An Anonymous Coward writes:
Is it just me or have ISP (Internet Service Provider) terms and conditions gotten a lot more one-sided about what you can't do and what they can do?
I was considering switching to the new Vodafone Connect broadband and phone service as there are some nice discounts for existing Vodafone customers (and I've had enough of BT's high prices for FTTC) but reading through the text of their Acceptable Use Policy (AUP) has caused me to think again. I'm sure a lot of the text in the agreement is fairly standard, and to be honest it's been a while since I switched providers, but some of these terms seem rather overreaching. For example:
2.7. You must not use the Vodafone Connect Services to access, download, send, receive, store, distribute, transmit, upload or in any way deal with material or data that we deem:
i. to be offensive, threatening, defamatory, racist, abusive, harassing, invasive of privacy, obscene, harmful, indecent or menacing;
Those words cover one hell of a lot of territory... sorry, did you deem my use of the "H" word offensive? What if I'm in a private chat with a friend and he calls me a "####" so I tell him to "#### off"? Use your imagination, we could be covering offensive, abusive, obscene and indecent right there (if not more).
Further on there's a section titled "Actions we may take" (where "we" is Vodafone) and this one really got my attention:
[More after the break...]
4.1. We may, at our sole discretion, run manual or automatic systems and monitoring in order to ensure that you remain compliant with the terms of this AUP at all times (for example we may scan for open mail relays, or open proxy servers). By accessing the internet via our Vodafone Connect Services you are deemed to have granted us permission to access and monitor your computer systems and networks.
So just by using their service I've given permission for them to access and monitor all my systems and networks! Well, given that they bought Cable & Wireless they do have a history of working closely within the surveillance system. Funny though, that they deem it acceptable to "access and monitor" my systems when earlier in the AUP it states:
2.11. Without the explicit permission of the relevant operators you may not run "scanning" software which accesses remote machines, networks or other computer systems.
Of course, they've got the usual "we can change this document at any time without explicitly telling you, and continuing use of the service means you agreed to any new conditions we've set" (See section 1.3) and finally you better not ever get a virus (goodbye Windows users):
2.13.You must ensure that your computer systems and network are not configured in such a way that others are able to exploit them in order to disrupt the internet or any other third party network. This includes but is not limited to ensuring that your network cannot be exploited as an open mail relay, open proxy server, or as a component of a wider network used in denial, or distributed denial of service attacks by third parties.
Condition 2.13 seems reasonable, but the rest is totally unacceptable.
Why not go for one of the smaller ISPs? They are not so fussy, and generally under the government radar anyway.
2.13 effectively bans Windows, which is fine, but as for the rest, switching ISPs is not an option for most people. In the US, there is usually a local monopoly by one ISP or the other. Sometimes down to a neighborhood by neighborhood level.
In the US, there is usually a local monopoly by one ISP or the other. Sometimes down to a neighborhood by neighborhood level.
How is that "freedom" of yours working out.!?
Great if you're a corporation.
canopicjug wrote :-
2.13 effectively bans Windows
I don't think Windows users will let Condition 2.13 stop them from signing up, if they ever read it. It does however allow Vodaphone to kick people off if they are found to be accomodating an open relay etc.
2.13 effectively bans Windows,
Only if you put windows directly on the internet without a router of some kind.But jeeze, even grandmothers know better than that these days.
A router won't help, Windows would still be connected and infected. The rest of us then have to pay for it in spam and DDoS.
Section 2.13 would seem to prohibit one from running a Tor exit node [soylentnews.org].
Section 2.16 is a bit creepy: Vodafone has arranged for unnamed third parties to monitor its network.
2.16.Please note that the third party service providers which we use to provide the Vodafone Connect Services may carry out regular traffic monitoring activities across the network.
A snail-mailed letter, explaining why you decided not to subscribe to the new service, might be worth the postage.
The overreach of many service providers (not only ISPs) is getting into "give me the money and fuck you, you little customer" territory. It has been a growing phenomenon and greed, lawyers, monopolies, governmental disregard and the lack of public push-back are to blame.
