[bitfolk] The perils of opening tcp/22 to the Internet

Top Page
This message is part of the following thread:
M++----++++++------+--++++\the complete thread tree sorted by date
MMM---\MMMMMM--++-\M..MMMMM 
.MM++\M.....M+\MM.MM+\James Gregory at ->

Reply to this message
Author: Andy Smith
Date:  
Subject: [bitfolk] The perils of opening tcp/22 to the Internet
st
List-Id: Users of BitFolk hosting <users.lists.bitfolk.com>
List-Unsubscribe: <https://lists.bitfolk.com/mailman/options/users>,
    <mailto:users-request@lists.bitfolk.com?subject=unsubscribe>
List-Archive: <http://lists.bitfolk.com/lurker/list/users.html>
List-Post: <mailto:users@lists.bitfolk.com>
List-Help: <mailto:users-request@lists.bitfolk.com?subject=help>
List-Subscribe: <https://lists.bitfolk.com/mailman/listinfo/users>,
    <mailto:users-request@lists.bitfolk.com?subject=subscribe>
X-List-Received-Date: Wed, 03 Aug 2011 13:39:32 -0000


On Mon, Aug 01, 2011 at 09:42:55AM +0000, Andy Smith wrote:
> [...]
> Note that it's entirely possible for there to be specific court
> ordered monitoring in place which a service provider is ordered to
> not discuss.
> [...]

Would a canary such as that employed by rsync.net work or fall foul of
some part of some act?

http://www.rsync.net/resources/notices/canary.txt

Cheers, 

-- 
Iain Lane                                  [ iain@??? ]
Debian Developer                                   [ laney@??? ]
Ubuntu Developer                                   [ laney@??? ]
PhD student                                       [ ial@??? ]



From andy@??? Wed Aug 03 14:33:36 2011
Received: from andy by bitfolk.com with local (Exim 4.72)
    (envelope-from <andy@???>) id 1QocVr-0002dD-Vi
    for users@???; Wed, 03 Aug 2011 14:33:36 +0000
Date: Wed, 3 Aug 2011 14:33:35 +0000
From: Andy Smith <andy@???>
To: users@???
Message-ID: <20110803143335.GP5935@???>
References: <CALdaYd2gF1NZ5jaS08fgu_RzAWSOnL=ecw7KtJ8yTCSsfaDP_g@???>
    <4E366A20.7020708@???>
    <20110801094255.GY5935@???>
    <20110803133914.GB2328@???>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20110803133914.GB2328@???>
OpenPGP: id=BF15490B; url=http://strugglers.net/~andy/pubkey.asc
X-URL: http://strugglers.net/wiki/User:Andy
User-Agent: Mutt/1.5.18 (2008-05-17)
X-Virus-Scanner: Scanned by ClamAV on bitfolk.com at Wed,
    03 Aug 2011 14:33:36 +0000
X-SA-Exim-Connect-IP: <locally generated>
X-SA-Exim-Mail-From: andy@???
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
    spamd3.lon.bitfolk.com
X-Spam-Level: 
X-Spam-ASN: 
X-Spam-Status: No, score=-0.0 required=5.0 tests=NO_RELAYS shortcircuit=no
    autolearn=disabled version=3.3.1
X-Spam-Report: * -0.0 NO_RELAYS Informational: message was not relayed via SMTP
X-SA-Exim-Version: 4.2.1 (built Wed, 25 Jun 2008 17:14:11 +0000)
X-SA-Exim-Scanned: Yes (on bitfolk.com)
Subject: Re: [bitfolk] Digital Economy Act
X-BeenThere: users@???
X-Mailman-Version: 2.1.11
Precedence: list
List-Id: Users of BitFolk hosting <users.lists.bitfolk.com>
List-Unsubscribe: <https://lists.bitfolk.com/mailman/options/users>,
    <mailto:users-request@lists.bitfolk.com?subject=unsubscribe>
List-Archive: <http://lists.bitfolk.com/lurker/list/users.html>
List-Post: <mailto:users@lists.bitfolk.com>
List-Help: <mailto:users-request@lists.bitfolk.com?subject=help>
List-Subscribe: <https://lists.bitfolk.com/mailman/listinfo/users>,
    <mailto:users-request@lists.bitfolk.com?subject=subscribe>
X-List-Received-Date: Wed, 03 Aug 2011 14:33:37 -0000


Hi Iain,

On Wed, Aug 03, 2011 at 02:39:14PM +0100, Iain Lane wrote:
> Would a canary such as that employed by rsync.net work or fall foul of
> some part of some act?
>
> http://www.rsync.net/resources/notices/canary.txt

I became aware of the rsync.net canary in 2009 and towards the end
of 2010 I sought a legal opinion as to its usefulness in UK law,
with a view to possibly making use of it.

