Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
United States Your Rights Online

FBI Wants to Tap The Net 503

Posted by CmdrTaco
from the and-own-your-soul dept.
Majik was among the stream sof people submitting this story about the FBI wanting to tap the net. Makes carnivore look like a baby monitor since this tracks all packets, and would be placed at key locations on the net.
This discussion has been archived. No new comments can be posted.

FBI Wants to Tap The Net

Comments Filter:
  • by kcornia (152859) on Monday October 22, 2001 @02:39PM (#2461535) Journal
    You know that's what they're after. Hoover left a more lasting legacy than we know...
    • > FBI just wants all the good pr0n
      > You know that's what they're after. Hoover left a more lasting legacy than we know...

      I dunno, transvestite pr0n may be your thing, but it's not mine. Then again, I don't work for the Feebs.

      ("When I asked for a color TV in my hotel room, this is not what I meant!")

    • by cosmosis (221542) on Monday October 22, 2001 @03:14PM (#2461888) Homepage
      As any student of history will tell you, giving the FBI this much more power fares badly for all of us. McCarthyism anyone? The first thing they are going to do is gather up information on anyone who ordered any books on any belief or activity they don't like - including drugs, computer security/hacking, anarchy, libretarianism, free-thinking, etc. So if you frequent any sites of this ilk or bought any nooks from Amazon like this you will be tagged by the FBI as a suspected terrorist.



      After a while, these people will be rounded up and questioned, intimidated and possible detained. And if the current set of laws that just passed gets any worse, then you might even get jailed without due process, and incarcerated for life based on these information retrieval practices. Sound ominous so far? It should. This stuff is right in line with Nazi Germany too. Lets just hope they don't start lining us all up and shooting us because we are "terrorists, hackers, druggies", etc. Never forget that it was Orrin Hatch who called for the Death Penalty for anyone caught using drugs.

      • FBI Agent: You are being detained for questioning.

        Detainee: But i didn't do anything wrong.

        FBI Agent: Acording to the data from our tracking systems, your toilet paper consumption rates, the number of gardening books you buy per year and the number of bad jokes about CmdrTaco that you post on Slashdot per week match those in our profile for "Higly Dangerous - Possible Megalomaniac Persons". To prevent any crimes from your part we are hereby detaining you for psychiatric treatment.

  • Go ahead. (Score:4, Interesting)

    by Anonymous Coward on Monday October 22, 2001 @02:40PM (#2461541)
    I'm going to put the words anthrax, get the bomb, allah, and kill them all in every fucking packet. Let's see em sort through 800000 terabytes of crap a day.
    • You have a point (Score:5, Interesting)

      by einhverfr (238914) <chris@travers.gmail@com> on Monday October 22, 2001 @04:48PM (#2462482) Homepage Journal
      I am reminded of the NSA's escapade with taping the single fiberoptic line under the atlantic (one line tapped, of several in place). The flood of information was too much for them to do ANYTHING with.

      For the FBI to pull this off, they would certainly need quantum computers... And what of speling myst-aches? This requires more computing power... Even Caeser cyphers become effective means of defeating these because of computational limits...
  • Lamers (Score:3, Interesting)

    by Renraku (518261) on Monday October 22, 2001 @02:41PM (#2461549) Homepage
    Wouldn't this degrade the performance of the Internet in general? Tapping the 'net also has a few more drawbacks. It only examines packets enroute. That would tend to catch people doing legitimate things more than it would catch criminals. Meaning, they could see you sending and receiving traffic from some server that could possibly have illegal things on it (which is what? 90% of servers) and then swoop down and bust you for aiding a criminal or something stupid.
    • Re:Lamers (Score:3, Informative)

      by isa-kuruption (317695)
      No, it wouldnt degrade the performance. There is something in Intrusion Detection Systems (IDS) called a passive sensor. All network traffic would be forwarded to the passive sensor. This would be an easy task for any router. The hard part is the passive sensor would have to be able to look through as much data as the router/switch could put out (like 20gbit/sec?)
      • No, it wouldnt degrade the performance. There is something in Intrusion Detection Systems (IDS) called a passive sensor. All network traffic would be forwarded to the passive sensor. This would be an easy task for any router. The hard part is the passive sensor would have to be able to look through as much data as the router/switch could put out (like 20gbit/sec?)

        One reason the proposal would degrade performance is that it calls for changes to the backbone architecture to concentrate traffic to a handful of central points, for the FBI's convenience in tapping you. This reduces redundancy and network intelligence.

        The second reason it will degrade performance is, as you begin to get to, they won't be able to monitor current traffic levels in real-time (it's all that billions of dollars in routing hardware can do to inspect packet headers), so they'll have to intentionally degrade performance in order to have half a chance.

    • by Peter Dyck (201979)
      Tapping the net is chickenshit compared to this [thetimes.co.uk]. I am not suprised to see neither the American media or BBC reporting this.

      "AMERICAN investigators are considering resorting to harsher interrogation techniques, including torture, after facing a wall of silence..."