It once was "the customer is king", but those times are long over. Many terms in these agreements are not enforceable. Giving implicit access to you computers and network, without any safeguards, is "invasion of privacy", no matter which way you formulate it in the agreement and is a no-go (just like stating "you owe me money when accessing this public accessible site" would be a laughable suggestion). The US system is a lot more corporation friendly than the east-side of the pond, so ymmv.
The real problem is that you must fight for your rights and reasonable terms. That is the real problem. You are put in a position that you have to prove your innocence and *that* is a very wrong and disturbing trend.
"you must fight for your rights"
Are you saying that freedom isn't free? Funny, I've heard that elsewhere . . .
More guns, that's the answer. More and more guns. Everyone needs more and bigger guns so that they can be truly free.
God made men equal. Sam Colt made them more equal.
Also, the one thing that separates a free man from a slave, is the right to keep and bear arms. Funny thing about most liberal cities - white cops have guns, and black residents have no guns.
Where I come from the police carry sticks. Bad guys carry knives, especially teenage ones in London. Very bad guys like the major drug dealers and bank robbers carry guns. A few special police carry guns and they only come out when the bad guys come out to play. Every week several teenage boys stab each other to death, usually in London. I'm glad they don't have guns...
Every week several teenage boys stab each other to death, usually in London. I'm glad they don't have guns...
Things must have changed since I left London then (16 years ago). On my way in to work one morning via Network South East, just by Tulse Hill I've seen a 13-14 year old show his friend his brother's 9mm pistol, which he 'borrowed'..needless to say, they were on their way to school. (Also, needless to say, they would have been of interest to the old Operation Trident farce).
Just because they're not using the things on a daily basis, don't make the mistake of thinking they don't have access to firearms, from talking to various people about our local teenage gangs, sure, they may use knives (though their favourite currently is the good old half brick..readily available almost everywhere) but they do have their guns.
Due to the nature of my work, I come in contact with some of these teenagers. It isn't fun having a building surrounded by upwards of 40 of them demanding that you hand over a 16 year old whose only crime is that he belongs to a rival gang and your building is in their territory.
Welcome to Britain in the 21st century..
So you call the police and they send out the armed response unit?
So some small number have access to firearms, and you conclude that they all have access? Rationality is just a thing for other people, isn't it?
So - tell me how it's different that your teenage boys (gang members) are stabbing each other to death, while our teenage boys are shooting each other. The end result is very much the same, isn't it? The coroner is called to haul away a body for examination, and the police department is looking for evidence, and hunting suspects.
People like myself recognize that murderers should be feared. Hoplophobes, on the other hand, fear the weapons used by the murderers.
I have no guns and an no man's (or women's) slave. If you are going to say something try to say something factual or something interesting.
One more racist, gun nut rant just is not necessary.
Speaking of racist -
Before you run your mouth about racist rants, ask yourself - "Do I feel fear when I see a black man with a weapon?" I do not - but then, I'm not a hoplophobe.
Freedom costs a buck-oh-five.
And FAR TOO many people in this country (USA) don't seem have any problem with the overreach that both government AND corporations have now.. Case in point, I have a small local business doing computer support. I get peppered with questions about Windows 10, and I tell them its a privacy nightmare, and advise them to stay with Windows 7/8/8.1. I've explained to them and shown them the documentation. Several people have told me they don't care, they just want the latest/greatest.. All I can do is shake my head and wonder.. On the other hand, I've had several people who bought new systems with Windows 10, and discovering its underlying nature, came to me and asked to have Linux installed. We've upgraded quite a few older systems with XP to XUbuntu, and but never had someone with any of the newer versions of Windows request moving to Linux.. I strongly suspect (and hope) that when more people learn about Windows 10, they'll dump it..
(just like stating "you owe me money when accessing this public accessible site" would be a laughable suggestion).
