I'll admit it. I've broken the law, and I'm heading for jail. I expect I'll do the full 4 years in a Detroit maximum security penitentiary.

If they ever catch me. *grin*

I thought I was doing a public service, by teaching people how to construct firewalls and perform advanced networking techniques, but according to the Michigan Legislature, I have committed a felony because I have "advertised plans or written instructions that I intend to be used or know or has reason to know will be used or is likely to be used to violate subsection (1)." 750.540c(3) The relevant piece of subsection 1 is "(b) Conceal the existence or place of origin or destination of any telecommunications service."

I've had instructions up on my web site since July 25th of last year on how to modify the destination address of TCP/IP packets; search down for "... -m state --state NEW -j DNAT --to-destination". This conceals the destination of the original packet.

Interestingly enough, 750.540c(1)(a) limits its scope to "obtaining a telecommunications service with the intent to avoid...any lawful charge for the telecommunications service", but 750.540c(1)(b) does not limit itself that way.

Just in case this previous offense might be ignored because it occurred before the law went into effect, here's a section added on March 31st (Michigan's time zone) on how to use masquerading to share an Internet connection.

Set RedIf to your default route interface and InNet to the inside IP address block. The following will let all the machines on that IP address block share a single connection:

iptables -A POSTROUTING -t nat -s $InNet -o $RedIf -j MASQUERADE

According to subsection (6), "any unlawful telecommunications access device involved in violation of this section...may be destroyed or retained.". That's a real shame - I've enjoyed the laptop on which I wrote the article, and I'm going to have a hard time explaning to my boss why my company supplied laptop was doused in gasoline and torched by the Michigan State Police.

I can't even hide behind the fact that I wrote the article in New Hampshire, because subsection (8) says the "violation...is considered to have occured at the place...where the...access device is...delivered to another person." All it takes is one Michigan resident to read that web page on or after the date the law takes effect, Mar 31sth, 2003. If you fall in that category, write me and let me know we can be co-conspirators in breaking the law.

Melodrama aside, this is a wonderful example of an overly broad bill actually passing and becoming law. If you took the wording literally, this law could make any of the following illegal.

Because of the implications of load balancing, round-robin DNS, CNAME records, MX records, and NAT/conection sharing, I believe you'd actually have a hard time finding a single Michigan business that is not breaking the law. That includes the Michigan legislature itself - breaking the law by using a CNAME record for their own web site:

www.michiganlegislature.org. 81559  IN  CNAME  michiganlegislature.org.
michiganlegislature.org.     81561  IN      A

I can't wait to see them lead themselves off in chains. :-)

From the above list, I may be up for prosecution under an habitual offender law as well. In fact, similar laws are up for review in 8 other states. I sure hope they don't find out about the hundreds of times I've run a sniffer on an Ethernet cable.

William is an Open-Source developer, enthusiast, and advocate from New Hampshire, USA. His day job at SANS pays him to work on network security and Linux projects. Or, at least, it did until he went on the run from the law.

This article is Copyright 2003, William Stearns <wstearns@pobox.com>