Firewalls set to become illegal in many states (Clueless legislator alert)

The Inquirer ^ | 3/28/2003 | The Inquirer

[stimpyone]

Firewalls set to become illegal in many American states Legislation by the ignorant

By Staff at the Newsdesk: Friday 28 March 2003, 13:21

AN INTERESTING PIECE of news has surfaced that will have sys admins fainting in disbelief. Eight states have put forward bills that would have a devastating effect on network security and even networks themselves if they come to pass. The wording in the bills is dumb enough that firewalls could become illegal.

The news about the bills was brought to our attention by Edward Felten, more famous for having a go at a different Bill. The states in question are Texas, Massachusetts, South Carolina, Florida, Georgia, Alaska, Tennessee and Colorado. The proposed legislation is intended to extend the much loathed Digital Millennium Copyright Act (DMCA).

Felten is definitely used to legal issues, having presented evidence against Microsoft in the antitrust trial. According to his news article on Freedom to Tinker, the various states bills all require the banning the use of any technology that conceals "the existence or place of origin or destination of any communication." It doesn't take much to think that firewalls, routers, network address translators and many other pieces of standard kit all do exactly that. Unless the bills are radically changed, the Internet could effectively become useless in those states.

The wording in the bills is almost certain to change once the correct pressure is applied but it just goes to show what happens when you leave legislators to their own devices. You can find Felten's full article here. It includes links to the text of three different states' proposed legislation. µ

[TechJunkYard]

Some spam, although not much, still originates in the US. Forged headers and spoofed IPs increases the difficulty of tracking it down. I don't think any LAWS currently address this. True, it wouldn't do anything against foreign spam.

Most people who install firewalls and NAT routers do so without the intention of commiting fraud. Those who do allow their friends and neighbors to freeload would run afoul of their provider's TOS, but these bills would also make that a criminal offense.

DDoS networks, which are usually intended to hide the controller's address, would also be outlawed. And that's a good thing.

Anti-spyware and personal firewalls do not attempt to conceal or circumvent anything; they're intended to block communications which could be harmful to the user's equipment. Even a NAT router, which might "hide" the fact that you're using five computers on your broadband connection, is not concealing "the existence or place of origin or destination of any communication", as your public IP address is still on every packet you transmit. There is a method for counting the number of computers behind a NAT router, if an ISP really wants to be that petty.

But, IMHO, this would not make firewalls illegal. Everybody uses them, and I wouldn't think these states would really want to shut down the Internet by being so stupid.

[Cicero]

As it happens, I use AdAware to block popup ads and ad banners. If you choose, you can also use it to change your apparent IP address. I tried it out (out of curiosity) and found that spoofing the IP address seems to slow the browser and make it unstable. In any case, my chief interest in using a firewall is to block hackers from accessing my computer. I don't mind if web sites see my IP address, as long as they don't use it to put spyware into my computer.

[Spyder]

Oooookay... then how are they going to enforce the monster that now is HIPAA, REQUIRING firewalls to protect patient information...?

[RightOnTheLeftCoast]

Note a firewall is built into Windows XP.

Finally! Someone has made Windows illegal!

[FreedomPoster]

Passing legislation that contradicts other legislation has rarely slowed legislatures from running full speed into absurdity.

[Spyder]

Passing legislation that contradicts other legislation has rarely slowed legislatures from running full speed into absurdity.

You are soooo right, unfortunately. I still think every legislator should actually be forced to read and COMPLY with every single bill they sign off on.

[jriemer]

All your firewalls are belong to us.

this is not the time to make jokes this is series

Nope, it's parallel.

[Lx]

Damn! Second time in two days someone beat me to it.

Psst hey man, I think the guy around the corner's got the good stuff man, PIX, Raptor and Checkpoint, he's got the stash but it'll cost ya...

[Malsua]

Uhm,

Question, if my IP is concealed, how are they going to know that I'm running a firewall?

I guess that my Ninja IP address in the black pajamas is out there sneaking around the internet and it's not traceable.

/*rolleyes*/

(Among other things, I've been in IT for 18 years now as well as a client server C++ programmer, if you examine any IP packet, even a computer behind a NAT is 100% identifiable)

[gitmo]

the various states bills all require the banning the use of any technology that conceals "the existence or place of origin or destination of any communication."

Wouldn't this would also ban blocking caller-id, sending mail without a return address, using anonymous email (like hotmail), and forums that hide the posters' identities ???