By reading this comment, you agree to give me <pinky-at-mouth>one million dollars!</pinky-at-mouth>
Do you accept monopoly money in virtual form? I'll pay you double if you accept half-bits modulated on a wave-guided light beam exceeding c. Then you also will receive your payment yesterday.
It once was "the customer is king", but those times are long over.
It once was "the customer is king", but those times are long over.
It once was "customer", but those times are long over; now it's "paying consumer", and most of the time the adjective "captive" is implicitly understood for networking services
You're dealing with stuff all the time, IP lawyers from some corporation call you, or law enforcement or the media, and want to know what you're doing about some particular instance of
So before you say, "Well, they shouldn't do that", tell us what YOU would do if you were the senior manager at the ISP.
I'll tell you what I would do. Not a damned thing. I keep no logs, I don't track customers, I don't help law enforcement or corporations to snoop - nothing like that.
It's a free country.
Imagine, when I was in business, I forced customers to sign an agreement that they wouldn't do anything under the roof I built, or between the walls I built, that I didn't approve of. Imagine that. Hell, CHILDREN have been CONCEIVED under the roofs that I have built! Just IMAGINE THAT!
If you provide a service, rather than a product, then just shut the hell up, and provide the service. And, remember who signs your paycheck. The customers.
Think again. Remember, your company depends on government for a lot of things, access rights and permission to dig up busy city streets and stuff like that. (I'm talking about major ISPs, not two-bit bandwidth resellers). You're also hoping that the FCC and/or Congress don't blow you out of the water with new regulations and changes in tax laws. You can't just do whatever the hell you want with "your property", like a hillbilly farmer sitting on his porch with a shotgun.
How does that boot heel taste? You seem like the person that has rolled over for enough people that you have friction burn scars on your back. Just because you lack a spine does not mean that no one is allowed to stand up for themselves.
What the ISP is doing, and what you are advocating, IS ILLEGAL. ISPs can no longer filter traffic based on source or destination. That includes proxies, servers, and everything else under the sun. Contracts that do not have a negotiable outcome are not valid either.
How does that boot heel taste? You seem like the person that has rolled over for enough people that you have friction burn scars on your back
Thanks, Mr Trump! Love your show!
Hell, CHILDREN have been CONCEIVED under the roofs that I have built! Just IMAGINE THAT!
Missionary position, with the lights out I hope!.
How would you like to find out you were conceived doggy-style in a threesome? Makes my blood run cold...
...and when you get RBL'd from a customer running an open relay, all your other customers will be calling you up about your very full and backlogged mail queue. Your lack of logs will let them figure out in time that you don't know what the fuck you're doing and don't intend to fix the service they paid for, and they will take their money elsewhere.
Shiva H. Vishnu, your trolls used to be plausible, Run.
If you really think an average ISP customer even knows what a log is outside of a piece of dead wood on the ground, you really need to go sit on one and contemplate your life decisions until you return to reality.
I don't think that about average ISP customers, and I didn't suggest that they know any such thing.
The ability to fix technical problems is less important than protecting people's privacy. Taking that position is not trolling.
Yep, all seems reasonable. Having run an ISP many moons ago, and having written very similar points into our user agreement, I assure you that it's mostly about liability.
2.7 Keep in mind that, for example, the definition of "obscene" in a legal document is what a judge would deem violates your country's obscenity laws, not simply what would make your grandma upset.
4.1 If your service doesn't allow you to run your own internet accessible mail and web servers, they need to verify on occasion.
2.11 Don't do black hat stuff from here.
2.13 If you can't keep your stuff secure, you'll be cut off. See Antivaxxers.
You've missed the point entirely. The examples you cite are all violations of existing laws, or close enough to violations that an easy argument could be made in a court of law. Vodafone's AUP covers a range of behaviors that, aside from potentially being libelous or being a secondary indication of potential law violation (while not being primary evidence of said violation), are all examples of free speech. The AUP borders on "social justice warriorism".
