RE: ISPs as content-police or method-police

[Mathew Butler <mbutler () tonbu com>]

About 2 years ago, when I got cable modem service from Cox@Home in Mesa, AZ,
I tried to go through their standard tech support channels to get filters
removed from my IP line.  My request was bounced back and forth between
several places until I was told by a tech support manager that "there would
be no special-case configurations" -- meaning that the filters on my line
were never going to be removed.

I also found that it was -much- more possible to talk to someone with a clue
if I posed as someone on the global Internet, trying to use services which
were operationally impacting me (such as DNS and rDNS).  When trying to get
something done at any NOC, -don't- say "I'm a customer of yours" at any
point in time, else you get transferred to the tech support lines and
nothing -ever- gets done.

(In the case I'm referring to, @home's rDNS service kept dying, and I ended
up having to keep calling their NOC and tell them that it was broken, from
the standpoint of someone who was doing log analysis on Apache logs, and
noticed a bunch of 'lame zone' errors from their servers in their IP blocks.
This issue also operationally impacted me being able to get to certain FTP
sites that required rDNS to resolve properly.  Guess which way got the
problem fixed.)

-Mat Butler

-----Original Message-----
From: Christian Kuhtz [mailto:ck () arch bellsouth net]
Sent: Monday, November 20, 2000 9:36 AM
To: nanog () merit edu
Subject: RE: ISPs as content-police or method-police 



> > What doesn't make sense in that argument is why you couldn't just
> simply upsell the customer to a managed fw solution etc
> > if that's the concern.
>
>         This doesn't work for a consumer broadband ISP,
> where the customers won't be upsold to anything and
> the average consumer just expects the network to be "safe".

Hmm.  I disagree, and consumers with those expectations would be advised to
read their service agreements which they signed and accepted closely.

> > Educate them, and let them decide based on the education they received.
>
>         Education does not work for a consumer ISP,
> whether broadband or dialup, due to scaling limits.
> Might or might not work for a lease-line business ISP.

Sure it does.  Depends on what you consider education.  I wasn't referring
to
a two hour class, but the type of discussion a sales rep has with their
customer when you sign up for service.  Doesn't a regular cable sales rep
offer you HBO, Showtime etc packages when you sign up?  Why not offer you a
no-charge filter service?  (granted, I said upsell in my first post, perhaps
that was the wrong term).

I do not believe that by default, opt-out filtering is a good practice for
an
ISP.

> > Well, again, I don't believe in 'censoring' traffic by default.
>
>         My perspective isn't about philosophy, but rather what
> is practical and sensible from a business perspective.

Quit splitting hairs.

I do not believe that by default, opt-out filtering is a practical and
sensible from a business perspective for an ISP.  You may disagree, this is
a
free country last time I checked.

> > I wouldn't be so sure, particularly because of the legal exposure...
>
>         The major consumer broadband ISPs have already
> discovered that their legal exposure would be higher
> if they did not filter a small number of protocols,
> than it is with filtering that small number of protocols,
> which is the current common case with consumer broadband
> ISPs today.

Pointers, background please.  And how is that sold and presented to the
customer?  What sort of legal ramifications have been discovered?  How is
the
tech support role addressed?

> > > And as has been pointed out, you can ALWAYS punch a hole
> > > in the filter for customers who like to live risky,
> > > or they can find other ways to tunnel their packets.
> >
> > At SP scale?  Think again.
>
>         Filtering by default and punching holes upon request
> works fine for Media-One's cable modem service in the US
> Northeast, so that approach CAN work fine at a large-sized
> service provider scale (they are an existence proof).

Oh yeah?  While I happen to use MediaOne (because I can't get anything else
where I live) and it seems to work most of the time, it is damn near
impossible to find anyone who has a clue about anything (or cares) thru the
tech support channels.  And I don't consider spending 1.5hrs+ on hold to
speak
with a junior tech support person an accessible alternative.

I do know from my fw at home that no filtering whatsoever is done.  In fact,
the service agreement clearly states that you're basically on your own.

If this is available (and accessible) in the northeast, consider yourself
*very* fortunate.   If MediaOne (or my employer if I were be able to get
DSL)
were to start filtering traffic and gave me no reasonable way to opt-out or
customize, I would probably be a very dissatisfied customer.  Currently,
some
of these support channels only work well if you don't need support.

>         Different service providers might well make different
> business decisions, but lets not confuse a business decision
> with what is/isn't technically feasible.  They aren't the
> same thing.

I don't think I said anything to that affect.  Further, a less presumptious
stance would be appreciated.

I do believe that an opt-in approach is the better one, rather than opt-out.

Cheers,
Chris

--
Christian Kuhtz <ck () arch bellsouth net> -wk, <ck () gnu org> -hm
Sr. Architect, Engineering & Architecture, BellSouth.net, Atlanta, GA, U.S.
"I speak for myself only."