      The Times is one of the most respected, conservative papers in the UK. The FBI really are considering this abomination. Even Robert Blitzer, a former head of the FBI's counter-terrorism section, has criticized this in public!

      • by Tackhead (54550)
        > Tapping the net is chickenshit compared to this [thetimes.co.uk report - FBI considers torture]. I am not suprised to see neither the American media or BBC reporting this.

        I disagree.

        Torture takes effort - an FBI permitted to use torture would be physically unable to use it in the violation of the civil liberties of 300,000,000 Americans, simply because it'd take too long to work their way through the population, even if every FBI agent went berzerk and started torturing everyone they met for the sheer hell of it.

        Passive electronic monitoring doesn't take effort - every citizen's right to be secure against unreasonable search and seizure is violated the instant they flip the switch on the Mother Of All Carnivores.

        Put another way - there's a reason why people get dozens of spams per day (sometimes per hour), while still only getting three or four telemarketing calls per week.

  • I always though the NSA was doing this already. So why worry?
    • I always though the NSA was doing this already.

      NSA does not spy/eavesdrop on US citizens.

      Read their charter; i'm pretty sure it's not classified. When I was a contractor at Ft Meade, I wrote a lot of extra code to specificially make sure of things like this for my project. I can't speak of the FBI, CIA, or DIA however...so draw your own conclusions people. Things may have changed in the last year, but as of a few years ago this was a top priority for each project I was on. If someone can convince me I'm wrong (project names, people, etc, not random web links), I'd love to know about it as I still talk to many friends at the agency (about unclassified things of course).

    • by Anonymous Coward
      all your freedom are belong to [censored by FBI]
    • by Tackhead (54550) on Monday October 22, 2001 @02:59PM (#2461751)
      > I always though the NSA was doing this already. So why worry?

      The difference is that NSA is an intelligence organization, not a law enforcement organization.

      That is, NSA doesn't care about who you slept with last night, your tastes in g0at-pr0n, whether you may or may not have indulged in recreational pharmaceuticals in your misspent youth, how many MP3z and warez you download, or whether you traffic in copy control circumvention devices. Even if you assume (incorrectly) that they want to spy on US citizens, keeping track of jaywalkers is not their mandate, and they're busy enough with the stuff that is their mandate.

      It is, however, entirely within the FBI's mandate, as enforcers of the law, to "sweat the small stuff". Today, they hunt terrorists with guns, when they're gone, they'll scour the database to find the terrorists with drugs, and next year, they'll start earning their keep by nailing the copyright terrorists.

      Spooks have better things to do with their time. Cops don't.

  • by ekrout (139379) on Monday October 22, 2001 @02:41PM (#2461554) Journal
    Whoa, this is getting confusing!!! What happens if an FBI agent uses a Windows machine running some packet-catching/sniffing program to "tap the 'Net"? Wouldn't this be a crime since they'd be using a terrorist-harboring operating system (see last Slashdot article) to search for terrorists? Uggghhh...
  • Great... (Score:5, Insightful)

    by don_carnage (145494) on Monday October 22, 2001 @02:42PM (#2461564) Homepage
    The next thing you know, they'll want control of all major routers; It's just one more step to bring the Internet under US control. Welp folks, it's time we built our own network...
    • Re:Great... (Score:3, Insightful)

      by Tackhead (54550)
      > The next thing you know, they'll want control of all major routers; It's just one more step to bring the Internet under US control.

      Hey, it's nice to know we Americans are finally catching up with our freedom-loving friends in Russia and China!

      I was beginning to worry we were gonna be left behind on the information superhighway!

  • Authentication? (Score:2, Insightful)

    by jiheison (468171)
    They can tap whatever they want. Can they PROVE, based on a few packets, who is sending the information?

    Without stronger security/authentication in general, this will be useless for the purposes of stopping actual criminals.
  • Has anyone told them that the Net is an international affair? It could be argued that the States dictating all and sundry to the rest of the world is what got them into this mess in the first place.
  • Off by 17 years, no big deal...
    • by mlc (16290)
      Ah, but, unfortunately, we are not fully at 1984 yet. That is why some friends and I have formed the Students for an Orwellian Society [studentsfororwell.org] (SOS). Because 2001 is 17 years too late.
      • > That is why some friends and I have formed the Students for an Orwellian Society [studentsfororwell.org] (SOS). Because 2001 is 17 years too late.

        Confession:
        I read this and thought it was really good satire. I have already contacted Miniluv to report my thoughtcrime, or rather, they have already contacted me ;-)

  • by weez75 (34298) on Monday October 22, 2001 @02:45PM (#2461595) Homepage
    It's pretty clear that everyone is going to scream about how horrible this is for privacy. Granted, it will be frightening in its approximation of of Orwell's Big Brother but don't overlook that this will slow internet traffic down considerably. Imagine peeking in on every packet sent! Further, to accomodate this I have a feeling the cost will be passed down to you and I--the taxpaying public. I see farms of servers collecting and storing data, offices filled with high-paid IT staff and IT forensic specialists. So, to recap: bad for privacy, slows down the net, and we'll pay for the privilege of being spied on. I'll have say this isn't in our best interest...
      • Imagine peeking in on every packet sent

      Why would you need to do that? The idea is just to route every packet through a couple of points, then you look for packets to or from a.b.c.d.