The sentiment of the AUP smacks of someone who has seen far too much of the raw stream of sewage that is the Internet, and then decides to take the law into their own hands, in some misguided attempt to skirt potential liability. Those who misguidedly purchase services from Vodafone with this AUP deserve neither liberty nor security.
people hosting web sites advocating [...] or overthrowing the government
Is it always wrong to advocate for the overthrow of all governments?
You've dishonoured yourself by lumping together two opposites. You said "advocating ISIS" and then you said "overthrowing the government". In many places, people doing the opposite are heroes. That is, "advocating for the elimination of ISIS" and "advocating for the overthrow of criminal governments".
Who are you working for? Are you a propagandist for a criminal government?
Or are you so impressed with authority that you give respect and credence to all who claim it?--Tyler Durden
What is the problem?
Install a firewall, nothing to be seen here. Their probing goes to the a bit bucket.Install a VPN, nothing to be seen here either. Your traffic is unreadable to them.Choose your own DNS lookup base. Your lookups cannot be tracked by them. Also your whole house is "protected" not just your machine.
My choose has been IPCop. Stable long life (15yrs next month).Added, http://winhelp2002.mvps.org/hosts.htm [mvps.org] with ~15,000 tracking sites / ad sites..# change: /etc/dnsmasq.conf# added line in global: addn-hosts=/etc/hosts.ext
# run to copy HOSTS to IPCop.scp -P 8022 HOSTS root@ipcop:/etc/hosts.ext
# gain access to IPCopssh root@ipcop -p 8022
# run on IPCop to reactive dnamasq/etc/rc.d/rc.dnsmasq restartexit
Umm, no that isn't the "answer".
So you personally get a VPN to work around unreasonable restrictions, great. What happens when the next ISP does it, then the next, then all of them? Unless people stand up and say NO. ( with dollars, legislation, protests ) then they get a green light to do it everywhere.
What happens when they ban VPNs, or TOR, FreeNet, I2p, whatever, next? While its hard to stop it at a technical level i agree, when they find out you are doing it, your account is gone, and you are blacklisted. ( in many areas, no need for a blacklist when you have one choice due to all the virtual-monopolies ). Remember too, that they dont need to know what you were doing as you violated the AUP. *poof* you are gone. No recourse, nothing.
"Whey they came for me, there was no one left to stand up"
Then cut the wire. Drop off the net and not give them your money. It is either:
A) show your ISP that they are idoits
B) Sit under a rock, out in the woods and wait for it to fall on your head.
You want to change the system:
A) Remove their cash flow. No money they do not exist. That is what the outside is doing. They take them to court and take your money away from them.
B) Take them to court, yourself based on unconscionable terms and have the whole contract voided.
C) Get into office and take the money form the other side and stiff them. 1 term, good loot, next guy puts back.
What is your choice?
I was going for "F) All of the Above, with Gusto", but...
"B) Sit under a rock, out in the woods and wait for it to fall on your head."
If I'm under the rock, how can something fall on my head? Why am I in the woods? Am I protesting a WISP?
Anyways, I choose everything but B), unless I can also test my theory about the death of mimes in the forest.
What is the problem?Install a firewall, nothing to be seen here. Their probing goes to the a bit bucket.
Yes maybe so, but on their side of the firewall they're free to do what they like to your traffic
Install a VPN, nothing to be seen here either. Your traffic is unreadable to them.
And, no doubt, once identified, will be QoS'd to such an extent that it becomes unusable
Choose your own DNS lookup base. Your lookups cannot be tracked by them. Also your whole house is "protected" not just your machine.
Hah,I've just discovered today that my ISP was silently redirecting all DNS requests on their cable to their 'CDN' to 'improve customer experience' (or somesuch BS).The way I found this out, I was having problems with windows update on a netbook today, so started sniffing my internal traffic at the boundary firewall, seems they've expanded this silent redirect of DNS to also include silently redirecting both http and https requests to the selfsame CDN.
I'm not naming names just yet, as I'm getting others to independently confirm this.
