Sun Jan 10 12:15:24 2010 From: shiny.nickel at gmail.com (Nick Moore) Date: Sun, 10 Jan 2010 12:15:24 +0000 Subject: Unpersons In-Reply-To: <4B49B0E0.7010901@iosis.co.uk> References: <4B445388.5030704@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B497A82.2000308@iosis.co.uk> <4B49B0E0.7010901@iosis.co.uk> Message-ID: Peter, I am a current Virgin cable Internet subscriber and I have just tested that I can connect and send e-mails through my own personal (non-local - in the US, if I remember correctly) SMTP server. As for the changes in e-mail providing from Virgin, this is because they are switching to a Google-provided service and the changes all reflect on the Google's T&Cs. Frankly, I'd be less worried about the virus and spam filtering and instead I'd be asking whether Google will be collecting advertising information from your e-mails (though you may notice I use a Gmail account - might have ascertained, I'm not so concerned - but it is definitely much more worrying than the aforementioned useful features!). Regards, Nick Moore 2010/1/10 Peter Tomlinson > Roland Perry wrote: > >> In article <4B497A82.2000308 at iosis.co.uk>, Peter Tomlinson < >> pwt at iosis.co.uk> writes >> >>> Peter Fairbrother wrote: >>> >>>> RIPA says that for interception by consent *both* parties, the sender >>>> and recipient, must consent, which I agree with for the reasons above. >>>> >>> Virgin (who now operate the cable service to my house, and whose SMTP >>> service I use to send emails) has simply told me that I will be transferred >>> to a 'new account', that email will be scanned for 'viruses', and then they >>> list the restrictions that apply. For example, I cannot send .exe files (not >>> that I want to), but can send zipped files as long as they are not password >>> protected. So they are intercepting my outgoing email and I am not given any >>> opportunity to assent or not assent. Is RIPA worth the effort that has gone >>> into it? >>> >> I wonder if it's possible to regard Virgin's outbound SMTP server as the >> intended first recipient of the emails[1], which by mutual consent examines >> the emails for breaches of the rules, and then if everything's OK, >> re-transmits the email to the 'other' recipient whose name you had earlier >> attached to it? >> >> [1] You've deliberately set your email client to send all your emails to >> them, rather than any other SMTP service, after all. >> > I'm fairly certain that Virgin will not let me use another SMTP service via > their cable network - a much more internet savvy friend who has always used > Virgin over first dialup and now ADSL told me that Virgin (as other ISPs > did) blocked that because it was being used as a way to get service for free > (I suspect that he now uses BT's SMTP because he worked hard on BT to get > ADSL into his village). > > Peter > > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From lists at internetpolicyagency.com Sun Jan 10 14:18:15 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Sun, 10 Jan 2010 14:18:15 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B497A82.2000308@iosis.co.uk> <4B49B0E0.7010901@iosis.co.uk> Message-ID: In article , Nick Moore writes >I am a current Virgin cable Internet subscriber and I have just tested >that I can connect and send e-mails through my own personal (non-local >- in the US, if I remember correctly) SMTP server Would you be able to tell if it had been through a transparent proxy that was spoofing replies back to you? -- Roland Perry From nbohm at ernest.net Sun Jan 10 15:33:30 2010 From: nbohm at ernest.net (Nicholas Bohm) Date: Sun, 10 Jan 2010 15:33:30 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> Message-ID: <4B49F34A.9040400@ernest.net> An HTML attachment was scrubbed... URL: From jtjm at menavaur.org Sun Jan 10 15:33:32 2010 From: jtjm at menavaur.org (Julian T. J. Midgley) Date: Sun, 10 Jan 2010 15:33:32 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: <4B4765D1.6060407@ernest.net> References: <4B474350.1090609@ja.net> <4B4765D1.6060407@ernest.net> Message-ID: Assuming that the terms and conditions that applied to the domain owners in question were not substantially different from those advertised here: http://www.nominet.org.uk/registrants/aboutdomainnames/legal/terms/ it looks to me (not a lawyer), as though they were quite within the terms of the contract to suspend the domains without notifying the owners, if the police notified them that the contact details were false. See sections 16 and 17, quoted in relevant parts below: "16 We may cancel or put the domain name into a special status by notifying you if: 16.1 we receive independent proof that you have provided significantly inaccurate, not correct, unreliable or false contact details (including names), failed to keep your contact details up to date, or failed to give us those details at all; .... 17 We may (but do not have to) transfer, cancel, alter or amend the domain name, put it in a special status or prevent its renewal: ... 17.2 if we reasonably believe that the contact details on the register for you are so inaccurate or false that we would not be able to notify you of the change;" Julian On Fri, Jan 8, 2010 at 5:05 PM, Nicholas Bohm wrote: > Igor Mozolevsky wrote: > > 2010/1/8 James Davis : > > > > I don't know about the legal aspects, but what else are they meant to do > in order to enforce the use of correct contact details? By definition > they can't easily contact the registrant to get them to provide correct > details. > > > The question is whether they have actually tried to contact all of the > 1200 domain owners at all. Judging by the article, it sounds like the > Met gave Nominet a list and Nominet just pushed a few buttons. The > domains were clearly registered through some other organisation, so > have Nominet tried contacting them? Or, for that matter, what > reasonable steps have Nominet taken prior to the suspension of the > domains? What if one of the domains was a bona fide domain the > suspension lead to loss of business? We now know that at least two > domains were reinstated for whatever reasons! > > Also, what is the definition of "correct contact details"? Is it the > details of the person who actually owns the domain, or a way of > contacting the person who owns the domain? I certainly know of cases > where A asked B to register a domain for A and the domain contact > details are that of B and not A, is that in violation of Nominet's > T&Cs? > > This all depends on the terms in force.? But it would certainly be highly > unusual for service terms to entitle a service provider to suspend or > terminate a service for a breach which may be no more than an administrative > error without making efforts to to draw the breach to the attention of the > recipient of the service and seeking to have the breach remedied. > > Nicholas > -- > > Salkyns, Great Canfield, Takeley, > Bishop's Stortford CM22 6SX, UK > > Phone 01279 870285 (+44 1279 870285) > Mobile 07715 419728 (+44 7715 419728) > > PGP public key ID: 0x899DD7FF Fingerprint: > 5248 1320 B42E 84FC 1E8B A9E6 0912 AE66 899D D7FF From nbohm at ernest.net Sun Jan 10 15:42:45 2010 From: nbohm at ernest.net (Nicholas Bohm) Date: Sun, 10 Jan 2010 15:42:45 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: References: <4B474350.1090609@ja.net> <4B4765D1.6060407@ernest.net> Message-ID: <4B49F575.9070703@ernest.net> An HTML attachment was scrubbed... URL: From lists at internetpolicyagency.com Sun Jan 10 16:21:27 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Sun, 10 Jan 2010 16:21:27 +0000 Subject: Unpersons In-Reply-To: <4B49F34A.9040400@ernest.net> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> Message-ID: In article <4B49F34A.9040400 at ernest.net>, Nicholas Bohm writes >Not wishing to get into the sort of lengthy debate we've had in the >past about virus filters and interception, surely it's not actually an >interception to delete emails, or to add a "marker" to them, or to put >them into different mailboxes depending on the content. To call it an >interception you have to believe that "making them available" to a >scoring/sorting-machine is an interception >In my view that is indeed an interception. > >The same point arise in the case of Phorm, and the argument is set out >in my note on the subject?here - see paragraphs 14 to 18. Yes, but... in your paragraph 15 you note that Phorm are sent some information based on the machine having digested the email. That's not the case for the examples in this thread. I've not heard the RIPA s16 argument made before with respect to virus/email filters, but looking at your general proposition it seems you are saying that if an ISP attaches a "black box" he has in fact intercepted all the traffic, even before the black box applies some selection rules to make sure that only the warranted traffic is passed to the waiting humans. But that can't be right, because the un-selected ones are therefore being intercepted illegally. Please let me know which bit of your argument I'm not following properly. -- Roland Perry From nbohm at ernest.net Sun Jan 10 16:45:54 2010 From: nbohm at ernest.net (Nicholas Bohm) Date: Sun, 10 Jan 2010 16:45:54 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> Message-ID: <4B4A0442.80108@ernest.net> An HTML attachment was scrubbed... URL: From lists at internetpolicyagency.com Sun Jan 10 17:06:44 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Sun, 10 Jan 2010 17:06:44 +0000 Subject: Unpersons In-Reply-To: <4B4A0442.80108@ernest.net> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A0442.80108@ernest.net> Message-ID: In article <4B4A0442.80108 at ernest.net>, Nicholas Bohm writes >>Yes, but... in your paragraph 15 you note that Phorm are sent some >>information based on the machine having digested the email. That's not >>the case for the examples in this thread. >It's irrelevant if things are done or omitted on the basis of the >content of what passes through the machine. In that case I don't understand what para 15 adds to your case. >>I've not heard the RIPA s16 argument made before with respect to >>virus/email filters, but looking at your general proposition it seems >>you are saying that if an ISP attaches a "black box" he has in fact >>intercepted all the traffic, even before the black box applies some >>selection rules to make sure that only the warranted traffic is passed >>to the waiting humans.? But that can't be right, because the un->>selected ones are therefore being intercepted illegally. >That conclusion is correct - the stream is being intercepted.? That's >what flows from s16. There's something I'm not understanding, because that suggests that the "black box" is doing an illegal interception on the unwarranted targets. >>Please let me know which bit of your argument I'm not following >>properly. >None of it.? You're just assuming that because you don't like the >conclusion, the reasoning must be wrong. It's not a case of liking or disliking the conclusion, I'm trying to understand your interpretation of s16. If the result of that is something I "don't like", my remedy (should I wish to pursue it, which I don't at the moment) is to try to get the law changed, which also implies other people would agree with me abut the desirability of so doing. etc. -- Roland Perry From nbohm at ernest.net Sun Jan 10 17:21:23 2010 From: nbohm at ernest.net (Nicholas Bohm) Date: Sun, 10 Jan 2010 17:21:23 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A0442.80108@ernest.net> Message-ID: <4B4A0C93.9080301@ernest.net> An HTML attachment was scrubbed... URL: From jon+ukcrypto at unequivocal.co.uk Sun Jan 10 16:09:03 2010 From: jon+ukcrypto at unequivocal.co.uk (Jon Ribbens) Date: Sun, 10 Jan 2010 16:09:03 +0000 Subject: Unpersons - and unwebsites In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <20100108154438.00003188@surtees.fenrir.org.uk> Message-ID: <20100110160903.GA31070@snowy.squish.net> On Fri, Jan 08, 2010 at 04:47:59PM +0000, Roland Perry wrote: > In article <20100108154438.00003188 at surtees.fenrir.org.uk>, Brian > Morrison writes >>> And if one of the conditions was we didn't post under a false name... >>> . >> >> Doesn't English law permit someone to be known by any name they choose? > > But one name at a time, surely? And within certain limits. > > I recently found a website registered to a "Sir Topham Hat", or is "Sir" > a legitimate forename now? There are various companies which will sell you "titles", mostly all they do is send you a deed poll changing your name so that your first name is "Lord" (or "Baron" or "Earl" or whatever you wanted). Some of them, for a higher price, will sell you a tiny 1cm^2 patch of land to which some sort of genuine title is attached; it seems somewhat unlikely to me though that you can actually acquire a title via such a method! From nbohm at ernest.net Sun Jan 10 17:43:38 2010 From: nbohm at ernest.net (Nicholas Bohm) Date: Sun, 10 Jan 2010 17:43:38 +0000 Subject: Unpersons - and unwebsites In-Reply-To: <20100110160903.GA31070@snowy.squish.net> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <20100108154438.00003188@surtees.fenrir.org.uk> <20100110160903.GA31070@snowy.squish.net> Message-ID: <4B4A11CA.109@ernest.net> An HTML attachment was scrubbed... URL: From lists at internetpolicyagency.com Sun Jan 10 17:59:32 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Sun, 10 Jan 2010 17:59:32 +0000 Subject: Unpersons - and unwebsites In-Reply-To: <4B4A11CA.109@ernest.net> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <20100108154438.00003188@surtees.fenrir.org.uk> <20100110160903.GA31070@snowy.squish.net> <4B4A11CA.109@ernest.net> Message-ID: In article <4B4A11CA.109 at ernest.net>, Nicholas Bohm writes >Being entitled to call yourself "Lord of the manor of Effingham" is a >privilege of limited value, one might think, but people pay decent sums >for that sort of thing.? Perhaps some of them think they can claim to >be "Lord Effingham" or even sit in the House of Lords In the village where I lived once the chap who bought such a title claimed it meant he was able to decide who should park on the village square. I had a long running dispute about this with him (the house I was renting was *on* the market square, and you couldn't get to it even on foot without crossing the square) but it was never resolved because I moved away, and he never did anything other than assert this alleged power (and leave notes on my car etc). If I'd bought the house, presumably I'd have got a better handle on the situation from the start. -- Roland Perry From lists at internetpolicyagency.com Sun Jan 10 18:06:36 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Sun, 10 Jan 2010 18:06:36 +0000 Subject: Unpersons In-Reply-To: <4B4A0C93.9080301@ernest.net> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A0442.80108@ernest.net> <4B4A0C93.9080301@ernest.net> Message-ID: <6aD+vlFschSLFAgO@perry.co.uk> In article <4B4A0C93.9080301 at ernest.net>, Nicholas Bohm writes > In that case I don't understand what para 15 adds to your case. >In the Phorm context, it is distilling of information from the content >intercepted that amounts to something done on the basis of the content.? >In other contexts, other responses to content will be what is >relevant. So it's a red herring for an email filtering program that's simply rejecting emails based on the content (or is the reject message relevant?) > There's something I'm not understanding, because that suggests that > the "black box" is doing an illegal interception on the unwarranted > targets. >No, s16 is about warranted bulk interception. But if there's something in s16 that defines Black Box as an interception, even when it's not passing emails on to anyone, then it's also an interception (of everyone's traffic) in the simpler case of being deployed to execute a one-target interception warrant. And if the warrant says it's only legal for the ISP to be intercepting that one target's traffic, the remainder must be being intercepted illegally. -- Roland Perry From mjdb at dorevale.demon.co.uk Sun Jan 10 18:58:45 2010 From: mjdb at dorevale.demon.co.uk (M J D Brown) Date: Sun, 10 Jan 2010 18:58:45 -0000 Subject: Unpersons References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A0442.80108@ernest.net> <4B4A0C93.9080301@ernest.net> Message-ID: <20FC33E9179A4B3A835CF1311E1C99EE@Powerstation> ----- Original Message ----- From: "Nicholas Bohm" To: "UK Cryptography Policy Discussion Group" Sent: Sunday, January 10, 2010 5:21 PM Subject: Re: Unpersons The quotations are getting a bit hard to follow, but Nicholas Bohn appears to be arguing that the examination of messages to/from addressess not covered by a warrant in the course of separating the warranted traffic is illegal interception. I will defer to a lawyer's opinion on that point, but I am left wondering about the spam filtering process I described some days ago. In that process the Internet is seeded by bogus addresses whose appearance in subsequent traffic enables spam emails to be segregated in the ordinary course of examining message headers to determine the proper subscriber mailbox for their onward distribution. It is that process for which I claim the right to delegate to my ISP. Does someone who includes a bogus email address in the mailings have any right to claim that their messages are being improperly or illegally intercepted? I think not, but would welcome informed comments. Mike. From mjdb at dorevale.demon.co.uk Sun Jan 10 19:05:42 2010 From: mjdb at dorevale.demon.co.uk (M J D Brown) Date: Sun, 10 Jan 2010 19:05:42 -0000 Subject: Unpersons - and unwebsites References: <4B445388.5030704@callnetuk.com><00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org><4B4619D8.6000101@callnetuk.com><1BEA602E6B1849E48279E004020C08A6@Powerstation><4B46C906.8050203@zen.co.uk><00D8A99FF3764B75861B5EE6A244ECD6@enigma><20100108154438.00003188@surtees.fenrir.org.uk> <20100110160903.GA31070@snowy.squish.net> Message-ID: <0702CC812BD24342B45379E8755621CB@Powerstation> ----- Original Message ----- From: "Jon Ribbens" To: Sent: Sunday, January 10, 2010 4:09 PM Subject: Re: Unpersons - and unwebsites > On Fri, Jan 08, 2010 at 04:47:59PM +0000, Roland Perry wrote: >> In article <20100108154438.00003188 at surtees.fenrir.org.uk>, Brian >> Morrison writes >>>> And if one of the conditions was we didn't post under a false >>>> name... >>>> . >>> >>> Doesn't English law permit someone to be known by any name they >>> choose? >> >> But one name at a time, surely? And within certain limits. >> >> I recently found a website registered to a "Sir Topham Hat", or is >> "Sir" >> a legitimate forename now? > > There are various companies which will sell you "titles", mostly all > they do is send you a deed poll changing your name so that your first > name is "Lord" (or "Baron" or "Earl" or whatever you wanted). > > Some of them, for a higher price, will sell you a tiny 1cm^2 patch of > land to which some sort of genuine title is attached; it seems > somewhat unlikely to me though that you can actually acquire a title > via such a method! > Titles of nobility used to be unarguably confirmed by the holding of a writ of summons to attend the House of Lords. Now that most hereditary peers are no longer entitled to a seat in the upper house of Parliament, it is my understanding that their right of succession to a title is a matter for internal decision by the families concerned. It would thus appear that any illegality in the false assumption of a title now depends only on attempted fraud or passing-off. Mike. From Casper.Dik at Sun.COM Sun Jan 10 16:25:31 2010 From: Casper.Dik at Sun.COM (Casper.Dik at Sun.COM) Date: Sun, 10 Jan 2010 17:25:31 +0100 Subject: Unpersons In-Reply-To: <0tkNS0owGdSLFAj2@perry.co.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B497A82.2000308@iosis.co.uk> <0tkNS0owGdSLFAj2@perry.co.uk> Message-ID: <201001101625.o0AGPVmA016464@dm-holland-02.uk.sun.com> >But Botnets that have taken over your machine want to [1], and that's >the point of this restriction. > >>but can send zipped files as long as they are not password protected. > >That I don't understand - do you mean you can send ZIP files as long as >they *are* password protected? There's no point in a Botnet spamming out >password protected malware! A number of known virus-emails send out password protected zip files with the password in the email. Apparently this is sufficient to side step virus scanners. Casper From pwt at iosis.co.uk Sun Jan 10 19:59:22 2010 From: pwt at iosis.co.uk (Peter Tomlinson) Date: Sun, 10 Jan 2010 19:59:22 +0000 Subject: Unpersons In-Reply-To: <201001101625.o0AGPVmA016464@dm-holland-02.uk.sun.com> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B497A82.2000308@iosis.co.uk> <0tkNS0owGdSLFAj2@perry.co.uk> <201001101625.o0AGPVmA016464@dm-holland-02.uk.sun.com> Message-ID: <4B4A319A.4010209@iosis.co.uk> Casper.Dik at Sun.COM wrote: >> But Botnets that have taken over your machine want to [1], and that's >> the point of this restriction. >> >>> but can send zipped files as long as they are not password protected. >>> >> That I don't understand - do you mean you can send ZIP files as long as >> they *are* password protected? There's no point in a Botnet spamming out >> password protected malware! >> > A number of known virus-emails send out password protected zip files > with the password in the email. Apparently this is sufficient to side step > virus scanners. > > Casper > Sorry if I wasn't clear. Virgin has said that they will block password protected zip files. One hopes that they cope with the situation that Casper reported. Peter From dave at sourplum.org Sun Jan 10 19:13:45 2010 From: dave at sourplum.org (dave) Date: Sun, 10 Jan 2010 19:13:45 +0000 Subject: Unpersons In-Reply-To: <4B49B0E0.7010901@iosis.co.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B497A82.2000308@iosis.co.uk> <4B49B0E0.7010901@iosis.co.uk> Message-ID: <4B4A26E9.5070107@sourplum.org> Peter Tomlinson wrote: > Roland Perry wrote: >> In article <4B497A82.2000308 at iosis.co.uk>, Peter Tomlinson >> writes >>> Peter Fairbrother wrote: >>>> RIPA says that for interception by consent *both* parties, the >>>> sender and recipient, must consent, which I agree with for the >>>> reasons above. >>> Virgin (who now operate the cable service to my house, and whose >>> SMTP service I use to send emails) has simply told me that I will be >>> transferred to a 'new account', that email will be scanned for >>> 'viruses', and then they list the restrictions that apply. For >>> example, I cannot send .exe files (not that I want to), but can send >>> zipped files as long as they are not password protected. So they are >>> intercepting my outgoing email and I am not given any opportunity to >>> assent or not assent. Is RIPA worth the effort that has gone into it? >> I wonder if it's possible to regard Virgin's outbound SMTP server as >> the intended first recipient of the emails[1], which by mutual >> consent examines the emails for breaches of the rules, and then if >> everything's OK, re-transmits the email to the 'other' recipient >> whose name you had earlier attached to it? >> >> [1] You've deliberately set your email client to send all your emails >> to them, rather than any other SMTP service, after all. > I'm fairly certain that Virgin will not let me use another SMTP > service via their cable network My home network is connected to the internet via VM's cable service here (in Berkshire), and I use Gradwell's service for all of my email - both inbound and outbound. I see no evidence of VM intercepting my outbound email. Dave From lists at internetpolicyagency.com Sun Jan 10 20:27:38 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Sun, 10 Jan 2010 20:27:38 +0000 Subject: Unpersons In-Reply-To: <20FC33E9179A4B3A835CF1311E1C99EE@Powerstation> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A0442.80108@ernest.net> <4B4A0C93.9080301@ernest.net> <20FC33E9179A4B3A835CF1311E1C99EE@Powerstation> Message-ID: <572u3YK6gjSLFADM@perry.co.uk> In article <20FC33E9179A4B3A835CF1311E1C99EE at Powerstation>, M J D Brown writes >The quotations are getting a bit hard to follow, but Nicholas Bohn >appears to be arguing that the examination of messages to/from >addressess not covered by a warrant in the course of separating the >warranted traffic is illegal interception. Although 2(5) seems to suggest that as long as you are only looking at the traffic data (eg does the "from" address match a blacklist built up from noticing spam being sent to seeded email addresses) that isn't interception. >I will defer to a lawyer's opinion on that point, but I am left >wondering about the spam filtering process I described some days ago. >In that process the Internet is seeded by bogus addresses whose >appearance in subsequent traffic enables spam emails to be segregated in >the ordinary course of examining message headers to determine the proper >subscriber mailbox for their onward distribution. It is that process >for which I claim the right to delegate to my ISP. Does someone who >includes a bogus email address in the mailings have any right to claim >that their messages are being improperly or illegally intercepted? I >think not, but would welcome informed comments. I don't think that RIPA includes the concept that communications from someone who is breaking a different (eg anti-spam) law are excluded from the definition of interception. And, of course, if the ISP is checking all your emails to see if the senders are on the blacklist, they are also checking those emails from people who aren't spammers (ie your normal non-spam correspondents). -- Roland Perry From lists at internetpolicyagency.com Sun Jan 10 20:32:11 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Sun, 10 Jan 2010 20:32:11 +0000 Subject: Unpersons In-Reply-To: <201001101625.o0AGPVmA016464@dm-holland-02.uk.sun.com> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B497A82.2000308@iosis.co.uk> <0tkNS0owGdSLFAj2@perry.co.uk> <201001101625.o0AGPVmA016464@dm-holland-02.uk.sun.com> Message-ID: In article <201001101625.o0AGPVmA016464 at dm-holland-02.uk.sun.com>, Casper.Dik at Sun.COM writes >>But Botnets that have taken over your machine want to [1], and that's >>the point of this restriction. >> >>>but can send zipped files as long as they are not password protected. >> >>That I don't understand - do you mean you can send ZIP files as long as >>they *are* password protected? There's no point in a Botnet spamming out >>password protected malware! > >A number of known virus-emails send out password protected zip files >with the password in the email. Apparently this is sufficient to side step >virus scanners. I can that this may be the case, but I've never seen one in the wild (as far as I'm aware). However, I have thousands (literally) of emails here where the malware payload is carried in a non-password-protected zip file. So it makes little sense to me to be banning the unpopular payloads and allowing the popular ones :( Note this is a reason to ban both, not a reason to allow both! -- Roland Perry From tony.naggs at googlemail.com Sun Jan 10 20:50:20 2010 From: tony.naggs at googlemail.com (Tony Naggs) Date: Sun, 10 Jan 2010 20:50:20 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B497A82.2000308@iosis.co.uk> <0tkNS0owGdSLFAj2@perry.co.uk> <201001101625.o0AGPVmA016464@dm-holland-02.uk.sun.com> Message-ID: Roland Perry wrote: > > However, I have thousands (literally) of emails here where the malware > payload is carried in a non-password-protected zip file. So it makes little > sense to me to be banning the unpopular payloads and allowing the popular > ones :( ?Note this is a reason to ban both, not a reason to allow both! In theory the non-password protected zip files are opened & examined by the anti-virus scanner. There have been reports from time to time of some anti-virus products failing to scan malformed zip files. Given that there is an anti-virus scan happening I don't understand the prohibition on sending exe files. I write software and sometimes the easiest way to deliver the code, or prototypes is via email. Glad I'm not using Virgin Media. From lists at internetpolicyagency.com Sun Jan 10 21:06:21 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Sun, 10 Jan 2010 21:06:21 +0000 Subject: Unpersons In-Reply-To: <4B4A26E9.5070107@sourplum.org> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B497A82.2000308@iosis.co.uk> <4B49B0E0.7010901@iosis.co.uk> <4B4A26E9.5070107@sourplum.org> Message-ID: In article <4B4A26E9.5070107 at sourplum.org>, dave writes >My home network is connected to the internet via VM's cable service >here (in Berkshire), and I use Gradwell's service for all of my email - >both inbound and outbound. I see no evidence of VM intercepting my >outbound email. It might be helpful if someone could try this out (assuming it does what it claims): http://www.topsight.net/article.php/200806191256315 -- Roland Perry From lists at internetpolicyagency.com Sun Jan 10 21:19:05 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Sun, 10 Jan 2010 21:19:05 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B497A82.2000308@iosis.co.uk> <0tkNS0owGdSLFAj2@perry.co.uk> <201001101625.o0AGPVmA016464@dm-holland-02.uk.sun.com> Message-ID: In article , Tony Naggs writes >> >> However, I have thousands (literally) of emails here where the malware >> payload is carried in a non-password-protected zip file. So it makes little >> sense to me to be banning the unpopular payloads and allowing the popular >> ones :( ?Note this is a reason to ban both, not a reason to allow both! > >In theory the non-password protected zip files are opened & examined >by the anti-virus scanner. There have been reports from time to time >of some anti-virus products failing to scan malformed zip files. > >Given that there is an anti-virus scan happening I don't understand >the prohibition on sending exe files. The idea would be to nip them in the bud, and avoid the load on the network and all the virus checkers at the receiving end (or are you suggesting that VM is *also* virus checking the outgoing emails?