The answer I got was:

a) there probably isn't a means for English law to force you to update
the canary, *but*;

b) there doesn't appear to be any guarantee that failing to update
the canary would not be considered breaching any "do not reveal"
clauses of any court orders that had already been received.

At most serious it would likely be down to a judge's opinion.

e.g. a judge *may* decide, "the court order clearly says that the
fact you've been served a court order must not be revealed. You
chose to stop updating your canary with the express purpose of
alerting the subject that an order may affect them, therefore you're
going to be prosecuted."

Now, if I were to make a promise such as that contained within the
rsync.net canary and then were served with a court order, I would
have to take legal advice as to my risks given the particulars of
the order. By this time it would be too late for me to withdraw the
canary without having the same effect as not updating the canary.

If the advice was that I risked being prosecuted, I'd be risking the
service of every customer for the sake of whoever was under
investigation. Or I could continue updating the canary, and safely
lie to customers.

For this reason at this time I'm of the opinion that it's safer not
to make promises (in the form of a canary like rsync.net's) that
either cannot be kept or risk the entire business in keeping them.

The law is heavily based on intent and tricks like the rsync.net
canary can't be relied upon to get around that. Should rsync.net's
canary survive an actual court order that has a non-disclosure
clause then that would be interesting (although still may not set a
precedent in English law).

I would also be very interested in any other service provider
operating under English law who is making use of such a canary, so
we can compare notes.

Cheers,
Andy 


From paul@??? Fri Aug 05 12:23:28 2011
Received: from mailex.mailcore.me ([94.136.40.62])
    by bitfolk.com with esmtp (Exim 4.72)
    (envelope-from <paul@???>) id 1QpJQv-0005c1-1G
    for users@???; Fri, 05 Aug 2011 12:23:28 +0000
Received: from [217.156.134.12] (helo=[192.168.168.86])
    by mail12.atlas.pipex.net with esmtpa (Exim 4.71)
    (envelope-from <paul@???>) id 1QpJQs-0003ku-88
    for users@???; Fri, 05 Aug 2011 13:23:18 +0100
Message-ID: <4E3BE0B3.70308@???>
Date: Fri, 05 Aug 2011 13:23:15 +0100
From: Paul Stimpson <paul@???>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US;
    rv:1.9.2.18) Gecko/20110617 Lightning/1.0b2 Thunderbird/3.1.11
MIME-Version: 1.0
To: users@???
References: <CALdaYd2gF1NZ5jaS08fgu_RzAWSOnL=ecw7KtJ8yTCSsfaDP_g@???>    <4E366A20.7020708@???>    <20110801094255.GY5935@???>    <20110803133914.GB2328@???>
    <20110803143335.GP5935@???>
In-Reply-To: <20110803143335.GP5935@???>
Content-Type: multipart/alternative;
    boundary="------------050902020904090100060504"
X-Mailcore-Auth: 8324857
X-Mailcore-Domain: 844183
X-Virus-Scanner: Scanned by ClamAV on bitfolk.com at Fri,
    05 Aug 2011 12:23:21 +0000
X-SA-Exim-Connect-IP: 94.136.40.62
X-SA-Exim-Mail-From: paul@???
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
    spamd3.lon.bitfolk.com
X-Spam-Level: 
X-Spam-ASN: AS20738 94.136.40.0/24
X-Spam-Status: No, score=-0.1 required=5.0 tests=HTML_MESSAGE,
    RCVD_IN_DNSWL_LOW, RCVD_IN_SORBS_WEB shortcircuit=no autolearn=disabled
    version=3.3.1
X-Spam-Report: *  0.6 RCVD_IN_SORBS_WEB RBL: SORBS: sender is an abusable web server
    *      [217.156.134.12 listed in dnsbl.sorbs.net]
    * -0.7 RCVD_IN_DNSWL_LOW
This message was posted to the following mailing lists:
users
Mailing List Info | Nearby Messages		<-Re: [bitfolk] Package updates on Ubuntu boxes[bitfolk] Remote syslog?->
Bitfolk Mailing List Archive administrated by List AdminLurker (version 2.3)