      It seems achievable (or at least sellable to a gullible legislature). The funny ha ha is that it introduces insane vulnerabilities into the 'net. Picture the effect of taking out one of these monster router farms.

    • > don't overlook that this will slow internet traffic down considerably. Imagine peeking in on every packet sent! Further, to accomodate this I have a feeling the cost will be passed down to you and I--the taxpaying public.

      Yeah, that's the other reason I prefer leaving stuff like this to spooks instead of cops, namely that if it's gotta be done, NSA's geeks can probably do it without bogging down the 'net. (I have a hunch that if by some miracle FBI does it without screwing up performance, they'll bog down the 'net on purpose just to ask for more funding next year ;-)

      Awright feebs, I've ragged on you enough for one day. I'll stop now before you knock my door down in the middle of the night.

  • by Bonker (243350) on Monday October 22, 2001 @02:45PM (#2461597)
    And make this unfeasable for real production use.

    Breaking 2048 bit DH compression on one packet or transmission is feasible, given time and a (very) powerful computer.

    If the FBI were to have to crack even 2-5% of the billions of packets that went through their system, however, it would make this system completely unworkable.

    Use PGP or GPG. Sign your messages. Let other people know that you prefer messages sent to you in encrypted formats. Surf and download from sites who use SSL. It's not that hard, and once you get in the habit of encrypting data, you'll feel safer and more secure.
    • by Rogerborg (306625) on Monday October 22, 2001 @02:53PM (#2461679) Homepage
      • If the FBI were to have to crack even 2-5% of the billions of packets

      If even 2-5% of active voters wrote to their elected representatives telling them to knock this on the head, it would get stopped and stopped hard. That might be a more achievable goal.

    • ...they won't crack them. They'll store them and if they think you're a suspect kindly ask you to stop using encrypted messaging followed by a supena (polite request) for your encryption keys.

      Mass decryption just isn't feasible and certainly not in real time so they have to try to do one of two things:

      • Prevent anybody from using strong encryption ("All e-commerce stopped for evermore today when the US senate passed the ...").
      • Find a way to force everybody to hand them their keys.
  • ... does IPv6 have built in encryption? (or at least the ability to do encryption at the IP level?)

    That could really put a dent in the ability to snoop (they still may crack it, but its going to cost a hell of a lot more processor cycles to do so).

    • Yes, but don't forget that IPSec can be used with IPv4 which we all use now. IPSec is normally used for virtual private networks, but there's no particular reason you couldn't extend it to other services. It's not so useful for any-to-any communication (it assumes PKI availability) but perhaps this will change as users get more paranoid.
  • So let them. (Score:4, Redundant)

    by Dr. Sp0ng (24354) <mspong@g[ ]l.com ['mai' in gap]> on Monday October 22, 2001 @02:48PM (#2461618) Homepage
    So what? People have had the ability to listen in on network communications since the dawn of time (well, the dawn of networking, anyway :) If you have to transmit any sensitive or private information, encrypt it [gnupg.org]! Maybe this will finally get people to get off their asses and start using PGP/GPG like they should anyway.
  • Can't wait to see how this proposal flies with other nations that might have more strigent privacy laws. We might just end up with a USNet and an Internet (that includes everyone else but us). We're doing a real good job of isolating ourselves from the rest of the world tech community with things like this and things like the DMCA.

    Hopefully this is all just talk that will get rationalized out. Then again, we are a nation in fear (don't let the red, white, and blue fool ya), and fearful people don't do rational things. How much further do we have to go before we get a big wake up call in the form of not being the #1 nation technologically?
  • Wiretapping (Score:2, Informative)

    by LazyDawg (519783)
    Even if they pick up every single packet sent over the Internet, they would have a very hard time picking up useful content.

    There are roughly a billion computers on the Internet, and each one sends out a heavy stream of packets, which contain any number of encryption and steganographic schemes.

    To actually stop would-be terrorists from using the internet to transmit thought crime or seditious materials, they would need a very very big computer that filters out various pieces of traffic. No matter how hard you try, this will increase network latency, and piss off the average user.

    If a massive, unprovoked attack on our rights to privacy, freedom of expression and thought doesn't stir the people to action, imagine Joe Sixpack when he can't view streaming porn as quickly. He'll be calling his congressman immediately.
  • Hey, FBI: FUCK YOU. (Score:2, Interesting)

    by Dirtside (91468)
    Why the fuck does the FBI think this is necessary? What in the name of Eris are they trying to accomplish with this? Who are the assholes at the FBI, the individual men, who think this is a good idea?