Please name names.
yes, well, I found that Comcast had handed out hardware that has hardcoded lookups to their own and 184.108.40.206.
Why they would give customer habits to google for free is somewhat beyond me, so I have to think that it isn't being provided as a concurrent lookup resource that the cable modem does without the customer devices actually seeing the responses, is actually a value add for comcast. Since the field is grayed out and cannot be changed, I have to think it's not for my benefit.
So, what happens on that particular piece of business hardware is that DNS traffic leaving the unit also goes elsewhere. Client traffic gets the results expected. Comcast profits from the unexpected behavior, and google too, I would imagine. Being the type that null routed 220.127.116.11 and 18.104.22.168, it shocked me to see this on the modem management's ipv4 info page.
It didnt even matter that I prevented the devices in my home from reaching those IPs. Comcast reached them for me.
fuck the cloud
You're assuming they are routing the 22.214.171.124 to Google's machines, and haven't for instance just routed them to their own machine(s) which is logging all your DNS queries. Doing that would net them all their own queries on modems they supplied and anyone who had their own and set it to Google's servers.
A company like Comcast is not likely to be giving Google a free lunch. They are getting paid for that data in some way or perhaps just hi-jacking it for themselves.
VPN over funny cat videos uploaded to facebook? Surely there's an RFC.
I am curious about this "just add a VPN!"
Where, exactly, is one doing this? Don't tell me some other end point that isn't under the user's control. that isnt much better. you never get a chance to agree or disagree to the VPN endpoint's eula.
What you agree to with the VPN provider may have nothing to do with the antics that their ISP does to them.
People seem to now call VPN a type of security that the same types of people had called NAT, once upon a time. Security through obscurity. The problem is with the VPN is that yes you are secure to that endpoint and then you go out their NAT. If you were being spied on, your VPN would be allowed and then they'd just watch where the traffic came out.
NAT never stopped anyone from watching, NAT only stopped from direct connections from the outside without a prior hook to a device behind the NAT itself.
VPNs are just as vulnerability to ignorance of its use and purpose as was NAT.
Your traffic is only obscured between you and the end point; for all you know everything unencrypted after leaving the tunnel is being sold or watched. If *privacy* is your concern, all it will do is ensure that your ISP sends you generic ads as opposed to specific ones. If security is your concern, then why are you surfing the web over a VPN to an uncontrolled endpoint and logging into various places that clearly reveal who you are?
If privacy and security are your concerns, the advice is invalid and I'd suggest rethinking how to avoid being seen. Hiding behind one of two bushes will still get you blown up and exposed...
Hence sit under a rock in the woods and wait for the rock to fall on head.
nothing is prefect.
From what you say, using a VPN isn't solving the problem, just moving it somewhere else.
If you have somewhere else that is safe, secure, under your control, and not filtered or redirected or throttled, then fine — but what about those of us who don't? Perhaps, like free IP4 addresses, the long-term solution isn't to fight over the remaining ones, but to arrange something better.
SJWs do not exist.
Cultural Marxists may have created Political Correctness, but there is no Cultural Marxist Conspiracy to push P. C. propaganda into every corner of your world, citizen. If you think that you must be a crazy, racist, homophobic, sexist. Ask your doctor about psych meds.
Ignore the florescent haired thick rimmed glasses behind the curtain.
EULAs, TOU, privacy policies, none of that crap means anything to me. As explained in other posts, I firewall, VPN, use anonymous non-logging DNS lookup, and go where I want, do what I want on the web. I can't scan ports? How about if I VPN to England, proxy to Russia, then to Hong Kong, and aggressively scan every IP address on my ISP's list? Whatcha gonna do about it? Maybe it would be fun to just hack in, and give EVERYONE triple the bandwidth that they pay for! Did I say triple? Let's go for several orders of magnitude - everyone gets 10 gigabit connections!
That would definitely blow some minds, don't you think?
