“Digital Economy Bill” = Internet Disconnection Bill

It’s very rare that I’ll inflict my political views on people by e-mail, however, this has recently come up, and I wanted to make sure that you understand what this newly proposed law could mean to you. It’s only relevant to people in the UK, to ex-pats or Armed Forces people, so if you want to forward it on – please do, but please think before you forward, and don’t just blanket send it to everyone.

** If you don’t want to read all of the below, then I’d encourage you instead to have a look at http://www.dontdisconnect.us/ **

In the Queen’s Speech [1] when parliament was opened for the 2009-10 session, the following was said:

“My Government will introduce a Bill to ensure the communications infrastructure is fit for the digital age, supports future economic growth, delivers competitive communications and enhances public service broadcasting.”

The bill referred to is the “Digital Economy Bill”, which is due to be introduced to Parliament this or next week, and it’s caused a lot of fuss with us Technophiles.

Essentially, this bill allows “Rights Holders” (for example, Music Labels, Film Studios and Television Networks) to contact your ISP and insist that they issue you with a formal notice if they *believe* you to be unlawfully sharing their content on the internet. After “a certain threshold” the government has suggested [2] that it would be acceptable to temporarily disconnect you from the Internet. A law similar to this one was recently introduced in France, which insists on disconnection after 3 warnings.

Now, again, this seems fair, if you can’t do the “time”, don’t do the crime… but, how do they actually know it’s you? Because of certain technical limitations of the Internet, everyone sharing a single internet connection (for example in a house, at an office or a internet café) will appear to come from the same internet address, and this will cause you problems in this law, because:

If you let someone use your computer to access the Internet, and they unlawfully download some files, then the bill payer will be
blamed.

If you have a Wi-Fi connection which is not properly secured [3], and someone uses that connection to share a file they’ve downloaded,
again, the bill payer will be blamed.

* How about if your computer gets infected by malicious software (spyware, becomes a member of a botnet, or worse still, is actively hacked) and they use that as an untraceable machine to download their content – again, the bill payer is blamed.

My other worry is that none of this goes in front of a court of law – this all occurs between the ISP and Rights Holders, so if you get disconnected, it will happen without any judicial oversight and the prosecution’s burden of proof is never required… someone (usually outside the UK) will accuse you of breaking the law and you will then get disconnected from the Internet. To me, that hardly seems very fair.

There’s a petition [4] against this law which is currently available to be signed (provided you live within the UK, you are an ex-pat or are a member of the Armed Forces), and, if you agree that it isn’t fair, I would strongly encourage you to write to your MP [5]. If you do decide to write to them, please review the content at the Don’t Disconnect Us website [6] and review some of the letters which have already been written [7] [8] as this e-mailing service will remove duplicate e-mails so if you just copy the content it’ll never get to your MP.

Thank you for your time. The links I have referred to above, labelled [x] are listed below if you want to read them.

[1] Queen’s Speech: http://www.number10.gov.uk/Page21361
[2] Stephen Timms defends the Digital Economy Bill: http://www.guardian.co.uk/media/2009/nov/20/digital-economy-bill-stephen-timms
[3] Ways to secure your WiFi connection: http://www.dontdisconnect.us/secure-your-wireless/
[4] The petition against the Digital Economy Bill: http://petitions.number10.gov.uk/dontdisconnectus/
[5] You can contact your MP via e-mail at this website: http://www.writetothem.com/
[6] Don’t Disconnect Us official website: http://www.dontdisconnect.us/
[7] A letter I wrote to my MP: http://jonspriggs.posterous.com/a-letter-to-my-mp-threestrikes
[8] A letter written by someone else to their MP about this law: http://grahambinns.com/blog/2009/11/24/digital-economy-bollocks/

[Politics] “Digital Economy Bill” = Internet Disconnection Bill

It’s very rare that I’ll inflict my political views on people by
e-mail, however, this has recently come up, and I wanted to make sure
that you understand what this newly proposed law could mean to you.
It’s only relevant to people in the UK, to ex-pats or Armed Forces
people, so if you want to forward it on – please do, but please think
before you forward, and don’t just blanket send it to everyone.