[1]) >I write software and sometimes the easiest way to deliver the code, or >prototypes is via email. Glad I'm not using Virgin Media. It does happen, and I have at least one colleague who habitually sends out large collections of documents zipped together (which makes it difficult for me to ban all zip files). In both cases, it would probably be better to stick the files on a simple website (or even one of the many dedicated services), and email people the access details. [1] If it is a result of Virgin badging Gmail, the following blog would seem to say "not", and the restrictions are somewhat more than just .exe and .zip; and this solves the mystery of non-passworded zipped malware because it'll be looking inside the zip file for one of the banned extensions. -- Roland Perry From shiny.nickel at gmail.com Sun Jan 10 21:36:32 2010 From: shiny.nickel at gmail.com (Nick Moore) Date: Sun, 10 Jan 2010 21:36:32 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B497A82.2000308@iosis.co.uk> <4B49B0E0.7010901@iosis.co.uk> <4B4A26E9.5070107@sourplum.org> Message-ID: Ran tcptraceroute and compared the output to traceroute (equivalent commands in a Linux environment) and there was no difference for my SMTP server. So it would appear that Virgin are not running a transparent proxy. On 10/01/2010, Roland Perry wrote: > In article <4B4A26E9.5070107 at sourplum.org>, dave > writes >>My home network is connected to the internet via VM's cable service >>here (in Berkshire), and I use Gradwell's service for all of my email - >>both inbound and outbound. I see no evidence of VM intercepting my >>outbound email. > > It might be helpful if someone could try this out (assuming it does what > it claims): > > http://www.topsight.net/article.php/200806191256315 > -- > Roland Perry > > From shiny.nickel at gmail.com Sun Jan 10 21:41:30 2010 From: shiny.nickel at gmail.com (Nick Moore) Date: Sun, 10 Jan 2010 21:41:30 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B497A82.2000308@iosis.co.uk> <4B49B0E0.7010901@iosis.co.uk> <4B4A26E9.5070107@sourplum.org> Message-ID: http://www.virginmedia.com/help/email/mail-login-changes.php#vmed_google http://www.zath.co.uk/virgin-media-customers-to-use-google-mail/ http://news.zdnet.co.uk/communications/0,1000000085,39640300,00.htm On 10/01/2010, Nick Moore wrote: > Ran tcptraceroute and compared the output to traceroute (equivalent > commands in a Linux environment) and there was no difference for my > SMTP server. So it would appear that Virgin are not running a > transparent proxy. > > On 10/01/2010, Roland Perry wrote: >> In article <4B4A26E9.5070107 at sourplum.org>, dave >> writes >>>My home network is connected to the internet via VM's cable service >>>here (in Berkshire), and I use Gradwell's service for all of my email - >>>both inbound and outbound. I see no evidence of VM intercepting my >>>outbound email. >> >> It might be helpful if someone could try this out (assuming it does what >> it claims): >> >> http://www.topsight.net/article.php/200806191256315 >> -- >> Roland Perry >> >> > From nbohm at ernest.net Sun Jan 10 21:42:15 2010 From: nbohm at ernest.net (Nicholas Bohm) Date: Sun, 10 Jan 2010 21:42:15 +0000 Subject: Unpersons In-Reply-To: <6aD+vlFschSLFAgO@perry.co.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A0442.80108@ernest.net> <4B4A0C93.9080301@ernest.net> <6aD+vlFschSLFAgO@perry.co.uk> Message-ID: <4B4A49B7.8020005@ernest.net> An HTML attachment was scrubbed... URL: From nbohm at ernest.net Sun Jan 10 21:44:41 2010 From: nbohm at ernest.net (Nicholas Bohm) Date: Sun, 10 Jan 2010 21:44:41 +0000 Subject: Unpersons In-Reply-To: <20FC33E9179A4B3A835CF1311E1C99EE@Powerstation> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A0442.80108@ernest.net> <4B4A0C93.9080301@ernest.net> <20FC33E9179A4B3A835CF1311E1C99EE@Powerstation> Message-ID: <4B4A4A49.4050902@ernest.net> An HTML attachment was scrubbed... URL: From lists at internetpolicyagency.com Sun Jan 10 21:59:03 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Sun, 10 Jan 2010 21:59:03 +0000 Subject: Unpersons In-Reply-To: <4B4A49B7.8020005@ernest.net> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A0442.80108@ernest.net> <4B4A0C93.9080301@ernest.net> <6aD+vlFschSLFAgO@perry.co.uk> <4B4A49B7.8020005@ernest.net> Message-ID: In article <4B4A49B7.8020005 at ernest.net>, Nicholas Bohm writes [I wish you'd fix your quoting!] >> In the Phorm context, it is distilling of information from the >>content intercepted that amounts to something done on the basis of >>the content.? In other contexts, other responses to content >>will be what is relevant. > So it's a red herring for an email filtering program that's simply > rejecting emails based on the content (or is the reject message > relevant?) >I don't follow what it is that you think is a red herring. You seemed to be saying that in the Phorm case the problem is that a distillation of the content is sent to Phorm. In an email filtering application there's no distillation, and nothing sent to anyone. So using your analysis of the Phorm situation, in that respect, is not relevant to the matter under discussion here. >> ?There's something I'm not understanding, because that suggests >>that ?the "black box" is doing an illegal interception on the >>unwarranted ?targets. > >> No, s16 is about warranted bulk interception. > > But if there's something in s16 that defines Black Box as an > interception, even when it's not passing emails on to anyone, then > it's also an interception (of everyone's traffic) in the simpler > case of being deployed to execute a one-target interception warrant. > And if the warrant says it's only legal for the ISP to be > intercepting that one target's traffic, the remainder must be being > intercepted illegally. >What makes you suppose that a one-target interception warrant is >executed by sorting the target's communications from other >communications by an examination of the content of all the >communications? Because that's how a Black Box solution would implement it. (Or are you hinting at the 2(5) exemption). -- Roland Perry From lists at internetpolicyagency.com Sun Jan 10 22:06:57 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Sun, 10 Jan 2010 22:06:57 +0000 Subject: Unpersons In-Reply-To: <4B4A4A49.4050902@ernest.net> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A0442.80108@ernest.net> <4B4A0C93.9080301@ernest.net> <20FC33E9179A4B3A835CF1311E1C99EE@Powerstation> <4B4A4A49.4050902@ernest.net> Message-ID: In article <4B4A4A49.4050902 at ernest.net>, Nicholas Bohm writes >>I will defer to a lawyer's opinion on that point, but I am left >>wondering about the spam filtering process I described some days ago. >I didn't keep the earlier message, and don't understand the process >you're describing, so I can't offer any useful comment. [He was referring to Demon's use of the Cloudmark antispam system; which I believe works by honey-potting, then fingerprinting, spam; then filtering out emails with the same fingerprint en-route to their subscribers.] -- Roland Perry From lists at internetpolicyagency.com Sun Jan 10 22:14:20 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Sun, 10 Jan 2010 22:14:20 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A0442.80108@ernest.net> <4B4A0C93.9080301@ernest.net> <6aD+vlFschSLFAgO@perry.co.uk> <4B4A49B7.8020005@ernest.net> Message-ID: In article , Roland Perry writes >>> In the Phorm context, it is distilling of information from the >>>content intercepted that amounts to something done on the basis >>>of the content.? In other contexts, other responses to >>>content will be what is relevant. > >> So it's a red herring for an email filtering program that's simply >> rejecting emails based on the content (or is the reject message >> relevant?) > >>I don't follow what it is that you think is a red herring. > >You seemed to be saying that in the Phorm case the problem is that a >distillation of the content is sent to Phorm. > >In an email filtering application there's no distillation, and nothing >sent to anyone. I think I should clarify that in this part of the discussion I mean the anti-virus measures in the Google/Virgin case, where they are blocked simply because they contain a .exe file - no distillation takes place and nothing is sent outside the box, possibly not even a "reject" message to the sender. >So using your analysis of the Phorm situation, in that respect, is not >relevant to the matter under discussion here. -- Roland Perry From dave at sourplum.org Sun Jan 10 22:20:44 2010 From: dave at sourplum.org (dave) Date: Sun, 10 Jan 2010 22:20:44 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B497A82.2000308@iosis.co.uk> <4B49B0E0.7010901@iosis.co.uk> <4B4A26E9.5070107@sourplum.org> Message-ID: <4B4A52BC.7040306@sourplum.org> Nick Moore wrote: > Ran tcptraceroute and compared the output to traceroute (equivalent > commands in a Linux environment) and there was no difference for my > SMTP server. So it would appear that Virgin are not running a > transparent proxy. > > Agreed - no difference between traceroute/tcptraceroute. Also telnet to port 25 on the relay @ gradwell.net has the expected result: $ telnet relay.gradwell.net 25 Trying 79.135.125.10... Connected to read-mail-smtp.gradwell.net. Escape character is '^]'. 220 v-smtp-auth-relay-4.gradwell.net ESMTP ready (Gradwell gwh-smtpd 1.290) Sun, 10 Jan 2010 22:16:22 +0000 BTW the windows tracetcp program Roland referenced didn't work on any of the Windows XP/Windows 7 systems here.... Dave -------------- next part -------------- An HTML attachment was scrubbed... URL: From igb at batten.eu.org Sun Jan 10 23:20:15 2010 From: igb at batten.eu.org (Ian Batten) Date: Sun, 10 Jan 2010 23:20:15 +0000 Subject: Unpersons In-Reply-To: <4B4A52BC.7040306@sourplum.org> References: <4B445388.5030704@callnetuk.com> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B497A82.2000308@iosis.co.uk> <4B49B0E0.7010901@iosis.co.uk> <4B4A26E9.5070107@sourplum.org> <4B4A52BC.7040306@sourplum.org> Message-ID: <14716089-9051-4C19-8FDE-301685D03120@batten.eu.org> On 10 Jan 2010, at 22:20, dave wrote: > Nick Moore wrote: >> >> Ran tcptraceroute and compared the output to traceroute (equivalent >> commands in a Linux environment) and there was no difference for my >> SMTP server. So it would appear that Virgin are not running a >> transparent proxy. >> >> > > Agreed - no difference between traceroute/tcptraceroute. Also telnet > to port 25 on the relay @ gradwell.net has the expected result: I'm paranoid enough that from home I access mail.batten.eu.org for IMAP and submission via an IPSec tunnel which uses certificates at both ends for the key exchange. When away from home I use TLS, and I have a paid-for certificate so I don't have to teach all the devices about the root key, and so that using squirrelmail from random places does the expected thing. I don't see another reliable way to protect against trap proxies, and there's enough ISPs between me and the server that there's too many to keep track of. ian From zenadsl6186 at zen.co.uk Mon Jan 11 02:10:55 2010 From: zenadsl6186 at zen.co.uk (Peter Fairbrother) Date: Mon, 11 Jan 2010 02:10:55 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> Message-ID: <4B4A88AF.6080304@zen.co.uk> Roland Perry wrote: [...] > I've not heard the RIPA s16 argument made before with respect to > virus/email filters, but looking at your general proposition it seems > you are saying that if an ISP attaches a "black box" he has in fact > intercepted all the traffic, even before the black box applies some > selection rules to make sure that only the warranted traffic is passed > to the waiting humans. But that can't be right, because the un-selected > ones are therefore being intercepted illegally. > > Please let me know which bit of your argument I'm not following properly. The unselected ones *are* being intercepted, but it isn't illegal - see 5(6)(a); " The conduct authorised by an interception warrant shall be taken to include? (a) all such conduct (including the interception of communications not identified by the warrant) as it is necessary to undertake in order to do what is expressly authorised or required by the warrant; " Attaching a black box in the absence of a warrant or notice [1] would (and should) be illegal, even if it's never switched on and there is no output. Attaching a black box in anticipation of a warrant, but without a notice, might be illegal too, but I don't know how far 5(6)(a) stretches. Does anyone here run a largish ISP, or done any intercepting under a warrant (or attached a black box), and have they been served with an order? [1] under eg the Regulation of Investigatory Powers (Maintenance of Interception Capability) Order 2002 -- Peter Fairbrother From matthew at pemble.net Mon Jan 11 07:03:42 2010 From: matthew at pemble.net (Matthew Pemble) Date: Mon, 11 Jan 2010 07:03:42 +0000 Subject: Unpersons In-Reply-To: <004801ca8ebc$b6ca0850$245e18f0$@net> References: <4B445388.5030704@callnetuk.com> <004801ca8ebc$b6ca0850$245e18f0$@net> Message-ID: Folks, 2010/1/6 James Firth : >> > Trying to access the Islam4UK website (the people who are promoting >> this >> > Wootton Bassett march) I get a DNS lookup failure. >> >> I have been having 403 errors for a couple of days - and can still get >> to the site (on local cached DNS): >> > > Looks like both their DNS servers are down. Tried routing through corporate > VPN on various exit nodes and still nothing. ?The IPs of their DNS servers > seem to be Canadian. ?At this stage looking more like cock-up rather than > conspiracy. While we have now moved on in the discussion - people might like to know that the site is back up (ish). New DNS servers (both at myprivatedns.com) and it does look like they didn't have a back-up (at least, there are only a couple of pages up at the moment and they are dated 9th & 10th Jan.) M. -- Matthew Pemble Technical Director, Idrach Ltd Mobile: +44 (0) 7595 652175 Office: + 44 (0) 1324 820690 From james2 at jfirth.net Mon Jan 11 08:05:51 2010 From: james2 at jfirth.net (James Firth) Date: Mon, 11 Jan 2010 08:05:51 -0000 Subject: Unpersons In-Reply-To: <4B49B0E0.7010901@iosis.co.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B497A82.2000308@iosis.co.uk> <4B49B0E0.7010901@iosis.co.uk> Message-ID: <002b01ca9294$e76a5100$b63ef300$@net> Peter Tomlinson wrote: > I'm fairly certain that Virgin will not let me use another SMTP service > via their cable network - a much more internet savvy friend who has > always used Virgin over first dialup and now ADSL told me that Virgin > (as other ISPs did) blocked that because it was being used as a way to > get service for free (I suspect that he now uses BT's SMTP because he > worked hard on BT to get ADSL into his village). > Working as I do in this field my experience is that many ISPs (Sky, Virgin, Orange, O2 to name but a few) block outbound traffic to external SMTP servers (port 25) from within their networks. Their argument for doing this is to reduce outbound SPAM originating from their infected clients machines and has nothing whatsoever (AFAIK) to do with preventing non-subscribers from using their services for free. To work-around this SMTP (port 25) outbound block, many mail providers offer alternative ports for registered users to send outbound mail, such as Mail submission (port 587) or SMTPS (port 465 - TLS required). James Firth From otcbn at callnetuk.com Mon Jan 11 08:17:10 2010 From: otcbn at callnetuk.com (Pete Mitchell) Date: Mon, 11 Jan 2010 08:17:10 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <004801ca8ebc$b6ca0850$245e18f0$@net> Message-ID: <4B4ADE86.2060701@callnetuk.com> Matthew Pemble wrote on 11-01-10 07:03: > While we have now moved on in the discussion - people might like to know > that the site is back up (ish). Not for long, if the Daily Mail is to be believed, which it occasionally is: "It emerged that Home Secretary Alan Johnson is to use anti-terror laws to ban two organisations run by Mr Choudary. His group al-Muhajiroun and its offshoot Islam4UK are to be added to a list of 59 banned organisations which includes Al Qaeda and the IRA." http://www.dailymail.co.uk/news/article-1242152/Islamic-group-abandons-anti-war-march-Wootton-Bassett.html#ixzz0cHpLYDKe -- Pete Mitchell From fw at deneb.enyo.de Mon Jan 11 08:47:37 2010 From: fw at deneb.enyo.de (Florian Weimer) Date: Mon, 11 Jan 2010 09:47:37 +0100 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: (Igor Mozolevsky's message of "Fri, 8 Jan 2010 11:44:54 +0000") References: Message-ID: <87wrzpkoye.fsf@mid.deneb.enyo.de> * Igor Mozolevsky: > http://www.out-law.com/page-10652 Nominet's side of the story: (Apparently, it happened in early December.) From otcbn at callnetuk.com Mon Jan 11 09:06:54 2010 From: otcbn at callnetuk.com (Pete Mitchell) Date: Mon, 11 Jan 2010 09:06:54 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: <87wrzpkoye.fsf@mid.deneb.enyo.de> References: <87wrzpkoye.fsf@mid.deneb.enyo.de> Message-ID: <4B4AEA2E.8090204@callnetuk.com> Florian Weimer wrote on 11-01-10 08:47: > * Igor Mozolevsky: > >> http://www.out-law.com/page-10652 > > Nominet's side of the story: > > "Their side of the story"? It raises far more concerns than even the Register's story did. It makes Nominet sound like it believes it is a branch of the Met. -- Pete Mitchell From matthew at pemble.net Mon Jan 11 09:48:59 2010 From: matthew at pemble.net (Matthew Pemble) Date: Mon, 11 Jan 2010 09:48:59 +0000 Subject: Unpersons In-Reply-To: <4B4ADE86.2060701@callnetuk.com> References: <4B445388.5030704@callnetuk.com> <004801ca8ebc$b6ca0850$245e18f0$@net> <4B4ADE86.2060701@callnetuk.com> Message-ID: Folks, 2010/1/11 Pete Mitchell : > Matthew Pemble wrote ?on 11-01-10 07:03: >> >> While we have now moved on in the discussion - people might like to know >> that the site is back up (ish). > > > Not for long, if the Daily Mail is to be believed, which it occasionally is: > > "It emerged that Home Secretary Alan Johnson is to use anti-terror laws to > ban two organisations run by Mr Choudary. His group al-Muhajiroun and its > offshoot Islam4UK are to be added to a list of 59 banned organisations which > includes Al Qaeda and the IRA." ARIN gives the website IP as belonging to iWeb Technologies in Montreal (who hosted the DNS before it disappeared.) They also appear to be the owners of (or, at least strongly connected with) 'privatedns.com' - also in Montreal, but with different registered addresses (one each for the iWeb and dns domain names and for the IP address allocation) - they use email addresses at that domain. So, although he can be banned under UK law ('can', not 'should' or 'will') - would he have a defence under Canadian law? S319(3)(b) (link below) of the Canadian Criminal Code seems to give Mr Choudary an absolute defence: "if, in good faith, the person expressed or attempted to establish by an argument an opinion on a religious subject or an opinion based on a belief in a religious text". His views are a bit extreme (especially given that the UK has never been part of the historical Caliphate or otherwise part of the Dar al Islam) but are not beyond the boundaries of what is argued by serious Islamic scholars (convert everybody, we don't like some classes of people, bring Sharia in) and, frankly, the evangelical activities of other religions - Christianity included. Obviously, the obvious weak point is the domain registration through fasthosts in the UK ... Nothing on the Home Office News webpage - since 23 Dec, in fact - and nothing on the Press Office page either. Canadian huge linky thing: http://laws.justice.gc.ca/fra/C-46/20100111/page-6.html?rp2=HOME&rp3=SI&rp1=hate%20propaganda&rp4=all&rp9=cs&rp10=L&rp13=50#codese:319 M. -- Matthew Pemble Technical Director, Idrach Ltd Mobile: +44 (0) 7595 652175 Office: + 44 (0) 1324 820690 From Andrew.Cormack at ja.net Mon Jan 11 10:45:04 2010 From: Andrew.Cormack at ja.net (Andrew Cormack) Date: Mon, 11 Jan 2010 10:45:04 -0000 Subject: Spam-traps (was Unpersons) In-Reply-To: <20FC33E9179A4B3A835CF1311E1C99EE@Powerstation> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A0442.80108@ernest.net> <4B4A0C93.9080301@ernest.net> <20FC33E9179A4B3A835CF1311E1C99EE@Powerstation> Message-ID: <6ED388AA006C454BA35B0098396B9BFB0670309B@uxsrvr20.atlas.ukerna.ac.uk> > -----Original Message----- > From: ukcrypto-bounces at chiark.greenend.org.uk [mailto:ukcrypto- > bounces at chiark.greenend.org.uk] On Behalf Of M J D Brown > Sent: 10 January 2010 18:59 > To: nbohm at ernest.net; UK Cryptography Policy Discussion Group > Subject: Re: Unpersons > > ----- Original Message ----- > From: "Nicholas Bohm" > To: "UK Cryptography Policy Discussion Group" > > Sent: Sunday, January 10, 2010 5:21 PM > Subject: Re: Unpersons > > The quotations are getting a bit hard to follow, but Nicholas Bohn > appears to be arguing that the examination of messages to/from > addressess not covered by a warrant in the course of separating the > warranted traffic is illegal interception. > > I will defer to a lawyer's opinion on that point, but I am left > wondering about the spam filtering process I described some days ago. > In that process the Internet is seeded by bogus addresses whose > appearance in subsequent traffic enables spam emails to be segregated > in > the ordinary course of examining message headers to determine the > proper > subscriber mailbox for their onward distribution. It is that process > for which I claim the right to delegate to my ISP. Does someone who > includes a bogus email address in the mailings have any right to claim > that their messages are being improperly or illegally intercepted? I > think not, but would welcome informed comments. > > Mike. Mike I'd have thought that a spam-trap e-mail address was the "intended recipient" of the messages that are addressed to it. So there's no interception. IANAL Andrew -- Andrew Cormack, Chief Regulatory Adviser JANET(UK), Lumen House, Library Avenue, Harwell Science and Innovation Campus, Didcot, OX11 0SG, UK Phone: +44 (0) 1235 822302 Fax: +44 (0) 1235 822399 JANET, the UK's education and research network JANET(UK) is a trading name of The JNT Association, a company limited by guarantee which is registered in England under No. 2881024 and whose Registered Office is at Lumen House, Library Avenue, Harwell Science and Innovation Campus, Didcot, Oxfordshire. OX11 0SG From nbohm at ernest.net Mon Jan 11 11:20:54 2010 From: nbohm at ernest.net (Nicholas Bohm) Date: Mon, 11 Jan 2010 11:20:54 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: <87wrzpkoye.fsf@mid.deneb.enyo.de> References: <87wrzpkoye.fsf@mid.deneb.enyo.de> Message-ID: <4B4B0996.9040107@ernest.net> An HTML attachment was scrubbed... URL: From nbohm at ernest.net Mon Jan 11 11:28:13 2010 From: nbohm at ernest.net (Nicholas Bohm) Date: Mon, 11 Jan 2010 11:28:13 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A0442.80108@ernest.net> <4B4A0C93.9080301@ernest.net> <6aD+vlFschSLFAgO@perry.co.uk> <4B4A49B7.8020005@ernest.net> Message-ID: <4B4B0B4D.1000000@ernest.net> An HTML attachment was scrubbed... URL: From chl at clerew.man.ac.uk Mon Jan 11 11:31:17 2010 From: chl at clerew.man.ac.uk (Charles Lindsey) Date: Mon, 11 Jan 2010 11:31:17 -0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B497A82.2000308@iosis.co.uk> <4B49B0E0.7010901@iosis.co.uk> <4B4A26E9.5070107@sourplum.org> Message-ID: On Sun, 10 Jan 2010 21:36:32 -0000, Nick Moore wrote: > Ran tcptraceroute and compared the output to traceroute (equivalent > commands in a Linux environment) and there was no difference for my > SMTP server. So it would appear that Virgin are not running a > transparent proxy. But that does not prove they are not running such a proxy on Port 25. -- Charles?H.?Lindsey?---------At?Home,?doing?my?own?thing------------------------ Tel:?+44?161?436?6131? ???Web:?http://www.cs.man.ac.uk/~chl Email:?chl at clerew.man.ac.uk??????Snail:?5?Clerewood?Ave,?CHEADLE,?SK8?3JU,?U.K. PGP:?2C15F1A9??????Fingerprint:?73?6D?C2?51?93?A0?01?E7?65?E8?64?7E?14?A4?AB?A5 From chl at clerew.man.ac.uk Mon Jan 11 11:35:50 2010 From: chl at clerew.man.ac.uk (Charles Lindsey) Date: Mon, 11 Jan 2010 11:35:50 -0000 Subject: Unpersons In-Reply-To: <4B49BAAB.1040408@zen.co.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> Message-ID: On Sun, 10 Jan 2010 11:31:55 -0000, Peter Fairbrother wrote: > Yes, it is interception - at least according to the ICO, Lord Bassam, > and my reading of the Act it is. > > Content is made available to the person who operates the machine - if it > wasn't, he couldn't operate it. But following that argument, all emails that pass through any server, even without filtration, are "available" to the operator of the machine (because it is technically possible for him to poke around and look at stuff, even though he never actually does so). -- Charles?H.?Lindsey?---------At?Home,?doing?my?own?thing------------------------ Tel:?+44?161?436?6131? ???Web:?http://www.cs.man.ac.uk/~chl Email:?chl at clerew.man.ac.uk??????Snail:?5?Clerewood?Ave,?CHEADLE,?SK8?3JU,?U.K. PGP:?2C15F1A9??????Fingerprint:?73?6D?C2?51?93?A0?01?E7?65?E8?64?7E?14?A4?AB?A5 From mjdb at dorevale.demon.co.uk Mon Jan 11 11:41:27 2010 From: mjdb at dorevale.demon.co.uk (M J D Brown) Date: Mon, 11 Jan 2010 11:41:27 -0000 Subject: Spam-traps (was Unpersons) References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A0442.80108@ernest.net><4B4A0C93.9080301@ernest.net><20FC33E9179A4B3A835CF1311E1C99EE@Powerstation> <6ED388AA006C454BA35B0098396B9BFB0670309B@uxsrvr20.atlas.ukerna.ac.uk> Message-ID: <3B468F8FA4CA4BD3A881CDDC279677A8@Powerstation> ----- Original Message ----- From: "Andrew Cormack" To: "UK Cryptography Policy Discussion Group" Sent: Monday, January 11, 2010 10:45 AM Subject: RE: Spam-traps (was Unpersons) > -----Original Message----- > From: ukcrypto-bounces at chiark.greenend.org.uk [mailto:ukcrypto- > bounces at chiark.greenend.org.uk] On Behalf Of M J D Brown > Sent: 10 January 2010 18:59 > To: nbohm at ernest.net; UK Cryptography Policy Discussion Group > Subject: Re: Unpersons > > ----- Original Message ----- > From: "Nicholas Bohm" > To: "UK Cryptography Policy Discussion Group" > > Sent: Sunday, January 10, 2010 5:21 PM > Subject: Re: Unpersons > > The quotations are getting a bit hard to follow, but Nicholas Bohn > appears to be arguing that the examination of messages to/from > addressess not covered by a warrant in the course of separating the > warranted traffic is illegal interception. > > I will defer to a lawyer's opinion on that point, but I am left > wondering about the spam filtering process I described some days ago. > In that process the Internet is seeded by bogus addresses whose > appearance in subsequent traffic enables spam emails to be segregated > in > the ordinary course of examining message headers to determine the > proper > subscriber mailbox for their onward distribution. It is that process > for which I claim the right to delegate to my ISP. Does someone who > includes a bogus email address in the mailings have any right to claim > that their messages are being improperly or illegally intercepted? I > think not, but would welcome informed comments. > > Mike. Mike I'd have thought that a spam-trap e-mail address was the "intended recipient" of the messages that are addressed to it. So there's no interception. Andrew, Many thanks for your comment. Everybody else on this list has been studiously avoiding an answer. The 'copy' of the message addressed to the bogus address (the property of the ISP itself) has not been intercepted, but the intention of the spam trap is then to block onward transmission to all the the other addressees of the message thus presumed to be spam. Have their 'copies' of the message been intercepted illegally? I think not. if the other addressees have opted for the ISP to trap spam on their behalf. I believe this is an important consideration for company and other corporate compliance officers trying to protect private networks from malware. Mike. -- From nbohm at ernest.net Mon Jan 11 11:53:10 2010 From: nbohm at ernest.net (Nicholas Bohm) Date: Mon, 11 Jan 2010 11:53:10 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> Message-ID: <4B4B1126.6060609@ernest.net> An HTML attachment was scrubbed... URL: From fw at deneb.enyo.de Mon Jan 11 12:00:20 2010 From: fw at deneb.enyo.de (Florian Weimer) Date: Mon, 11 Jan 2010 13:00:20 +0100 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: <4B4B0996.9040107@ernest.net> (Nicholas Bohm's message of "Mon, 11 Jan 2010 11:20:54 +0000") References: <87wrzpkoye.fsf@mid.deneb.enyo.de> <4B4B0996.9040107@ernest.net> Message-ID: <87r5pwkg17.fsf@mid.deneb.enyo.de> * Nicholas Bohm: > This suggests that Nominet suspended the sites because they were "instructed" > to do so by the police (although no legal basis for the giving of such > instructions or for complying with them was indicated in the statement). Haven't you got public safety legislation in the UK, or at least case law that covers this? I think this whole thread is quite odd---if you don't trust the police to issue appropriate orders if they encounter public safety issues, you have got significant problems as a society. The answer to that should not be to curb police powers, but to fix the underlying problems that led to such distrust in the first place. These days, you really need some organization that steps forward and stops rampant Net abuse, after carefully reviewing the situation. You can try off-shore that to Spamhaus and similar organizations, but that doesn't provide any accountability, either. From richard at highwayman.com Mon Jan 11 12:02:50 2010 From: richard at highwayman.com (Richard Clayton) Date: Mon, 11 Jan 2010 12:02:50 +0000 Subject: Unpersons - and unwebsites In-Reply-To: <0702CC812BD24342B45379E8755621CB@Powerstation> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <20100108154438.00003188@surtees.fenrir.org.uk> <20100110160903.GA31070@snowy.squish.net> <0702CC812BD24342B45379E8755621CB@Powerstation> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In article <0702CC812BD24342B45379E8755621CB at Powerstation>, M J D Brown writes >From: "Jon Ribbens" >> There are various companies which will sell you "titles", mostly all >> they do is send you a deed poll changing your name so that your first >> name is "Lord" (or "Baron" or "Earl" or whatever you wanted). >> >Titles of nobility used to be unarguably confirmed by the holding of a >writ of summons to attend the House of Lords. Now that most hereditary >peers are no longer entitled to a seat in the upper house of Parliament, >it is my understanding that their right of succession to a title is a >matter for internal decision by the families concerned. Not so, and I have this direct from a hereditary peer, the Earl of Erroll (who may be well known to list members), just last year... :) You will recall that there are 92 elected hereditary peers in the House of Lords. When one of them dies, there is an election to replace them. The remaining hereditary peers (of the same party, or the cross- benchers) are the electorate, and the people eligible to stand are the current holders of hereditary titles. Apparently a number of "no hoper" candidates are standing in each election, because the House of Lords then does some due diligence on whether or not they are in fact entitled to stand -- viz: the candidates believe (perhaps rightly) that the result of this process will be to give them a particularly good claim on their title. - -- richard Richard Clayton Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755 -----BEGIN PGP SIGNATURE----- Version: PGPsdk version 1.7.1 iQA/AwUBS0sTapoAxkTY1oPiEQIByQCg2kBTZo3S11MjfE4x+OcBowCh5jkAnjBh wNXmZ/7/QpqqFv/uvKdSLONL =t7ej -----END PGP SIGNATURE----- From nbohm at ernest.net Mon Jan 11 12:12:09 2010 From: nbohm at ernest.net (Nicholas Bohm) Date: Mon, 11 Jan 2010 12:12:09 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: <87r5pwkg17.fsf@mid.deneb.enyo.de> References: <87wrzpkoye.fsf@mid.deneb.enyo.de> <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> Message-ID: <4B4B1599.60404@ernest.net> An HTML attachment was scrubbed... URL: From Andrew.Cormack at ja.net Mon Jan 11 12:20:17 2010 From: Andrew.Cormack at ja.net (Andrew Cormack) Date: Mon, 11 Jan 2010 12:20:17 -0000 Subject: Spam-traps (was Unpersons) In-Reply-To: <3B468F8FA4CA4BD3A881CDDC279677A8@Powerstation> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A0442.80108@ernest.net><4B4A0C93.9080301@ernest.net><20FC33E9179A4B3A835CF1311E1C99EE@Powerstation><6ED388AA006C454BA35B0098396B9BFB0670309B@uxsrvr20.atlas.ukerna.ac.uk> <3B468F8FA4CA4BD3A881CDDC279677A8@Powerstation> Message-ID: <6ED388AA006C454BA35B0098396B9BFB06703114@uxsrvr20.atlas.ukerna.ac.uk> > -----Original Message----- > From: ukcrypto-bounces at chiark.greenend.org.uk [mailto:ukcrypto- > bounces at chiark.greenend.org.uk] On Behalf Of M J D Brown > Sent: 11 January 2010 11:41 > To: UK Cryptography Policy Discussion Group > Subject: Re: Spam-traps (was Unpersons) > > > ----- Original Message ----- > From: "Andrew Cormack" > To: "UK Cryptography Policy Discussion Group" > > Sent: Monday, January 11, 2010 10:45 AM > Subject: RE: Spam-traps (was Unpersons) > > > > -----Original Message----- > > From: ukcrypto-bounces at chiark.greenend.org.uk [mailto:ukcrypto- > > bounces at chiark.greenend.org.uk] On Behalf Of M J D Brown > > Sent: 10 January 2010 18:59 > > To: nbohm at ernest.net; UK Cryptography Policy Discussion Group > > Subject: Re: Unpersons > > > > ----- Original Message ----- > > From: "Nicholas Bohm" > > To: "UK Cryptography Policy Discussion Group" > > > > Sent: Sunday, January 10, 2010 5:21 PM > > Subject: Re: Unpersons > > > > The quotations are getting a bit hard to follow, but Nicholas Bohn > > appears to be arguing that the examination of messages to/from > > addressess not covered by a warrant in the course of separating the > > warranted traffic is illegal interception. > > > > I will defer to a lawyer's opinion on that point, but I am left > > wondering about the spam filtering process I described some days ago. > > In that process the Internet is seeded by bogus addresses whose > > appearance in subsequent traffic enables spam emails to be segregated > > in > > the ordinary course of examining message headers to determine the > > proper > > subscriber mailbox for their onward distribution. It is that process > > for which I claim the right to delegate to my ISP. Does someone who > > includes a bogus email address in the mailings have any right to > claim > > that their messages are being improperly or illegally intercepted? I > > think not, but would welcome informed comments. > > > > Mike. > > Mike > I'd have thought that a spam-trap e-mail address was the "intended > recipient" of the messages that are addressed to it. So there's no > interception. > > Andrew, > Many thanks for your comment. Everybody else on this list has been > studiously avoiding an answer. The 'copy' of the message addressed to > the bogus address (the property of the ISP itself) has not been > intercepted, but the intention of the spam trap is then to block onward > transmission to all the the other addressees of the message thus > presumed to be spam. Have their 'copies' of the message been > intercepted illegally? I think not. if the other addressees have opted > for the ISP to trap spam on their behalf. I believe this is an > important consideration for company and other corporate compliance > officers trying to protect private networks from malware. > > Mike. > -- I'd agree, but in two parts. If the copies are identified by way of header information (e.g. From: or Message-ID: fields) then there's no interception at all. If they are identified by matching content then it seems to be interception (assuming the system has to be modified to make it work that way), but lawful because it's part of the provision of the filtered e-mail service that they're providing to you (RIPA 3(3)). Incidentally the Article 29 Working Party's Opinion 2/2006 reckons that anti-spam activities are justified under European Data Protection law as necessary to protect the technical operation of the ISP's basic e-mail delivery system, which might (they think) otherwise be overwhelmed by the volume of mail. (http://ec.europa.eu/justice_home/fsj/privacy/docs/wpdocs/2006/wp118_en. pdf) Andrew -- Andrew Cormack, Chief Regulatory Adviser JANET(UK), Lumen House, Library Avenue, Harwell Science and Innovation Campus, Didcot, OX11 0SG, UK Phone: +44 (0) 1235 822302 Fax: +44 (0) 1235 822399 JANET, the UK's education and research network JANET(UK) is a trading name of The JNT Association, a company limited by guarantee which is registered in England under No. 2881024 and whose Registered Office is at Lumen House, Library Avenue, Harwell Science and Innovation Campus, Didcot, Oxfordshire. OX11 0SG From roger at hayter.org Mon Jan 11 12:21:36 2010 From: roger at hayter.org (Roger Hayter) Date: Mon, 11 Jan 2010 12:21:36 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: <87r5pwkg17.fsf@mid.deneb.enyo.de> References: <87wrzpkoye.fsf@mid.deneb.enyo.de> <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> Message-ID: In message <87r5pwkg17.fsf at mid.deneb.enyo.de>, Florian Weimer writes >* Nicholas Bohm: > >> This suggests that Nominet suspended the sites because they were "instructed" >> to do so by the police (although no legal basis for the giving of such >> instructions or for complying with them was indicated in the statement). > >Haven't you got public safety legislation in the UK, or at least case >law that covers this? > >I think this whole thread is quite odd---if you don't trust the police >to issue appropriate orders if they encounter public safety issues, >you have got significant problems as a society. The answer to that >should not be to curb police powers, but to fix the underlying >problems that led to such distrust in the first place. These days, >you really need some organization that steps forward and stops rampant >Net abuse, after carefully reviewing the situation. You can try >off-shore that to Spamhaus and similar organizations, but that doesn't >provide any accountability, either. My concept of public safety does not extend to preventing people from buying tickets from obscure websites which are unlikely to deliver them. The cost is, anyway, normally reimbursed by the credit card companies - who after all directly or indirectly enabled the fraudsters to operate. Closing these sites is not so much public safety as public convenience. -- Roger Hayter From otcbn at callnetuk.com Mon Jan 11 12:24:55 2010 From: otcbn at callnetuk.com (Pete Mitchell) Date: Mon, 11 Jan 2010 12:24:55 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: <87r5pwkg17.fsf@mid.deneb.enyo.de> References: <87wrzpkoye.fsf@mid.deneb.enyo.de> <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> Message-ID: <4B4B1897.1060501@callnetuk.com> Florian Weimer wrote on 11-01-10 12:00: > I think this whole thread is quite odd---if you don't trust the police > to issue appropriate orders if they encounter public safety issues, > you have got significant problems as a society. We have indeed. > The answer to that > should not be to curb police powers, but to fix the underlying > problems that led to such distrust in the first place. We'd like to do both, but we don't know how. > These days, > you really need some organization that steps forward and stops rampant > Net abuse, after carefully reviewing the situation. Is this meant to be ironic? Posting from Germany, you recommend we should accept without question any acts of censorship that our police choose to impose on us? -- Pete "Godwin" Mitchell From richard at highwayman.com Mon Jan 11 12:27:33 2010 From: richard at highwayman.com (Richard Clayton) Date: Mon, 11 Jan 2010 12:27:33 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: <4B4AEA2E.8090204@callnetuk.com> References: <87wrzpkoye.fsf@mid.deneb.enyo.de> <4B4AEA2E.8090204@callnetuk.com> Message-ID: <+HkM3aC1kxSLFAg9@highwayman.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In article <4B4AEA2E.8090204 at callnetuk.com>, Pete Mitchell writes >Florian Weimer wrote on 11-01-10 08:47: >> * Igor Mozolevsky: >> >>> http://www.out-law.com/page-10652 >> >> Nominet's side of the story: >> >> > >"Their side of the story"? Their incompetent PR ? >It raises far more concerns than even the Register's >story did. It makes Nominet sound like it believes it is a branch of the Met. What's been missed so far is the significance of Nominet being involved at all... Although their statement mentions working with registrars, Nominet are (currently) rather unusual in being prepared to act to deal with criminally registered domain names themselves. It is usual for the registries (the operators of the top level domains, ".uk", ".com", ".biz", ".name" etc etc) to take the view that their only role is to operate the infrastructure, and that all questions of what names should be active is a matter for the registrars (GoDaddy, Gradwell, TuCows etc etc) who are the people who made the contract with the domain name purchaser, and who are in a position to make contact with their own customers... ... since dealing with the technology being used by the most organised phishing gangs requires that domain names be suspended as fast as possible, there has been increasing pressure on registries to act because it is often the case that registrars are either clueless so they don't understand phishing slow they don't operate 24 x 7 (or even 8 x 5) criminal so they are in cahoots with the phishers You may recall the de-accreditation of EstDomains (for the technical reason that it was being run by someone with a criminal conviction, but [allegedly!] for the real reason that it had become very popular for criminal registrations); and the near de-accreditation of Joker (who failed to deal with removal requests at weekends (or quickly at all)). There remains pressure on the registries to step up and take responsibility ... doubtless Nominet's recent desire to do so is not uninfluenced by the Digital Economy Bill containing several pages of provisions for putting in external management to make them do what the Secretary of State (and to some extent the court) believes they should be doing... BTW: my main impression at the time of the removal of these counterfeit shopping sites (and I spend much of my academic time studying phishing and other web-based wickedness) was that the police had managed to miss quite a number of domains that they should have removed; rather than that they had failed to identify all of the domains that needed to be suspended in order to disrupt the criminals. Also: out-law.com suggests that it is odd that the domains were removed without an order of the court, and that hosting companies would not do this. This is just wrong -- it is commonplace (in fact almost universal) that phishing websites will be removed by hosting companies at the request of third parties (the banks, or specialist take-down companies). If polite requests fail (and that's unusual) then the police may be asked to chip in... and then they usually start mentioning legislation such as the Proceeds of Crime Act (are you profiting from the criminal activity) or the Serious Crime Act, s44 of which essentially makes it an offence to assist a criminal! But the bottom line is that generally that legitimate businesses do not want to help criminals -- and it's generally pretty easy for them to look at a website and see that it is either impersonating a bank, or selling counterfeit goods, or selling pharmaceuticals illegally or whatever the scam may be... - -- richard Richard Clayton Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755 -----BEGIN PGP SIGNATURE----- Version: PGPsdk version 1.7.1 iQA/AwUBS0sZNZoAxkTY1oPiEQJqmACg1OzgR5T1rXSaxIskxUems8L+onAAnRfW dVfZtAcS0K0IHuBom5pcmHwJ =sAsO -----END PGP SIGNATURE----- From matthew at pemble.net Mon Jan 11 12:34:19 2010 From: matthew at pemble.net (Matthew Pemble) Date: Mon, 11 Jan 2010 12:34:19 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: <+HkM3aC1kxSLFAg9@highwayman.com> References: <87wrzpkoye.fsf@mid.deneb.enyo.de> <4B4AEA2E.8090204@callnetuk.com> <+HkM3aC1kxSLFAg9@highwayman.com> Message-ID: Folks, 2010/1/11 Richard Clayton : > What's been missed so far is the significance of Nominet being involved > at all... ?Although their statement mentions working with registrars, > Nominet are (currently) rather unusual in being prepared to act to deal > with criminally registered domain names themselves. ... > ... since dealing with the technology being used by the most organised > phishing gangs requires that domain names be suspended as fast as > possible, there has been increasing pressure on registries to act > because it is often the case that registrars are either > > ? clueless ? ? so they don't understand phishing > ? slow ? ? ? ? they don't operate 24 x 7 (or even 8 x 5) > ? criminal ? ? so they are in cahoots with the phishers In a previous existence, I was part of a discussion with Nominet about them introducing a domain cancellation system. At commercial risk - to be born by the company or organisation requesting the deletion (or parking or suspension - just get it off the net!) This was for use in similar blatant fraud cases, normally where the domain was in some way relevant to the fraud, and where the registrar ISP ('cause the fraudsters do deliberately pick ones with crap customer service) just will not pay any attention. Alongside stomping on the actual site hosting - but this is often non-trivial (botnets etc). The important policy question here, I think, is the power of the state body (the police) being used without the supervision of the constitutional oversight body (i.e. a court order) and, because it is from the police, without any effective civil liability attaching in the event of a mistake? M. -- Matthew Pemble Technical Director, Idrach Ltd Mobile: +44 (0) 7595 652175 Office: + 44 (0) 1324 820690 From nbohm at ernest.net Mon Jan 11 12:35:32 2010 From: nbohm at ernest.net (Nicholas Bohm) Date: Mon, 11 Jan 2010 12:35:32 +0000 Subject: Spam-traps (was Unpersons) In-Reply-To: <6ED388AA006C454BA35B0098396B9BFB06703114@uxsrvr20.atlas.ukerna.ac.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A0442.80108@ernest.net><4B4A0C93.9080301@ernest.net><20FC33E9179A4B3A835CF1311E1C99EE@Powerstation><6ED388AA006C454BA35B0098396B9BFB0670309B@uxsrvr20.atlas.ukerna.ac.uk> <3B468F8FA4CA4BD3A881CDDC279677A8@Powerstation> <6ED388AA006C454BA35B0098396B9BFB06703114@uxsrvr20.atlas.ukerna.ac.uk> Message-ID: <4B4B1B14.9000905@ernest.net> An HTML attachment was scrubbed... URL: From colinthomson1 at o2.co.uk Mon Jan 11 12:39:15 2010 From: colinthomson1 at o2.co.uk (Tom Thomson) Date: Mon, 11 Jan 2010 12:39:15 -0000 Subject: Unpersons In-Reply-To: <4B4B1126.6060609@ernest.net> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> <4B4B1126.6060609@ernest.net> Message-ID: It seems to me that the only servers that should be handling email are the (apart from SMTP servers and the endpoint [POP, IMAP, or webmail] servers) are the IP routers, link relays, and so on which carry out the transmission of the emails. The handling of email by the latter is quite clearly not interception unless someone modifies them to do things not needed to provided the comms service. The former are required to provide the email service, and RIPA has to be interpreted in such a way that the provision of email services is not banned (since it was clearly not the intention of parliament to ban email) so ubless they are modified to do something not necessary for the provision of the service they too are not intercepting. As soon as some other server is handling email, interception is happening. If it?s warranted interception it?s legal, if it?s unwarranted interception which is needed to carry out warranted interception it?s legal interception, and if it?s neither of those it?s illegal interception unless it has been authorized by both the sender and the addressee. Honey-pot based spam filtering involves fingerprinting so it?s interception, so unless it?s taking place on one of the email servers and is needed to provide the email service or taking place on a network component and needed to provide the comms service it is illegal even if the addressee has authorized it (unless of course the sender also authorized it). That?s a layman?s guess as to what this ridiculously obscure piece of drafting means. M. _____ From: ukcrypto-bounces at chiark.greenend.org.uk [mailto:ukcrypto-bounces at chiark.greenend.org.uk] On Behalf Of Nicholas Bohm Sent: 11 January 2010 11:53 To: UK Cryptography Policy Discussion Group Subject: Re: Unpersons Charles Lindsey wrote: On Sun, 10 Jan 2010 11:31:55 -0000, Peter Fairbrother wrote: Yes, it is interception - at least according to the ICO, Lord Bassam, and my reading of the Act it is. Content is made available to the person who operates the machine - if it wasn't, he couldn't operate it. But following that argument, all emails that pass through any server, even without filtration, are "available" to the operator of the machine (because it is technically possible for him to poke around and look at stuff, even though he never actually does so). See RIPA s2(2): (2) For the purposes of this Act, but subject to the following provisions of this section, a person intercepts a communication in the course of its transmission by means of a telecommunication system if, and only if, he- (a) so modifies or interferes with the system, or its operation, (b) so monitors transmissions made by means of the system, or (c) so monitors transmissions made by wireless telegraphy to or from apparatus comprised in the system, as to make some or all of the contents of the communication available, while being transmitted, to a person other than the sender or intended recipient of the communication. Your point is why the section refers to modification of or interference with the relevant system as being a required element to constitute interception. Nicholas -- Salkyns, Great Canfield, Takeley, Bishop's Stortford CM22 6SX, UK Phone 01279 870285 (+44 1279 870285) Mobile 07715 419728 (+44 7715 419728) PGP public key ID: 0x899DD7FF Fingerprint: 5248 1320 B42E 84FC 1E8B A9E6 0912 AE66 899D D7FF -------------- next part -------------- An HTML attachment was scrubbed... URL: From colinthomson1 at o2.co.uk Mon Jan 11 12:44:59 2010 From: colinthomson1 at o2.co.uk (Tom Thomson) Date: Mon, 11 Jan 2010 12:44:59 -0000 Subject: Nominet on their recent disconnection (or as they call it- "suspension") spree In-Reply-To: <87r5pwkg17.fsf@mid.deneb.enyo.de> References: <87wrzpkoye.fsf@mid.deneb.enyo.de> <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> Message-ID: We have exactly that problem - we can't trust the police, as their actions regularly demonstrate; in addition, we can't trust the current government or it's civil servants to attempt to get the police to stop misbehaving; and the situation has been getting worse steadily for a long time. In the met (and several other forces) we seem to have an embedded cultural view that powers are provided to be abused. In government we seem to have the view that all problems can be solved by throwing wider and wider powers to the police and ensuring that there are no judicial checks on these powers. You are right, we have significant problems as a society. M. -----Original Message----- From: ukcrypto-bounces at chiark.greenend.org.uk [mailto:ukcrypto-bounces at chiark.greenend.org.uk] On Behalf Of Florian Weimer Sent: 11 January 2010 12:00 To: ukcrypto at chiark.greenend.org.uk Subject: Re: Nominet on their recent disconnection (or as they call it- "suspension") spree * Nicholas Bohm: > This suggests that Nominet suspended the sites because they were "instructed" > to do so by the police (although no legal basis for the giving of such > instructions or for complying with them was indicated in the statement). Haven't you got public safety legislation in the UK, or at least case law that covers this? I think this whole thread is quite odd---if you don't trust the police to issue appropriate orders if they encounter public safety issues, you have got significant problems as a society. The answer to that should not be to curb police powers, but to fix the underlying problems that led to such distrust in the first place. These days, you really need some organization that steps forward and stops rampant Net abuse, after carefully reviewing the situation. You can try off-shore that to Spamhaus and similar organizations, but that doesn't provide any accountability, either. From zenadsl6186 at zen.co.uk Mon Jan 11 13:05:14 2010 From: zenadsl6186 at zen.co.uk (Peter Fairbrother) Date: Mon, 11 Jan 2010 13:05:14 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> Message-ID: <4B4B220A.8020304@zen.co.uk> Charles Lindsey wrote: > On Sun, 10 Jan 2010 11:31:55 -0000, Peter Fairbrother > wrote: > >> Yes, it is interception - at least according to the ICO, Lord Bassam, >> and my reading of the Act it is. >> >> Content is made available to the person who operates the machine - if >> it wasn't, he couldn't operate it. > > But following that argument, all emails that pass through any server, > even without filtration, are "available" to the operator of the machine > (because it is technically possible for him to poke around and look at > stuff, even though he never actually does so). Yes, in a sense. In another sense, it isn't available unless he pokes around. Technically, it's the action of doing something to make content available which is the interception, not actually looking at it - though looking necessarily involves doing something (ie looking). If an action results in content being made available, in any sense, that's an interception. For example, your operator just having content available because he could poke around isn't interception, but poking around is, as it makes it available in some sense. I'd use the phrase "more available", but I don't think it works quite like that. I don't think there's a defined sense or precise meaning of the word "available", at least it isn't defined in the Act. As long as an action results in content being made available, in some sense of the phrase, it's interception. That may seem a bit weird at first sight, but I think it makes sense if you think about it. Availability is a tricky concept, with few absolutes - but there is no need to define it. I actually think that part of RIPA is quite well-written. It doesn't quite have the joys of the BSD licence (which can make me cry), but not bad! This would also include machine interception - RIPA doesn't say "made available to a person so he can read it", just "made available" - which I take to include available for any purpose, including whatever reason he "attached the black box" - or even no purpose as long as he (or his box) can potentially do something with it. -- Peter Fairbrother From zenadsl6186 at zen.co.uk Mon Jan 11 13:07:18 2010 From: zenadsl6186 at zen.co.uk (Peter Fairbrother) Date: Mon, 11 Jan 2010 13:07:18 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: <87r5pwkg17.fsf@mid.deneb.enyo.de> References: <87wrzpkoye.fsf@mid.deneb.enyo.de> <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> Message-ID: <4B4B2286.3040009@zen.co.uk> Florian Weimer wrote: > * Nicholas Bohm: > >> This suggests that Nominet suspended the sites because they were "instructed" >> to do so by the police (although no legal basis for the giving of such >> instructions or for complying with them was indicated in the statement). > > Haven't you got public safety legislation in the UK, or at least case > law that covers this? I don't think so, but maybe Nicholas will tell us different. > I think this whole thread is quite odd---if you don't trust the police > to issue appropriate orders if they encounter public safety issues, > you have got significant problems as a society. The problem is that once the police get or make up such powers they tend to use them for purposes which we wouldn't agree with. Examples abound, the photographer's thing is one recent one. I'm not even sure I agree with the recent disconnections ... but I don't know enough to say either way. However, it doesn't seem to me to be a public safety matter. The answer to that > should not be to curb police powers, but to fix the underlying > problems that led to such distrust in the first place. The underlying problem is the police abusing their (sometimes made up) powers. Curbing police powers is the only solution to that which I can think of, unless you can somehow convince the police not to abuse (or make up) powers. I wouldn't have any great reservations about the police being able to go to a Court and get an order that Nominet disconnect people - as long as there was a reason, and a right of appeal. These days, > you really need some organization that steps forward and stops rampant > Net abuse, after carefully reviewing the situation. You can try > off-shore that to Spamhaus and similar organizations, but that doesn't > provide any accountability, either. In this case it's supposedly about fraud, and the police are the correct people to deal with it, and nobody else - but the methods are wrong. -- Peter Fairbrother > > From bdm at fenrir.org.uk Mon Jan 11 13:13:55 2010 From: bdm at fenrir.org.uk (Brian Morrison) Date: Mon, 11 Jan 2010 13:13:55 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B497A82.2000308@iosis.co.uk> <0tkNS0owGdSLFAj2@perry.co.uk> <201001101625.o0AGPVmA016464@dm-holland-02.uk.sun.com> Message-ID: <20100111131355.0000722d@surtees.fenrir.org.uk> On Sun, 10 Jan 2010 20:50:20 +0000 Tony Naggs wrote: > Given that there is an anti-virus scan happening I don't understand > the prohibition on sending exe files. It makes the payload much more difficult to run, you can't have someone simply clicking on the icon, remembering that a lot of people have the file extensions hidden on their windows boxen and so that old look_at_this_nice_picture.jpg.exe trick still works. -- Brian Morrison From zenadsl6186 at zen.co.uk Mon Jan 11 13:59:45 2010 From: zenadsl6186 at zen.co.uk (Peter Fairbrother) Date: Mon, 11 Jan 2010 13:59:45 +0000 Subject: Spam-traps (was Unpersons) In-Reply-To: <4B4B1B14.9000905@ernest.net> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A0442.80108@ernest.net><4B4A0C93.9080301@ernest.net><20FC33E9179A4B3A835CF1311E1C99EE@Powerstation><6ED388AA006C454BA35B0098396B9BFB0670309B@uxsrvr20.atlas.ukerna.ac.uk> <3B468F8FA4CA4BD3A881CDDC279677A8@Powerstation> <6ED388AA006C454BA35B0098396B9BFB06703114@uxsrvr20.atlas.ukerna.ac.uk> <4B4B1B14.9000905@ernest.net> Message-ID: <4B4B2ED1.7020308@zen.co.uk> Nicholas Bohm wrote: > Andrew Cormack wrote: > I am doubtful whether filtering email is a telecommunications service > ("any service that consists in the provision of access to, and of > facilities for making use of, any telecommunication system (whether or > not one provided by the person providing the service)"), and if it isn't > then s3(3) doesn't justify interception just because you've opted for > filtering. >> Incidentally the Article 29 Working Party's Opinion 2/2006 reckons that >> anti-spam activities are justified under European Data Protection law as >> necessary to protect the technical operation of the ISP's basic e-mail >> delivery system, which might (they think) otherwise be overwhelmed by >> the volume of mail. >> (http://ec.europa.eu/justice_home/fsj/privacy/docs/wpdocs/2006/wp118_en. >> pdf) > If this is right as a matter of fact (and I find it credible enough), > then that does indeed provide a s3(3) justification for interception for > filtering, because it's done for purposes connected with the provision > or operation of the telecommunication service itself. I agree entirely with your legal analysis, but I have a distinct problem with the overwhelmingness. Anti-spamming laws are properly justified on these (and other) grounds, but I don't see that interception is warranted. In the (now perhaps changing?) usual case the spam gets to the recipient's mail server before rejection. That's only one hop saved, and if, as a polite spam filter does, a reply message is sent saying that the message has been rejected then there's *lots* more traffic overall than if it wasn't filtered and rejected, and was just passed on to the recipient. The recently changing (Virgin) measures mentioned seem to be more about virus protection than spam filtering, but I haven't examined them closely. -- Peter Fairbrother From nbohm at ernest.net Mon Jan 11 14:13:19 2010 From: nbohm at ernest.net (Nicholas Bohm) Date: Mon, 11 Jan 2010 14:13:19 +0000 Subject: Spam-traps (was Unpersons) In-Reply-To: <4B4B2ED1.7020308@zen.co.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A0442.80108@ernest.net><4B4A0C93.9080301@ernest.net><20FC33E9179A4B3A835CF1311E1C99EE@Powerstation><6ED388AA006C454BA35B0098396B9BFB0670309B@uxsrvr20.atlas.ukerna.ac.uk> <3B468F8FA4CA4BD3A881CDDC279677A8@Powerstation> <6ED388AA006C454BA35B0098396B9BFB06703114@uxsrvr20.atlas.ukerna.ac.uk> <4B4B1B14.9000905@ernest.net> <4B4B2ED1.7020308@zen.co.uk> Message-ID: <4B4B31FF.3050801@ernest.net> An HTML attachment was scrubbed... URL: From lists at internetpolicyagency.com Mon Jan 11 17:23:01 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Mon, 11 Jan 2010 17:23:01 +0000 Subject: Unpersons In-Reply-To: <20100111131355.0000722d@surtees.fenrir.org.uk> References: <4B445388.5030704@callnetuk.com> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B497A82.2000308@iosis.co.uk> <0tkNS0owGdSLFAj2@perry.co.uk> <201001101625.o0AGPVmA016464@dm-holland-02.uk.sun.com> <20100111131355.0000722d@surtees.fenrir.org.uk> Message-ID: In article <20100111131355.0000722d at surtees.fenrir.org.uk>, Brian Morrison writes >> Given that there is an anti-virus scan happening I don't understand >> the prohibition on sending exe files. > >It makes the payload much more difficult to run, you can't have someone >simply clicking on the icon, remembering that a lot of people have the >file extensions hidden on their windows boxen and so that old >look_at_this_nice_picture.jpg.exe trick still works. I think what Tony was asking is "why ban .exe files when there's a subsequent virus check that will catch the bad ones anyway". -- Roland Perry From lists at internetpolicyagency.com Mon Jan 11 17:40:22 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Mon, 11 Jan 2010 17:40:22 +0000 Subject: Spam-traps (was Unpersons) In-Reply-To: <4B4B31FF.3050801@ernest.net> References: <4B445388.5030704@callnetuk.com> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A0442.80108@ernest.net> <4B4A0C93.9080301@ernest.net> <20FC33E9179A4B3A835CF1311E1C99EE@Powerstation> <6ED388AA006C454BA35B0098396B9BFB0670309B@uxsrvr20.atlas.ukerna.ac.uk> <3B468F8FA4CA4BD3A881CDDC279677A8@Powerstation> <6ED388AA006C454BA35B0098396B9BFB06703114@uxsrvr20.atlas.ukerna.ac.uk> <4B4B1B14.9000905@ernest.net> <4B4B2ED1.7020308@zen.co.uk> <4B4B31FF.3050801@ernest.net> Message-ID: In article <4B4B31FF.3050801 at ernest.net>, Nicholas Bohm writes >.? When my inward spam was running at over 20,000 messages a day, >filtering out the spam made email usable by me when otherwise it >wouldn't have been; but just how this helped the rest of the users of >the Internet I don't know.? It stops users' in-boxes clogging up, and in the limit stops the ISP having to bounce legitimate emails with a "mailbox full" message. >I hope someone else does.? Nowadays my inward spam (when I last looked) >was more like 100 messages a day, so perhaps what somebody is doing >somewhere is producing useful effects Throwing it away before you see it, which was what Peter was wondering about. -- Roland Perry From lists at internetpolicyagency.com Mon Jan 11 17:46:56 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Mon, 11 Jan 2010 17:46:56 +0000 Subject: Unpersons In-Reply-To: <4B4B1126.6060609@ernest.net> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> <4B4B1126.6060609@ernest.net> Message-ID: In article <4B4B1126.6060609 at ernest.net>, Nicholas Bohm writes >>But following that argument, all emails that pass through any server, >>even without filtration, are "available" to the operator of the >>machine (because it is technically possible for him to poke around and >>look at stuff, even though he never actually does so). >Your point is why the section refers to modification of or interference >with the relevant system as being a required element to constitute >interception I worry about the "modification" wording because some equipment (and all modern telephone exchanges) are supplied "intercept ready". This implies it's not illegal to use those built-in intercept capabilities nefariously. -- Roland Perry From lists at internetpolicyagency.com Mon Jan 11 17:50:25 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Mon, 11 Jan 2010 17:50:25 +0000 Subject: Unpersons In-Reply-To: <4B4B220A.8020304@zen.co.