Open Relay == Bad? (Was Re: [oclug] Rogers sucks)

Sun Mar 10 16:18:23 EST 2002

On Sun, Mar 10, 2002 at 10:39:29AM -0500, Brad Barnett wrote:

> This isn't taken as a poke at you Kevin, but next time please read my
> whole message first _then_ respond to points as you see fit. ;)  You've
> nicely responded to every paragraph I've written, but taken those
> paragraphs out of context, separate from the whole.

No problem about the potential poke <g> ... I did in fact read your
entire message first, but with the exception of the last paragraph you
seemed to be discussing the opposing point of view (which I felt the
need to discuss in more detail).  It seemed an odd about-face, but I
thought it was worthy of discussion, anyway.

> Anyhow, my entire point in the previous email was that laws are there for
> a reason and if it isn't illegal, the ISP shouldn't be restricting your
> service.  You seem to support this as you indicate in your reply. 
> Anything else is a form of mob rule, enacted by self appointed vigilantes.
>  When addressing the point of legislation and spam, I was trying to get at
> the following : 
> 
> 1) eventually laws will be passed to outlaw or control spam.  These laws
> may make an open relay illegal, and hopefully will.

I don't believe that laws should make open relays illegal... They
should (if such a thing were to exist) make spamming illegal.  Laws
should (in my view at least) be about the act itself, and not
something that may sometimes be conducive to the act.

> 2) Anyone  _needs_ to be liable if they provide an open relay for these
> people, however ONLY if the law stipulates so.  That means that if the ISP
> has a misconfigured relay, it can be sued and found liable, especially if
> negligence is shown.

If maintaining an open relay was illegal (again, a sad state of
affairs), then the owner of the illegal entity should be held liable,
otherwise the law is not very useful (and probably in the wrong).

> 3) The same needs to be true of software authors/vendors.  If they have
> huge gaping holes and bugs that cause their software to perform outside of
> the law, they need to be liable.  

That depends on the use that the software is put.  For instance, say
that I write a small program, and license it with the GPL so that
anyone can use it for any purpose (as long as they give out the
source, of course).  Someone comes along, picks that up and uses it in
a way that I had never thought of (controlling a train, say), and the
software malfunctions (I didn't notice a buffer overflow, at least not
in the version they picked up).  Say that malfunction caused someone
to die.  Should I be held accountable for manslaughter?  If that was
so, then I think we would quickly see an end to sharing code. 

Or, on a more recent note, say I write a program which allows ebooks
to be read aloud to people.  This (legal) ability has the side effect
of allowing illegal activity (copying of the book).  Should I be
arrested and thrown in jail without a trial if I set foot on US soil
for allowing the circumvention of a form of copy protection?  Sounds
like a dangerous position to be taking.

Kevin.