** If you don’t want to read all of the below, then I’d encourage you
instead to have a look at http://www.dontdisconnect.us/ **

In the Queen’s Speech [1] when parliament was opened for the 2009-10
session, the following was said:

“My Government will introduce a Bill to ensure the communications
infrastructure is fit for the digital age, supports future economic
growth, delivers competitive communications and enhances public
service broadcasting.”

The bill referred to is the “Digital Economy Bill”, which is due to be
introduced to Parliament this or next week, and it’s caused a lot of
fuss with us Technophiles.

Essentially, this bill allows “Rights Holders” (for example, Music
Labels, Film Studios and Television Networks) to contact your ISP and
insist that they issue you with a formal notice if they *believe* you
to be unlawfully sharing their content on the internet. After “a
certain threshold” the government has suggested [2] that it would be
acceptable to temporarily disconnect you from the Internet. A law
similar to this one was recently introduced in France, which insists
on disconnection after 3 warnings.

Now, again, this seems fair, if you can’t do the “time”, don’t do the
crime… but, how do they actually know it’s you? Because of certain
technical limitations of the Internet, everyone sharing a single
internet connection (for example in a house, at an office or a
internet café) will appear to come from the same internet address, and
this will cause you problems in this law, because:

* If you let someone use your computer to access the Internet, and
they unlawfully download some files, then the bill payer will be
blamed.
* If you have a Wi-Fi connection which is not properly secured [3],
and someone uses that connection to share a file they’ve downloaded,
again, the bill payer will be blamed.
* How about if your computer gets infected by malicious software
(spyware, becomes a member of a botnet, or worse still, is actively
hacked) and they use that as an untraceable machine to download their
content – again, the bill payer is blamed.

My other worry is that none of this goes in front of a court of law –
this all occurs between the ISP and Rights Holders, so if you get
disconnected, it will happen without any judicial oversight and the
prosecution’s burden of proof is never required… someone (usually
outside the UK) will accuse you of breaking the law and you will then
get disconnected from the Internet. To me, that hardly seems very
fair.

There’s a petition [4] against this law which is currently available
to be signed (provided you live within the UK, you are an ex-pat or
are a member of the Armed Forces), and, if you agree that it isn’t
fair, I would strongly encourage you to write to your MP [5]. If you
do decide to write to them, please review the content at the Don’t
Disconnect Us website [6] and review some of the letters which have
already been written [7] [8] as this e-mailing service will remove
duplicate e-mails so if you just copy the content it’ll never get to
your MP.

Thank you for your time. The links I have referred to above, labelled
[x] are listed below if you want to read them.

[1] Queen’s Speech: http://www.number10.gov.uk/Page21361
[2] Stephen Timms defends the Digital Economy Bill:
http://www.guardian.co.uk/media/2009/nov/20/digital-economy-bill-stephen-timms
[3] Ways to secure your WiFi connection:
http://www.dontdisconnect.us/secure-your-wireless/
[4] The petition against the Digital Economy Bill:
http://petitions.number10.gov.uk/dontdisconnectus/
[5] You can contact your MP via e-mail at this website:
http://www.writetothem.com/
[6] Don’t Disconnect Us official website: http://www.dontdisconnect.us/
[7] A letter I wrote to my MP:
http://jonspriggs.posterous.com/a-letter-to-my-mp-threestrikes
[8] A letter written by someone else to their MP about this law:
http://grahambinns.com/blog/2009/11/24/digital-economy-bollocks/

Posted via email from Jon’s posterous

A letter to my MP

Dear Andrew Gwynne,

I’m writing to you, as my MP, to ask for your support, to try to discourage the implementation of the Digital Economy Bill that was introduced recently.