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> <4B4B220A.8020304@zen.co.uk> Message-ID: <5QwedVxhT2SLFAxZ@perry.co.uk> In article <4B4B220A.8020304 at zen.co.uk>, Peter Fairbrother writes >For example, your operator just having content available because he >could poke around isn't interception, but poking around is, as it makes >it available in some sense. But that's diametrically opposed to the normal received wisdom expressed on this list that virus checking *is* interception simply because the sysadmin *could* look at the emails it was sorting; rather than only when he actually *did* look at them. -- Roland Perry From lists at internetpolicyagency.com Mon Jan 11 18:20:33 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Mon, 11 Jan 2010 18:20:33 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: References: <87wrzpkoye.fsf@mid.deneb.enyo.de> <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> Message-ID: In article , Roger Hayter writes >My concept of public safety does not extend to preventing people from >buying tickets from obscure websites which are unlikely to deliver However it's a core remit of organisations such as the OFT, Scambusters (Trading Standards) and the National Fraud Centre. >them. The cost is, anyway, normally reimbursed by the credit card >companies Unfortunately there are many scams where the "supplier" insists on payment by bank/wire transfer, cash paid into a bank account, or electronic money payment systems. Which they make sound plausible, because that's their business. And if you want to say "only ever use a Credit Card online", there are many people (those least able to stand the loss, including students) who only have Solo and other debit cards. The ease of getting money back from a credit card is much exaggerated too (concert tickets being a no-show are often after the time limits set by the CC companies) and not every Credit Card Company volunteers to give sums References: <87wrzpkoye.fsf@mid.deneb.enyo.de> <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> <4B4B2286.3040009@zen.co.uk> Message-ID: In article <4B4B2286.3040009 at zen.co.uk>, Peter Fairbrother writes >I'm not even sure I agree with the recent disconnections ... but I >don't know enough to say either way. However, it doesn't seem to me to >be a public safety matter. Sometimes it's literally so, if the counterfeit items bought are fake drugs or ineffectual brake pads. Otherwise we are in general Trading Standards territory - is there an economy of scale in having public servants whose job it is to close down dodgy traders, or does every victim have to pursue it on their own account? -- Roland Perry From mjdb at dorevale.demon.co.uk Mon Jan 11 18:57:02 2010 From: mjdb at dorevale.demon.co.uk (M J D Brown) Date: Mon, 11 Jan 2010 18:57:02 -0000 Subject: Spam-traps (was Unpersons) References: <4B445388.5030704@callnetuk.com> <4B4619D8.6000101@callnetuk.com><1BEA602E6B1849E48279E004020C08A6@Powerstation><4B46C906.8050203@zen.co.uk><00D8A99FF3764B75861B5EE6A244ECD6@enigma><10A1C9C90C3C44F2832BADA91798C64F@Powerstation><4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A0442.80108@ernest.net> <4B4A0C93.9080301@ernest.net><20FC33E9179A4B3A835CF1311E1C99EE@Powerstation><6ED388AA006C454BA35B0098396B9BFB0670309B@uxsrvr20.atlas.ukerna.ac.uk><3B468F8FA4CA4BD3A881CDDC279677A8@Powerstation><6ED388AA006C454BA35B0098396B9BFB06703114@uxsrvr20.atlas.ukerna.ac.uk><4B4B1B14.9000905@ernest.net> <4B4B2ED1.7020308@zen.co.uk><4B4B31FF.3050801@ernest.net> Message-ID: <7BD6FA1B84A44673A93DB207F68DF1EF@Powerstation> Perhaps Nicholas (and others) might look to another ISP if still getting 100 spam messages a day. I have been on the Internet everyday near enough for the past 15 years using the same Demon email address. My usual spam input has been no more than two or three per day since Demon introduced their spam filtering whilst, as I have a pretty good idea of my real correspondents, I am rather confident that I am not losing genuine traffic. Mike. ----- Original Message ----- From: "Roland Perry" To: Sent: Monday, January 11, 2010 5:40 PM Subject: Re: Spam-traps (was Unpersons) In article <4B4B31FF.3050801 at ernest.net>, Nicholas Bohm writes >. When my inward spam was running at over 20,000 messages a day, >filtering out the spam made email usable by me when otherwise it >wouldn't have been; but just how this helped the rest of the users of >the Internet I don't know. It stops users' in-boxes clogging up, and in the limit stops the ISP having to bounce legitimate emails with a "mailbox full" message. >I hope someone else does. Nowadays my inward spam (when I last looked) >was more like 100 messages a day, so perhaps what somebody is doing >somewhere is producing useful effects Throwing it away before you see it, which was what Peter was wondering about. -- From nbohm at ernest.net Mon Jan 11 18:57:45 2010 From: nbohm at ernest.net (Nicholas Bohm) Date: Mon, 11 Jan 2010 18:57:45 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> <4B4B1126.6060609@ernest.net> Message-ID: <4B4B74A9.5050300@ernest.net> An HTML attachment was scrubbed... URL: From nbohm at ernest.net Mon Jan 11 19:02:49 2010 From: nbohm at ernest.net (Nicholas Bohm) Date: Mon, 11 Jan 2010 19:02:49 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: References: <87wrzpkoye.fsf@mid.deneb.enyo.de> <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> <4B4B2286.3040009@zen.co.uk> Message-ID: <4B4B75D9.6040000@ernest.net> An HTML attachment was scrubbed... URL: From nbohm at ernest.net Mon Jan 11 19:07:56 2010 From: nbohm at ernest.net (Nicholas Bohm) Date: Mon, 11 Jan 2010 19:07:56 +0000 Subject: Spam-traps (was Unpersons) In-Reply-To: <7BD6FA1B84A44673A93DB207F68DF1EF@Powerstation> References: <4B445388.5030704@callnetuk.com> <4B4619D8.6000101@callnetuk.com><1BEA602E6B1849E48279E004020C08A6@Powerstation><4B46C906.8050203@zen.co.uk><00D8A99FF3764B75861B5EE6A244ECD6@enigma><10A1C9C90C3C44F2832BADA91798C64F@Powerstation><4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A0442.80108@ernest.net> <4B4A0C93.9080301@ernest.net><20FC33E9179A4B3A835CF1311E1C99EE@Powerstation><6ED388AA006C454BA35B0098396B9BFB0670309B@uxsrvr20.atlas.ukerna.ac.uk><3B468F8FA4CA4BD3A881CDDC279677A8@Powerstation><6ED388AA006C454BA35B0098396B9BFB06703114@uxsrvr20.atlas.ukerna.ac.uk><4B4B1B14.9000905@ernest.net> <4B4B2ED1.7020308@zen.co.uk><4B4B31FF.3050801@ernest.net> <7BD6FA1B84A44673A93DB207F68DF1EF@Powerstation> Message-ID: <4B4B770C.7080706@ernest.net> An HTML attachment was scrubbed... URL: From ukcrypto at originalthinktank.org.uk Mon Jan 11 19:34:42 2010 From: ukcrypto at originalthinktank.org.uk (Chris Salter) Date: Mon, 11 Jan 2010 19:34:42 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B497A82.2000308@iosis.co.uk> <0tkNS0owGdSLFAj2@perry.co.uk> <201001101625.o0AGPVmA016464@dm-holland-02.uk.sun.com> <20100111131355.0000722d@surtees.fenrir.org.uk> Message-ID: <510277872.20100111193442@originalthinktank.org.uk> Hello Roland and UKCrypto, Monday, January 11, 2010, 5:23:01 PM, you wrote: > In article <20100111131355.0000722d at surtees.fenrir.org.uk>, Brian > Morrison writes >>> Given that there is an anti-virus scan happening I don't understand >>> the prohibition on sending exe files. >> >>It makes the payload much more difficult to run, you can't have someone >>simply clicking on the icon, remembering that a lot of people have the >>file extensions hidden on their windows boxen and so that old >>look_at_this_nice_picture.jpg.exe trick still works. > I think what Tony was asking is "why ban .exe files when there's a > subsequent virus check that will catch the bad ones anyway". Current anti-virus technology is largely based on signature profiles, albeit with some heuristic analysis capability and offers limited protection. That's not to say AV technology should not be implemented, just that it should form part of a belt and braces approach. Personally, I would not want *my* service providers (ISP et al) to ban ..exe files but I understand why in 'sysadmin circles' the considered advice is to block as much 'potentially malicious' code at your network borders as possible. Executable files are an obvious candidate for blocking as early 'en route' as feasible. However, IMHO, the room for manoeuvre in this respect for ISP sysadmins is not the same as that for corporate sysadmins. ISP customers *should* be allowed to manage their own security unless they prove on an individual basis to be less than competent in implementing effective security. Chris -- Chris Salter mailto:ukcrypto at originalthinktank.org.uk Cornwall United Kingdom http://www.originalthinktank.org.uk/ From chl at clerew.man.ac.uk Mon Jan 11 19:50:07 2010 From: chl at clerew.man.ac.uk (Charles Lindsey) Date: Mon, 11 Jan 2010 19:50:07 -0000 Subject: Unpersons In-Reply-To: <4B4B220A.8020304@zen.co.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> <4B4B220A.8020304@zen.co.uk> Message-ID: On Mon, 11 Jan 2010 13:05:14 -0000, Peter Fairbrother wrote: > This would also include machine interception - RIPA doesn't say "made > available to a person so he can read it", just "made available" - which > I take to include available for any purpose, including whatever reason > he "attached the black box" - or even no purpose as long as he (or his > box) can potentially do something with it. No, what the Act says is "made available ... to a person" (and a machine is not a person). So if all the box does is to delete or mark the message according to some programmed rules, then it has never been made "to a person" (unless slme person deliberately pokes around, which we agree is a separate circumstance). Nor has the operator has done anything to make the content available to any person (indeed he has designed his box specifically NOT to make it so available). -- Charles?H.?Lindsey?---------At?Home,?doing?my?own?thing------------------------ Tel:?+44?161?436?6131? ???Web:?http://www.cs.man.ac.uk/~chl Email:?chl at clerew.man.ac.uk??????Snail:?5?Clerewood?Ave,?CHEADLE,?SK8?3JU,?U.K. PGP:?2C15F1A9??????Fingerprint:?73?6D?C2?51?93?A0?01?E7?65?E8?64?7E?14?A4?AB?A5 From chl at clerew.man.ac.uk Mon Jan 11 19:54:04 2010 From: chl at clerew.man.ac.uk (Charles Lindsey) Date: Mon, 11 Jan 2010 19:54:04 -0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> <4B4B1126.6060609@ernest.net> Message-ID: On Mon, 11 Jan 2010 12:39:15 -0000, Tom Thomson wrote: > Honey-pot based spam filtering involves fingerprinting so it?s > interception, so unless it?s taking place on one of the email servers > and is needed to provide the email service or taking place on a network > component and needed to provide the comms service it is illegal even if > the addressee has authorized it (unless of course the sender also > authorized it). How can that be? The spammer clearly intended the message to be delivered to the honey pot, and he fully hoped (in his ignorance of its nature) that the owner of the pot would read it. In this case the ISP is the said owner, so they are just reading email addressed to themselves. -- Charles?H.?Lindsey?---------At?Home,?doing?my?own?thing------------------------ Tel:?+44?161?436?6131? ???Web:?http://www.cs.man.ac.uk/~chl Email:?chl at clerew.man.ac.uk??????Snail:?5?Clerewood?Ave,?CHEADLE,?SK8?3JU,?U.K. PGP:?2C15F1A9??????Fingerprint:?73?6D?C2?51?93?A0?01?E7?65?E8?64?7E?14?A4?AB?A5 From bdm at fenrir.org.uk Mon Jan 11 20:18:20 2010 From: bdm at fenrir.org.uk (Brian Morrison) Date: Mon, 11 Jan 2010 20:18:20 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B497A82.2000308@iosis.co.uk> <0tkNS0owGdSLFAj2@perry.co.uk> <201001101625.o0AGPVmA016464@dm-holland-02.uk.sun.com> <20100111131355.0000722d@surtees.fenrir.org.uk> Message-ID: <20100111201820.000012d0@surtees.fenrir.org.uk> On Mon, 11 Jan 2010 17:23:01 +0000 Roland Perry wrote: > In article <20100111131355.0000722d at surtees.fenrir.org.uk>, Brian > Morrison writes > >> Given that there is an anti-virus scan happening I don't understand > >> the prohibition on sending exe files. > > > >It makes the payload much more difficult to run, you can't have > >someone simply clicking on the icon, remembering that a lot of > >people have the file extensions hidden on their windows boxen and so > >that old look_at_this_nice_picture.jpg.exe trick still works. > > I think what Tony was asking is "why ban .exe files when there's a > subsequent virus check that will catch the bad ones anyway". Ah, that's easy. Virus scanners don't catch all possible infected exe files, so many sysadmins ban them completely. -- Brian Morrison From zenadsl6186 at zen.co.uk Tue Jan 12 04:36:26 2010 From: zenadsl6186 at zen.co.uk (Peter Fairbrother) Date: Tue, 12 Jan 2010 04:36:26 +0000 Subject: Unpersons In-Reply-To: <5QwedVxhT2SLFAxZ@perry.co.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> <4B4B220A.8020304@zen.co.uk> <5QwedVxhT2SLFAxZ@perry.co.uk> Message-ID: <4B4BFC4A.5030403@zen.co.uk> Roland Perry wrote: > In article <4B4B220A.8020304 at zen.co.uk>, Peter Fairbrother > writes >> For example, your operator just having content available because he >> could poke around isn't interception, but poking around is, as it >> makes it available in some sense. > > But that's diametrically opposed to the normal received wisdom expressed > on this list that virus checking *is* interception simply because the > sysadmin *could* look at the emails it was sorting; rather than only > when he actually *did* look at them. Eh? The operation of a virus checker is interception because the virus checker actually does look at emails (on behalf of a person). The action of installing a virus checker is also interception, even if it's never switched on, because it could look at the emails. [note to others, the definition of interception in RIPA is very different to the everyday definition of the word] -- Peter Fairbrother From zenadsl6186 at zen.co.uk Tue Jan 12 04:43:11 2010 From: zenadsl6186 at zen.co.uk (Peter Fairbrother) Date: Tue, 12 Jan 2010 04:43:11 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> <4B4B220A.8020304@zen.co.uk> Message-ID: <4B4BFDDF.7050300@zen.co.uk> Charles Lindsey wrote: > On Mon, 11 Jan 2010 13:05:14 -0000, Peter Fairbrother > wrote: > >> This would also include machine interception - RIPA doesn't say "made >> available to a person so he can read it", just "made available" - >> which I take to include available for any purpose, including whatever >> reason he "attached the black box" - or even no purpose as long as he >> (or his box) can potentially do something with it. > > No, what the Act says is "made available ... to a person" (and a machine > is not a person). So if all the box does is to delete or mark the > message according to some programmed rules, then it has never been made > "to a person" (unless slme person deliberately pokes around, which we > agree is a separate circumstance). The box is doing the marking or deletion on behalf of a person. In some sense of the word, the emails are available to the person, to mark or delete, even if he personally can't read them. Guns don't kill people, people with guns do. Boxes don't intercept, people with boxes do. -- Peter Fairbrother From zenadsl6186 at zen.co.uk Tue Jan 12 04:59:24 2010 From: zenadsl6186 at zen.co.uk (Peter Fairbrother) Date: Tue, 12 Jan 2010 04:59:24 +0000 Subject: Unpersons In-Reply-To: <4B4B74A9.5050300@ernest.net> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> <4B4B1126.6060609@ernest.net> <4B4B74A9.5050300@ernest.net> Message-ID: <4B4C01AC.6010102@zen.co.uk> Nicholas Bohm wrote: [...] > > Note that these are alternatives, so that even if there is no > modification (or interference), but there is monitoring, then there is > interception. That still leaves a residual discomfort, perhaps - if the > contents are available without modifying the system, how can the > monitoring make them available if they already are? That's not an actual problem, although it may not be immediately obvious why. A McGuffin buried in Spain is, in a sense, not available to me, as I'm not in Spain. But I could go to Spain, so in another sense it is available to me. Now I'm in Spain (I wish, it's b---y cold!) but I haven't got a shovel, so I can't dig it up, and it's not available to me. But I could buy a shovel, so it is available to me. Same situations, two different answers, depending on point of view. "Available" is not an unqualified absolute. In the Spanish example, before I go to Spain you could say that the McGuffin is not available to me, as I'm not in Spain; and once I've gone to Spain you could say that is now available to me, as all I have to do is buy a shovel and dig it up. Or in the sysadmin's case, once he has poked around all he has to do is put content on his screen and look at it, whereas before he poked around he had to poke around before content became available to him. Poking around, or going to Spain, has made it available. > (That's why Peter > said he supposed it meant "more available", if I understand him right.) You could also say that poking around or going to Spain has made it more available, which is simpler - but I don't think it works quite that way. The difference is hard to explain. Actually the whole concept is hard to explain by email, though it's quite simple really. I think if you can look at a situation from some point of view and say, in *any* sense of the phrase, that content has been made available, then it's interception. To get back to your original point, monitoring has made content available in the sense that if he didn't monitor, he couldn't access the emails. Whether they were "available" to him in some sense before doesn't matter, using another sense of the word "available" without monitoring they weren't available to him. "Available" is not an unqualified absolute. -- Peter Fairbrother From zenadsl6186 at zen.co.uk Tue Jan 12 05:42:43 2010 From: zenadsl6186 at zen.co.uk (Peter Fairbrother) Date: Tue, 12 Jan 2010 05:42:43 +0000 Subject: Availability, was Re:Unpersons In-Reply-To: <4B4C01AC.6010102@zen.co.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> <4B4B1126.6060609@ernest.net> <4B4B74A9.5050300@ernest.net> <4B4C01AC.6010102@zen.co.uk> Message-ID: <4B4C0BD3.8020305@zen.co.uk> Peter Fairbrother wrote: > Nicholas Bohm wrote: > > (That's why Peter >> said he supposed it meant "more available", if I understand him right.) > > > You could also say that poking around or going to Spain has made it more > available, which is simpler - but I don't think it works quite that way. > > The difference is hard to explain. Actually the whole concept is hard to > explain by email, though it's quite simple really. I'll give it a try. The concept of "more available" implies a scale of availability, which may or may not have one or more endpoints - "absolutely available" and "absolutely unavailable". We could then assign a value to the availability of the mcguffin, compared to some scale and point - but in the real world availability depends on the total situation, and the value would change when the situation did. Comparing two situations, in the real world we might be able to say that from one point of view the first is more available, and from another point of view the second is. The concept of "more available" doesn't work globally in the real world. What we can do however is compare two situations which are similar except for one difference, and usually we can say unequivocally whether the difference has made some thing available in some circumstance when it wasn't available before. This does not imply that the thing is available or unavailable in a global sense, just in that circumstance. An that's the best we can do, in the real world. That's what the word "availability" actually means - whether it's available in some circumstances, usually implied. Informational entropy also behaves like this, btw. A bit might do nothing, or launch a nuclear attack - it depends on the situation. -- Peter Fairbrother From zenadsl6186 at zen.co.uk Tue Jan 12 06:01:47 2010 From: zenadsl6186 at zen.co.uk (Peter Fairbrother) Date: Tue, 12 Jan 2010 06:01:47 +0000 Subject: Availability, was Re:Unpersons In-Reply-To: <4B4C0BD3.8020305@zen.co.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> <4B4B1126.6060609@ernest.net> <4B4B74A9.5050300@ernest.net> <4B4C01AC.6010102@zen.co.uk> <4B4C0BD3.8020305@zen.co.uk> Message-ID: <4B4C104B.8010305@zen.co.uk> Peter Fairbrother wrote: > What we can do however is compare two situations which are similar > except for one difference, and usually we can say unequivocally whether > the difference has made some thing available in some circumstance when > it wasn't available before. > > This does not imply that the thing is available or unavailable in a > global sense, just in that circumstance. > > An that's the best we can do, in the real world. That's what the word > "availability" actually means - whether it's available in some > circumstances, usually implied. Didn't put that too well - availability means you can do something, usually implied, with the mcguffin, in some circumstance, again usually implied. For instance suppose I have some money in my hand. I could spend it, if the shops were open. But it's someone else's money, and I can't spend it unless I'm going to steal it. Is it available to me? That depends on whether you're asking if I can spend it or put it in my sock drawer, when the shops are open, and whether I'm going to steal it. "What we can do however is compare two situations which are similar except for one difference; and usually we can say unequivocally whether the difference allows me to do something with the macguffin in some circumstance when I couldn't do it before." -- Peter Fairbrother From james2 at jfirth.net Tue Jan 12 07:30:44 2010 From: james2 at jfirth.net (James Firth) Date: Tue, 12 Jan 2010 07:30:44 -0000 Subject: Spam-traps (was Unpersons) In-Reply-To: References: <4B445388.5030704@callnetuk.com> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A0442.80108@ernest.net> <4B4A0C93.9080301@ernest.net> <20FC33E9179A4B3A835CF1311E1C99EE@Powerstation> <6ED388AA006C454BA35B0098396B9BFB0670309B@uxsrvr20.atlas.ukerna.ac.uk> <3B468F8FA4CA4BD3A881CDDC279677A8@Powerstation> <6ED388AA006C454BA35B0098396B9BFB06703114@uxsrvr20.atlas.ukerna.ac.uk> <4B4B1B14.9000905@ernest.net> <4B4B2ED1.7020308@zen.co.uk> <4B4B31FF.3050801@ernest.net> Message-ID: <001b01ca9359$28517580$78f46080$@net> Roland Perry wrote: > In article <4B4B31FF.3050801 at ernest.net>, Nicholas Bohm > writes > > >.? When my inward spam was running at over 20,000 messages a day, > >filtering out the spam made email usable by me when otherwise it > >wouldn't have been; but just how this helped the rest of the users of > >the Internet I don't know. > > It stops users' in-boxes clogging up, and in the limit stops the ISP > having to bounce legitimate emails with a "mailbox full" message. Actually my own (unofficial, unpublished) experimentation has shown by far the best "first pass" to reduce spam definitely does not involve interception. A good spam IP blacklist is both fast and effective in reducing spam by approx 97%. > > >I hope someone else does.? Nowadays my inward spam (when I last > looked) > >was more like 100 messages a day, so perhaps what somebody is doing > >somewhere is producing useful effects > > Throwing it away before you see it, which was what Peter was wondering > about. No. An IP blacklist coupled with protocols checks (peer SMTP server obeys best practice, forward+reverse DNS match, Sender Policy Framework etc) not only avoids interception as it's only concerned with looking at interactions with the mail server itself but it also does not "throw away before you see it." Instead the end-point server simply refuses to accept delivery of the mail. Depending on how the sender's server and any relay is configured, any legitimate sender should be aware at least that the mail did not reach its destination. Further check such as DKIM (DomainKeys Identified Mail) can be more effective than Sender Policy Framework (SPF) in ensuring the mail originated at an "authorised" server for any given domain. Once it's been established email is authorised to come from the domain from which it appears to emanate, more traditional blacklisting, usually in the mail client, can be used with confidence. My view is that there is no real use for content scanning at a network (ISP) level, although your end-point mail server is a useful place for sender blacklisting, and many people have use their ISP as their Email Service Provider. James Firth --- http://www.daltonfirth.co.uk From james2 at jfirth.net Tue Jan 12 07:53:31 2010 From: james2 at jfirth.net (James Firth) Date: Tue, 12 Jan 2010 07:53:31 -0000 Subject: Spam-traps (was Unpersons) In-Reply-To: <001b01ca9359$28517580$78f46080$@net> References: <4B445388.5030704@callnetuk.com> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A0442.80108@ernest.net> <4B4A0C93.9080301@ernest.net> <20FC33E9179A4B3A835CF1311E1C99EE@Powerstation> <6ED388AA006C454BA35B0098396B9BFB0670309B@uxsrvr20.atlas.ukerna.ac.uk> <3B468F8FA4CA4BD3A881CDDC279677A8@Powerstation> <6ED388AA006C454BA35B0098396B9BFB06703114@uxsrvr20.atlas.ukerna.ac.uk> <4B4B1B14.9000905@ernest.net> <4B4B2ED1.7020308@zen.co.uk> <4B4B31FF.3050801@ernest.net> <001b01ca9359$28517580$78f46080$@net> Message-ID: <001e01ca935c$5602d160$02087420$@net> It seems from some of the discussion that spam and virus filtering has become somewhat intertwined. A personal thought on content filtering... == ON Spam == Producing definitions for content filters is one business model proven to work in the "digital age" despite ease of [unlawful] copying and distribution. Producing definitions for content filters seems currently to be rather big business. Big companies are persuaded to use services with some level of contextual filtering and are paying a premium for doing so. Most people would believe that a content-filtered solution (e.g. to spam) is the best there is, because it's being sold as such. But I've found contextual filtering a lacklustre and strewn with too many false-positives. A total pain from both from a senders' and receivers' perspective. == ON Viruses == Network scanning for viruses is somewhat a hot potato. It's clearly useful, but "boxes" need to be installed, and for effective signature matching the boxes are powerful multi-purpose "layer 5" switches. Once installed, and depending on definitions of availability, all subscriber's complete browsing and email streams /could become/ "available" to any programmer with access to the kit. So then in my opinion it all comes down to safeguards within the ISP. It's a bit like the Phorm argument all over again. How does one have confidence that the box is doing exactly what's intended, and only what's intended? (For the avoidance of doubt, my main worry is that criminal "gangs" would find access to one of these boxes a bit of a gold mine, and generally one of the weakest links in the security fence is human). James Firth --- http://www.daltonfirth.co.uk From igor at hybrid-lab.co.uk Tue Jan 12 08:31:06 2010 From: igor at hybrid-lab.co.uk (Igor Mozolevsky) Date: Tue, 12 Jan 2010 08:31:06 +0000 Subject: Unpersons In-Reply-To: <4B445388.5030704@callnetuk.com> References: <4B445388.5030704@callnetuk.com> Message-ID: 2010/1/6 Pete Mitchell : > Trying to access the Islam4UK website (the people who are promoting this > Wootton Bassett march) I get a DNS lookup failure. > > Google cached the home page as recently as 29 Dec, although I can't access > the cached copy there either. Just appeared on BBC News website: "BREAKING NEWS: Islam4UK to be banned under counter-terrorism laws, home secretary says" no further story so far... Cheers, -- Igor From tony.naggs at googlemail.com Tue Jan 12 09:07:11 2010 From: tony.naggs at googlemail.com (Tony Naggs) Date: Tue, 12 Jan 2010 09:07:11 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> Message-ID: Somebody mentioned the ban yesterday morning, referencing the Daily Mail. It is also covered on the website for other papers either yesterday or today, e.g.: http://www.guardian.co.uk/politics/2010/jan/11/islam4uk-al-muhajiroun-ban-laws http://www.telegraph.co.uk/news/newstopics/politics/6972109/Wootton-Bassett-protest-group-Islam4UK-to-be-banned.html 2010/1/12 Igor Mozolevsky : > > Just appeared on BBC News website: > > "BREAKING NEWS: Islam4UK to be banned under counter-terrorism laws, > home secretary says" > > no further story so far... > > > Cheers, From matthew at pemble.net Tue Jan 12 09:14:38 2010 From: matthew at pemble.net (Matthew Pemble) Date: Tue, 12 Jan 2010 09:14:38 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> Message-ID: 2010/1/12 Tony Naggs : > Somebody mentioned the ban yesterday morning, referencing the Daily > Mail. > > 2010/1/12 Igor Mozolevsky : >> >> "BREAKING NEWS: Islam4UK to be banned under counter-terrorism laws, >> home secretary says" >> >> no further story so far... The BBC story behind the link is an update - adding the "I have placed an order" - there is nothing showing on the OPSI or "Official Documents" rss feeds, as yet. -- Matthew Pemble Technical Director, Idrach Ltd Mobile: +44 (0) 7595 652175 Office: + 44 (0) 1324 820690 From lists at internetpolicyagency.com Tue Jan 12 10:42:51 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Tue, 12 Jan 2010 10:42:51 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: <4B4B75D9.6040000@ernest.net> References: <87wrzpkoye.fsf@mid.deneb.enyo.de> <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> <4B4B2286.3040009@zen.co.uk> <4B4B75D9.6040000@ernest.net> Message-ID: In article <4B4B75D9.6040000 at ernest.net>, Nicholas Bohm writes >Roland Perry wrote: > In article <4B4B2286.3040009 at zen.co.uk>, Peter Fairbrother > writes >> I'm not even sure I agree with the recent disconnections ...? but >> I don't know enough to say either way. However, it doesn't seem >> to me to be a public safety matter. > > Sometimes it's literally so, if the counterfeit items bought are > fake drugs or ineffectual brake pads. Otherwise we are in general > Trading Standards territory - is there an economy of scale in having > public servants whose job it is to close down dodgy traders, or does > every victim have to pursue it on their own account? >I agree with Florian that we need accountable public servants to chase >down this sort of