Forgot your password?
typodupeerror
Privacy The Internet Hardware Your Rights Online

More on Cisco Building Surveillance into Routers 469

Posted by michael
from the route-around-this dept.
An anonymous reader writes "The company recently published a proposal that describes how it plans to embed 'lawful interception' capability into its products. Among the highlights: Eavesdropping 'must be undetectable,' and multiple police agencies conducting simultaneous wiretaps must not learn of one another. If an Internet provider uses encryption to preserve its customers' privacy and has access to the encryption keys, it must turn over the intercepted communications to police in a descrambled form." See our earlier story and the RFC for background.
This discussion has been archived. No new comments can be posted.

More on Cisco Building Surveillance into Routers

Comments Filter:
  • by Anonymous Coward on Tuesday April 22, 2003 @02:13PM (#5783291)
    will they implement the evil bit?
  • Big brother (Score:5, Insightful)

    by blate (532322) on Tuesday April 22, 2003 @02:14PM (#5783293)
    Looks like just another opportunity to have our rights violated. I'm sure the Department of Homeland Insecurity is thrilled about this. Is this what Cisco means by "Empowering the Internet Generation"?
    • by forged (206127) on Tuesday April 22, 2003 @02:48PM (#5783601) Homepage Journal
      They are just responding to their customer's requests. The US Government happens to be one of them.

      From the article:

      Still, if you don't like Cisco's decision, remember that they're not the ones doing the snooping. Cisco is responding to its customers' requests, and if they don't, other hardware vendors will. Cisco's Internet draft may be titled "lawful interception," but there's no guarantee that the capability will always be used legally. If you're looking for someone to blame, consider Attorney General John Ashcroft, who asked for and received sweeping surveillance powers in the USA Patriot Act, along with your elected representatives in Congress, who gave those powers to him with virtually no debate.

      (emphasis mine)

      • by e40 (448424) on Tuesday April 22, 2003 @06:17PM (#5785474) Journal
        Whatever you think of Cisco, it doesn't matter. If it was illegal to do this, they wouldn't. Fact is, Asscroft made it legal (by proposing to and pushing it through Congress).

        Oh, and 49.9999% of you assholes (that voted) voted for Bush. It's your fault too.

        How many of you will sit by and watch Patriot II get passed into Law?
    • Re:Big brother (Score:5, Insightful)

      by aphor (99965) on Tuesday April 22, 2003 @03:25PM (#5783931) Journal

      Buy your cheap $100 or so crypto accelerator [powercrypt.com] now, and learn how to use that OpenSSL CA.sh or CA.pl script [openssl.org]. When you need it, set up TRANSPORT MODE IPSec ESP with isakmpd or PGPNet [uni-erlangen.de] or racoon [kame.net].

      Use PGP/GPG. I might be persuaded to help you. Whine, whine, whine, gets you NOWHERE. Roll up your sleeves and get to work or get comfortable like a victim. It's your choice.

      The only defense we have is to claim that they cannot require us to communicate in plaintext without violating the first, third, or fifth amendments in the Bill of Rights.

      If you're not an American, pass it on: get all your friends to pick up a gun and don't put them down until you get your own Bill of Rights. If you're a pacifist, sit down and don't get up until you get one. Feel free to copy the American version.

      Look at the XBone [isi.edu], and think about the possibilities! Don't pay your ISP to snoop on you. If there was snooping, there should ALWAYS be an audit trail to track WHO SNOOPED WHAT, after the fact, so that there is accountability for the violation of basic right to privacy WHICH IS THE HIGHEST LAW (IMnsHO).

      • Re:Big brother (Score:3, Informative)

        by Tim Doran (910)
        If you're not an American, pass it on: get all your friends to pick up a gun and don't put them down until you get your own Bill of Rights.

        *uncomfortable cough*

        I'm not American, but I don't need to pick up a gun... Canada has had a Charter of Rights and Freedoms [laurentia.com] for many years.