    When you think about the FBI wanting to tap the entire internet, think about it this way: Would you be okay with the FBI wiretapping EVERY PHONE IN THE COUNTRY without getting a warrant for each one first? Because that's essentially what they are doing.

    And they want to CENTRALIZE DATA as well! Yep, nevermind the whole idea of a distributed network (not that the backbone providers give a shit about that anyway), let's just put all the data on one server so that the FBI can easily listen in to every conversation in the country!

    What a bunch of fucking bullshit. </rant>
  • by EvilAlien (133134) on Monday October 22, 2001 @02:50PM (#2461638) Journal
    Carnivore *IS* a baby monitor. Just be glad there aren't video cameras all over the place like in London, that'll give you the Orwellian feeling you've been craving.

    It shouldn't really be that shocking that a device like Carnivor exists, is used, and has analogs in other jurisdictions as well. The Canadian RCMP have something like that. They don't have an equivalent to Echelon, but then again Canadians are passive and wouldn't dream of plotting to overturn our ineffective government. No need to spend money on that, might as well setup more social assistance programs to help "refugees" setup a few more terror cells.
  • by techmuse (160085) on Monday October 22, 2001 @02:50PM (#2461640)
    One major problem exposed by this idea is that the Internet will suddenly have a single point of failure (and slowness) where all of the packets have to go through. Do you like your Internet slow and vulnerable?
    • Distributed collection, perhaps distributed storage and forwarding of data over (possibly) private network. Collectors targeted to IPs under suspicion. All these means is more efficient data intercept orders with the sniffers already deployed. This would cost a helluva lot of money that should be spent on education or given back to the tax payers. Boxes that do this stuff aren't cheap.

      Port mirroring or silimar tactics would be used to send copies of data to the collectors. Another big question raised by this is will these collectors be accessibly on public address space? How will they be secured? When (not "will") they become targets for crackers, info-terrorists, and hostile foreign governments?
    • It's unthinkable that terrorists would dare to target such a potent symbol of US power and authority.

      No... wait... that was before September 11th.

      This proposal is vile and ahborent in moral, technical and security terms. Three for three.

  • I've been trying to, but haven't yet, made a habit of encrypting all email traffic that comes from me. It's inconvient sometimes, but probably worth it. It's a habit worth keeping, because even though government is only just starting to monitor our internet traffic (yeah right..) many corporations already can and do.


    I would also suggest organizing mock terrorist and organized crime cells. Have fun with the cops by sending logistics data back and forth between friends about assasinations, pipe bombs etc. Don't encrypt these, but make them sound serious. If they want to read our emails, then we should fuck with them.


    This kind of stuff is especially serious for activists. Increasingly in Ontario at least, activists are being painted as terrorists. The Ontario Coalition Against Poverty is being labled as a terrorist organization for its campaign to defeat the nasty provincial government. Police powers really scare me, because I organize direct action which could be construed as terrorism by authorities trying to keep dissent in check. The actions that I organize are all nonviolent, nobody ever gets hurt, nothing ever gets damaged, but my rights to dissent actively (ie. more than just letter writing) could quickly disappear in this climate.

    • I would also suggest organizing mock terrorist and organized crime cells. Have fun with the cops by sending logistics data back and forth between friends about assasinations, pipe bombs etc. Don't encrypt these, but make them sound serious. If they want to read our emails, then we should fuck with them.

      There's a word for such irresponsible pranks: "mischief." It's a crime. There are better ways to fight an invasion of privacy.
  • I don't understand the utility in doing this anymore than the libertarian opposition to it.

    I would assume that any self-respecting bad guy will be using good strong encryption to protect any sensitive data. That would make the resulting packets read like garbage until decoded, which would make sifting through the data stream very difficult indeed. So widespread, readily available encryption will make this of little use to the Feds.

    And I don't really worry about the threat of 'big brother' watching me any more than I currently worry about crackers getting at my stuff. Afterall, the measures one should take to protect yourself today (using SSH instead of telnet for example), will also protect yourself from being snooped upon by the government. So there's nothing new here.

    The big concern is the tax dollars will be wasted by the feds to put this in place.
    • I would assume that any self-respecting bad guy will be using good strong encryption to protect any sensitive data.

      No, the bad guys don't even need encryption. Read up a bit on plain old-fashioned spy craft: If Nazir orders a dozen red roses for his mother, it means "stay put". If he orders a bouquet of lillies, it means "alert the goons to kidnap Dan Rather."

      When you do the math, our national security is far more damaged by the fact that nearly everything is in the clear. If a perp cracks a system at the CDC, he could have smallpox cultures delivered to a PO box in Duluth. If he cracks a database at the DOD, he could have a million rounds of ammo air-dropped to Saddam.
      It's time for IPSEC, for safety's sake. If the FBI doesn't like it, tough shit: there's a war on.

      -jcr

  • here at our org already ... let me tell you, you will need A LOT OF STORAGE SPACE to save this stuff off

    web traffic alone we see about 500G a day, just from 250k workstations surfing and such.