wrongdoing.? But having done so, I don't think it's >their job to "close down" sites Is that because there's something special about websites (being a communications medium)? There is plenty of precedent for organisations cancelling people's contacts, or terminating service, if they have broken some acceptable use policy, or failed to abide by the terms and conditions. ISPs have been known to cancel the accounts of spammers, for example; and they do that without first getting a court to rule on a breach of the unsolicited communications law. >by "instructing" There is perhaps some difficulty with this word. However, there are many forms of law enforcement which are in some sense "friendly instructions" like "prune that hedge which is blocking the pavement or.... we will trim it for you and send you the bill". Without a court order, probably. >registrars or registries (who chooses these lucid names?) what to do.? To some extent they are wholesaler and retailer. (There's actually a debate raging elsewhere about whether these wholesalers should be banned from selling direct, but I digress). >I think they should present the evidence of wrongdoing and ask for >co-operation, if appropriate giving a warning against the perils of >helping crooks.? I think that's exactly what's happening in practice. >If they don't get co-operation they should be able to get the aid of a >court; and if the courts lack the necessary powers, there is a >legislative gap that needs filling. Clause 19 of the Digital Economy Bill might be worth reading at this point. -- Roland Perry From otcbn at callnetuk.com Tue Jan 12 11:28:08 2010 From: otcbn at callnetuk.com (Pete Mitchell) Date: Tue, 12 Jan 2010 11:28:08 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: References: <87wrzpkoye.fsf@mid.deneb.enyo.de> <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> <4B4B2286.3040009@zen.co.uk> <4B4B75D9.6040000@ernest.net> Message-ID: <4B4C5CC8.7020908@callnetuk.com> Roland Perry wrote on 12-01-10 10:42: > In article <4B4B75D9.6040000 at ernest.net>, Nicholas Bohm > writes >> I agree with Florian that we need accountable public servants to chase >> down this sort of wrongdoing. But having done so, I don't think it's >> their job to "close down" sites > > Is that because there's something special about websites (being a > communications medium)? It's because there is something special about freedom of speech. -- Pete Mitchell From matthew at pemble.net Tue Jan 12 11:33:57 2010 From: matthew at pemble.net (Matthew Pemble) Date: Tue, 12 Jan 2010 11:33:57 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: <4B4C5CC8.7020908@callnetuk.com> References: <87wrzpkoye.fsf@mid.deneb.enyo.de> <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> <4B4B2286.3040009@zen.co.uk> <4B4B75D9.6040000@ernest.net> <4B4C5CC8.7020908@callnetuk.com> Message-ID: Folks, 2010/1/12 Pete Mitchell : > > It's because there is something special about freedom of speech. > -- But not all speech is equally free - and speech promoting or enabling crime is one of the areas in which it is less free than others, even if you take the USian point of view where the protection against government interference in such matters is much stronger than under HRA98 Article 10 which specifically allows restrictions "for the prevention of disorder or crime". M. -- Matthew Pemble Technical Director, Idrach Ltd Mobile: +44 (0) 7595 652175 Office: + 44 (0) 1324 820690 From otcbn at callnetuk.com Tue Jan 12 11:58:25 2010 From: otcbn at callnetuk.com (Pete Mitchell) Date: Tue, 12 Jan 2010 11:58:25 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: References: <87wrzpkoye.fsf@mid.deneb.enyo.de> <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> <4B4B2286.3040009@zen.co.uk> <4B4B75D9.6040000@ernest.net> <4B4C5CC8.7020908@callnetuk.com> Message-ID: <4B4C63E1.2060509@callnetuk.com> Matthew Pemble wrote on 12-01-10 11:33: > Folks, > > 2010/1/12 Pete Mitchell : >> It's because there is something special about freedom of speech. > > But not all speech is equally free Obviously. Equally obviously, we would be fools to let the police decide where the boundaries are. - and speech promoting or enabling > crime is one of the areas in which it is less free than others, even > if you take the USian point of view where the protection against > government interference in such matters is much stronger than under > HRA98 Article 10 which specifically allows restrictions "for the > prevention of disorder or crime". Where restrictions are necessary, they should be imposed by due process of law, not by police "instructions". Re Roland's point about ISPs terminating contracts on AUP grounds: That's not so bad if you can go to another ISP. But you can't so easily go to another Nominet. -- Pete Mitchell From chl at clerew.man.ac.uk Tue Jan 12 11:57:41 2010 From: chl at clerew.man.ac.uk (Charles Lindsey) Date: Tue, 12 Jan 2010 11:57:41 -0000 Subject: Unpersons In-Reply-To: <4B4BFC4A.5030403@zen.co.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> <4B4B220A.8020304@zen.co.uk> <5QwedVxhT2SLFAxZ@perry.co.uk> <4B4BFC4A.5030403@zen.co.uk> Message-ID: On Tue, 12 Jan 2010 04:36:26 -0000, Peter Fairbrother wrote: > Eh? > > The operation of a virus checker is interception because the virus > checker actually does look at emails (on behalf of a person). No. only if the virus checker (which was indeed coded by the "on behalf person") is so constructed that it makes the messages available to HIM. But if it merely autoamtically deletes or marks, then it has not made anything available to HIM. -- Charles?H.?Lindsey?---------At?Home,?doing?my?own?thing------------------------ Tel:?+44?161?436?6131? ???Web:?http://www.cs.man.ac.uk/~chl Email:?chl at clerew.man.ac.uk??????Snail:?5?Clerewood?Ave,?CHEADLE,?SK8?3JU,?U.K. PGP:?2C15F1A9??????Fingerprint:?73?6D?C2?51?93?A0?01?E7?65?E8?64?7E?14?A4?AB?A5 From chl at clerew.man.ac.uk Tue Jan 12 12:02:48 2010 From: chl at clerew.man.ac.uk (Charles Lindsey) Date: Tue, 12 Jan 2010 12:02:48 -0000 Subject: Unpersons In-Reply-To: <4B4C01AC.6010102@zen.co.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> <4B4B1126.6060609@ernest.net> <4B4B74A9.5050300@ernest.net> <4B4C01AC.6010102@zen.co.uk> Message-ID: On Tue, 12 Jan 2010 04:59:24 -0000, Peter Fairbrother wrote: > I think if you can look at a situation from some point of view and say, > in *any* sense of the phrase, that content has been made available, then > it's interception. By that definition, the fact that messages in a mailbox are readable by root would already amount to "interception". -- Charles?H.?Lindsey?---------At?Home,?doing?my?own?thing------------------------ Tel:?+44?161?436?6131? ???Web:?http://www.cs.man.ac.uk/~chl Email:?chl at clerew.man.ac.uk??????Snail:?5?Clerewood?Ave,?CHEADLE,?SK8?3JU,?U.K. PGP:?2C15F1A9??????Fingerprint:?73?6D?C2?51?93?A0?01?E7?65?E8?64?7E?14?A4?AB?A5 From chl at clerew.man.ac.uk Tue Jan 12 12:07:49 2010 From: chl at clerew.man.ac.uk (Charles Lindsey) Date: Tue, 12 Jan 2010 12:07:49 -0000 Subject: Unpersons In-Reply-To: <4B4BFDDF.7050300@zen.co.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> <4B4B220A.8020304@zen.co.uk> <4B4BFDDF.7050300@zen.co.uk> Message-ID: On Tue, 12 Jan 2010 04:43:11 -0000, Peter Fairbrother wrote: > Boxes don't intercept, people with boxes do. Not necessarily. I think we need to interpret "making it available ... to a person" as meaning "putting that person in a position where he is then able to read it (i.e. to read it without doing further hacking on the 'box')". -- Charles?H.?Lindsey?---------At?Home,?doing?my?own?thing------------------------ Tel:?+44?161?436?6131? ???Web:?http://www.cs.man.ac.uk/~chl Email:?chl at clerew.man.ac.uk??????Snail:?5?Clerewood?Ave,?CHEADLE,?SK8?3JU,?U.K. PGP:?2C15F1A9??????Fingerprint:?73?6D?C2?51?93?A0?01?E7?65?E8?64?7E?14?A4?AB?A5 From nbohm at ernest.net Tue Jan 12 12:09:51 2010 From: nbohm at ernest.net (Nicholas Bohm) Date: Tue, 12 Jan 2010 12:09:51 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> <4B4B220A.8020304@zen.co.uk> <5QwedVxhT2SLFAxZ@perry.co.uk> <4B4BFC4A.5030403@zen.co.uk> Message-ID: <4B4C668F.80300@ernest.net> An HTML attachment was scrubbed... URL: From zenadsl6186 at zen.co.uk Tue Jan 12 12:11:54 2010 From: zenadsl6186 at zen.co.uk (Peter Fairbrother) Date: Tue, 12 Jan 2010 12:11:54 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> <4B4B220A.8020304@zen.co.uk> <5QwedVxhT2SLFAxZ@perry.co.uk> <4B4BFC4A.5030403@zen.co.uk> Message-ID: <4B4C670A.7090100@zen.co.uk> Charles Lindsey wrote: > On Tue, 12 Jan 2010 04:36:26 -0000, Peter Fairbrother > wrote: > >> Eh? >> >> The operation of a virus checker is interception because the virus >> checker actually does look at emails (on behalf of a person). > > No. only if the virus checker (which was indeed coded by the "on behalf > person") is so constructed that it makes the messages available to HIM. > But if it merely autoamtically deletes or marks, then it has not made > anything available to HIM. "Available" means that he can do something with it. In this case, that's delete or mark the email. Exactly what he can do with it doesn't make any difference - he doesn't have to be able to do anything he likes with it for it to be available to him. If he can do anything at all with it, it's available to him to do that thing. And it doesn't matter whether he gets a machine to do the deletion or marking for him. I'm using lots of machines to get this message to you, but I'm still sending it. -- Peter Fairbrother From clive at davros.org Tue Jan 12 12:13:23 2010 From: clive at davros.org (Clive D.W. Feather) Date: Tue, 12 Jan 2010 12:13:23 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: <4B4B75D9.6040000@ernest.net> References: <87wrzpkoye.fsf@mid.deneb.enyo.de> <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> <4B4B2286.3040009@zen.co.uk> <4B4B75D9.6040000@ernest.net> Message-ID: <20100112121322.GG85880@davros.org> Nicholas Bohm said: > I agree with Florian that we need accountable public servants to chase > down this sort of wrongdoing. But having done so, I don't think it's > their job to "close down" sites by "instructing" registrars or > registries (who chooses these lucid names?) what to do. I think they > should present the evidence of wrongdoing and ask for co-operation, if > appropriate giving a warning against the perils of helping crooks. However, how on earth is Nominet (or an ISP) supposed to evaluate that evidence? That's even assuming that the police are willing to reveal enough evidence in the first place. This is why the DPA s.29(3) process didn't work for investigating crimes, and why RIPA Part 1 Chapter 2 was better. > If > they don't get co-operation they should be able to get the aid of a > court; and if the courts lack the necessary powers, there is a > legislative gap that needs filling. The courts do seem to have these powers, in my experience. -- Clive D.W. Feather | If you lie to the compiler, Email: clive at davros.org | it will get its revenge. Web: http://www.davros.org | - Henry Spencer Mobile: +44 7973 377646 From matthew at pemble.net Tue Jan 12 12:22:55 2010 From: matthew at pemble.net (Matthew Pemble) Date: Tue, 12 Jan 2010 12:22:55 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: <4B4C63E1.2060509@callnetuk.com> References: <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> <4B4B2286.3040009@zen.co.uk> <4B4B75D9.6040000@ernest.net> <4B4C5CC8.7020908@callnetuk.com> <4B4C63E1.2060509@callnetuk.com> Message-ID: Folks, 2010/1/12 Pete Mitchell : > Where restrictions are necessary, they should be imposed by due process of > law, not by police "instructions". But we don't require "due process of law" in contract disagreements. Although I'll readily admit that I am uncomfortable about the use of the word "instruction" - as opposed to, say, "we received information from the Metropolitan Police that certain domains were involved in illegal activity. We conducted our own due diligence checks and subsequently ..." > Re Roland's point about ISPs terminating contracts on AUP grounds: That's > not so bad if you can go to another ISP. But you can't so easily go to > another Nominet. Is a .uk domain really that vital to any business or person (.ac.uk - Andrew?) I note that this is a different argument from whether Nominet should have done what they did. Hence my point from yesterday: > The important policy question here, I think, is the power of the state > body (the police) being used without the supervision of the > constitutional oversight body (i.e. a court order) and, because it is > from the police, without any effective civil liability attaching in > the event of a mistake? My 2p - It's that the police were, as they seem to be so much now, unilaterally extending their historically limited powers to compel actions to be taken that, on analysis, turn out to be socially, morally and legally unjustified. And, more importantly, that there does not appear to be any effective form of societal or individual redress against either the individual officers concerned or the wider force. M. -- Matthew Pemble Technical Director, Idrach Ltd Mobile: +44 (0) 7595 652175 Office: + 44 (0) 1324 820690 From nbohm at ernest.net Tue Jan 12 12:23:03 2010 From: nbohm at ernest.net (Nicholas Bohm) Date: Tue, 12 Jan 2010 12:23:03 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: <20100112121322.GG85880@davros.org> References: <87wrzpkoye.fsf@mid.deneb.enyo.de> <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> <4B4B2286.3040009@zen.co.uk> <4B4B75D9.6040000@ernest.net> <20100112121322.GG85880@davros.org> Message-ID: <4B4C69A7.1090208@ernest.net> An HTML attachment was scrubbed... URL: From zenadsl6186 at zen.co.uk Tue Jan 12 12:23:36 2010 From: zenadsl6186 at zen.co.uk (Peter Fairbrother) Date: Tue, 12 Jan 2010 12:23:36 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> <4B4B1126.6060609@ernest.net> <4B4B74A9.5050300@ernest.net> <4B4C01AC.6010102@zen.co.uk> Message-ID: <4B4C69C8.1070000@zen.co.uk> Charles Lindsey wrote: > On Tue, 12 Jan 2010 04:59:24 -0000, Peter Fairbrother > wrote: > >> I think if you can look at a situation from some point of view and >> say, in *any* sense of the phrase, that content has been made >> available, then it's interception. > > By that definition, the fact that messages in a mailbox are readable by > root would already amount to "interception". There's no relevant action there (the only relevant actions are modification of, interference with or monitoring of the system) to make it interception. -- Peter Fairbrother From clive at davros.org Tue Jan 12 13:07:38 2010 From: clive at davros.org (Clive D.W. Feather) Date: Tue, 12 Jan 2010 13:07:38 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: References: <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> <4B4B2286.3040009@zen.co.uk> <4B4B75D9.6040000@ernest.net> <4B4C5CC8.7020908@callnetuk.com> <4B4C63E1.2060509@callnetuk.com> Message-ID: <20100112130738.GH85880@davros.org> Matthew Pemble said: >> Where restrictions are necessary, they should be imposed by due process of >> law, not by police "instructions". > > But we don't require "due process of law" in contract disagreements. > Although I'll readily admit that I am uncomfortable about the use of > the word "instruction" - as opposed to, say, "we received information > from the Metropolitan Police that certain domains were involved in > illegal activity. We conducted our own due diligence checks and > subsequently ..." This is just a matter of presentation. What is actually happening is that someone (the police in this case) are going to Nominet and saying "these domains appear to be being used for unlawful purposes". Nominet are checking their records of the domain holder ("registrant") and finding they are clearly junk. Therefore they suspend the domains. If the records pointed to, or appeared to point to, a genuine person, they would act rather differently. > Is a .uk domain really that vital to any business or person (.ac.uk - > Andrew?) If your publicity is based around your domain name, then it is a major issue to get it changed. Just like changing a company name or a trademark. -- Clive D.W. Feather | If you lie to the compiler, Email: clive at davros.org | it will get its revenge. Web: http://www.davros.org | - Henry Spencer Mobile: +44 7973 377646 From lists at internetpolicyagency.com Tue Jan 12 13:14:41 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Tue, 12 Jan 2010 13:14:41 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: <4B4C5CC8.7020908@callnetuk.com> References: <87wrzpkoye.fsf@mid.deneb.enyo.de> <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> <4B4B2286.3040009@zen.co.uk> <4B4B75D9.6040000@ernest.net> <4B4C5CC8.7020908@callnetuk.com> Message-ID: In article <4B4C5CC8.7020908 at callnetuk.com>, Pete Mitchell writes >>> I agree with Florian that we need accountable public servants to chase >>> down this sort of wrongdoing. But having done so, I don't think it's >>> their job to "close down" sites >> Is that because there's something special about websites (being a >>communications medium)? > >It's because there is something special about freedom of speech. The speech in question is commercial speech, which is a slightly different kettle of worms. As a matter of public policy I doubt the founding fathers (and remember we don't yet live in the USA) would want to give immunity to scammers by protecting their lies. -- Roland Perry From lists at internetpolicyagency.com Tue Jan 12 13:21:39 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Tue, 12 Jan 2010 13:21:39 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: <20100112130738.GH85880@davros.org> References: <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> <4B4B2286.3040009@zen.co.uk> <4B4B75D9.6040000@ernest.net> <4B4C5CC8.7020908@callnetuk.com> <4B4C63E1.2060509@callnetuk.com> <20100112130738.GH85880@davros.org> Message-ID: <1HxtIdpjdHTLFAp4@perry.co.uk> In article <20100112130738.GH85880 at davros.org>, Clive D.W. Feather writes >If your publicity is based around your domain name, then it is a major >issue to get it changed. Which (if your business is one of those) is an incentive not to use the domain name for illegal purposes, or indeed outside the relevant AUP. -- Roland Perry From lists at internetpolicyagency.com Tue Jan 12 13:17:55 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Tue, 12 Jan 2010 13:17:55 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: <4B4C63E1.2060509@callnetuk.com> References: <87wrzpkoye.fsf@mid.deneb.enyo.de> <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> <4B4B2286.3040009@zen.co.uk> <4B4B75D9.6040000@ernest.net> <4B4C5CC8.7020908@callnetuk.com> <4B4C63E1.2060509@callnetuk.com> Message-ID: In article <4B4C63E1.2060509 at callnetuk.com>, Pete Mitchell writes >Re Roland's point about ISPs terminating contracts on AUP grounds: >That's not so bad if you can go to another ISP. But you can't so easily >go to another Nominet. There's nothing in Nominet's recent activity that would prevent you registering a replacement .co.uk domain name, as far as I know. -- Roland Perry From k.brown at bbk.ac.uk Tue Jan 12 13:28:51 2010 From: k.brown at bbk.ac.uk (ken) Date: Tue, 12 Jan 2010 13:28:51 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: References: <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> <4B4B2286.3040009@zen.co.uk> <4B4B75D9.6040000@ernest.net> <4B4C5CC8.7020908@callnetuk.com> <4B4C63E1.2060509@callnetuk.com> Message-ID: <4B4C7913.9050605@bbk.ac.uk> Matthew Pemble wrote: > Is a .uk domain really that vital to any business or person (.ac.uk - > Andrew?) I'm not Andrew, but I think he'd agree that at least some academics and researchers believe that .ac.uk addresses are very important to them. I know this because they often ask me for them, for example to set up a mailing list for a conference or some new virtual collaboration or a Centre for This or That Studies. I guess its because it gives (or is thought to give) some credibility to the address. Some academics do a lot of "cold calling" by email, asking for help from people they may not have actually met, or trying to get papers published or grants granted. Also perhaps because its easy to remember or guess the addresses - lots of people would much prefer {name}@{institution}.ac.uk addresses over ones like {name}@{department}.{institution}.ac.uk or {arbitraryuserid}@{institution}.ac.uk From lists at internetpolicyagency.com Tue Jan 12 13:32:00 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Tue, 12 Jan 2010 13:32:00 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: <4B4C7913.9050605@bbk.ac.uk> References: <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> <4B4B2286.3040009@zen.co.uk> <4B4B75D9.6040000@ernest.net> <4B4C5CC8.7020908@callnetuk.com> <4B4C63E1.2060509@callnetuk.com> <4B4C7913.9050605@bbk.ac.uk> Message-ID: In article <4B4C7913.9050605 at bbk.ac.uk>, ken writes >I'm not Andrew, but I think he'd agree that at least some academics and >researchers believe that .ac.uk addresses are very important to them. They are, but these are individual email addresses. What's the likelihood of a University having its entire domain name revoked in the kinds of circumstances we are discussing? -- Roland Perry From k.brown at bbk.ac.uk Tue Jan 12 13:49:03 2010 From: k.brown at bbk.ac.uk (ken) Date: Tue, 12 Jan 2010 13:49:03 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") In-Reply-To: <4B4C7D87.10105@students.bbk.ac.uk> References: <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> <4B4B2286.3040009@zen.co.uk> <4B4B75D9.6040000@ernest.net> <4B4C5CC8.7020908@callnetuk.com> <4B4C63E1.2060509@callnetuk.com> <4B4C7913.9050605@bbk.ac.uk> <4B4C7D87.10105@students.bbk.ac.uk> Message-ID: <4B4C7DCF.1080804@bbk.ac.uk> Roland Perry wrote: > They are, but these are individual email addresses. What's the > likelihood of a University having its entire domain name revoked in > the kinds of circumstances we are discussing? Bloody small I guess, though there have been a few arguments at the edges. I'd imagine it would only happen if the institution changed the nature of its business so much that it was obviously no longer involved in education. Sometimes there is a fuss about the actual name if someone thinks its too similar to another, but I don't know if any have been withdrawn after they were assigned for that reason. There were rumours that the new University of Central Lancashire were upset that they weren't allowed to have "ucla" even though there is no ucla.ac.uk. And also rumours that someone tried to get the British Library to give up their jammy bl.uk name and use something like blib.ac.uk (they get at least some of their IP addresses from Janet) or blib.gov.uk but they kept it, From igb at batten.eu.org Tue Jan 12 13:54:59 2010 From: igb at batten.eu.org (Ian Batten) Date: Tue, 12 Jan 2010 13:54:59 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: <4B4C7913.9050605@bbk.ac.uk> References: <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> <4B4B2286.3040009@zen.co.uk> <4B4B75D9.6040000@ernest.net> <4B4C5CC8.7020908@callnetuk.com> <4B4C63E1.2060509@callnetuk.com> <4B4C7913.9050605@bbk.ac.uk> Message-ID: On 12 Jan 10, at 1328, ken wrote: > Matthew Pemble wrote: > >> Is a .uk domain really that vital to any business or person (.ac.uk - >> Andrew?) > > > I'm not Andrew, but I think he'd agree that at least some academics > and researchers believe that .ac.uk addresses are very important to > them. I know this because they often ask me for them, for example to > set up a mailing list for a conference or some new virtual > collaboration or a Centre for This or That Studies. And it is (I have this from pretty much the horse's mouth) the reason why Birmingham's ThinkTank science-lite museum has its domain (thinktank.ac) registered in that well-known Birmingham district of Ascension Island. Because they couldn't get .ac.uk, they thought .ac made them look academic. Now one might argue that given their location down at Millennium Point it might as well be Ascension Island, but the net result is total confusion: anyone who recognises .ac as an echo of .ac.uk will assume it's a misprint and try thinktank.ac.uk, which of course doesn't exist. > > I guess its because it gives (or is thought to give) some > credibility to the address. Some academics do a lot of "cold > calling" by email, asking for help from people they may not have > actually met, or trying to get papers published or grants granted. Absolutely. I have a couple of .ac.uk email addresses (I'm a student at one institution and an honourary lecturer at another) and the only time I've used them has been to secure academic discounts from software and hardware vendors! > > Also perhaps because its easy to remember or guess the addresses - > lots of people would much prefer {name}@{institution}.ac.uk > addresses over ones like {name}@{department}.{institution}.ac.uk or > {arbitraryuserid}@{institution}.ac.uk Mind you, back in the 1980s, we couldn't even convince people that uk.ac.bham.dept was a good idea: they wanted uk.ac.bham.dept.group. You still see this in Physics departments. ian From zenadsl6186 at zen.co.uk Tue Jan 12 14:05:21 2010 From: zenadsl6186 at zen.co.uk (Peter Fairbrother) Date: Tue, 12 Jan 2010 14:05:21 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: References: <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> <4B4B2286.3040009@zen.co.uk> <4B4B75D9.6040000@ernest.net> <4B4C5CC8.7020908@callnetuk.com> <4B4C63E1.2060509@callnetuk.com> Message-ID: <4B4C81A1.4080000@zen.co.uk> Matthew Pemble wrote: > Folks, > > 2010/1/12 Pete Mitchell : > >> Where restrictions are necessary, they should be imposed by due process of >> law, not by police "instructions". > > But we don't require "due process of law" in contract disagreements. In this case it isn't a real contract disagreement. Any contract disagreement was merely an excuse - the real reason they were disconnected was because the Police asked Nominet to do it. > Although I'll readily admit that I am uncomfortable about the use of > the word "instruction" - as opposed to, say, "we received information > from the Metropolitan Police that certain domains were involved in > illegal activity. We conducted our own due diligence checks and > subsequently ..." -- Peter Fairbrother From zenadsl6186 at zen.co.uk Tue Jan 12 14:07:28 2010 From: zenadsl6186 at zen.co.uk (Peter Fairbrother) Date: Tue, 12 Jan 2010 14:07:28 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> <4B4B220A.8020304@zen.co.uk> <4B4BFDDF.7050300@zen.co.uk> Message-ID: <4B4C8220.6050507@zen.co.uk> Charles Lindsey wrote: > On Tue, 12 Jan 2010 04:43:11 -0000, Peter Fairbrother > wrote: > >> Boxes don't intercept, people with boxes do. > > Not necessarily. > > I think we need to interpret "making it available ... to a person" as > meaning "putting that person in a position where he is then able to read > it (i.e. to read it without doing further hacking on the 'box')". I don't see any justification (or reason) for doing that. That's not what RIPA says. -- Peter Fairbrother From igb at batten.eu.org Tue Jan 12 14:07:33 2010 From: igb at batten.eu.org (Ian Batten) Date: Tue, 12 Jan 2010 14:07:33 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") In-Reply-To: <4B4C7DCF.1080804@bbk.ac.uk> References: <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> <4B4B2286.3040009@zen.co.uk> <4B4B75D9.6040000@ernest.net> <4B4C5CC8.7020908@callnetuk.com> <4B4C63E1.2060509@callnetuk.com> <4B4C7913.9050605@bbk.ac.uk> <4B4C7D87.10105@students.bbk.ac.uk> <4B4C7DCF.1080804@bbk.ac.uk> Message-ID: <147A871C-BD9F-4334-9F91-0C3879EB684A@batten.eu.org> > Sometimes there is a fuss about the actual name if someone thinks its > too similar to another, but I don't know if any have been withdrawn > after they were assigned for that reason. There were rumours that the > new University of Central Lancashire were upset that they weren't > allowed to have "ucla" even though there is no ucla.ac.uk. I'd be surprised. Back in the 1980s there were people who gave up uk.ac.xxx.cs because of endian problems when Czechoslovakia joined the Internet, but both the ending of UK-ordered addresses and the ending of Czechoslovakia solved that problem. And I recall Peter Collinson railing about the NRS keeping uk.ac.bt for BT even though they hadn't registered it, but this is all ancient history. > And also > rumours that someone tried to get the British Library to give up their > jammy bl.uk name and use something like blib.ac.uk (they get at least > some of their IP addresses from Janet) or blib.gov.uk but they kept > it, See also jet.uk, icnet.uk and nls.uk. What were the NRS/etc thinking when those were issued? Especially icnet.uk, given that the ICRF no longer exists as either a name or an organisation (it merged into a larger grouping). I presume that as its NS records point to xxx.cancer.org.uk and it doesn't have MX record and www.icnet.uk redirects to http:// www.cancerresearchuk.org/ that it's essentially dead. What was everyone thinking? nls.uk is presumably ``British Library have it, so why can't we?'' nationalism, so it's a bloody miracle that the National Library of Wales is llgc.org.uk. ian From lists at internetpolicyagency.com Tue Jan 12 14:07:24 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Tue, 12 Jan 2010 14:07:24 +0000 Subject: Unpersons In-Reply-To: <4B4B0B4D.1000000@ernest.net> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A0442.80108@ernest.net> <4B4A0C93.9080301@ernest.net> <6aD+vlFschSLFAgO@perry.co.uk> <4B4A49B7.8020005@ernest.net> <4B4B0B4D.1000000@ernest.net> Message-ID: <3+e92CwcIITLFA7Q@perry.co.uk> In article <4B4B0B4D.1000000 at ernest.net>, Nicholas Bohm writes >The action taken in the Phorm case is an example of something done on >the basis of content.? The fact that the something in that case was the >sending of information is what is irrelevant.? That's the part of your para 15 I must have misunderstood. It seemed to me that creating the distillation was the basis of your point, and the irrelevance was whether or not that distillation was then sent outside the Phorm-box (to Phorm); although I continue to presume that it is sent, otherwise why are they bothering to do the distillation. In the case of deleting (which is not a RIPA offence) emails with a certain kind of attachment, there is no distillation happening. >> What makes you suppose that a one-target interception warrant is >> executed by sorting the target's communications from other >> communications by an examination of the content of all the >> communications? > Because that's how a Black Box solution would implement it. >You know more than I do of what is proposed, no doubt.? I have no practical experience, my engineering gut feel is that this is what would happen. -- Roland Perry From zenadsl6186 at zen.co.uk Tue Jan 12 14:10:30 2010 From: zenadsl6186 at zen.co.uk (Peter Fairbrother) Date: Tue, 12 Jan 2010 14:10:30 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: References: <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> <4B4B2286.3040009@zen.co.uk> <4B4B75D9.6040000@ernest.net> <4B4C5CC8.7020908@callnetuk.com> <4B4C63E1.2060509@callnetuk.com> <4B4C7913.9050605@bbk.ac.uk> Message-ID: <4B4C82D6.3000406@zen.co.uk> Roland Perry wrote: > In article <4B4C7913.9050605 at bbk.ac.uk>, ken writes > >> I'm not Andrew, but I think he'd agree that at least some academics >> and researchers believe that .ac.uk addresses are very important to them. > > They are, but these are individual email addresses. What's the > likelihood of a University having its entire domain name revoked in the > kinds of circumstances we are discussing? Data point, iirc Nominet don't have charge of .ac.uk addresses. From lists at internetpolicyagency.com Tue Jan 12 14:09:13 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Tue, 12 Jan 2010 14:09:13 +0000 Subject: Unpersons In-Reply-To: <4B4A88AF.6080304@zen.co.