Slashdot Mirror

← Back to Stories (view on slashdot.org)

Have You Really Read Your ISP's TOS?

Posted by timothy on from the haven't-read-mine-that's-for-sure dept.

NewtonsLaw writes "XTRA, New Zealand's largest ISP is in the process of losing customers in droves after it announced its new Terms of Service which seek to claim rights over customers intellectual property (see the Slashdot discussion). Now, if that wasn't enough, Aardvark Daily reports that the ISP is also banning its users from saying bad things (anything 'detrimental to our reputation or to our brand') about it. I wonder how many slashdotters have actually read their own ISPs' terms of service in detail? Is this type of IP-grab and clampdown on free speech is unique to Xtra or is it slowly pervading the whole industry, right across the globe?" Read on for Xtra's amendments to the original IP-grab terms, though.

Reader THX1138 points out that "After the very recent story on Xtra (New Zealand's version of AOL) they changed the IP section to include 'Xtra does not claim ownership of any content or material you provide or make available through the Services. However...' at the start and 'in each case for the limited purposes for which you provided or made the Customer Materials available or to enable us and our suppliers to provide the Services.' at the end."

14 of 394 comments (clear)

  1. giving up common carrier status by PD · · Score: 5, Interesting

    If they give up common carrier status and start controlling and owning everything on their network, does this mean that if terrorist sites or kiddie porn appear on their network, their CEO and board of directors will be habeas corpused off to Cuba? Or whatever the equivalent thing that New Zealand does to people they don't like.

    --
    If tits were wings it'd be flying around.
  2. In Breach by mvdw · · Score: 5, Interesting

    Before today, I'd only given the TOS a cursory glance, and I found that I am regularly in breach of a couple of the terms:

    1. "You must not maintain or permit multiple concurrent connections to the Internet Access." - I connect through a smoothwall firewall, which is connected to several computers, quite often two of these are in use concurrently;
    2. "never recording Your password on Your computer, and safely storing Your password"; - The password is stored on the smoothwall (encrypted, but still), so that anyone that knows the smoothwall password can access the internet... contrary to TOS above, it seems ;-)

    I don't really care too much, though, because it's only a dial-up connection, so the connection is inherently throttled...

  3. Kinda OT: NAT/PAT by Bios_Hakr · · Score: 4, Interesting

    My local ISP just started to roll out DSL. Our current service is 56k dialup limited to 90 hours per month. We pay about $30 for that.

    The new DSL is 1.5mbps "best effort". They have not mentioned any download caps, but they will probably be on the way soon. The worst part of the TOS is the restriction on NAT/PAT.

    They say that they can detect how many computers are on a network. For each computer, you have to pay an additional $60 for the exact same bandwidth. They don't even give you another modem for the extra $60.

    Anyway, how do you think they are detecting NAT/PAT? Is there any way to stop this detection? I had planned on running Gentoo or *BSD as a firewall, but paying more money for the exact same thing seems harsh to me.

    --
    I'd rather you do it wrong, than for me to have to do it at all.
  4. Atlanta ISP changes by Lord+Bitman · · Score: 5, Interesting

    ISPs change-hands so often here, it's hard to keep up. When my ISP spontaneously became Comcast one month, I asked them to send me a new TOS. They said that their TOS was the same as AT&T's, but have refused to provide them. Am I bound to something they won't give me?

    --
    -- 'The' Lord and Master Bitman On High, Master Of All
  5. Re:"clampdown on free speech" by alister · · Score: 4, Interesting

    Indeed.

  6. Re:Have your read Network Solutions Terms of Servi by Jason1729 · · Score: 3, Interesting

    You complain about the agreement, but by agreeing to it, you mearly re-enforce that it's okay for them to do it. There are countless registrars out there now. Most will allow you to transfer a domain name for their annual fee and then include a 1 year extension so the transfer is basically free.

    By clicking you agree, you're voting with your dollars, and that's all that matters to these companies.