These terms mean that Vodaphone can't be a common carrier and is now responsible for monitoring everything that goes over their pipes. I'm guessing these terms will last until somebody gets harassed through Vodaphone's network and sues.
You don't normally see this level of abuse in a ToS for a communications service in the US because it would cause them to lose their common carrier status and open themselves up to a whole world of liability for content that people send over their wire.
c/p from this very page on which we converse:
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
I thought they just got declared common carriers within the last year? And they were/are dead-set against it. Yet before that, nobody was suing them over content? In theory vs. in practice.
I'm not sure. The whole thing confuses me. Correct me if I'm wrong, please.
I'm somewhat confused here, I thought vodaphone had operations in the US, but apparently they're British, so this wouldn't apply. Although, the UK might have their own equivalent of common carrier status.
If I recall correctly, the vast majority of "cheap" web-hosts want to exercise editorial control over your web-site. It has to "look" a certain way (mainly not an image gallery).
Several webhosts had silly restrictions on the Bittorrent protocol, or even worse: on hosting or linking to .torrent files (which are just sophisticated URIs).
the reason is that they want to be able to kick people off and be able to state a clear and easy reason.
if you have a bazillion laws, everyone breaks laws many times a day. same concept here. give them lots of leeway in order to be able to cancel anyone, at any time, for a cooked-up reason. and get away with it.
the thing is, there is often no choice in first-hop connection, in the US. where you live, you get to 'pick' from exactly 1 cable co and perhaps dsl from the local telco; but dsl is a fairly dead tech and cable has entirely taken over. in the US, one cable co serves your neighborhood.
who are you going to use for your ISP if the one and only, in your locale, decides to ban or cancel you?
if there were 10x isp's to choose from, let them fight for customers. but there is no 'fight' for customers anymore. we are 'assigned' to an ISP. almost funny if you think of it that way. if you move or relocate, you get 'assigned' to a possibly different isp. how freaking weird is that?
...to be able to cancel anyone, at any time, for a cooked-up reason...
Were that their desire, could they not use phraseology such as "Vodofone reserves the right to discontinue service at any time, for any reason or no reason, at its sole discretion, at which time a pro-rated refund will be made"?
They don't want to give a refund, and they must at least pretend the person they kicked out did something wrong so they don't make it too clear that their monopoly uis against the public interest.
Because in that case they'd have to give you a refund. If they say you're breaking some terms of service they agreed to then why would they pay you your money back?
I think its the same psychology as those TV ads for "Senior Care Life Insurance" where some pitchman is blathering about "just three easy health questions", and that "nobody will be turned down."
Sure, nobody will be turned away from sending in the monthly premium. The TV head did not lie on this aspect of the bargain.
However, when the payout day comes, will the company honor their end? I get the terribly strong idea they will not.
I believe the whole purpose of those "three easy health questions" is to give a basis for denying payout.
The insurance company has lawyers. You don't. You paid all those premiums. Neither you nor your loved ones may see a dime of it.
I have already experienced the "peace of mind" coming from being "insured" with a dental plan. Only the cheap stuff is covered. The instant I needed a crown, it was full price to me. All I ended up doing by being "insured" was paying the salaries of building-fulls of desk-hens flitting back and forth over who has paid their premium and is eligible for a covered service - something cheap and routine like an exam, x-ray, or cleaning.
Sure, they say you get "coverage" for the big stuff, but its all business-talk, like those free "healthcare discount cards" the business-head hawks on TV. Sounds good, but has so much business-talk tangled up in it that is is useless.
I would have been far better off just paying the dentist directly.
I have to agree with those above me that all this business-talk is CYA for letting the business completely off the liability hook for failing to provide contracted-for service.
but dsl is a fairly dead tech and
Strange, my VDSL ($50pcm) is able to saturate my wifi easilly -- 50-60mbit down no problem. Certainly no limits that I notice.
From your links it seems like you're in the United Kingdom. You have bigger things to worry about than your ISP shutting you out -- things such as your gov't arresting you for crimethink. I suggest moving to another country.