This proposal is very worrying to me, as a Free Culture (Open Source Software and Creative Commons) Contributor and activist. A large part of the distribution of this Free Culture Content is performed over peer to peer networks, such as BitTorrent, and it appears that this law is trying (in part) to discourage the use of peer to peer networks, on the grounds that they may be used to unlawfully transfer files.

I also worry that during discussions of this law between Stephen Timms (Treasury Secretary) and The Guardian newspaper, he suggested that a temporary account suspension from one’s ISP would be an acceptable movement without any judicial overview. Given that Finland has recently recognised Internet Access is now such a fundamental part of our day-to-day lives that they are classing it as a Human Right, I worry that this movement could effectively prevent many of your constituents from being active in society.

I’ve also noticed that many ISPs and most of the policing and intelligence services have stated they disagree with the recommendations of this bill (for a variety of different reasons), I would be grateful if you could support their position and reject this bill in it’s current state, if you are able, when it is presented.

Yours sincerely,

Jonathan Spriggs

A letter to my MP #threestrikes

Dear Andrew Gwynne,

I’m writing to you, as my MP, to ask for your support, to try to
discourage the implementation of the Digital Economy Bill that was
introduced recently.

This proposal is very worrying to me, as a Free Culture (Open Source
Software and Creative Commons) Contributor and activist. A large part
of the distribution of this Free Culture Content is performed over
peer to peer networks, such as BitTorrent, and it appears that this
law is trying (in part) to discourage the use of peer to peer
networks, on the grounds that they may be used to unlawfully transfer
files.

I also worry that during discussions of this law between Stephen Timms
(Treasury Secretary) and The Guardian newspaper, he suggested that a
temporary account suspension from one’s ISP would be an acceptable
movement without any judicial overview. Given that Finland has
recently recognised Internet Access is now such a fundamental part of
our day-to-day lives that they are classing it as a Human Right, I
worry that this movement could effectively prevent many of your
constituents from being active in society.

I’ve also noticed that many ISPs and most of the policing and
intelligence services have stated they disagree with the
recommendations of this bill (for a variety of different reasons), I
would be grateful if you could support their position and reject this
bill in it’s current state, if you are able, when it is presented.

Yours sincerely,

Jonathan Spriggs

Posted via email from Jon’s posterous

Locally Monitoring Interfaces on Nokia Firewalls (and – by a link – McAfee Sidewinders) for Failover

I recently wrote a document on http://jon.spriggs.org.uk/blog explaining how to monitor the interface of a McAfee sidewinder to see when it failed over. I don’t know why I didn’t write it on Posterous, but if you’re following me on Posterous, and you think that you might want to know how to use Perl to repeatedly loop over the same command, and show the results with a date stamp underneath it (a bit like the watch command) then you’ll find this page really useful. In the mean time, I’ve also written the same script for the CSH shell, which is used, amongst other places, on Nokia Firewalls.

Introduction

One of our requirements with one of our customers is to perform regular and routine failover tests. As the interface is not responsive to providing information about when service has failed from Primary to Secondary and back again, I re-wrote the script I adjusted for McAfee Sidewinders to run on the SECONDARY NODE to show the interface address of one NIC every 5 seconds. I’ll also show how to slightly modify the script with different time delays and interface names. Please note, there may be much better ways of doing this. I needed something in a hurry, and this gave me what I needed. If you’ve got any better ideas, please drop me a note at jon@spriggs.org.uk or note below how to do it :)