        The US deserves a *ton* of respect for its pioneering work in this area... but much of the developed world has caught up or [idg.net] arguably [epic.org] surpassed [educause.edu] it [epic.org].
  • by mrjive (169376) on Tuesday April 22, 2003 @02:14PM (#5783299) Homepage Journal
    If you encrypt everything yourself, there's not much they can do about it, now is there?
    • by Nightlight3 (248096) on Tuesday April 22, 2003 @02:27PM (#5783420)
      Well, no, expect to put you on the list of those who have something to hide.
    • The real question is when will encryption become a Bad Thing in the eyes of the general public?
      When will using any sort of encryption however trivial in form or use cause a knock at your door?
    • This is as good a reason as any to always provide your own edge equipment and edge equipment management.

    • by dr_dank (472072) on Tuesday April 22, 2003 @02:53PM (#5783639) Homepage Journal
      I wouldn't be so sure [shmoo.com].

      That is a post to a Cypherpunks mailing list concerning a hypothetical device to crack the 1024 bit keys that are so widely used in ssh and the like. The "machine" would cost between several hundred million to a billion dollars and require a megawatt or so of power, but would make cracking those types of keys childs play.

      Considering that spy agencies could spend up to 2 billion USD on satellites, they would be crazy to pass something like this up.

      Food for thought...
    • by goombah99 (560566) on Tuesday April 22, 2003 @02:57PM (#5783669)
      We've lived for centuries with unencrypted postal mail, and over a century with unencrypted phone messages, and a century with unencrypted radio communication.

      Thus its not like itsa new form of intrusion or the ersoion of a sacred right. Moreover we have an extensive legal system that already know how to walk an acceptable line between preserving public order and unlawful searches and seizures. yes there are flagrant abuses of course, but the basic level of public expectaion and legal machinery is inplace to deal with this

      Thus the real question is if the ascroft era people will try to use this as an end-run around the existing legal machinery. I paraphrase a former missouri senator who said (about carnavor-like intrusion) "I dont put a phone jack on the outside of my house so the feds can listen in when they please, so I dont want a jack on my internet connection for the same purpose". Ironically that senator was the John ascroft before he lost hisz relection bid to a dead man and became the worst attourney general ever including edwin meese. Now he chafes at these restrictions and does indeed want such a jack and the pre-emptive authority to use it without a court order, probable cause, or a defined list of evidence to be gathered.

      Thus I welcome the cisco method since it formalizes what is now a covert and thus unmonitored process. thus this may bring the light of public scrutiniy and invite the invocation of past legal precedent.

  • Sigh. (Score:5, Insightful)

    by Pirogoeth (662083) <mailbox@ik r u g .com> on Tuesday April 22, 2003 @02:15PM (#5783301) Homepage Journal

    As it says though, don't blame Cisco. If they didn't do it, sure as shootin' someone else would. Blame Ashcroft. Hopefully Cisco will find a way to build auditing tools into this to help promote responsible use.

    • Re:Sigh. (Score:3, Interesting)

      by binaryDigit (557647)
      Hopefully Cisco will find a way to build auditing tools into this to help promote responsible use.

      Actually I would think that the bigger hope is that the laws that are designed to prevent abuse of this type of tapping hold up. From a technical point of view, you absolutely don't want an "easy" way to do auditing. Again, looking at it from the standpoint of the "users" of this tapping ability, you want complete anonymity (i.e. you don't even want some curious sys admin to peek and see how many, if any,
    • No (Score:5, Informative)

      by sulli (195030) on Tuesday April 22, 2003 @02:22PM (#5783373) Journal
      You should absolutely Blame Cisco! [slashdot.org]
    • Re:Sigh. (Score:3, Interesting)

      If they didn't do it, sure as shootin' someone else would.

      That's a terrible excuse. There is a huge difference if (one of) the world's largest maker of networking hardware implements traffic content surveillance, or if some miniscule manufacturer on Iceland does it.

