[Dshield] Use a firewall, go to jail, and send Bill Gates too

Johannes Ullrich jullrich at euclidian.com
Fri Mar 28 22:47:41 GMT 2003

Well, I just took the time to actually read the MA version of the
draft law. Overall, it doesn't sound as bad as some people think
it is.

/* disclaimer: I am not a lawyer */

Essentially, the intent of the law is to outlaw devices that can 
be used to defraud telecom providers (phone companies/ISPs).

If you have a cable modem, and use a NAT firewall to setup service
for your neighborhood, you violate this law, or if you have a metered
service, and you are bouncing your traffic off the router of your 
neighbor to have the ISP bill them instead of you, your are running into
this law.

The paragraphs that I think caught some of the attention:

(ii) to conceal or to assist another to conceal from any communication service provider, or from any lawful authority, the existence or place of origin or destination of any communication; 

Well, if you spoof some other users MAC address, or hack some other
users modem to reroute your own traffic to make it look like it comes
from this other user, I think it should be illegal. I do not think this
covers using an 'anonymizer', as your ISP will still know that you
generated the traffic, and the ISP can still bill you for it.


(1) possesses, uses, [...]

(i) for the commission of a theft of a communication service or to receive, intercept, [..] decrypt [..] any communication service without the express consent or express authorization of the communication service provider; 


well, again, if you get yourself the latest 128 bit RSA cracker, and use
it to listen in on your neighbors, it should be illegal. This does not 
outlaw VPNs. 


jullrich at euclidian.com             Collaborative Intrusion Detection
                                         join http://www.dshield.org

More information about the list mailing list