    I think we're looking at 50-500TB per day, but prolly more. time to buy some hard drive stocks.
  • I highly doubt that the FBI could pull this off. First of all, the budget for something like this would be huge to say the least... Secondly, the FBI doesn't have the engineering staff to support something of this size. Your talking about putting huge clusters at all of the NAPS. Even then they won't get info that doesn't pass through that NAP. What's going to stop terrorists from using a VPN? This sounds like a major waste of money, and a flawed solution...
  • by isa-kuruption (317695) <kuruption@kuru[ ]on.net ['pti' in gap]> on Monday October 22, 2001 @02:53PM (#2461682) Homepage
    I know everyone is going to whine and complain... and I'll probably get mod'd down for trolling, but here it goes...

    I run a webserver (as a business) and have run shell servers in the past. I don't think ANY of these people who have been on the receiving end of a 2 day DDoS attack. Now, if such a system would be put into place, there would be other advantages than just searching for "key words" in text. It would most likely be a enterprise integrated intrusion detection system used to find and stop DDoS attacks and the such. If these systems could use formulas to determine a DDoS and black hole routes before it can cause thousands of dollars of damage to an ISP, then it would save LOTS of money!

    At one provider, I was received a bill of a few grand of bandwidth charges when my shell box was hit with a DDoS for several hours... image what it would cost Yahoo! and such sites in lost revenue.

    Also, the FBI isn't interested in your e-mail. Sure, it would allow them to look at it but it's no different than being able to tap your phone now. So what's the difference between tapping your phone and tapping your internet connection? Nothing. There is no difference. They'll need a wire-tapping order to do it, still.. And yes, someone will respond "but they won't need one to do this!" and you're right... they also don't need one to tap your phone, but it's illegal without it. Hence, we would be protected under the same laws as the current wiretapping law.
    • How is it different? It's extremely different! In case you didn't know, the FBI still needs a court to approve phone tapping, and it's only supposed to be done when there is reasonable suspicion that you're involved in serious crime.

      The phone eqivalent of this proposal would be that the FBI taped every phone call ever made. It's like being in permanent arrest. Everything you say can be used against you, or anyone you may talk about.

      And while it may save some people thousands, it will cost billions to do so, so it's probbaly not that great from that angle either.
  • Stop and look around at who is supporting the FBI: Democrats and Republicans.

    An obviously unconstitutional government organization, one that spends so much of our tax dollars but has done relatively little to help us (if at all).

    If this isn't a reason to vote Libertarian and only Libertarian, and shut this group down, I don't know what is.

    There is no need for an FBI. If a crime extends past state lines, there is nothing preventing the two police agencies from working together to solve it.

    • Uhh right. And you would trust The East Bumblefuck County sheriff to work with the NY state police to find someone related to the attack on the WTC? Yup... there's some good logic. We don't need law enforcement, right?

      • And when has the FBI helped? When I have a problem, I contact my lawyer, who contacts the police.

        Being policed by our government is probably the scariest idea that has ever passed through the Supreme Court's checks and balances. Its obvious that the Supreme Court doesn't do its job anymore.

        What kind of crime (I'm asking a serious question here to form my own opinion) do you think the FBI currently truly helps in where the police can't?

        • And when has the FBI helped? When I have a problem, I contact my lawyer, who contacts the police.


          And then the police determine if it's in their jurisdiction or if they need to get the FBI involved.



          Being policed by our government is probably the scariest idea that has ever passed through the Supreme Court's checks and balances. Its obvious that the Supreme Court doesn't do its job anymore.


          Without the gov't "policing" us, it would be anarchy. And how does that help anyone? Law enforcement is just that.. it ENFORCES THE LAW. WITHOUT LAW THERE IS ANARCHY. The Supreme Court does it's job just fine. We may not always like a particular decision, but nonetheless it does it's job as it's supposed to



          What kind of crime (I'm asking a serious question here to form my own opinion) do you think the FBI currently truly helps in where the police can't?


          The FBI tends to have more sofisticated testing techniques than most local police departments (those that aren't in major cities). For instance, the FBI runs programs to do research on decaying bodies and such (forensics). This research is provided to the police departments locally. The FBI also hires psychologists, medical doctors, historians, etc... they are true professionals... a lot with masters and doctorates in their fields. Sergant Joe Shmoe ain't going to be able to figure out what a FBI agent with a doctorate in chemical biology can. The FBI just has a lot of resources it can use and can request such things as tests of different stuff from the CDC and get FEMA involved if need be. No local police department can do that.



        • you would trust The East Bumblefuck County sheriff to work with the NY state police to find someone related to the attack on the WTC

        As opposed to how many found by the FBI? YES I'd rather trust locally accountable law enforcement to do this. I'd assume that they were grown ups. And I'd give them the FBI's budget.

      • Of course we need law enforcement. The question is, whether the FBI is salvageable for that purpose, in spite of the lingering megalomania they inherited from Hoover. I mean, for christ's sake: they want to wiretap everyone, all the time? FUCK THAT.