    Jason
    ProfQuotes

  7. AOL has a new TOS for you.... by ajs · · Score: 4, Interesting
    An interesting take on TOS agreements is AOL's new policy of imposing one on the rest of the Net by rejecting any connection to their MX servers on port 25 (incoming mail) before even negotiating far enough for the client to issue a greeting IF you are coming from an IP address that AOL considers to to be "dynamically assigned" (I have no idea how they define this, since my host is not in the MAPS DUL or any other blacklist I can find, and AOL's "tester" page refuses to tell me what they think is the problem because they want to reverse-map my IP and send a report to that domain, rather than by connecting to the IP itself or showing me the results on a Web page).

    This effectively means that no broadband, dialup or other ISP customers who get an IP address when they connect will be able to send mail directly to AOL, you wil instead be forced to use your ISPs or some other willing SMTP relay which AOL considers to be worthy of peering with. No more end-to-end TLS encryption and/or verification; no more routing around overburdoned ISP mail hubs.

    There is as yet no indication that I've seen one way or the other on what they're doing about DELIVERING mail to such addresses, but if you run your own mail server, be prepared to find that AOL.com no longer exists (which you may not consider "bad", exactly, and in fact I currenly have no plans to route around this particular damage other than to get my relatives to find new ISPs, even if that means going to MSN... *shudder*).

    Many have made the argument that this is reasonable for AOL to do because many ISPs have TOSes that ban servers. So far, the standard retort has been 1) no ISP bans direct-to-MX transmission of mail except where it is spam 2) most ISPs don't enforce said rule (and tacitly encourage users to roll their own) 3) not ALL ISPs have such restrictive TOSes, and of course 4) that's none of AOL's business when receiving an incoming message.

    For those who are interested in details, here's the almost useless blurb I get when telneting to port 25 on any random AOL MX host:
    550-The IP address you are using to connect to AOL is either open to
    550-the free relaying of e-mail, is serving as an open proxy, or is a
    550-dynamic (residential) IP address. AOL cannot accept further e-mail
    550-transactions from your server until either your server is closed to
    550-free relaying/proxy, or your ISP removes your IP address from their
    550-list of dynamic IP addresses. For additional information,
    550-please visit http://postmaster.info.aol.com.
    550 Goodbye
    Good luck!
  8. Post each others' sites by PhilHibbs · · Score: 5, Interesting
    If I upload someone else's data, I have no right to grant the ISP the rights that they claim, therefore they don't have those rights. What I'm unsure about, however, is whether their terms of service prohibit me from posting material that I do not have the right to grant rights over. If so, then I probably can't post any GPL'd software. Let's look.

    Hmmm, this is interesting:
    You agree that all content, software, personal identifiers (including addresses) and anything else we make available to you in connection with our Services (together "Works") are protected by copyright, trade marks and other intellectual property rights and laws.
    So no posting Project Gutenberg texts, then. Taken literally, anything I post has to be trademarked.
    You warrant that you will not:
    • license, assign, otherwise transfer, make available or grant any interest in any part of the Works to any other person
    So, no GPL'd software that I wrote then, but presumably other peoples' GPL'd software is ok.
    Xtra does not claim ownership of any content or material you provide or make available through the Services ("Customer Material"). However, by placing any Customer Material on our Websites or Systems (including posting messages, uploading files, importing data or engaging in any other form of communication), you grant to Xtra a perpetual, royalty-free, non-exclusive, irrevocable, unrestricted, worldwide licence to do the following in respect of the Customer Materials:
    • use, copy, sublicence, redistribute, adapt, transmit, publish, delete, edit and/or broadcast, publicly perform or display, and
    • sublicence to any third parties the unrestricted right to exercise any of the rights granted,
    in each case for the limited purposes for which you provided or made the Customer Materials available or to enable us and our suppliers to provide the Services.
    Seems reasonable, they need the right to distribute the data, they might want to keep an archive, and they might want to sell that archive as an asset. Note the limiting nature of the last paragraph.