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A88AF.6080304@zen.co.uk> Message-ID: <+uL$ivwJKITLFA7Q@perry.co.uk> In article <4B4A88AF.6080304 at zen.co.uk>, Peter Fairbrother writes >Attaching a black box in the absence of a warrant or notice [1] would >(and should) be illegal, even if it's never switched on and there is no >output. This goes back to the interpretation of "making available". It seems to me to defy common sense that a box that's switched off is making anything available to anyone. -- Roland Perry From lists at internetpolicyagency.com Tue Jan 12 14:18:13 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Tue, 12 Jan 2010 14:18:13 +0000 Subject: Spam-traps (was Unpersons) In-Reply-To: <001b01ca9359$28517580$78f46080$@net> References: <4B445388.5030704@callnetuk.com> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A0442.80108@ernest.net> <4B4A0C93.9080301@ernest.net> <20FC33E9179A4B3A835CF1311E1C99EE@Powerstation> <6ED388AA006C454BA35B0098396B9BFB0670309B@uxsrvr20.atlas.ukerna.ac.uk> <3B468F8FA4CA4BD3A881CDDC279677A8@Powerstation> <6ED388AA006C454BA35B0098396B9BFB06703114@uxsrvr20.atlas.ukerna.ac.uk> <4B4B1B14.9000905@ernest.net> <4B4B2ED1.7020308@zen.co.uk> <4B4B31FF.3050801@ernest.net> <001b01ca9359$28517580$78f46080$@net> Message-ID: <0ug9SlxlSITLFA7a@perry.co.uk> In article <001b01ca9359$28517580$78f46080$@net>, James Firth writes >> >.? When my inward spam was running at over 20,000 messages a day, >> >filtering out the spam made email usable by me when otherwise it >> >wouldn't have been; but just how this helped the rest of the users of >> >the Internet I don't know. >> >> It stops users' in-boxes clogging up, and in the limit stops the ISP >> having to bounce legitimate emails with a "mailbox full" message. > >Actually my own (unofficial, unpublished) experimentation has shown by far >the best "first pass" to reduce spam definitely does not involve >interception. > >A good spam IP blacklist is both fast and effective in reducing spam by >approx 97%. It may well be a useful measure, but it involves examining the packet headers (to deduce the source IP address). Luckily, this will be classed as Traffic Data and 2(5) applies. >> >I hope someone else does.? Nowadays my inward spam (when I last >> looked) >> >was more like 100 messages a day, so perhaps what somebody is doing >> >somewhere is producing useful effects >> >> Throwing it away before you see it, which was what Peter was wondering >> about. > >No. An IP blacklist coupled with protocols checks (peer SMTP server obeys >best practice, forward+reverse DNS match, Sender Policy Framework etc) not >only avoids interception as it's only concerned with looking at interactions >with the mail server itself I don't think that's the reason (see above) >but it also does not "throw away before you see it." > >Instead the end-point server simply refuses to accept delivery of the mail. Pardon my use of non-technical language, but that's exactly the kind of operation I would explain as "throwing it away before you see it". Even if to more technical eye it's "refusing to deliver it and therefore the user doesn't see it". -- Roland Perry From igb at batten.eu.org Tue Jan 12 14:22:18 2010 From: igb at batten.eu.org (Ian Batten) Date: Tue, 12 Jan 2010 14:22:18 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: <4B4C82D6.3000406@zen.co.uk> References: <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> <4B4B2286.3040009@zen.co.uk> <4B4B75D9.6040000@ernest.net> <4B4C5CC8.7020908@callnetuk.com> <4B4C63E1.2060509@callnetuk.com> <4B4C7913.9050605@bbk.ac.uk> <4B4C82D6.3000406@zen.co.uk> Message-ID: <7DCA9AE9-53FE-485F-9016-C560EF689C56@batten.eu.org> On 12 Jan 10, at 1410, Peter Fairbrother wrote: > Roland Perry wrote: >> In article <4B4C7913.9050605 at bbk.ac.uk>, ken >> writes >>> I'm not Andrew, but I think he'd agree that at least some >>> academics and researchers believe that .ac.uk addresses are very >>> important to them. >> They are, but these are individual email addresses. What's the >> likelihood of a University having its entire domain name revoked in >> the kinds of circumstances we are discussing? > > Data point, iirc Nominet don't have charge of .ac.uk addresses. When did that change? I thought Nominet inherited all the responsibilities of the NRS, and Salford was there _mostly_ for uk.ac. ian From lists at internetpolicyagency.com Tue Jan 12 14:21:05 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Tue, 12 Jan 2010 14:21:05 +0000 Subject: Spam-traps (was Unpersons) In-Reply-To: <001e01ca935c$5602d160$02087420$@net> References: <4B445388.5030704@callnetuk.com> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A0442.80108@ernest.net> <4B4A0C93.9080301@ernest.net> <20FC33E9179A4B3A835CF1311E1C99EE@Powerstation> <6ED388AA006C454BA35B0098396B9BFB0670309B@uxsrvr20.atlas.ukerna.ac.uk> <3B468F8FA4CA4BD3A881CDDC279677A8@Powerstation> <6ED388AA006C454BA35B0098396B9BFB06703114@uxsrvr20.atlas.ukerna.ac.uk> <4B4B1B14.9000905@ernest.net> <4B4B2ED1.7020308@zen.co.uk> <4B4B31FF.3050801@ernest.net> <001b01ca9359$28517580$78f46080$@net> <001e01ca935c$5602d160$02087420$@net> Message-ID: In article <001e01ca935c$5602d160$02087420$@net>, James Firth writes >== ON Viruses == > >Network scanning for viruses is somewhat a hot potato. It's clearly useful, >but "boxes" need to be installed, and for effective signature matching the >boxes are powerful multi-purpose "layer 5" switches. > >Once installed, and depending on definitions of availability, all >subscriber's complete browsing and email streams /could become/ "available" >to any programmer with access to the kit. Why are these scanning boxes special? Is it just the horsepower they can apply to the task? -- Roland Perry From james2 at jfirth.net Tue Jan 12 14:32:59 2010 From: james2 at jfirth.net (James Firth) Date: Tue, 12 Jan 2010 14:32:59 -0000 Subject: Spam-traps (was Unpersons) In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A0442.80108@ernest.net> <4B4A0C93.9080301@ernest.net> <20FC33E9179A4B3A835CF1311E1C99EE@Powerstation> <6ED388AA006C454BA35B0098396B9BFB0670309B@uxsrvr20.atlas.ukerna.ac.uk> <3B468F8FA4CA4BD3A881CDDC279677A8@Powerstation> <6ED388AA006C454BA35B0098396B9BFB06703114@uxsrvr20.atlas.ukerna.ac.uk> <4B4B1B14.9000905@ernest.net> <4B4B2ED1.7020308@zen.co.uk> <4B4B31FF.3050801@ernest.net> <001b01ca9359$28517580$78f46080$@net> <001e01ca935c$5602d160$02087420$@net> Message-ID: <007601ca9394$26d2ea00$7478be00$@net> Roland Perry wrote: > In article <001e01ca935c$5602d160$02087420$@net>, James Firth writes > >== ON Viruses == > > > >Network scanning for viruses is somewhat a hot potato. It's clearly > useful, > >but "boxes" need to be installed, and for effective signature matching > the > >boxes are powerful multi-purpose "layer 5" switches. > > > > Why are these scanning boxes special? Is it just the horsepower they > can > apply to the task? They're distinct from normal packet routing kit because they attempt to reconstitute data across multiple packets in order to interpret content. One could argue the job of an ISP is simply to route packets. Mere conduit. This type of switch is simply not necessary to get traffic from A to B and vice-versa. Once this type of kit is installed for purposes other than lawful intercept capability couldn't one argue that the message content is available to whomsoever controls the "box"? James Firth From zenadsl6186 at zen.co.uk Tue Jan 12 14:39:14 2010 From: zenadsl6186 at zen.co.uk (Peter Fairbrother) Date: Tue, 12 Jan 2010 14:39:14 +0000 Subject: Unpersons In-Reply-To: <+uL$ivwJKITLFA7Q@perry.co.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A88AF.6080304@zen.co.uk> <+uL$ivwJKITLFA7Q@perry.co.uk> Message-ID: <4B4C8992.2050409@zen.co.uk> Roland Perry wrote: > In article <4B4A88AF.6080304 at zen.co.uk>, Peter Fairbrother > writes >> Attaching a black box in the absence of a warrant or notice [1] would >> (and should) be illegal, even if it's never switched on and there is >> no output. > > This goes back to the interpretation of "making available". It seems to > me to defy common sense that a box that's switched off is making > anything available to anyone. Okay. The action is connecting the box, which is modification of the network. Does that action make content available? I'd say yes, in some circumstances. Once the box is attached, in some circumstances (eg if the box was switched on) the person who attached or controls the box could use content to do something. And if the box wasn't attached, in some circumstances he couldn't use content to do that something. So in some sense (or in some potential circumstances) content has been made available to the operator or controller of the box. Did you read my "Availability" posts? Did you understand them? It's a fairly simple concept, but difficult to explain. -- Peter Fairbrother From lists at internetpolicyagency.com Tue Jan 12 14:38:42 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Tue, 12 Jan 2010 14:38:42 +0000 Subject: Spam-traps (was Unpersons) In-Reply-To: <007601ca9394$26d2ea00$7478be00$@net> References: <4B445388.5030704@callnetuk.com> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A0442.80108@ernest.net> <4B4A0C93.9080301@ernest.net> <20FC33E9179A4B3A835CF1311E1C99EE@Powerstation> <6ED388AA006C454BA35B0098396B9BFB0670309B@uxsrvr20.atlas.ukerna.ac.uk> <3B468F8FA4CA4BD3A881CDDC279677A8@Powerstation> <6ED388AA006C454BA35B0098396B9BFB06703114@uxsrvr20.atlas.ukerna.ac.uk> <4B4B1B14.9000905@ernest.net> <4B4B2ED1.7020308@zen.co.uk> <4B4B31FF.3050801@ernest.net> <001b01ca9359$28517580$78f46080$@net> <001e01ca935c$5602d160$02087420$@net> <007601ca9394$26d2ea00$7478be00$@net> Message-ID: In article <007601ca9394$26d2ea00$7478be00$@net>, James Firth writes >Once this type of kit is installed for purposes other than lawful intercept >capability couldn't one argue that the message content is available to >whomsoever controls the "box"? What I don't really understand is why the same argument doesn't apply to (say) a Unix box programmed as a router. Or to a firewall that could have some nefarious code running on it. Or maybe it does (apply that is). -- Roland Perry From igb at batten.eu.org Tue Jan 12 14:54:13 2010 From: igb at batten.eu.org (Ian Batten) Date: Tue, 12 Jan 2010 14:54:13 +0000 Subject: Unpersons In-Reply-To: <4B4C8992.2050409@zen.co.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A88AF.6080304@zen.co.uk> <+uL$ivwJKITLFA7Q@perry.co.uk> <4B4C8992.2050409@zen.co.uk> Message-ID: > > So in some sense (or in some potential circumstances) content has > been made available to the operator or controller of the box. That's true for any device more complex than a piece of wire. ian From mjdb at dorevale.demon.co.uk Tue Jan 12 14:55:12 2010 From: mjdb at dorevale.demon.co.uk (M J D Brown) Date: Tue, 12 Jan 2010 14:55:12 -0000 Subject: Nominet on their recent disconnection (or asthey call it - "suspension") spree References: <87wrzpkoye.fsf@mid.deneb.enyo.de> <4B4B0996.9040107@ernest.net><87r5pwkg17.fsf@mid.deneb.enyo.de> <4B4B2286.3040009@zen.co.uk> <4B4B75D9.6040000@ernest.net> <20100112121322.GG85880@davros.org> Message-ID: <78D82A28A735410AA85B4E9D329E4103@Powerstation> ----- Original Message ----- From: "Clive D.W. Feather" To: ; "UK Cryptography Policy Discussion Group" Sent: Tuesday, January 12, 2010 12:13 PM Subject: Re: Nominet on their recent disconnection (or asthey call it - "suspension") spree > Nicholas Bohm said: >> I agree with Florian that we need accountable public servants to >> chase >> down this sort of wrongdoing. But having done so, I don't think >> it's >> their job to "close down" sites by "instructing" registrars or >> registries (who chooses these lucid names?) what to do. I think >> they >> should present the evidence of wrongdoing and ask for >> co-operation, if >> appropriate giving a warning against the perils of helping crooks. > > However, how on earth is Nominet (or an ISP) supposed to evaluate that > evidence? That's even assuming that the police are willing to reveal > enough > evidence in the first place. > > This is why the DPA s.29(3) process didn't work for investigating > crimes, > and why RIPA Part 1 Chapter 2 was better. Really? My newspaper yesterday morning records the instance of a man falsely imprisoned in a police cell on the basis of an allegation by some blundering dolt of a town hall jobsworth claiming that he had sent an email that might be altered in a manner capable of being construed as offensive to a 'generically identifiable group of persons' [that's me refraining from any possibility of committing the same offence]. Turns out that the imprisoned man did not even send the email. Mike. [remainder of Clive's message snipped] From mjdb at dorevale.demon.co.uk Tue Jan 12 14:59:22 2010 From: mjdb at dorevale.demon.co.uk (M J D Brown) Date: Tue, 12 Jan 2010 14:59:22 -0000 Subject: Unpersons References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> <4B4B220A.8020304@zen.co.uk><5QwedVxhT2SLFAxZ@perry.co.uk> <4B4BFC4A.5030403@zen.co.uk> <4B4C668F.80300@ernest.net> Message-ID: I am having difficulty with the concept of legal guilt being attached to an opportunity to commit an offence without actually committing the wrongful act. As I walk down the street I could easily, by taking an additional action, knock down and rob the old lady I am just approaching. It seems to me that in any rational legal system the fact that I refrain from robbery is an act of virtue, rather than a crime. If RIPA says interception is making content available to a person, and said person refrains from examining content, then we have some perverse drafting or interpretation of the relevant section of the statute if we believe said person is guilty of unlawful interception. Just which possibility applies in the case of the present rather circular discussion? The ISP anti-spam system some of us have been probing specifically refrains from any examination of message content, merely examining headers in the normal process of determining onward routing or subscriber delivery. Mike. ----- Original Message ----- From: "Nicholas Bohm" To: "UK Cryptography Policy Discussion Group" Sent: Tuesday, January 12, 2010 12:09 PM Subject: Re: Unpersons > Charles Lindsey wrote: > On Tue, 12 Jan 2010 04:36:26 -0000, Peter Fairbrother > wrote: > > > Eh? > > The operation of a virus checker is interception because the virus > checker actually does look at emails (on behalf of a person). > > > No. only if the virus checker (which was indeed coded by the "on > behalf person") is so constructed that it makes the messages available > to HIM. But if it merely autoamtically deletes or marks, then it has > not made anything available to HIM. > > > I don't think this is consistent with the usage in RIPA s16, where > content is treated as having been intercepted despite not being open > to be read. If the virus checker is able to take action on the basis > of content in a manner decided in advance by the person who set it up, > then that content seems to me to have been made available to that > person, even if that availability doesn't extend to rewading it. -- From james2 at jfirth.net Tue Jan 12 15:01:38 2010 From: james2 at jfirth.net (James Firth) Date: Tue, 12 Jan 2010 15:01:38 -0000 Subject: Spam-traps (was Unpersons) In-Reply-To: References: <4B445388.5030704@callnetuk.com> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A0442.80108@ernest.net> <4B4A0C93.9080301@ernest.net> <20FC33E9179A4B3A835CF1311E1C99EE@Powerstation> <6ED388AA006C454BA35B0098396B9BFB0670309B@uxsrvr20.atlas.ukerna.ac.uk> <3B468F8FA4CA4BD3A881CDDC279677A8@Powerstation> <6ED388AA006C454BA35B0098396B9BFB06703114@uxsrvr20.atlas.ukerna.ac.uk> <4B4B1B14.9000905@ernest.net> <4B4B2ED1.7020308@zen.co.uk> <4B4B31FF.3050801@ernest.net> <001b01ca9359$28517580$78f46080$@net> <001e01ca935c$5602d160$02087420$@net> <007601ca9394$26d2ea00$7478be00$@net> Message-ID: <007f01ca9398$248c0a70$6da41f50$@net> Roland Perry wrote: > > What I don't really understand is why the same argument doesn't apply > to > (say) a Unix box programmed as a router. Or to a firewall that could > have some nefarious code running on it. > > Or maybe it does (apply that is). Maybe it does. But in the real world in a typical ISP you'd probably struggle to write software that didn't significantly impact the packet latency and can handle reasonable throughput. I guess it's a similar question to what constitutes (il)legal wireless telegraphy stations with the advent of wideband transceivers capable of tx/rx on a massive swathe of spectrum. Or equipment capable of reprogramming a mobile phone IMEI number. Or when does possession of everyday household chemicals constitute an offence under the terrorism of explosive substances act. James Firth From zenadsl6186 at zen.co.uk Tue Jan 12 15:23:53 2010 From: zenadsl6186 at zen.co.uk (Peter Fairbrother) Date: Tue, 12 Jan 2010 15:23:53 +0000 Subject: Spam-traps (was Unpersons) In-Reply-To: <007601ca9394$26d2ea00$7478be00$@net> References: <4B445388.5030704@callnetuk.com> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A0442.80108@ernest.net> <4B4A0C93.9080301@ernest.net> <20FC33E9179A4B3A835CF1311E1C99EE@Powerstation> <6ED388AA006C454BA35B0098396B9BFB0670309B@uxsrvr20.atlas.ukerna.ac.uk> <3B468F8FA4CA4BD3A881CDDC279677A8@Powerstation> <6ED388AA006C454BA35B0098396B9BFB06703114@uxsrvr20.atlas.ukerna.ac.uk> <4B4B1B14.9000905@ernest.net> <4B4B2ED1.7020308@zen.co.uk> <4B4B31FF.3050801@ernest.net> <001b01ca9359$28517580$78f46080$@net> <001e01ca935c$5602d160$02087420$@net> <007601ca9394$26d2ea00$7478be00$@net> Message-ID: <4B4C9409.1080005@zen.co.uk> James Firth wrote: > Roland Perry wrote: >> In article <001e01ca935c$5602d160$02087420$@net>, James Firth writes >>> == ON Viruses == >>> >>> Network scanning for viruses is somewhat a hot potato. It's clearly >> useful, >>> but "boxes" need to be installed, and for effective signature matching >> the >>> boxes are powerful multi-purpose "layer 5" switches. >>> >> Why are these scanning boxes special? Is it just the horsepower they >> can >> apply to the task? > > > They're distinct from normal packet routing kit because they attempt to > reconstitute data across multiple packets in order to interpret content. > > One could argue the job of an ISP is simply to route packets. Mere conduit. > This type of switch is simply not necessary to get traffic from A to B and > vice-versa. > > Once this type of kit is installed for purposes other than lawful intercept > capability couldn't one argue that the message content is available to > whomsoever controls the "box"? Yes, you could. But that has nothing whatsoever to do with whether or not it's interception in RIPA terms. In order to intercept, in RIPA terms, you have to do something (out of a specified list of somethings) which *makes* content available. It wasn't before, but after the action it is. And you can still make something available, in some sense of the word, which is already available in some other sense of the word. The word "available doesn't have a strict meaning, it depends on implied options and circumstances. My neighbour lets me use his MIG welder to weld. Is it available to me? That depends on whether he's in or not, or whether he's using it. Suppose I want to use it to drive a fusion experiment, which might destroy it. He won't let me use it for that, but he will let me use it to weld. Is it available to me? There is no simple or single answer to these questions. Available to me under what circumstances? To do what? Availability it not a simple yes-or-no matter. But there usually is a simple answer to the question of whether some action has made something available or not - either it has or it hasn't. We don't usually need to go into all circumstances, or examine all possibilities - the question is simple. If the action has made it possible for you to do something with content which you couldn't do if the action hadn't occurred, then the action has made content available, and was interception. There's another part to the RIPA definition which comes in here - "as to". You have to do the action "as to" make content available. I don't know exactly what that means, but it would certainly include "with the intention of and effect that". If you do an action which incidentally causes a person to be able to do something with content which is so unlikely or remote as to be implausible then I don't think a Court would accept that you had committed an offense. Contrarywise, if you do an action which permits you to do something with content which you couldn't do if that action hadn't occurred, and you do so with the intent of beign able to do that something with content, then you're busted. I between - I don't know. -- Peter Fairbrother From lists at internetpolicyagency.com Tue Jan 12 15:25:16 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Tue, 12 Jan 2010 15:25:16 +0000 Subject: Unpersons In-Reply-To: <4B4C8992.2050409@zen.co.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A88AF.6080304@zen.co.uk> <+uL$ivwJKITLFA7Q@perry.co.uk> <4B4C8992.2050409@zen.co.uk> Message-ID: In article <4B4C8992.2050409 at zen.co.uk>, Peter Fairbrother writes >>> Attaching a black box in the absence of a warrant or notice [1] >>>would (and should) be illegal, even if it's never switched on and >>>there is no output. >> This goes back to the interpretation of "making available". It seems >>to me to defy common sense that a box that's switched off is making >>anything available to anyone. > >Okay. The action is connecting the box, which is modification of the >network. Connecting anything to the network is modifying it. And "modifying or interfering with" the network is only one of three "or" activities which might predicate an interception. >Does that action make content available? You have to one of those three things *and* "make content available". >Did you read my "Availability" posts? Did you understand them? It's a >fairly simple concept, but difficult to explain. Probably not yet, I'm way behind and reading by subthread, not date. -- Roland Perry From lists at internetpolicyagency.com Tue Jan 12 15:26:41 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Tue, 12 Jan 2010 15:26:41 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A88AF.6080304@zen.co.uk> <+uL$ivwJKITLFA7Q@perry.co.uk> <4B4C8992.2050409@zen.co.uk> Message-ID: <4ul+CU1xSJTLFAqS@perry.co.uk> In article , Ian Batten writes >> So in some sense (or in some potential circumstances) content has >>been made available to the operator or controller of the box. > >That's true for any device more complex than a piece of wire. It's true of a piece of wire, if you need the piece of wire to connect between the original network and a monitoring box situated the other side of the room. -- Roland Perry From zenadsl6186 at zen.co.uk Tue Jan 12 15:29:45 2010 From: zenadsl6186 at zen.co.uk (Peter Fairbrother) Date: Tue, 12 Jan 2010 15:29:45 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> <4B4B220A.8020304@zen.co.uk><5QwedVxhT2SLFAxZ@perry.co.uk> <4B4BFC4A.5030403@zen.co.uk> <4B4C668F.80300@ernest.net> Message-ID: <4B4C9569.6030907@zen.co.uk> M J D Brown wrote: > If RIPA says interception is making content available to a person, It doesn't say that. It says interception is if you take one of several actions "as to" make content available. -- Peter Fairbrother From lists at internetpolicyagency.com Tue Jan 12 15:32:40 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Tue, 12 Jan 2010 15:32:40 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: <4B4C81A1.4080000@zen.co.uk> References: <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> <4B4B2286.3040009@zen.co.uk> <4B4B75D9.6040000@ernest.net> <4B4C5CC8.7020908@callnetuk.com> <4B4C63E1.2060509@callnetuk.com> <4B4C81A1.4080000@zen.co.uk> Message-ID: In article <4B4C81A1.4080000 at zen.co.uk>, Peter Fairbrother writes >In this case it isn't a real contract disagreement. > >Any contract disagreement was merely an excuse There are quite a few people in the Internet Technical Community who insist that correct contact information is essential for the proper operation of the Internet. >- the real reason they were disconnected was because the Police asked >Nominet to do it. Going further down that rathole, perhaps because Nominet felt it was in the public interest to disconnect these scammers, and that's becoming a trendy thing to want to demonstrate. (It was added into ICANN's new deal with the USG, only last September). -- Roland Perry From zenadsl6186 at zen.co.uk Tue Jan 12 15:35:43 2010 From: zenadsl6186 at zen.co.uk (Peter Fairbrother) Date: Tue, 12 Jan 2010 15:35:43 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A88AF.6080304@zen.co.uk> <+uL$ivwJKITLFA7Q@perry.co.uk> <4B4C8992.2050409@zen.co.uk> Message-ID: <4B4C96CF.40102@zen.co.uk> Roland Perry wrote: > In article <4B4C8992.2050409 at zen.co.uk>, Peter Fairbrother > writes > >>>> Attaching a black box in the absence of a warrant or notice [1] >>>> would (and should) be illegal, even if it's never switched on and >>>> there is no output. >>> This goes back to the interpretation of "making available". It seems >>> to me to defy common sense that a box that's switched off is making >>> anything available to anyone. >> >> Okay. The action is connecting the box, which is modification of the >> network. > > Connecting anything to the network is modifying it. And "modifying or > interfering with" the network is only one of three "or" activities which > might predicate an interception. We agree! > >> Does that action make content available? > > You have to one of those three things *and* "make content available". "as to", not "and" > >> Did you read my "Availability" posts? Did you understand them? It's a >> fairly simple concept, but difficult to explain. > > Probably not yet, I'm way behind and reading by subthread, not date. Please do. I try to define my concept of making available there in detail. -- Peter Fairbrother From marcus at connectotel.com Tue Jan 12 15:44:49 2010 From: marcus at connectotel.com (Marcus Williamson) Date: Tue, 12 Jan 2010 15:44:49 +0000 Subject: Phorm board director quits Message-ID: RNS Number : 3629F Phorm Inc 11 January 2010 Phorm, Inc. ("Phorm" or the "Company") Phorm Announces Board Change Phorm, Inc. (AIM: PHRX and PHRM) today announces that non-executive Director Stefan Allesch-Taylor will step down from the Board of Directors with immediate effect. The Board thanks Mr Allesch-Taylor for his contribution to the Company's development over the last twelve months and wishes him well in the future. For Enquiries Phorm, Inc. Sarah Simon (Investors) +44 20 7297 2433 Alex Laity (Media) +44 20 7297 2710 Citigate Dewe Rogerson +44 20 7638 9571 Simon Rigby Justin Griffiths Canaccord Adams Limited +44 20 7050 6500 Mark Williams Andrew Chubb # ends - This information is provided by RNS The company news service from the London Stock Exchange END From lists at internetpolicyagency.com Tue Jan 12 15:40:48 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Tue, 12 Jan 2010 15:40:48 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: <7DCA9AE9-53FE-485F-9016-C560EF689C56@batten.eu.org> References: <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> <4B4B2286.3040009@zen.co.uk> <4B4B75D9.6040000@ernest.net> <4B4C5CC8.7020908@callnetuk.com> <4B4C63E1.2060509@callnetuk.com> <4B4C7913.9050605@bbk.ac.uk> <4B4C82D6.3000406@zen.co.uk> <7DCA9AE9-53FE-485F-9016-C560EF689C56@batten.eu.org> Message-ID: In article <7DCA9AE9-53FE-485F-9016-C560EF689C56 at batten.eu.org>, Ian Batten writes >> Data point, iirc Nominet don't have charge of .ac.uk addresses. > >When did that change? I thought Nominet inherited all the >responsibilities of the NRS, and Salford was there _mostly_ for uk.ac. http://www.ukerna.ac.uk/services/domain-name-registration.html 1st Aug 1996 -- Roland Perry From lists at internetpolicyagency.com Tue Jan 12 15:35:03 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Tue, 12 Jan 2010 15:35:03 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: <4B4C82D6.3000406@zen.co.uk> References: <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> <4B4B2286.3040009@zen.co.uk> <4B4B75D9.6040000@ernest.net> <4B4C5CC8.7020908@callnetuk.com> <4B4C63E1.2060509@callnetuk.com> <4B4C7913.9050605@bbk.ac.uk> <4B4C82D6.3000406@zen.co.uk> Message-ID: In article <4B4C82D6.3000406 at zen.co.uk>, Peter Fairbrother writes >>> I'm not Andrew, but I think he'd agree that at least some academics >>>and researchers believe that .ac.uk addresses are very important to >>> >> They are, but these are individual email addresses. What's the >>likelihood of a University having its entire domain name revoked in >>the kinds of circumstances we are discussing? > >Data point, iirc Nominet don't have charge of .ac.uk addresses. I know that, but someone is in charge of most domain registrations, and that someone can have similar rules. -- Roland Perry From lists at internetpolicyagency.com Tue Jan 12 15:43:02 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Tue, 12 Jan 2010 15:43:02 +0000 Subject: Nominet on their recent disconnection (or asthey call it - "suspension") spree In-Reply-To: <78D82A28A735410AA85B4E9D329E4103@Powerstation> References: <87wrzpkoye.fsf@mid.deneb.enyo.de> <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> <4B4B2286.3040009@zen.co.uk> <4B4B75D9.6040000@ernest.net> <20100112121322.GG85880@davros.org> <78D82A28A735410AA85B4E9D329E4103@Powerstation> Message-ID: In article <78D82A28A735410AA85B4E9D329E4103 at Powerstation>, M J D Brown writes >> This is why the DPA s.29(3) process didn't work for investigating >> crimes, >> and why RIPA Part 1 Chapter 2 was better. > >Really? > >My newspaper yesterday morning records the instance of a man falsely >imprisoned in a police cell on the basis of an allegation by some >blundering dolt of a town hall jobsworth claiming that he had sent an >email that might be altered in a manner capable of being construed as >offensive to a 'generically identifiable group of persons' [that's me >refraining from any possibility of committing the same offence]. Turns >out that the imprisoned man did not even send the email. RIPA might well have been more effective at gathering the evidence determining who sent the email, than DPA 29(3) used to be. -- Roland Perry From lists at internetpolicyagency.com Tue Jan 12 15:49:34 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Tue, 12 Jan 2010 15:49:34 +0000 Subject: Unpersons In-Reply-To: <4B4C69C8.1070000@zen.co.