        -jcr
  • by Dolly_Llama (267016) on Monday October 22, 2001 @02:54PM (#2461686) Homepage
    After the FBI comes knocking at my door asking me why I always play T.
  • It won't be long before they install monitoring systems at KFC and Micky D's so they can find out who's ordering the same fast food as the terrorists did.

    "9 Filet-o-Fish sandwichs ordered at Drive-Thru. SWARM!! SWARM!!"
  • by rossjudson (97786) on Monday October 22, 2001 @02:55PM (#2461700) Homepage
    If you ever wanted to know why encryption and privacy are important, intersecting generic packet sniffing and the DMCA should tell you. The citizenry must retain some ability to defend itself against bad law. I suppose it's the same issue as guns -- rights granted which were originally intended to ensure that the government can't disarm and dominate the people.

    Without the ability to act private and say what we want, the corporate interests controlling the congress will enact more and more bad law, creating a behavioral minefield in our land of freedom.

    Does a citizen have a right to hold a private conversation?

    Perhaps the FBI can use its packet sniffing capability to identify pockets of resistance to the DMCA. Black helicopter forces can be dispatched to deal with said resistance.

    Or, much scarier, they just might pass additional laws that make it illegal to conspire to defeat the DMCA. The packet sniffer will detect your illegal motions, even inside the room.

  • Friends, I think we need to ressurect the store-and-forward modem-based network. Otherwise, nothing that we say will ever escape government notice again. Remember that governments change, and sometimes not for the better. Even if you trust our government today, how do you know you will trust it in the future?
  • Net Architecture (Score:3, Insightful)

    by Rocketboy (32971) on Monday October 22, 2001 @02:57PM (#2461729)
    Doesn't this seem to imply a radical change to the architecture of the net? How far has the internet gotten away from its original ability to route around damage because there weren't any single locations that all packets had to travel through in order to get to their destinations? Isn't that what the FBI wants to do -- remove that ability to bypass damage so that all packets have to go through a few choice locations they regulate? And doesn't that imply that a very few terrorist acts against these traffic monitors could bring down the entire Internet?

    Just curious...
  • All along, I've been thinking these carvnivore type systems are a total invasion of privacy and that they are un-called for, but after more thought... Are they that bad?

    It's definately an invasion of privacy and that sucks, but we should be able to trust the FBI and know that our private information isn't going to get into the wrong hands.

    I mean, what NEW information are they going to get on us? Our ISPs already know where we browse the web.

    If there were some extreme control that could be put on this sort of project I don't know that I'd be intimidated by it.

    For instance, if they had it in place everywhere but were only authorized to use it on a case by case basis after getting a warrant and having good reason, what bad could come from it?

    If they catch a bunch of terrorists or a bunch of child molesters and don't interfere with my rights, more power too them.

    I guess a lot of the slashdot crowd is worried about "hackers and crackers" being caught.

    Well, I guess I'd be a little worried about them going overboard in that area. If they catch crackers, more power to them. Keep them out of my bank account please. However, I can see them abusing this power when it came to situations where people would stand up against the DMCA, etc.

    What other real world situations prove that this truly is a bad idea?
    • we should be able to trust the FBI and know that our private information isn't going to get into the wrong hands.

      Read up on the history of Hoover's harassment of Martin Luther King, and they tell me that the FBI isn't the "wrong hands".

      Like every other scheme the FBI has pushed in this area, it is USELESS for law enforcement, but very useful for harassing dissidents.

      God damn it, we didn't spend the USSR into oblivion just so that the FBI could impose totalitarianism in the USA.

      -jcr

    • The main problem is making sure that use of such a system maintains the original intent and spirit. In any organization as large and complex as the federal government, there exists the possibility (near certainty, to be honest) that there are people who take a very "ends justify means" approach to life. There is also a chance that a subset of those people may feel that their "ends" (political advancement, financial reward, etc) are more important than the proper goals of government. And of course, there is the chance of outright corruption.

      We can be pretty sure that no one would abuse the system when it's first installed...but what about 20 years down the line? We already have piles of stories about secret FBI files made on political dissidents during the cold war...do you honestly think that none of the justifications or emotions that caused those actions will never return to the minds of people in government? I simply don't trust humanity that much.

  • Common sense tells us that unencrypted data is not secure, and encrypted data will attract attention and possibly unauthorized decryption.

    What we need to do is establish firm limits as what the gov't can do with the intercepted data. I don't know how such limitations would work, but the events of Sept. 11 make it necessary to accept more government involvement in the Internet than any of us would like. Since 99.999% of us are not terrorists, we need to establish reasonable policies on network monitoring so that the authorities can go after the bad guys without having the FBI turn into the RIAA's counterinsurgency division.
    • What we need to do is establish firm limits as what the gov't can do with the intercepted data.

      We've done better than that, we've established firm limits on how and when the government can "intercept" data in the first place.

