1993-01-14 - Re: anonymous service shutdown (pax)

Header Data

From: Marc Horowitz <marc@MIT.EDU>
To: Hal <74076.1041@CompuServe.COM>
Message Hash: df3dcd3b1419577cb51b9dc1de5ed0d639654544b0baf5dcbff1cc2c2222afbb
Message ID: <9301142348.AA00333@TLA.MIT.EDU>
Reply To: <930114200748_74076.1041_DHJ54-2@CompuServe.COM>
UTC Datetime: 1993-01-14 23:49:51 UTC
Raw Date: Thu, 14 Jan 93 15:49:51 PST

Raw message

From: Marc Horowitz <marc@MIT.EDU>
Date: Thu, 14 Jan 93 15:49:51 PST
To: Hal <74076.1041@CompuServe.COM>
Subject: Re: anonymous service shutdown (pax)
In-Reply-To: <930114200748_74076.1041_DHJ54-2@CompuServe.COM>
Message-ID: <9301142348.AA00333@TLA.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain

>> I agree that the PAX shutdown is an ominous development.  Nobody's
>> internet access is perfectly free from the kinds of pressures that were
>> brought against PAX.  What steps can we take to keep the same thing from
>> happening to us?

There's one very obvious thing, but it costs money (the real kind, not
the stuff we've been playing with).  Someone needs to *buy* a
connection to the *commercial* internet and put an anonymous remailer
where the NSF can't touch it.

NEARnet recently signed an agreement with ANS and CIX to use ANS as a
pipe between it and the CIX (note the lack of *any* government
involvement here).  If I understand this development correctly, this
means a site on NEARnet with the Commercial Routing Service (it costs
extra, numbers on request) can, I think, send packets anywhere without
crossing the NSFnet.  ANS simply leases bandwidth to the NSF.  Most
backbone bits cross this leased bandwidth, but now, it is possible to
buy access to this *privately* owned network.  Now, who has $16k
annually (that's the number, I have a quote on my desk) to sink into
the connection?  Are we serious enough about this to form some sort of
corporation (with legal ties that bind, and identify) to maybe set
this up?  There's enough people on this list to make this sort of
thing cost < $10/month each if *everyone* participated.

Of course, if we did this, we'd have to make it quite clear what we
were planning on doing.  Use of PGP makes this hard.  A company set up
for the purpose of making PGP easier to use would arouse the Wrath of
RSA really quickly.  FYI, the NEARnet AUP:

NEARnet Primary Goals

NEARnet, the New England Academic and Research Network, has been
established to enhance educational and research activities in New
England, and to promode access to regional and national innovation and
competitiveness.  NEARnet provides access to regional and national
resources to its Members, and access to regional resources from
organizations throughout the United States and the world.

NEARnet Acceptable Use Policy

1. All use of NEARnet must be consistent with NEARnet's primary goals.

2. It is not acceptable to use NEARnet for illegal purposes.

3. It is not acceptable to use NEARnet to transmit threatening,
obscene, or harassing materials.

4. It is not acceptable to use NEARnet so as to interfere with or
disrupt network users, services or equipment.  Disruptions include,
but are not limited to, distribution of unsolicited advertizing,
propagation of computer worms and viruses, and using the network to
make unauthorized entry to any other machine accessible via the

5. It is assumed that information and resources accessible via NEARnet
are private to the individuals and organizations which own or hold
rights to those resources and information unless specifically stated
otherwise by the owners or holders of rights.  It is therefore not
acceptable for an individual to use NEARnet to access information or
resources unless permission to do so has been granted by the owners or
holders of rights to those resources or information.

Violation of Policy

NEARnet will review alleged violations of Acceptable Used Policy on a
case-by-case basis.  Clear violations of policy which are not promptly
remedied by Member organization may result in termination of NEARnet
Membership and network services to Member.

It seems to me that the user of possibly illegal software like PGP
could be considered a violation of rule 2.  The whole issue of
anonymous harassing email brings up rule 3.  I've send mail to one of
the NEARnet discussion lists asking how encryption and anonymity
affects the interpretation of rule 3.