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> <4B4B1126.6060609@ernest.net> <4B4B74A9.5050300@ernest.net> <4B4C01AC.6010102@zen.co.uk> <4B4C69C8.1070000@zen.co.uk> Message-ID: In article <4B4C69C8.1070000 at zen.co.uk>, Peter Fairbrother writes >>> I think if you can look at a situation from some point of view and >>>say, in *any* sense of the phrase, that content has been made >>>available, then it's interception. >> By that definition, the fact that messages in a mailbox are readable >>by root would already amount to "interception". > >There's no relevant action there (the only relevant actions are >modification of, interference with or monitoring of the system) to make >it interception. Would it be "interference", if the person was prohibited from doing that by their contract of employment? It's definitely "monitoring", even if they have that permission. (Yes, I know the action may be permitted elsewhere, under 3(3) for example). -- Roland Perry From ian at cellar.org.uk Tue Jan 12 15:42:42 2010 From: ian at cellar.org.uk (Ian Hill) Date: Tue, 12 Jan 2010 15:42:42 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: <7DCA9AE9-53FE-485F-9016-C560EF689C56@batten.eu.org> References: <4B4C5CC8.7020908@callnetuk.com> <4B4C63E1.2060509@callnetuk.com> <4B4C7913.9050605@bbk.ac.uk> <4B4C82D6.3000406@zen.co.uk> <7DCA9AE9-53FE-485F-9016-C560EF689C56@batten.eu.org> Message-ID: <7c56b6b11001120742s58af7556i4c4de6e8b0e33538@mail.gmail.com> On Tue, Jan 12, 2010 at 2:22 PM, Ian Batten wrote: > On 12 Jan 10, at 1410, Peter Fairbrother wrote: >> Data point, iirc Nominet don't have charge of .ac.uk addresses. > When did that change? ?I thought Nominet inherited all the responsibilities > of the NRS, and Salford was there _mostly_ for uk.ac. http://www.ja.net/services/domain-name-registration.html "JANET(UK) became responsible for the administration and registration of domain names under the ac.uk and gov.uk domains on 1 August 1996" Ian From Andrew.Cormack at ja.net Tue Jan 12 17:33:46 2010 From: Andrew.Cormack at ja.net (Andrew Cormack) Date: Tue, 12 Jan 2010 17:33:46 -0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: <4B4C7913.9050605@bbk.ac.uk> References: <4B4B0996.9040107@ernest.net><87r5pwkg17.fsf@mid.deneb.enyo.de> <4B4B2286.3040009@zen.co.uk> <4B4B75D9.6040000@ernest.net> <4B4C5CC8.7020908@callnetuk.com><4B4C63E1.2060509@callnetuk.com> <4B4C7913.9050605@bbk.ac.uk> Message-ID: <6ED388AA006C454BA35B0098396B9BFB067EB4B6@uxsrvr20.atlas.ukerna.ac.uk> > -----Original Message----- > From: ukcrypto-bounces at chiark.greenend.org.uk [mailto:ukcrypto- > bounces at chiark.greenend.org.uk] On Behalf Of ken > Sent: 12 January 2010 13:29 > To: UK Cryptography Policy Discussion Group > Subject: Re: Nominet on their recent disconnection (or as they call it > - "suspension") spree > > Matthew Pemble wrote: > > > Is a .uk domain really that vital to any business or person (.ac.uk - > > Andrew?) > > > I'm not Andrew, but I think he'd agree that at least some > academics and researchers believe that .ac.uk addresses are very > important to them. I know this because they often ask me for > them, for example to set up a mailing list for a conference or > some new virtual collaboration or a Centre for This or That Studies. There's a small number of UK universities who use .edu as their primary domain, but most do indeed seem to feel that .ac.uk is the 'right' place for them to be :-) > I guess its because it gives (or is thought to give) some > credibility to the address. Some academics do a lot of "cold > calling" by email, asking for help from people they may not have > actually met, or trying to get papers published or grants granted. Some companies also use it as an indicator of eligibility for academic discounts! > Also perhaps because its easy to remember or guess the addresses > - lots of people would much prefer {name}@{institution}.ac.uk > addresses over ones like {name}@{department}.{institution}.ac.uk > or {arbitraryuserid}@{institution}.ac.uk My impression is that shortness of address versus precision is a cyclic preference. For a while everyone wants the shortest possible e-mail address, then they go to longer, more memorable ones. Trends in the web addresses on the back of lorries is interesting. And Name at department.organisation.ac.uk is less likely to be the wrong person. I used to be part of postmaster {at} cardiff.ac.uk (though in those days we were in a 'short' part of the cycle so called it cf.ac.uk) and we spent an awful lot of time sorting out the mis-addressed mails to assorted Williamses, Joneses, etc. In a desperate attempt to create enough namespace we had got up to JonesB19, poor thing, if I remember rightly. Adding in a department subdomain would have helped, but landed us in the alternative purgatory of keeping up with departmental name changes (and indecisive students/staff) instead :-( Andrew -- Andrew Cormack, Chief Regulatory Adviser JANET(UK), Lumen House, Library Avenue, Harwell Science and Innovation Campus, Didcot, OX11 0SG, UK Phone: +44 (0) 1235 822302 Fax: +44 (0) 1235 822399 JANET, the UK's education and research network JANET(UK) is a trading name of The JNT Association, a company limited by guarantee which is registered in England under No. 2881024 and whose Registered Office is at Lumen House, Library Avenue, Harwell Science and Innovation Campus, Didcot, Oxfordshire. OX11 0SG From Andrew.Cormack at ja.net Tue Jan 12 17:42:36 2010 From: Andrew.Cormack at ja.net (Andrew Cormack) Date: Tue, 12 Jan 2010 17:42:36 -0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: <7c56b6b11001120742s58af7556i4c4de6e8b0e33538@mail.gmail.com> References: <4B4C5CC8.7020908@callnetuk.com><4B4C63E1.2060509@callnetuk.com><4B4C7913.9050605@bbk.ac.uk> <4B4C82D6.3000406@zen.co.uk><7DCA9AE9-53FE-485F-9016-C560EF689C56@batten.eu.org> <7c56b6b11001120742s58af7556i4c4de6e8b0e33538@mail.gmail.com> Message-ID: <6ED388AA006C454BA35B0098396B9BFB067EB4BB@uxsrvr20.atlas.ukerna.ac.uk> > -----Original Message----- > From: ukcrypto-bounces at chiark.greenend.org.uk [mailto:ukcrypto- > bounces at chiark.greenend.org.uk] On Behalf Of Ian Hill > Sent: 12 January 2010 15:43 > To: UK Cryptography Policy Discussion Group > Subject: Re: Nominet on their recent disconnection (or as they call it > - "suspension") spree > > On Tue, Jan 12, 2010 at 2:22 PM, Ian Batten wrote: > > On 12 Jan 10, at 1410, Peter Fairbrother wrote: > >> Data point, iirc Nominet don't have charge of .ac.uk addresses. > > When did that change? ?I thought Nominet inherited all the > responsibilities > > of the NRS, and Salford was there _mostly_ for uk.ac. > > http://www.ja.net/services/domain-name-registration.html > > "JANET(UK) became responsible for the administration and registration > of domain names under the ac.uk and gov.uk domains on 1 August 1996" > > > Ian Thanks. I knew it was before I joined. And the rules for eligibility, acceptability, etc are at http://www.ja.net/services/domain-name-registration/register.ac.uk/index.html Andrew -- Andrew Cormack, Chief Regulatory Adviser JANET(UK), Lumen House, Library Avenue, Harwell Science and Innovation Campus, Didcot, OX11 0SG, UK Phone: +44 (0) 1235 822302 Fax: +44 (0) 1235 822399 JANET, the UK's education and research network JANET(UK) is a trading name of The JNT Association, a company limited by guarantee which is registered in England under No. 2881024 and whose Registered Office is at Lumen House, Library Avenue, Harwell Science and Innovation Campus, Didcot, Oxfordshire. OX11 0SG From Ray.Bellis at nominet.org.uk Tue Jan 12 16:04:50 2010 From: Ray.Bellis at nominet.org.uk (Ray.Bellis at nominet.org.uk) Date: Tue, 12 Jan 2010 16:04:50 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: <4B4C82D6.3000406@zen.co.uk> References: <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> <4B4B2286.3040009@zen.co.uk> <4B4B75D9.6040000@ernest.net> <4B4C5CC8.7020908@callnetuk.com> <4B4C63E1.2060509@callnetuk.com> <4B4C7913.9050605@bbk.ac.uk> <4B4C82D6.3000406@zen.co.uk> Message-ID: > Data point, iirc Nominet don't have charge of .ac.uk addresses. No, we don't - it's all handled by JANET. Ray -------------- next part -------------- An HTML attachment was scrubbed... URL: From chl at clerew.man.ac.uk Tue Jan 12 18:15:15 2010 From: chl at clerew.man.ac.uk (Charles Lindsey) Date: Tue, 12 Jan 2010 18:15:15 -0000 Subject: Unpersons In-Reply-To: <4B4C9569.6030907@zen.co.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> <4B4B220A.8020304@zen.co.uk> <5QwedVxhT2SLFAxZ@perry.co.uk> <4B4BFC4A.5030403@zen.co.uk> <4B4C668F.80300@ernest.net> <4B4C9569.6030907@zen.co.uk> Message-ID: On Tue, 12 Jan 2010 15:29:45 -0000, Peter Fairbrother wrote: > M J D Brown wrote: > >> If RIPA says interception is making content available to a person, > > It doesn't say that. > > It says interception is if you take one of several actions "as to" make > content available. And it doesn't say that either. It says "... as to make content available ... to a person". Which is more or less what the OP said. -- Charles?H.?Lindsey?---------At?Home,?doing?my?own?thing------------------------ Tel:?+44?161?436?6131? ???Web:?http://www.cs.man.ac.uk/~chl Email:?chl at clerew.man.ac.uk??????Snail:?5?Clerewood?Ave,?CHEADLE,?SK8?3JU,?U.K. PGP:?2C15F1A9??????Fingerprint:?73?6D?C2?51?93?A0?01?E7?65?E8?64?7E?14?A4?AB?A5 From chl at clerew.man.ac.uk Tue Jan 12 18:19:35 2010 From: chl at clerew.man.ac.uk (Charles Lindsey) Date: Tue, 12 Jan 2010 18:19:35 -0000 Subject: Unpersons In-Reply-To: <4B4C8220.6050507@zen.co.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> <4B4B220A.8020304@zen.co.uk> <4B4BFDDF.7050300@zen.co.uk> <4B4C8220.6050507@zen.co.uk> Message-ID: On Tue, 12 Jan 2010 14:07:28 -0000, Peter Fairbrother wrote: > Charles Lindsey wrote: >> On Tue, 12 Jan 2010 04:43:11 -0000, Peter Fairbrother >> wrote: >> >>> Boxes don't intercept, people with boxes do. >> Not necessarily. >> I think we need to interpret "making it available ... to a person" as >> meaning "putting that person in a position where he is then able to >> read it (i.e. to read it without doing further hacking on the 'box')". > > I don't see any justification (or reason) for doing that. That's not > what RIPA says. Nor does RIPA say what "available" means, as you so frequently point out. So it is necessary to determine some plausible meaning for it before you can proceed further; which is precisely what my wording was attempting to do. My interpretation may or may not be wrong, but I doubt any Court would deny that it was at least an "arguable" position. -- Charles?H.?Lindsey?---------At?Home,?doing?my?own?thing------------------------ Tel:?+44?161?436?6131? ???Web:?http://www.cs.man.ac.uk/~chl Email:?chl at clerew.man.ac.uk??????Snail:?5?Clerewood?Ave,?CHEADLE,?SK8?3JU,?U.K. PGP:?2C15F1A9??????Fingerprint:?73?6D?C2?51?93?A0?01?E7?65?E8?64?7E?14?A4?AB?A5 From chl at clerew.man.ac.uk Tue Jan 12 18:24:06 2010 From: chl at clerew.man.ac.uk (Charles Lindsey) Date: Tue, 12 Jan 2010 18:24:06 -0000 Subject: Unpersons In-Reply-To: <4B4C69C8.1070000@zen.co.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> <4B4B1126.6060609@ernest.net> <4B4B74A9.5050300@ernest.net> <4B4C01AC.6010102@zen.co.uk> <4B4C69C8.1070000@zen.co.uk> Message-ID: On Tue, 12 Jan 2010 12:23:36 -0000, Peter Fairbrother wrote: > Charles Lindsey wrote: >> On Tue, 12 Jan 2010 04:59:24 -0000, Peter Fairbrother >> wrote: >> >>> I think if you can look at a situation from some point of view and >>> say, in *any* sense of the phrase, that content has been made >>> available, then it's interception. >> By that definition, the fact that messages in a mailbox are readable >> by root would already amount to "interception". > > There's no relevant action there (the only relevant actions are > modification of, interference with or monitoring of the system) to make > it interception. The "action" was to install UNIX in the first place. And if that does not count, then by the same argument you could buy a complete mail handling package' including a message filtration facility and ready to be used "out of the box". And you would perform no "action" other than installing it. -- Charles?H.?Lindsey?---------At?Home,?doing?my?own?thing------------------------ Tel:?+44?161?436?6131? ???Web:?http://www.cs.man.ac.uk/~chl Email:?chl at clerew.man.ac.uk??????Snail:?5?Clerewood?Ave,?CHEADLE,?SK8?3JU,?U.K. PGP:?2C15F1A9??????Fingerprint:?73?6D?C2?51?93?A0?01?E7?65?E8?64?7E?14?A4?AB?A5 From chl at clerew.man.ac.uk Tue Jan 12 18:27:32 2010 From: chl at clerew.man.ac.uk (Charles Lindsey) Date: Tue, 12 Jan 2010 18:27:32 -0000 Subject: Unpersons In-Reply-To: <4B4C670A.7090100@zen.co.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> <4B4B220A.8020304@zen.co.uk> <5QwedVxhT2SLFAxZ@perry.co.uk> <4B4BFC4A.5030403@zen.co.uk> <4B4C670A.7090100@zen.co.uk> Message-ID: On Tue, 12 Jan 2010 12:11:54 -0000, Peter Fairbrother wrote: > Charles Lindsey wrote: >> On Tue, 12 Jan 2010 04:36:26 -0000, Peter Fairbrother >> wrote: >> >>> Eh? >>> >>> The operation of a virus checker is interception because the virus >>> checker actually does look at emails (on behalf of a person). >> No. only if the virus checker (which was indeed coded by the "on >> behalf person") is so constructed that it makes the messages available >> to HIM. But if it merely autoamtically deletes or marks, then it has >> not made anything available to HIM. > > "Available" means that he can do something with it. In this case, that's > delete or mark the email. But "he" does not personally delete or mark the mail, or personally view it in any way, nor does the 'box' enable him to do so (unless he chooses to log on as "root", which any system admin is able to do). -- Charles?H.?Lindsey?---------At?Home,?doing?my?own?thing------------------------ Tel:?+44?161?436?6131? ???Web:?http://www.cs.man.ac.uk/~chl Email:?chl at clerew.man.ac.uk??????Snail:?5?Clerewood?Ave,?CHEADLE,?SK8?3JU,?U.K. PGP:?2C15F1A9??????Fingerprint:?73?6D?C2?51?93?A0?01?E7?65?E8?64?7E?14?A4?AB?A5 From chl at clerew.man.ac.uk Tue Jan 12 18:32:07 2010 From: chl at clerew.man.ac.uk (Charles Lindsey) Date: Tue, 12 Jan 2010 18:32:07 -0000 Subject: Spam-traps (was Unpersons) In-Reply-To: <001b01ca9359$28517580$78f46080$@net> References: <4B445388.5030704@callnetuk.com> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49F34A.9040400@ernest.net> <4B4A0442.80108@ernest.net> <4B4A0C93.9080301@ernest.net> <20FC33E9179A4B3A835CF1311E1C99EE@Powerstation> <6ED388AA006C454BA35B0098396B9BFB0670309B@uxsrvr20.atlas.ukerna.ac.uk> <3B468F8FA4CA4BD3A881CDDC279677A8@Powerstation> <6ED388AA006C454BA35B0098396B9BFB06703114@uxsrvr20.atlas.ukerna.ac.uk> <4B4B1B14.9000905@ernest.net> <4B4B2ED1.7020308@zen.co.uk> <4B4B31FF.3050801@ernest.net> <001b01ca9359$28517580$78f46080$@net> Message-ID: On Tue, 12 Jan 2010 07:30:44 -0000, James Firth wrote: > No. An IP blacklist coupled with protocols checks (peer SMTP server obeys > best practice, forward+reverse DNS match, Sender Policy Framework etc) > not > only avoids interception as it's only concerned with looking at > interactions > with the mail server itself but it also does not "throw away before you > see > it." If you believe that is a commendable way to do things, then I suggest you try emailing to a chiark addrss (to this list, ofr example) from a Hotmail account :-) . -- Charles?H.?Lindsey?---------At?Home,?doing?my?own?thing------------------------ Tel:?+44?161?436?6131? ???Web:?http://www.cs.man.ac.uk/~chl Email:?chl at clerew.man.ac.uk??????Snail:?5?Clerewood?Ave,?CHEADLE,?SK8?3JU,?U.K. PGP:?2C15F1A9??????Fingerprint:?73?6D?C2?51?93?A0?01?E7?65?E8?64?7E?14?A4?AB?A5 From nbohm at ernest.net Tue Jan 12 18:37:18 2010 From: nbohm at ernest.net (Nicholas Bohm) Date: Tue, 12 Jan 2010 18:37:18 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> <4B4B220A.8020304@zen.co.uk> <5QwedVxhT2SLFAxZ@perry.co.uk> <4B4BFC4A.5030403@zen.co.uk> <4B4C670A.7090100@zen.co.uk> Message-ID: <4B4CC15E.7070000@ernest.net> Charles Lindsey wrote: > On Tue, 12 Jan 2010 12:11:54 -0000, Peter Fairbrother > wrote: > >> Charles Lindsey wrote: >>> On Tue, 12 Jan 2010 04:36:26 -0000, Peter Fairbrother >>> wrote: >>> >>>> Eh? >>>> >>>> The operation of a virus checker is interception because the virus >>>> checker actually does look at emails (on behalf of a person). >>> No. only if the virus checker (which was indeed coded by the "on >>> behalf person") is so constructed that it makes the messages >>> available to HIM. But if it merely autoamtically deletes or marks, >>> then it has not made anything available to HIM. >> >> "Available" means that he can do something with it. In this case, >> that's delete or mark the email. > > But "he" does not personally delete or mark the mail, or personally > view it in any way, nor does the 'box' enable him to do so (unless he > chooses to log on as "root", which any system admin is able to do). > But because RIPA s16 says that an interception has already occurred before any such "personal" actions are taken, it follows that a "making available" has occurred whether or not they happen. That's why it seems to me that "making available" must be understood in a way that enables it to make sense consistently with s16. Nicholas -- Salkyns, Great Canfield, Takeley, Bishop's Stortford CM22 6SX, UK /Phone/ 01279 870285 (+44 1279 870285) /Mobile/ 07715 419728 (+44 7715 419728) /PGP public key ID:/ 0x899DD7FF /Fingerprint:/ 5248 1320 B42E 84FC 1E8B A9E6 0912 AE66 899D D7FF From David_Biggins at usermgmt.com Tue Jan 12 19:59:46 2010 From: David_Biggins at usermgmt.com (David Biggins) Date: Tue, 12 Jan 2010 19:59:46 -0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com><00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org><4B4619D8.6000101@callnetuk.com><1BEA602E6B1849E48279E004020C08A6@Powerstation><4B46C906.8050203@zen.co.uk><00D8A99FF3764B75861B5EE6A244ECD6@enigma><10A1C9C90C3C44F2832BADA91798C64F@Powerstation><4B491DD4.1030402@zen.co.uk><4B497A82.2000308@iosis.co.uk> <4B49B0E0.7010901@iosis.co.uk> Message-ID: > -----Original Message----- > From: ukcrypto-bounces at chiark.greenend.org.uk [mailto:ukcrypto- > bounces at chiark.greenend.org.uk] On Behalf Of Roland Perry > Sent: 10 January 2010 11:27 > To: ukcrypto at chiark.greenend.org.uk > Subject: Re: Unpersons > > In article <4B49B0E0.7010901 at iosis.co.uk>, Peter Tomlinson > writes > >> [1] You've deliberately set your email client to send all your > emails > >>to them, rather than any other SMTP service, after all. > > >I'm fairly certain that Virgin will not let me use another SMTP > service > >via their cable network I have never had any problems in using my own SMTP services over Virgin cable. That cannot of course be guaranteed into the future; I never had any problems accessing a remote server's SMB port either, until they stopped it a few months ago without notifying customers that they were doing so, though I got confirmation later. [ Yes, I had the server protected from access from other addresses by an external firewall, Yes I can still do it via a VPN - it's just an inconvenience in certain specific contexts ]. D. From fw at deneb.enyo.de Tue Jan 12 21:19:21 2010 From: fw at deneb.enyo.de (Florian Weimer) Date: Tue, 12 Jan 2010 22:19:21 +0100 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: <20100112130738.GH85880@davros.org> (Clive D. W. Feather's message of "Tue, 12 Jan 2010 13:07:38 +0000") References: <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> <4B4B2286.3040009@zen.co.uk> <4B4B75D9.6040000@ernest.net> <4B4C5CC8.7020908@callnetuk.com> <4B4C63E1.2060509@callnetuk.com> <20100112130738.GH85880@davros.org> Message-ID: <877hrnt412.fsf@mid.deneb.enyo.de> * Clive D. W. Feather: > What is actually happening is that someone (the police in this case) are > going to Nominet and saying "these domains appear to be being used for > unlawful purposes". Nominet are checking their records of the domain holder > ("registrant") and finding they are clearly junk. Therefore they suspend > the domains. > > If the records pointed to, or appeared to point to, a genuine person, > they would act rather differently. Of course, this will lead to addresses of innocent bystanders being used as the contact details. This can result in quite a mess if officials believe what they see in WHOIS records (which are still widely believed to be a source of universal truth, unfortunately). From lists at internetpolicyagency.com Tue Jan 12 21:47:38 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Tue, 12 Jan 2010 21:47:38 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: <877hrnt412.fsf@mid.deneb.enyo.de> References: <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> <4B4B2286.3040009@zen.co.uk> <4B4B75D9.6040000@ernest.net> <4B4C5CC8.7020908@callnetuk.com> <4B4C63E1.2060509@callnetuk.com> <20100112130738.GH85880@davros.org> <877hrnt412.fsf@mid.deneb.enyo.de> Message-ID: <$XXvscP63OTLFA4+@perry.co.uk> In article <877hrnt412.fsf at mid.deneb.enyo.de>, Florian Weimer writes >> If the records pointed to, or appeared to point to, a genuine person, >> they would act rather differently. > >Of course, this will lead to addresses of innocent bystanders being >used as the contact details. This can result in quite a mess if >officials believe what they see in WHOIS records (which are still >widely believed to be a source of universal truth, unfortunately). That's easily solved by contacting the people concerned and asking them to confirm the domain is theirs. If they don't reply convincingly in the affirmative, you can draw conclusions. -- Roland Perry From matthew at pemble.net Tue Jan 12 22:04:35 2010 From: matthew at pemble.net (Matthew Pemble) Date: Tue, 12 Jan 2010 22:04:35 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: <$XXvscP63OTLFA4+@perry.co.uk> References: <4B4B0996.9040107@ernest.net> <4B4B75D9.6040000@ernest.net> <4B4C5CC8.7020908@callnetuk.com> <4B4C63E1.2060509@callnetuk.com> <20100112130738.GH85880@davros.org> <877hrnt412.fsf@mid.deneb.enyo.de> <$XXvscP63OTLFA4+@perry.co.uk> Message-ID: Folks, 2010/1/12 Roland Perry : > In article <877hrnt412.fsf at mid.deneb.enyo.de>, Florian Weimer >> >> Of course, this will lead to addresses of innocent bystanders being >> used as the contact details. > > That's easily solved by contacting the people concerned and asking them to > confirm the domain is theirs. If they don't reply convincingly in the > affirmative, you can draw conclusions. Been there - banking fraud domains registered in the names of directors of the bank at the registered office address. Trying to explain to a call centre minion that whereas I was happy to send them a declaration under official letterhead, and agree the bank would bear liability if I was a fibbing twit, Sir xx yyy was not going to personally ring her to say he wasn't the registrant of onlyanidiotwouldfallforthis_majorukbank.com Fundamentally, I don't think we (not that we are any body that should have the power to) can agree any enforceable protocol that is both protective of what, I believe, we all agree at some level are important "rights" (accepting that some of us want them enforceable and some of us want them not disruptable) regarding freedom of speech and not able to be gamed by the bad people. YMMV. I would actually appreciate Mr Hansen's point of view on this, if he's around atm. M -- Matthew Pemble Technical Director, Idrach Ltd Mobile: +44 (0) 7595 652175 Office: + 44 (0) 1324 820690 From lists at internetpolicyagency.com Tue Jan 12 23:01:43 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Tue, 12 Jan 2010 23:01:43 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: References: <4B4B0996.9040107@ernest.net> <4B4B75D9.6040000@ernest.net> <4B4C5CC8.7020908@callnetuk.com> <4B4C63E1.2060509@callnetuk.com> <20100112130738.GH85880@davros.org> <877hrnt412.fsf@mid.deneb.enyo.de> <$XXvscP63OTLFA4+@perry.co.uk> Message-ID: In article , Matthew Pemble writes >>> Of course, this will lead to addresses of innocent bystanders being >>> used as the contact details. >> >> That's easily solved by contacting the people concerned and asking them to >> confirm the domain is theirs. If they don't reply convincingly in the >> affirmative, you can draw conclusions. > >Been there - banking fraud domains registered in the names of >directors of the bank at the registered office address. Trying to >explain to a call centre minion that whereas I was happy to send them >a declaration under official letterhead, and agree the bank would bear >liability if I was a fibbing twit, Sir xx yyy was not going to >personally ring her to say he wasn't the registrant of >onlyanidiotwouldfallforthis_majorukbank.com Can't you register the domain under the name of someone more accessible (eg) the IT manager, and later if you refuse to confirm the $phishing_bank.co.uk domain name using your credentials is yours, it's toast? -- Roland Perry From zenadsl6186 at zen.co.uk Wed Jan 13 06:26:44 2010 From: zenadsl6186 at zen.co.uk (Peter Fairbrother) Date: Wed, 13 Jan 2010 06:26:44 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> <4B4B220A.8020304@zen.co.uk> <5QwedVxhT2SLFAxZ@perry.co.uk> <4B4BFC4A.5030403@zen.co.uk> <4B4C670A.7090100@zen.co.uk> Message-ID: <4B4D67A4.4080003@zen.co.uk> Charles Lindsey wrote: > On Tue, 12 Jan 2010 12:11:54 -0000, Peter Fairbrother >> >> "Available" means that he can do something with it. In this case, >> that's delete or mark the email. > > But "he" does not personally delete or mark the mail, He gets a machine to do the deletion or marking for him rather than doing it himself. Legally speaking, that's still him doing it. It's his intent and action which caused the deletion or marking, without them it wouldn't have happened. -- Peter Fairbrother From zenadsl6186 at zen.co.uk Wed Jan 13 06:56:13 2010 From: zenadsl6186 at zen.co.uk (Peter Fairbrother) Date: Wed, 13 Jan 2010 06:56:13 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> <4B4B220A.8020304@zen.co.uk> <4B4BFDDF.7050300@zen.co.uk> <4B4C8220.6050507@zen.co.uk> Message-ID: <4B4D6E8D.2030504@zen.co.uk> Charles Lindsey wrote: > On Tue, 12 Jan 2010 14:07:28 -0000, Peter Fairbrother > wrote: > >> Charles Lindsey wrote: >>> On Tue, 12 Jan 2010 04:43:11 -0000, Peter Fairbrother >>> wrote: >>> >>>> Boxes don't intercept, people with boxes do. >>> Not necessarily. >>> I think we need to interpret "making it available ... to a person" >>> as meaning "putting that person in a position where he is then able >>> to read it (i.e. to read it without doing further hacking on the >>> 'box')". >> >> I don't see any justification (or reason) for doing that. That's not >> what RIPA says. > > Nor does RIPA say what "available" means, as you so frequently point > out. So it is necessary to determine some plausible meaning for it > before you can proceed further; which is precisely what my wording was > attempting to do. You seem to be under the misapprehension that something is either available or it isn't, when the meaning of "available" isn't closely specified. This is not so - change the specification and whether it's available or not changes. There is no absolute definition of availability, as it changes with your point of view - and there doesn't need to be one. We are not concerned whether something is available or not, in some absolute sense of the word available (which doesn't exist) - we are only concerned with whether or not something has been "made available". Availability doesn't mean anything at all unless you specify the exact circumstances, ie what it is available for, and what else you need to do in order to use the thing. These is often implicit, but not always. There is little in RIPA to imply what these circumstances are, and I think that's deliberate - there is no need to specify them, we have to be able to consider all possible sets of circumstances. If we can find one set of potential circumstances, and say that in those circumstances you could do something with content which you couldn't do if the action in question had not occurred, then content has been made available in those circumstances - and if that action is modification, interference or monitoring, then it's interception. (though we also have to consider the meaning of "as to" as well, ie the way in which the action changed the availability in our potential circumstances, the intent of the person doing the action, and so on. So changing a box to UNIX would probably not be interception, even though it did make content available in some sense - unless you installed UNIX in order to be able to use content for something. Just installing a UNIX box de novo wouldn't be interception, as it isn't monitoring or modification - though if you chose a UNIX box rather than another box because it gave greater access to content then the action of choosing might be modification, and you're busted again.) -- Peter Fairbrother From maryhawking at tigers.demon.co.uk Wed Jan 13 07:35:57 2010 From: maryhawking at tigers.demon.co.uk (Mary Hawking) Date: Wed, 13 Jan 2010 07:35:57 +0000 Subject: Should the US enforce it's laws the Chinese way? Message-ID: In The Register today, there is a report of a British citizen who was an executive of Bretonsports being jailed for 33 months in the USA for offences against, according to the Register, an Act passed after his arrest and relating to a business in Costa Rica, i.e. not in US territory. http://www.theregister.co.uk/2010/01/12/betonsports_prison/ China and, according to one of the comments, Australia, simply block access to sites considered illegal in their countries - so the technology obviously exists. Couple of questions:- 1. is it true that the arrest in this case was made before the legislation was passed or signed into law? (Arrest according to article in Dallas when in transit to Costa Rica) and if so, does the same apply to all legislation in the process of being approved in the USA? 2. Is US law enforcable in countries where the activity is *not* illegal? And if so, is this reciprocal? E.g. how about some of the spam and porn sites in the USA which breach UK and EU legislation (from comments)? 3. If Australia - and China - can prevent their citizens accessing illegal - or inconvenient - websites, why don't other governments "protect" their citizens in a similar way? And just a question: is it illegal for US *citizens* to gamble on-line, if so, does this apply world-wide? I.e. if you gamble on-line while on holiday in the UK, are you in danger of arrest on returning home? Funny old world! Mary Hawking -- Mary Hawking From lists at internetpolicyagency.com Wed Jan 13 08:52:49 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Wed, 13 Jan 2010 08:52:49 +0000 Subject: Should the US enforce it's laws the Chinese way? In-Reply-To: References: Message-ID: <00hdExahnYTLFAaW@perry.co.uk> In article , Mary Hawking writes >2. Is US law enforcable in countries where the activity is *not* >illegal? UK has laws about sex tourism. >3. If Australia - and China - can prevent their citizens accessing >illegal - or inconvenient - websites, why don't other governments >"protect" their citizens in a similar way? Cleanfeed (but wider deployment is a hot potato politically). -- Roland Perry From lists at internetpolicyagency.com Wed Jan 13 09:25:58 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Wed, 13 Jan 2010 09:25:58 +0000 Subject: Unpersons In-Reply-To: <4B4D67A4.4080003@zen.co.