Steps to perform

  1. SSH to the Secondary node.
  2. Check you’re not already primary with the command ifconfig eth-s1p1c0 | grep inet this should return one line showing something like inet mtu 1500 1.2.3.4/24 broadcast 1.2.3.255
  3. Type this
    while (-e /bin/csh)
    ifconfig eth-s1p1c0 | grep inet
    date
    sleep 5
    end
  4. Perform your action to provoke fail-over, which may be to unplug an interface attached to the primary firewall, reboot the firewall or unplug a switch directly attached to the firewall. In response (and after approx 1 minute, based on your HA configuration) you should now see in the script’s output, it now shows two lines (or maybe three) – as follows:

    inet mtu 1500
    inet 1.2.3.4/24 broadcast 1.2.3.255
    inet 1.2.3.5/24 broadcast 1.2.3.255
    vrrpmac 0:0:aa:bb:cc:dd
  5. Perform your failback and after 1 minute or so, it should revert to just the single line – 1.2.3.4 or equivelent for your network.
Tweaks

In the bold section above, replace the interface name identified (here it’s eth-s1p1c0) with an interface you know will fail over, you can also make bigger or smaller the sleep command – here it’s 5 seconds, but there’s probably no reason why it couldn’t be 1 or 10.

Locally Monitoring Interfaces on Nokia Firewalls (and – by a link – McAfee Sidewinders) for Failover

I recently wrote a document on http://jon.spriggs.org.uk/blog explaining how to monitor the interface of a McAfee sidewinder to see when it failed over. I don’t know why I didn’t write it on Posterous, but if you’re following me on Posterous, and you think that you might want to know how to use Perl to repeatedly loop over the same command, and show the results with a date stamp underneath it (a bit like the watch command) then you’ll find this page really useful. In the mean time, I’ve also written the same script for the CSH shell, which is used, amongst other places, on Nokia Firewalls.

Introduction

One of our requirements with one of our customers is to perform regular and routine failover tests. As the interface is not responsive to providing information about when service has failed from Primary to Secondary and back again, I re-wrote the script I adjusted for McAfee Sidewinders to run on the SECONDARY NODE to show the interface address of one NIC every 5 seconds. I’ll also show how to slightly modify the script with different time delays and interface names. Please note, there may be much better ways of doing this. I needed something in a hurry, and this gave me what I needed. If you’ve got any better ideas, please drop me a note at jon@spriggs.org.uk or note below how to do it :)

Steps to perform

  1. SSH to the Secondary node.
  2. Check you’re not already primary with the command ifconfig eth-s1p1c0 | grep inet this should return one line showing something like inet mtu 1500 1.2.3.4/24 broadcast 1.2.3.255
  3. Type this
    while (-e /bin/csh)
    ifconfig eth-s1p1c0 | grep inet
    date
    sleep 5
    end
  4. Perform your action to provoke fail-over, which may be to unplug an interface attached to the primary firewall, reboot the firewall or unplug a switch directly attached to the firewall. In response (and after approx 1 minute, based on your HA configuration) you should now see in the script’s output, it now shows two lines (or maybe three) – as follows:

    inet mtu 1500
    inet 1.2.3.4/24 broadcast 1.2.3.255
    inet 1.2.3.5/24 broadcast 1.2.3.255
    vrrpmac 0:0:aa:bb:cc:dd
  5. Perform your failback and after 1 minute or so, it should revert to just the single line – 1.2.3.4 or equivelent for your network.
Tweaks

In the bold section above, replace the interface name identified (here it’s eth-s1p1c0) with an interface you know will fail over, you can also make bigger or smaller the sleep command – here it’s 5 seconds, but there’s probably no reason why it couldn’t be 1 or 10.

Posted via web from Jon’s posterous

Supporting multiple machines in GNOME using VNC

I was recently asked how to configure VNC for user support across a series of machines running GNOME. I’m in the process of trying out a few different platforms at the moment, and didn’t have my GNOME machine to hand and working right, so I decided to work it out from what I’ve done in the past. Here’s the bulk of the e-mail I sent him to try and help him out. Maybe this will help you at some point.

If you find any errors (especially around the option names in the actual dialogue boxes) please post a note so I can correct this!

Thanks!

On most GNOME based systems (which includes Fedora), you can active “Remote Desktop Sharing” for users.

