[LINK] internet chapter of secret ACTA draft leaked

Kim Holburn kim at holburn.net
Tue Feb 23 20:07:56 AEDT 2010


On 2010/Feb/23, at 4:57 PM, James Collins wrote:
> We talked about the problems associated with the Copyright decision  
> recently
> handed down, and talked about how long ISPs would be safe for. I  
> outlined
> the function of the Australian Protected Network proposal which I  
> have waxed
> lyrical to various governments and folks about... He confirmed my  
> belief
> that once the APN is installed, the issue becomes moot. ISPs or  
> Copyright
> protection people can advise the APN of internet locations which are  
> hosts
> responsible for this activity. Once the ISP has ensured that the  
> Protected
> Network is _available_ to any user, and has ensured that the APN has  
> been
> advised of any hosts causing problems, the ISP has done all he can.  
> If the
> user is a member who blocks that particular location, then he too is  
> safe.
> However if he doesn't choose to block that material, he alone is  
> vulnerable
> to action from copyright protection groups. Not the ISP. The issue  
> goes to
> exactly where it should be, between the copyright holders and the  
> people
> accessing those copyright materials...
>
> Note that one of the tenets of the APN is that people are  
> "Encouraged" to
> use its features. Not hit over the head with a hammer. ISPs would be
> required to provide access to the APN functions, but NOT required to  
> force
> them to use it. There are simply so many wonderful ways to get  
> people using
> the APN. We DON'T need to make it mandatory. It will be something  
> they WANT
> to use. It has real benefits.
>
> Forcibly blocking a thousand, or even ten thousand URLs; does not...  
> It is
> counter-productive and confrontational. Let's work together and  
> build a
> safer internet, not a walled garden. Surely there must be someone  
> out there
> in "Link Land" who can help me get this to the people who actually  
> make
> these decisions.



I went to your website or should I say web page.  It is a rather wide  
page that doesn't really say anything or go anywhere.  I read your  
submission pdf.  Not a lot of technical detail really.  Perhaps you  
could explain what it is you're trying to do?  Give people a  
firewall?  A firewall they control?  Ordinary users?  Can opt in or  
out of whatever they want?  And this is different from when grandma  
gets asked a weird question by ZoneAlarm that even an IT professional  
might not be able to answer, how?  A firewall which is connected to  
your servers and database?  And some kind of privileged communication  
between users' firewalls and your servers?


And finally from slashdot:
Your post advocates a

(X) technical ( ) legislative ( ) market-based ( ) vigilante (X)  
marketing

approach to fighting spam and internet nasties. Your idea will not  
work. Here is why it won't work. (One or more of the following may  
apply to your particular idea, and it may have other flaws.)

( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
(X) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
( ) We'll just be stuck with it
( ) Users of email will not put up with it
(X) Users of the internet will not put up with it
(X) Users of the internet will not understand it
( ) Microsoft will not put up with it
(X) The police will not put up with it
(X) The government will not put up with it
( ) Requires too much cooperation from spammers
(X) Requires immediate total cooperation from everybody at once
(X) Many internet users cannot afford to lose business or alienate  
potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business

Specifically, your plan fails to account for

(X) Evil packets don't always have the evil packet bit set.

( ) Laws expressly prohibiting it

(X) Lack of centrally controlling authority for the internet
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email  
addresses
(X) Asshats
(X) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
(X) Susceptibility of protocols other than HTTP and SMTP to attack
( ) Willingness of users to install OS patches received by email
(X) Armies of worm riddled broadband-connected Windows boxes
(X) Eternal arms race involved in all filtering approaches
(X) Extreme profitability of spam
(X) Extreme profitability of malware
( ) Joe jobs and/or identity theft
(X) Technically illiterate politicians
(X) Extreme stupidity on the part of people who do business with  
spammers and malware
(X) Dishonesty on the part of spammers and malware controllers  
themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook

and the following philosophical objections may also apply:

(X) Ideas similar to yours are easy to come up with, yet none have ever
been shown practical
( ) Any scheme based on opt-out is unacceptable
(X) Any scheme based on opt-in is unacceptable
( ) SMTP headers should not be the subject of legislation
(X) Blacklists suck
(X) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
( ) Countermeasures must work if phased in gradually
( ) Sending email should be free
(X) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
(X) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough

Furthermore, this is what I think about you:

(X) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn  
your
house down!


-- 
Kim Holburn
IT Network & Security Consultant
T: +61 2 61402408  M: +61 404072753
mailto:kim at holburn.net  aim://kimholburn
skype://kholburn - PGP Public Key on request












More information about the Link mailing list