    IMO, there's nothing sinister here, although the first section I quoted is just incompetently written.
  9. Prestel was doing that in 1986 by Alioth · · Score: 4, Interesting

    The thing about 'no derogatory comments about our service' is nothing new - in the mid to late 1980s, Micronet (and Prestel), an online service in Britain, also had the same thing. And they did threaten to kick off a friend of mine for complaining about Micronet in one of the message boards.

    Their AUP also didn't allow any kind of profanity in the message boards, either!

    They did have some good things (such as Shades the MUD, which is *still going* - telnet games.world.co.uk, yes, it's on port 23).

    That's not to say it's right. The "you must only say good things about us" clause was incredibly dumb, and people often pushed at them, just to see how far they could go.

    --
    Oolite: Elite-like game. For Mac, Linux and Windows
    1. Re:Prestel was doing that in 1986 by MavEtJu · · Score: 4, Interesting

      You need to create an account before you can play Shades, and to
      enable us to register you, we need to ask five simple questions:

      1) Your real name:
      2) Your sex:
      3) Your age:
      4) Where do you live? :
      5) Your e-mail address:
      6) Where did you find out about us:
      7) What password do you wish to use (5-10 characters):

      count that!

      --
      bash$ :(){ :|:&};:
  10. Legal hacking by NoBlock · · Score: 5, Interesting

    Just read the TOS for my ISP again and was reminded why I chose this ISP (even though it is not the cheapest available). One of the clauses says (roughly translated):

    All customers are allowed to hack the system. The first custormer that manages to get 'root' status will receive 6 months free use of the system. In return customer will explain how the system was hacked. Customers will take pains not to damage the system. Customers hereby give other customers to hack the system.

    I feel that this should be a standard clause in any ISP's TOS.

  11. Why reading TOS is important by chrysalis · · Score: 3, Interesting

    Indeed, I never read TOS.

    But I really enjoyed my ISP. Fast, reliable, not that expensive, and my IP address didn't change as long as the gateway renewed the lease.

    But one day, friends using the same ISP told me that all their incoming connections got firewalled. They couldn't connect to their host any more, even through POP, SMTP or SSH.

    I checked it, and they were right. The ISP firewalled everything without any prior notice.

    A look at the TOS revealed that indeed, customers don't have the right to host any server. No SSH, no SMTP, nothing.

    I moved to another ISP since. The new ISP is a bit more expensive, but that's the price to pay to read in their TOS that servers are allowed, and NAT is allowed as well.

    --
    {{.sig}}
  12. Here's my story of ISP abuse by Anonymous Coward · · Score: 4, Interesting

    Here's my story.
    The page in question.

  13. Re:heh? by Montreal+Geek · · Score: 4, Interesting
    But in reality, what people in their right mind would do that? I mean, assuming: The hacker was benevolent and wanted the 6 monthes. If you hacked the system - you have unlimited, forever usage of the system, hence the word "0wnz," I believe?

    Once upon a time (a couple of years ago) I was sysadmin for a smallish ISP up here in Montreal. While out TOS didn't spell it out, it was my policy as well. (I was blessed with intelligent bosses/owners that decided from the onset that given that I was the security, its enforcement should be left to me).

    There have been a total of two compromises during the two years I worked there. Both were detected by my diagnostics within minutes. I let both play out to ascertain the intent and method, and one of the crackers was obviously a white hat given that noticing me on the box he talked me to tell me how he got in. The other was a silly warez d00d-- took me about 5 minutes to detect how he got in.

    In both cases, I restored offline, plugged the hole, then put the system back up.

    Having compromised a system does not give you "forever usage of the system".

    Just before I started work there, where was another (major) compromise of the entirety of the DMZ-- the security wasn't set up very well and each box trusted every other box. That took a complete redesign of the infrastructure, but it was also fixed. By the white hat that broke in and went to them with "Look. Obviously you need to hire a sysadmin."

    You get to guess who that was.

    Not everyone is a script kiddie, you know.

    -- MG