      -jcr
  • by trb (8509)
    A user in the USA can send mail with crypto, but other ISP traffic (irc, http, nntp, etc) might get ssh tunnelled to your ISP and then end up in the clear in the USA. I suppose it would end up being more private to ssh tunnel to a foreign ISP.
  • confirmation? (Score:3, Interesting)

    by mlc (16290) on Monday October 22, 2001 @03:01PM (#2461765) Homepage
    Just wondering if anyone had seen any evidence for this other than the one InteractiveWeek article that's been floating around. Seems like *some* other media should've picked up on the story and called the FBI for comment or something.

    I can totally believe that the FBI would love to do this, given the chance. I just need a little more evidence before I am to go around saying that they *are* doing it.

  • "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized"

    So, are they going to go into court, and affirm that they need a warrant to tap the communications of 300 million people?

    James Madison had reasons for writing this the way he did, and the biggest reason was that under the power of the General Warrant, officers of the crown were abusing their power. So much so, that we had to take down our rifles and overthrow the King.

    Now, considering that the FBI still has the name of J. Edgar Hoover on their headquarters, and considering what that closet case did to Martin Luther King, I'm not too happy about giving them unlimited power to eavesdrop on our communications.

    If they actually get this, then the damage Bin Laden would have inflicted on us will be far greater than the murders of September 11.

    -jcr
  • One thing to think about is that SSL may not be secure for the purpose of stopping this type of wire-tapping.

    Normal SSL allows the server to send a hunk of bits to you. If they an get a key signed by one of the CA's that is installed in everyone's browsers, then they can fake you into believing that you are talking to the end customer.

    From the end web-sites point of view, they would never know that a man-in-the-middle style attack is in progress, since 99.999% of SSL does not use client side certs.

    As for them getting someone to sign their bogus key, a little pressure can go a long way. You might even expect to see the next Microsoft service pack to have a new CA that is a front for the "We are just looking for terrorists and anyone else who is doing something that the current regime does not approve of" folks from the FBI/CIA/NSA/...

    Time to start using GPG with long keys to protect anything you really care about, since there YOU are the CA, not the folks that we know we can trust.

    In short, SSL does not make it safe to download your k****e p0rn.
    • by dmaxwell (43234)
      I use SSL Apache to secure our troubleticket system in a public school environment. I didn't give a hang about proving I'm a trustworthy vendor. I just didn't want the kiddies sniffing my building techs and screwing up my database. I just generated a certificate. Sure the browsers put up a big scary message about the "untrustworthy" key but that is okay. I'm not collecting credit cards from my building techs, I'm just locking other parties out of some work-related http usage. The SSL version of Webmin also comes with an unsigned certificate.

      In short, unsigned SSL certs are a great way to secure http communications where money is not involved. Let's get cracking throwing that little 's' in front of http. That should give those gubmint creepazoids something to play with.
  • by Flower (31351) on Monday October 22, 2001 @03:06PM (#2461816) Homepage
    So they capture all this traffic. Now tell me how they are going to verify it, prioritize it, put it in context, act on it, etc., etc.. Oh and how will they get to use that information sans warrant.

    I can just see it now. Start sniffing on an ATM backbone and analyze those packets 48 bytes at a time. You go G-man!

    ELINT has its uses but some perspective is needed here.

  • by Knunov (158076) <eat@my.ass> on Monday October 22, 2001 @03:08PM (#2461832) Homepage
    Scene: Windowless van parked next to the sidewalk under a streetlamp. Two slightly overweight first-year FBI agents sit in the van splitting a box of Crunch-n-Munch. The air smells like two slightly overweight first-year FBI agents eating Crunch-n-Munch.

    Agent 1:"Turn on your monitor. The sniffer is receiving something."

    Agent 2 wipes the crumbs off his hands against the leg of his jeans and flicks the switch on his flatscreen.

    Agent 2:"It's coming in. It says: 'ALL...YOUR...BASE...ARE...BELONG...TO...US...' What the fuck does that mean?"

    Agent 1:"I don't know, but add it to the MOVE ZIG and FOR GREAT JUSTICE files. I think we're onto something.

    Meanwhile, down the street, a ten-year-old geek chortles and crawls under the covers.

  • Oath violations (Score:3, Interesting)

    by rossz (67331) <ogre@nospAm.geekbiker.net> on Monday October 22, 2001 @03:08PM (#2461834) Homepage Journal

    When you take a position in an elected, appointed, or law enforcement position with the government, you make a sworn oath to uphold and protect the Constitution.

    The FBI agents and elected officials supporting them who are planning on implementing this overt violation of the IV Amendment of the Constitution [cornell.edu] either:

    a. Didn't understand the oath they took. Which makes them very stupid, and are therefore unfit for their position.

    or

    b. Are knowingly violating their oath. Which makes the dishonest, and are therefore unfit for their position.

    I leave it to you to decide which one applies.

  • It's a police state. (Score:3, Interesting)

    by mindstrm (20013) on Monday October 22, 2001 @03:15PM (#2461903)
    It really is. I'm not joking.

    Law enforcement can now 'dictate' to data communication providers what types of functions their service MUST incoproate, in order to comply with the needs of law enforcement.