Go to System -> Preferences -> Remote Desktop Sharing (or something similar). I’m afraid I’ve just recently moved my systems to KDE, so I don’t know the exact options, but I believe it’ll say something like “Enable remote connections” (tick that), and “User is prompted to permit connection” (this will be down to policy) and “Remote user needs to enter a password” (this will need some text to be entered).

Once you have these for one system, you can automatically set this for all the other computers.

From the command line, type
  gconftool-2 -R /desktop/gnome/remote_access

This will return all the settings you have made. Here’s mine:

 view_only = false                                         
 alternative_port = 5900                                   
 prompt_enabled = false                                    
 icon_visibility = client                                  
 lock_screen_on_disconnect = false                         
 disable_xdamage = false                                   
 mailto =                                                  
 use_alternative_port = false                              
 enabled = true                                            
 disable_background = false                                
 network_interface =                                       
 require_encryption = false                                
 authentication_methods = [vnc]                            
 vnc_password = &&&&&&&&&&&&                               
 use_upnp = false

(I’ve removed the password for my box)

You can use this gconftool to set the same variables on your computers you’ve already deployed, either per-user, as a default policy for each machine, or as a mandatory policy for each machine.

This article from Sun’s GNOME configuration guide explains how to set variables: http://docs.sun.com/app/docs/doc/806-6878/6jfpqt2t5?a=view while this is an overview of all of the GNOME configuration tool (including that article): http://docs.sun.com/app/docs/doc/806-6878/6jfpqt2sv?a=view and lastly, this is how “Vino” the VNC client for GNOME works: http://www.gnome.org/~markmc/remote-desktop.html

I hope this helps you!

Supporting multiple machines in GNOME using VNC

I was recently asked how to configure VNC for user support across a series of machines running GNOME. I’m in the process of trying out a few different platforms at the moment, and didn’t have my GNOME machine to hand and working right, so I decided to work it out from what I’ve done in the past. Here’s the bulk of the e-mail I sent him to try and help him out. Maybe this will help you at some point.

If you find any errors (especially around the option names in the actual dialogue boxes) please post a note so I can correct this!

Thanks!

On most GNOME based systems (which includes Fedora), you can active “Remote Desktop Sharing” for users.

Go to System -> Preferences -> Remote Desktop Sharing (or something similar). I’m afraid I’ve just recently moved my systems to KDE, so I don’t know the exact options, but I believe it’ll say something like “Enable remote connections” (tick that), and “User is prompted to permit connection” (this will be down to policy) and “Remote user needs to enter a password” (this will need some text to be entered).

Once you have these for one system, you can automatically set this for all the other computers.

From the command line, type
  gconftool-2 -R /desktop/gnome/remote_access

This will return all the settings you have made. Here’s mine:

 view_only = false                                         
 alternative_port = 5900                                   
 prompt_enabled = false                                    
 icon_visibility = client                                  
 lock_screen_on_disconnect = false                         
 disable_xdamage = false                                   
 mailto =                                                  
 use_alternative_port = false                              
 enabled = true                                            
 disable_background = false                                
 network_interface =                                       
 require_encryption = false                                
 authentication_methods = [vnc]                            
 vnc_password = &&&&&&&&&&&&                               
 use_upnp = false

(I’ve removed the password for my box)

You can use this gconftool to set the same variables on your computers you’ve already deployed, either per-user, as a default policy for each machine, or as a mandatory policy for each machine.

This article from Sun’s GNOME configuration guide explains how to set variables: http://docs.sun.com/app/docs/doc/806-6878/6jfpqt2t5?a=view while this is an overview of all of the GNOME configuration tool (including that article): http://docs.sun.com/app/docs/doc/806-6878/6jfpqt2sv?a=view and lastly, this is how “Vino” the VNC client for GNOME works: http://www.gnome.org/~markmc/remote-desktop.html

I hope this helps you!

Posted via web from Jon’s posterous