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> <4B4B220A.8020304@zen.co.uk> <5QwedVxhT2SLFAxZ@perry.co.uk> <4B4BFC4A.5030403@zen.co.uk> <4B4C670A.7090100@zen.co.uk> <4B4D67A4.4080003@zen.co.uk> Message-ID: In article <4B4D67A4.4080003 at zen.co.uk>, Peter Fairbrother writes >>> "Available" means that he can do something with it. In this case, >>>that's delete or mark the email. >> But "he" does not personally delete or mark the mail, > >He gets a machine to do the deletion or marking for him rather than >doing it himself. > >Legally speaking, that's still him doing it. > >It's his intent and action which caused the deletion or marking, >without them it wouldn't have happened. The marking and deleting is not a RIPA offence, however. (Even if deciding which to mark or delete might be - hence this debate). In article <4B4D6E8D.2030504 at zen.co.uk>, Peter Fairbrother writes >If we can find one set of potential circumstances, and say that in >those circumstances you could do something with content which you >couldn't do if the action in question had not occurred, then content >has been made available in those circumstances But often only available to a machine, not a person. >- and if that action is modification, interference or monitoring, then >it's interception. And there seems to be a lack of consensus as to whether merely adding (on the side) a machine to a network is modifying it. But I'm sure that the network is defined to include all machines connected to it, so adding another machine is increasing the size of the network, which is surely a modification. -- Roland Perry From matthew at pemble.net Wed Jan 13 09:45:53 2010 From: matthew at pemble.net (Matthew Pemble) Date: Wed, 13 Jan 2010 09:45:53 +0000 Subject: Should the US enforce it's laws the Chinese way? In-Reply-To: References: Message-ID: Folks, 2010/1/13 Mary Hawking : > China and, according to one of the comments, Australia, simply block access > to sites considered illegal in their countries - so the technology obviously > exists. Not competently, however - even in the Chinese case it can be worked around. > > Couple of questions:- > 1. is it true that the arrest in this case was made before the legislation > was passed or signed into law? (Arrest according to article in Dallas when > in transit to Costa Rica) and if so, does the same apply to all legislation > in the process of being approved in the USA? IIRC it was already generally illegal for US citizens to gamble across state lines - there was much discussion about whether this prohibited online gambling or not. Rather than wait for a case to make it to the Supreme Court, they passed additional legislation to make it clear. Carruthers was arrested under the deliberately broad "anti-racketeering" laws the Yanks passed in the '20s. Compare this, say, with the "is DDoS illegal" debate in the UK. > 2. Is US law enforcable in countries where the activity is *not* illegal? > And if so, is this reciprocal? E.g. how about some of the spam and porn > sites in the USA which breach UK and EU legislation (from comments)? Sometimes & rarely. It depends on the extradition arrangements between the countries. Normal, sensible, countries require that the activities in question would be a crime in their own jurisdictions. However, and if I'm wrong I'm sure the lawyers will correct me, s11 (Bars to Extradition) of the Extradition Act 2003, referring to "Category 1 territories", does not appear to make any reference to the offence being chargeable in the UK. In fact, s12(a) specifically states "conduct constituting the extradition offence constituted an offence in the part of the United Kingdom where the judge exercises jurisdiction" - so the unlawyerly assumption would be that such considerations do not play a part in the rest of that section. > 3. If Australia - and China - can prevent their citizens accessing illegal - > or inconvenient - websites, why don't other governments "protect" their > citizens in a similar way? Well, as Roland said, we do (for some things) but the USians can't - they tried it with the Communications Decency Act but this was over-turned as unconstitutional (on free speech grounds). They do have COPPA and CIPA but these are specifically focused on children and there are additional restrictions engineered to prevent challenge under the First Amendment. > Funny old world! Always has been. -- Matthew Pemble Technical Director, Idrach Ltd Mobile: +44 (0) 7595 652175 Office: + 44 (0) 1324 820690 From Andrew.Cormack at ja.net Wed Jan 13 09:50:48 2010 From: Andrew.Cormack at ja.net (Andrew Cormack) Date: Wed, 13 Jan 2010 09:50:48 -0000 Subject: Should the US enforce it's laws the Chinese way? In-Reply-To: <00hdExahnYTLFAaW@perry.co.uk> References: <00hdExahnYTLFAaW@perry.co.uk> Message-ID: <6ED388AA006C454BA35B0098396B9BFB067EB53F@uxsrvr20.atlas.ukerna.ac.uk> > -----Original Message----- > From: ukcrypto-bounces at chiark.greenend.org.uk [mailto:ukcrypto- > bounces at chiark.greenend.org.uk] On Behalf Of Roland Perry > Sent: 13 January 2010 08:53 > To: ukcrypto at chiark.greenend.org.uk > Subject: Re: Should the US enforce it's laws the Chinese way? > > In article , Mary Hawking > writes > > >2. Is US law enforcable in countries where the activity is *not* > >illegal? > > UK has laws about sex tourism. > > >3. If Australia - and China - can prevent their citizens accessing > >illegal - or inconvenient - websites, why don't other governments > >"protect" their citizens in a similar way? > > Cleanfeed (but wider deployment is a hot potato politically). Also worth noting that things like Cleanfeed are easily circumvented if you want to. Filtering indecent images can work because people want to be protected from accessing them; blocking sites that people want to get at is much harder and probably requires levels of interference with the infrastructure beyond what's acceptable in the UK at the moment. Andrew > Roland Perry From tony.naggs at googlemail.com Wed Jan 13 10:08:36 2010 From: tony.naggs at googlemail.com (Tony Naggs) Date: Wed, 13 Jan 2010 10:08:36 +0000 Subject: Should the US enforce it's laws the Chinese way? In-Reply-To: References: Message-ID: 2010/1/13 Mary Hawking : > 3. If Australia - and China - can prevent their citizens accessing illegal - > or inconvenient - websites, why don't other governments "protect" their > citizens in a similar way? China bans the importation of pornography such as Playboy magazine and blocks the Playboy website, yet the children's department of many clothing stores has racks of garments and accessories adorned with the Playboy logo. Not very joined up! Also pornography seems very available anyway, when I have walked alone around central Beijing most of the sellers accosting me are selling porn DVDs. China has one advantage over Western countries in doing this, as their army of people identifying circumscribed material to be blocked are relatively cheap to employ. In any case, as others have mentioned, the various technical measures have gaps or can be bypassed by the determined. Regards, Tony From zenadsl6186 at zen.co.uk Wed Jan 13 10:24:48 2010 From: zenadsl6186 at zen.co.uk (Peter Fairbrother) Date: Wed, 13 Jan 2010 10:24:48 +0000 Subject: Should the US enforce it's laws the Chinese way? In-Reply-To: References: Message-ID: <4B4D9F70.1030209@zen.co.uk> Tony Naggs wrote: > 2010/1/13 Mary Hawking : >> 3. If Australia - and China - can prevent their citizens accessing illegal - >> or inconvenient - websites, why don't other governments "protect" their >> citizens in a similar way? > > China bans the importation of pornography such as Playboy magazine and > blocks the Playboy website, yet the children's department of many > clothing stores has racks of garments and accessories adorned with the > Playboy logo. Not very joined up! Also pornography seems very > available anyway, when I have walked alone around central Beijing most > of the sellers accosting me are selling porn DVDs. > > China has one advantage over Western countries in doing this, as their > army of people identifying circumscribed material to be blocked are > relatively cheap to employ. > > In any case, as others have mentioned, the various technical measures > have gaps or can be bypassed by the determined. And Google now seem to be refusing to filter and block content to the Chinese: http://www.theregister.co.uk/2010/01/13/google_china/ Google doing good at the expense of their balance sheet? Must be shome mishtake -- Peter Fairbrother From otcbn at callnetuk.com Wed Jan 13 10:37:00 2010 From: otcbn at callnetuk.com (Pete Mitchell) Date: Wed, 13 Jan 2010 10:37:00 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: References: <87wrzpkoye.fsf@mid.deneb.enyo.de> <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> <4B4B2286.3040009@zen.co.uk> <4B4B75D9.6040000@ernest.net> <4B4C5CC8.7020908@callnetuk.com> Message-ID: <4B4DA24C.6090309@callnetuk.com> Roland Perry wrote on 12-01-10 13:14: > The speech in question is commercial speech, So it is alleged in the case described on The Register. But if the police can issue extra-legal "instructions" in such cases they can presumably issue them in others. Perhaps even the Islam4UK case. > which is a slightly > different kettle of worms. As a matter of public policy I doubt the > founding fathers (and remember we don't yet live in the USA) would want > to give immunity to scammers by protecting their lies. I expect they would want to see the epithets "scammer" and "lies" examined by a court rather than merely asserted by the police. Dirty pinko liberals that they were. -- Pete Mitchell From otcbn at callnetuk.com Wed Jan 13 10:38:20 2010 From: otcbn at callnetuk.com (Pete Mitchell) Date: Wed, 13 Jan 2010 10:38:20 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: <1HxtIdpjdHTLFAp4@perry.co.uk> References: <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> <4B4B2286.3040009@zen.co.uk> <4B4B75D9.6040000@ernest.net> <4B4C5CC8.7020908@callnetuk.com> <4B4C63E1.2060509@callnetuk.com> <20100112130738.GH85880@davros.org> <1HxtIdpjdHTLFAp4@perry.co.uk> Message-ID: <4B4DA29C.3080409@callnetuk.com> Roland Perry wrote on 12-01-10 13:21: > In article <20100112130738.GH85880 at davros.org>, Clive D.W. Feather > writes >> If your publicity is based around your domain name, then it is a major >> issue to get it changed. > > Which (if your business is one of those) is an incentive not to use the > domain name for illegal purposes, Of which criterion the police shall be the sole arbiters? or indeed outside the relevant AUP. I'll bet that ninety per cent of registrations have at least one wrong or outdated piece of information on them. Very convenient, of course. -- Pete Mitchell From ukcrypto at airburst.co.uk Wed Jan 13 10:46:42 2010 From: ukcrypto at airburst.co.uk (Mark Cottle) Date: Wed, 13 Jan 2010 10:46:42 -0000 Subject: Should the US enforce it's laws the Chinese way? In-Reply-To: Message-ID: <4B4DA492.6619.931C21@ukcrypto.airburst.co.uk> Actually, both the Register article and the FBI statement are slightly ambiguous about the exact legislation under which he was prosecuted. The Register refers to: "...the Ports Act which would have made prosecutions easier." Which suggests to me that he could have been prosecuted under some existing anti-gaming law and that the legislation passed after his arrest is merely something which will make such prosecutions easier in future. I am not familiar with the details of the case so I can't say for certain. Regardless of this detail, the FBI statement does suggest the US is seeking to apply its domestic laws beyond its borders. Obviously that raises potentially troubling issues even if there is precedent for national law to be applied beyond national boundaries (eg. I believe the position of UK law is that it has 'universal jurisdiction' over the crimes of torture, hostage-taking and war crimes). Clearly difficulties arise when there's a lack of broad and consistent international recognition of the alleged offences - or, for that matter, their relative seriousness (eg. in the Gary McKinnon case I suspect there's a general recognition that his actions were "wrong" but many here see him as a person with diminished responsibility who did no great damage, while the US authorities seem to see him as a terrorist monster who tried to destroy major defence networks). The difficulties become complex when one jurisdiction sees a crime in what another jurisdiction regards as free speech or the exercise of legitimate rights to trade. As someone who still has some neo-realist thinking mixed in with my other thoughts on international relations I tend to the view that there simply is no enforceable answer founded on universal morals and that practical reality unfortunately comes down to the relative power of states to force their will upon others. In short, the US will do what it wants because no one has the ability to stop them. It would be interesting to see what happened if a European nation tried to prosecute a US citizen who was a major spammer or pornographer and who happened to pass through a European airport. I suspect the diplomatic and other pressure from the US would be substantial and aggressive. And in the case of the UK government (which has already caved in over a palpably asymmetric extradition treaty) I suspect the US would get its way. As noted in the original post, prosecution of individuals is only one of the options open to US authorities. I suspect it is the chosen option because it is the easiest to implement and perhaps because it is considered efficient in cost/benefit terms. Given the nature of US laws on protection of free speech I imagine there might be legal difficulties in using technical measures to block access to websites (ianal though). In addition, technical measures to block selected websites are far from straightforward and reliable (as shown by the work of others on this list). It's one thing for Chinese and Australian governments to talk about total blocking, its another matter to implement such things. Much easier to try to scare off businesses by conducting a few high-visibility prosecutions which leave executives with the thought that they might be whisked off to a hellish jail system if they happen to come within the grasp of US authorities. It's possible the position of the US authorities might be that BetOnSport was conducting activity within the USA because people there were placing bets (I don't know how transactions were conducted so I'm just guessing - but the US customers would have to have paid out money to someone). As for US citizens committing crimes if they gamble while abroad - I think that's unlikely. It would be very odd if things were otherwise. US citizens don't commit crimes by going to gamble in Las Vegas or in one of the native American administered areas that allow gambling so why should other countries present a problem (other than loss of revenue to the US economy). I suppose if someone was daft enough to start an online gambling service in a part of the USA where gambling is illegal and if someone else was hapless enough to use such a service then there could be trouble - but that's an unlikely scenario. On 13 Jan 2010 at 7:35, Mary Hawking wrote: > In The Register today, there is a report of a British citizen who was an > executive of Bretonsports being jailed for 33 months in the USA for > offences against, according to the Register, an Act passed after his > arrest and relating to a business in Costa Rica, i.e. not in US > territory. > http://www.theregister.co.uk/2010/01/12/betonsports_prison/ > > China and, according to one of the comments, Australia, simply block > access to sites considered illegal in their countries - so the > technology obviously exists. > > Couple of questions:- > 1. is it true that the arrest in this case was made before the > legislation was passed or signed into law? (Arrest according to article > in Dallas when in transit to Costa Rica) and if so, does the same apply > to all legislation in the process of being approved in the USA? > > 2. Is US law enforcable in countries where the activity is *not* > illegal? And if so, is this reciprocal? E.g. how about some of the spam > and porn sites in the USA which breach UK and EU legislation (from > comments)? > > 3. If Australia - and China - can prevent their citizens accessing > illegal - or inconvenient - websites, why don't other governments > "protect" their citizens in a similar way? > > And just a question: is it illegal for US *citizens* to gamble on-line, > if so, does this apply world-wide? > I.e. if you gamble on-line while on holiday in the UK, are you in danger > of arrest on returning home? > > Funny old world! > > Mary Hawking > -- > Mary Hawking > > From chl at clerew.man.ac.uk Wed Jan 13 10:51:00 2010 From: chl at clerew.man.ac.uk (Charles Lindsey) Date: Wed, 13 Jan 2010 10:51:00 -0000 Subject: Unpersons In-Reply-To: <4B4D6E8D.2030504@zen.co.uk> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> <4B4B220A.8020304@zen.co.uk> <4B4BFDDF.7050300@zen.co.uk> <4B4C8220.6050507@zen.co.uk> <4B4D6E8D.2030504@zen.co.uk> Message-ID: On Wed, 13 Jan 2010 06:56:13 -0000, Peter Fairbrother wrote: > There is no absolute definition of availability, as it changes with your > point of view - and there doesn't need to be one. > > We are not concerned whether something is available or not, in some > absolute sense of the word available (which doesn't exist) - we are only > concerned with whether or not something has been "made available". You can't attach any meaning to "made available" unless you can first attach some meaning to "available". And ultimately it is the courts that will decide, and yet you have not addressed my question as to whether the definition I had proposed was at least an arguable position. > If we can find one set of potential circumstances, and say that in those > circumstances you could do something with content which you couldn't do > if the action in question had not occurred, then content has been made > available in those circumstances - and if that action is modification, > interference or monitoring, then it's interception. Yes, that's a reasonable definition. But who is the "you" that you refer to? To be interception, "you" must be "a person". But if the box is so designed that "you" (a person) are not enabled to do anything by studying the content yourself (e.g. in order to decide in some borderline case whether or not it is spam), then the content is not available to "you", and hence the box has not "made it available" to you. The most you have done is to provide the box with a set of rules (quite complex maybe) which it then follows blindly in order to delete or mark certain mails. But "you" have no fine control over borderline cases, and you have no idea how well the box is performing unless you provide it with test cases (or, better, with messages caught by your honeypot), or until some outraged customer complains to you that his valuable mails have been dropped, or alternatively that you have failed to stop him from receiving bucket loads of spam (in both of which cases he can quite legally provide you with examples). > So changing a box to UNIX would probably not be interception, even > though it did make content available in some sense - unless you > installed UNIX in order to be able to use content for something. The more interesting case is where you have bought a complete off-the-peg mail handling package that has a spam filter already built into it. -- Charles?H.?Lindsey?---------At?Home,?doing?my?own?thing------------------------ Tel:?+44?161?436?6131? ???Web:?http://www.cs.man.ac.uk/~chl Email:?chl at clerew.man.ac.uk??????Snail:?5?Clerewood?Ave,?CHEADLE,?SK8?3JU,?U.K. PGP:?2C15F1A9??????Fingerprint:?73?6D?C2?51?93?A0?01?E7?65?E8?64?7E?14?A4?AB?A5 From chl at clerew.man.ac.uk Wed Jan 13 10:56:57 2010 From: chl at clerew.man.ac.uk (Charles Lindsey) Date: Wed, 13 Jan 2010 10:56:57 -0000 Subject: Unpersons In-Reply-To: <4B4CC15E.7070000@ernest.net> References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> <4B4B220A.8020304@zen.co.uk> <5QwedVxhT2SLFAxZ@perry.co.uk> <4B4BFC4A.5030403@zen.co.uk> <4B4C670A.7090100@zen.co.uk> <4B4CC15E.7070000@ernest.net> Message-ID: On Tue, 12 Jan 2010 18:37:18 -0000, Nicholas Bohm wrote: > Charles Lindsey wrote: >> But "he" does not personally delete or mark the mail, or personally >> view it in any way, nor does the 'box' enable him to do so (unless he >> chooses to log on as "root", which any system admin is able to do). >> > But because RIPA s16 says that an interception has already occurred > before any such "personal" actions are taken, it follows that a "making > available" has occurred whether or not they happen. That's why it seems > to me that "making available" must be understood in a way that enables > it to make sense consistently with s16. But the case I am discussing is that in which no 'such "personal" actions' are taken and, indeed, where the box provides no facilities to enable such personal actions. -- Charles?H.?Lindsey?---------At?Home,?doing?my?own?thing------------------------ Tel:?+44?161?436?6131? ???Web:?http://www.cs.man.ac.uk/~chl Email:?chl at clerew.man.ac.uk??????Snail:?5?Clerewood?Ave,?CHEADLE,?SK8?3JU,?U.K. PGP:?2C15F1A9??????Fingerprint:?73?6D?C2?51?93?A0?01?E7?65?E8?64?7E?14?A4?AB?A5 From ukcrypto at airburst.co.uk Wed Jan 13 11:02:22 2010 From: ukcrypto at airburst.co.uk (Mark Cottle) Date: Wed, 13 Jan 2010 11:02:22 -0000 Subject: Should the US enforce it's laws the Chinese way? In-Reply-To: References: Message-ID: <4B4DA83E.13323.A17561@ukcrypto.airburst.co.uk> On 13 Jan 2010 at 10:08, Tony Naggs wrote: > 2010/1/13 Mary Hawking : > > 3. If Australia - and China - can prevent their citizens accessing illegal - > > or inconvenient - websites, why don't other governments "protect" their > > citizens in a similar way? > > China bans the importation of pornography such as Playboy magazine and > blocks the Playboy website, yet the children's department of many > clothing stores has racks of garments and accessories adorned with the > Playboy logo. Not very joined up! Also pornography seems very > available anyway, when I have walked alone around central Beijing most > of the sellers accosting me are selling porn DVDs. > I suspect there is an economic motivation that complicates the legal/moral motivation for blocking Playboy and its like. I'm guessing the porn on sale tends to be Chinese-made - which would mean there would be vested interests who might use bribery or other means to make it less desirable for the police to crack down on the business. There are also issues of scale and diversity - Playboy is one big high-visibility target that's easy to block whereas the domestic industry in China is likely to have a lot of players who are good at being only as visible as they need to be. I'm not saying the Chinese police ignore domestic porn, just that, for various reasons, they're unlilely to eradicate it. > China has one advantage over Western countries in doing this, as their > army of people identifying circumscribed material to be blocked are > relatively cheap to employ. > But, in a country that represents a seventh of the global population, there are a heck of a lot of people who might be involved in circumventing controls. From ukcrypto at airburst.co.uk Wed Jan 13 11:04:00 2010 From: ukcrypto at airburst.co.uk (Mark Cottle) Date: Wed, 13 Jan 2010 11:04:00 -0000 Subject: Should the US enforce it's laws the Chinese way? In-Reply-To: <4B4D9F70.1030209@zen.co.uk> References: Message-ID: <4B4DA8A0.16490.A2F1A7@ukcrypto.airburst.co.uk> On 13 Jan 2010 at 10:24, Peter Fairbrother wrote: > Tony Naggs wrote: > > 2010/1/13 Mary Hawking : > And Google now seem to be refusing to filter and block content to the > Chinese: > > http://www.theregister.co.uk/2010/01/13/google_china/ > > Google doing good at the expense of their balance sheet? Must be shome > mishtake > No, simply economics in action. Which is one reason why security economics should become a very important subject. From lists at internetpolicyagency.com Wed Jan 13 11:02:51 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Wed, 13 Jan 2010 11:02:51 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: <4B4DA24C.6090309@callnetuk.com> References: <87wrzpkoye.fsf@mid.deneb.enyo.de> <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> <4B4B2286.3040009@zen.co.uk> <4B4B75D9.6040000@ernest.net> <4B4C5CC8.7020908@callnetuk.com> <4B4DA24C.6090309@callnetuk.com> Message-ID: <4YvevaibhaTLFA5b@perry.co.uk> In article <4B4DA24C.6090309 at callnetuk.com>, Pete Mitchell writes >Roland Perry wrote on 12-01-10 13:14: >> The speech in question is commercial speech, > >So it is alleged in the case described on The Register. But if the >police can issue extra-legal "instructions" in such cases they can >presumably issue them in others. Perhaps even the Islam4UK case. Each case needs to be treated on its own merits. >> which is a slightly different kettle of worms. As a matter of public >>policy I doubt the founding fathers (and remember we don't yet live >>in the USA) would want to give immunity to scammers by protecting >>their lies. > >I expect they would want to see the epithets "scammer" and "lies" >examined by a court rather than merely asserted by the police. There have been plenty of examples given in this thread where misdeeds are commonly dealt with, outside the court system. -- Roland Perry From lists at internetpolicyagency.com Wed Jan 13 11:05:22 2010 From: lists at internetpolicyagency.com (Roland Perry) Date: Wed, 13 Jan 2010 11:05:22 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: <4B4DA29C.3080409@callnetuk.com> References: <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> <4B4B2286.3040009@zen.co.uk> <4B4B75D9.6040000@ernest.net> <4B4C5CC8.7020908@callnetuk.com> <4B4C63E1.2060509@callnetuk.com> <20100112130738.GH85880@davros.org> <1HxtIdpjdHTLFAp4@perry.co.uk> <4B4DA29C.3080409@callnetuk.com> Message-ID: In article <4B4DA29C.3080409 at callnetuk.com>, Pete Mitchell writes >>> If your publicity is based around your domain name, then it is a major >>> issue to get it changed. >> Which (if your business is one of those) is an incentive not to use >>the domain name for illegal purposes, > >Of which criterion the police shall be the sole arbiters? I didn't see anyone suggesting that. >or indeed outside the relevant AUP. > >I'll bet that ninety per cent of registrations have at least one wrong >or outdated piece of information on them. Very convenient, of course. As all they consist of is name and address, 90% seems a vast over-estimate. Of course, they may well be hundreds of people called Mickey Mouse living in Buckingham Palace - no doubt a court would like to investigate every single one just to make sure? -- Roland Perry From nbohm at ernest.net Wed Jan 13 11:54:48 2010 From: nbohm at ernest.net (Nicholas Bohm) Date: Wed, 13 Jan 2010 11:54:48 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> <4B4B220A.8020304@zen.co.uk> <5QwedVxhT2SLFAxZ@perry.co.uk> <4B4BFC4A.5030403@zen.co.uk> <4B4C670A.7090100@zen.co.uk> <4B4CC15E.7070000@ernest.net> Message-ID: <4B4DB488.4040000@ernest.net> Charles Lindsey wrote: > On Tue, 12 Jan 2010 18:37:18 -0000, Nicholas Bohm > wrote: > >> Charles Lindsey wrote: > >>> But "he" does not personally delete or mark the mail, or personally >>> view it in any way, nor does the 'box' enable him to do so (unless he >>> chooses to log on as "root", which any system admin is able to do). >>> >> But because RIPA s16 says that an interception has already occurred >> before any such "personal" actions are taken, it follows that a "making >> available" has occurred whether or not they happen. That's why it seems >> to me that "making available" must be understood in a way that enables >> it to make sense consistently with s16. > > But the case I am discussing is that in which no 'such "personal" > actions' are taken and, indeed, where the box provides no facilities > to enable such personal actions. > As I said, a "making available" has occurred whether or not such actions are taken. And bear in mind that boxes do not (yet) act autonomously - they do what persons set them up to do, and their acts are the therefore the acts of the persons in question. Nicholas -- Salkyns, Great Canfield, Takeley, Bishop's Stortford CM22 6SX, UK /Phone/ 01279 870285 (+44 1279 870285) /Mobile/ 07715 419728 (+44 7715 419728) /PGP public key ID:/ 0x899DD7FF /Fingerprint:/ 5248 1320 B42E 84FC 1E8B A9E6 0912 AE66 899D D7FF From zenadsl6186 at zen.co.uk Wed Jan 13 12:03:13 2010 From: zenadsl6186 at zen.co.uk (Peter Fairbrother) Date: Wed, 13 Jan 2010 12:03:13 +0000 Subject: Unpersons In-Reply-To: References: <4B445388.5030704@callnetuk.com> <00019DE1-E549-40E0-8768-3244D0C9B9F1@batten.eu.org> <4B4619D8.6000101@callnetuk.com> <1BEA602E6B1849E48279E004020C08A6@Powerstation> <4B46C906.8050203@zen.co.uk> <00D8A99FF3764B75861B5EE6A244ECD6@enigma> <10A1C9C90C3C44F2832BADA91798C64F@Powerstation> <4B491DD4.1030402@zen.co.uk> <4B49BAAB.1040408@zen.co.uk> <4B4B220A.8020304@zen.co.uk> <5QwedVxhT2SLFAxZ@perry.co.uk> <4B4BFC4A.5030403@zen.co.uk> <4B4C670A.7090100@zen.co.uk> <4B4CC15E.7070000@ernest.net> Message-ID: <4B4DB681.9020002@zen.co.uk> Charles Lindsey wrote: > On Tue, 12 Jan 2010 18:37:18 -0000, Nicholas Bohm wrote: > >> Charles Lindsey wrote: > >>> But "he" does not personally delete or mark the mail, or personally >>> view it in any way, nor does the 'box' enable him to do so (unless he >>> chooses to log on as "root", which any system admin is able to do). >>> >> But because RIPA s16 says that an interception has already occurred >> before any such "personal" actions are taken, it follows that a "making >> available" has occurred whether or not they happen. That's why it seems >> to me that "making available" must be understood in a way that enables >> it to make sense consistently with s16. > > But the case I am discussing is that in which no 'such "personal" > actions' are taken and, indeed, where the box provides no facilities to > enable such personal actions. Yes, personal actions are taken, at least in legal terms - the box has done something for him, and in law, that means he did it. It doesn't make any difference whether he got a box to do it, or used his fingers. That's the way the law works, and very sensible it is. Otherwise you could say "I just pulled the trigger, the bullet and the gun did the killing". -- Peter Fairbrother From zenadsl6186 at zen.co.uk Wed Jan 13 12:11:13 2010 From: zenadsl6186 at zen.co.uk (Peter Fairbrother) Date: Wed, 13 Jan 2010 12:11:13 +0000 Subject: Nominet on their recent disconnection (or as they call it - "suspension") spree In-Reply-To: References: <4B4B0996.9040107@ernest.net> <87r5pwkg17.fsf@mid.deneb.enyo.de> <4B4B2286.3040009@zen.co.uk> <4B4B75D9.6040000@ernest.net> <4B4C5CC8.7020908@callnetuk.com> <4B4C63E1.2060509@callnetuk.com> <20100112130738.GH85880@davros.org> <1HxtIdpjdHTLFAp4@perry.co.uk> <4B4DA29C.3080409@callnetuk.com> Message-ID: <4B4DB861.7000908@zen.co.uk> Roland Perry wrote: > In article <4B4DA29C.3080409 at callnetuk.com>, Pete Mitchell > writes > >>>> If your publicity is based around your domain name, then it is a major >>>> issue to get it changed. >>> Which (if your business is one of those) is an incentive not to use >>> the domain name for illegal purposes, >> >> Of which criterion the police shall be the sole arbiters? > > I didn't see anyone suggesting that. The Police seem to be ... >> or indeed outside the relevant AUP. >> >> I'll bet that ninety per cent of registrations have at least one wrong >> or outdated piece of information