    How does this NOT equate to the government telling you how to run your business?

  • IANAL, but this one won't hold up in court for a number of reasons, mostly it's a violation against the 4th Amendment -illegal search and seizure of private property.

    The feds cannot tell an ISP how and where to route it's traffic. That's an illegal seizure. Never mind the privacy violations.

    I can see (but not agre with) the government getting a court order to tap someone's e-mail, web traffic, etc,. but that's an entirely different matter. It's not hijacking every citizens private communications. But a blatant spying on our citizens is a no no and has been shot down by the Congres and Supreme Court many times. It won't happen.
    • IANAL, but this one won't hold up in court for a number of reasons, mostly it's a violation against the 4th Amendment -illegal search and seizure of private property.

      Who says it will ever go to court?
  • Honeypot for Feds? (Score:3, Interesting)

    by Bonker (243350) on Monday October 22, 2001 @03:22PM (#2461972)
    It works on immature crackers, so why not apply it to the FBI as well?

    There's no real way to catalogue every packet on the internet this without some sort of computerized searching technology. They may even call it 'AI', but what it will boil down to is an application looks for suspicious strings to flag for human eyes.

    Therefore, it would be very possible to fool and overtax any kind of system like this by building a new kind of honeypot-style server.

    Some Ideas:

    Have this server connect to different IRC nodes bot style and create suspicious sounding chanels like '#BombUSA' or something similiar. Have it talk to itself Eliza style through IRC, but with terrorist keywords like 'Anthrax', 'Jihad', 'Hijack', etc... You could also substitute keywords for other kinds of illegal activity. Drugs, Pr0n, and other illegal/questionable vices all have keywords which would raise any LEO's eyebrows.

    If two servers happen to meet on a chanel like this, they can exchange POP email addresses and start sending smtp packets to eachother with the same kind of information. Maybe throw in a few uuencoded attachments of the Osama and Bert poster.

    One last thing. Have each server that does this engage in plaintext dialogue 4/5ths fo the time, and then, psuedo-random bitstreams the rest to simulate encryption. If/when they do try to crack those streams, it will use up their resources so that they can't as effectively be used against individuals who do have valid reasons to use crypto.
  • Encrypted Everything (Score:3, Interesting)

    by bwt (68845) on Monday October 22, 2001 @03:23PM (#2461977) Homepage
    I think the open source community needs to insist that everything be encrypted by default. Examples:
    • by default apache should use https instead of http
    • fork the email protocol so it *only* uses PGP/GPG and retrieves the public key of the recipient
    • telnetd and ftpd should be removed from all open source distros
    Perhaps LUG's could even offer certificate signing. I really would like to have an parallel email protocol that only allowed signed and encrypted emails.
  • Events such as Sept. 11 seem to bring to the forefront agendas which serve to transfer oversight, control, rights and responsibilities to an evermore intrusive central government. With only good intentions of course, but it's worth noting that the proposals come from the proposed recipients.

    The fact is, our government had the infamous Mr. Atta in its grasp earlier this year and broke our own existing laws to give him a free pass. See the URL below if you want more info.

    http://www.newtimesbpb.com/issues/2001-10-18/fea tu re.html/page1.html

    Granted that these people had good intentions, too, but the transfer of rights and responsibilities to govenment isn't just words. It results in actions taken by people no more prescient than you or me, but with consequences on a much grander scale.

    We all probably agree with the principle that choices should be made at the lowest level possible in a business organization, so why not apply that same wisdom to our country and society at large?

    Speaking of business, I wonder if the business forces at work trying to transfer intelligence from the nodes of the net to a more centralized architecture like the FBI proposal?
  • by Felinoid (16872) on Monday October 22, 2001 @03:41PM (#2462125) Homepage Journal
    This thing is going to track what?
    I give it a week before the packets flood the data storage and crash the spying hardware.
    I give it a day before it starts loosing data to keep up.
    I give it an hour before someone figures how to bypass it
    I give it 15 seconds before somebody finds a way to trigger a national alert that there are terrorists at a former employers location.
    I give it a month before Microsoft realises the Windows in testing is crashing due to packet moddifications by FBI due to a minnor defect in FBI software. Blame the FBI Os.. retract when they discover it's Win 2K.. and clame the problem is still there when the FBI fixes it by switching to BSD... (Thought I was gona say Linux didn't ya?)
  • by bstrahm (241685) on Monday October 22, 2001 @04:02PM (#2462204) Homepage
    of the Internet Architecture Board on enabling wiretapping
    RFC2804 [ietf.org]

    So now we have the group that defines internet standards saying that requirements to implement wiretapping should not be included in protocol design discussions. That does not mean that the FBI couldn't put a BIG HONKING device in a couple of places on the internet and globally adjust all routing tables so that packets went to it... but then there is something about too much information hidding the data

Never tell people how to do things. Tell them WHAT to do and they will surprise you with their ingenuity. -- Gen. George S. Patton, Jr.

Working...