      I blame them, they shouldn't get their hands in this jar.
    • Re:Sigh. (Score:5, Interesting)

      by fobbman (131816) on Tuesday April 22, 2003 @02:35PM (#5783496) Homepage
      I don't believe that the "if I didn't steal your car, someone else surely would have" statement would make me stealing your car acceptable.

    • Re:Sigh. (Score:3, Insightful)

      by 4of12 (97621)

      As much as John Ashcroft deserves round condemnation for his leading the charge to trample fourth amendment rights, I don't think he's necessarily to blame here.

      IIRC, law enforcement has for years, if not decades, worked with telephone carriers so that wiretapping was a technical possibility that could be exercised when it was needed during the course of an ongoing criminal investigation.

      That was back in the old days when a court order was necessary to establish that kind of eavesdropping. Now, of course

  • by supabeast! (84658) on Tuesday April 22, 2003 @02:15PM (#5783309)
    Is it just me, or is this another great reason to buy cheaper, better network equipment from someone else? If I were running Cisco, I would be a little more concerned with the market share being sucked up by newer companies than with adding the cost of undetectable snooping to the product line.

    Now I certainly feel justified in moving my company off of Cisco's overpriced products.
    • Is it just me, or is this another great reason to buy cheaper, better network equipment from someone else?

      Uh, like who? Who else makes equipment as dependable, and most especially, has the most kick-ass support I've ever come across.

      True story:

      I once had a router go out on me, a little 1600. Being clueless (well, mostly harmless as Mr. Adams would say) about em, I could telnet it and see that the flash memory had gone bad. I was freaked and has no idea how to fix it. As a last resort I called up Cisco,

  • ...with these kinds of emerging technologies coming into service that the last frontier of protected communciations is telepathy, and since the last time I checked this wasn't a very prominent form of communication, it's safe to assume that every last single thing we say or do anywhere is monitored/recorded. :(

    Bummer...
  • If an Internet provider uses encryption to preserve its customers' privacy and has access to the encryption keys, it must turn over the intercepted communications to police in a descrambled form.

    Like I'd ever hand over my encryption keys to my ISP.

    • So what happens when you find yourself living in a Super-DMCA state, and you have no choice?
    • by Joshuah (82679) on Tuesday April 22, 2003 @02:48PM (#5783604)
      No need to worry about this. I've had people on AOL for years asking me to verify my password and I always give it to them. I've even had to verify my credit card numbers and addresses with AOL Reps over Aol Instant Messenger. Boy, those guys are such nice and helpful people. Im glad their billing glitches didnt erase my account :)

      Yeah, i did have a lot of porn and various expensise gifts on my credit card, but i dont think that has anything to do with it.
  • Thank you slashdot! (Score:4, Interesting)

    by Joshuah (82679) on Tuesday April 22, 2003 @02:17PM (#5783323)
    If this is true, and Cisco does go forward with this, I will be sure not to buy anything Cisco. I will have to look for other devices to preform what is needed. Yeah, Cisco wont hurt by me not buying them, but if the word spreads, and people boycott Cisco for doing this, im sure they will change their mind unless Big Brother is giving them funds/tax breaks/whatever to get them to do this.
  • by shrikel (535309) <hlagfarj AT gmail DOT com> on Tuesday April 22, 2003 @02:18PM (#5783330)
    Eavesdropping 'must be undetectable,' and multiple police agencies conducting simultaneous wiretaps must not learn of one another.

    So what happens when a black hat gets in?

    Answer: a completely open router that acts like none of his packets have the "evil bit" set.

    Really, this is starting to worry me. If it's all undetectable, and is built in, how is this different from the telescreens in 1984? Big Brother is reading your packets!

    • There is no "backdoor." The mediation device has control of the TAP MIB, that's all. This is just a normal SNMPv3 USM user with normal SNMPv3 keys. If those keys get hacked, you have a hell of a lot more problems than revealing the subject of taps.

      The undetectability requirement is that the subject of a tap not be able to know they are being tapped. Also: there is a requirement that only authorized personnel be capable of seeing tap information, and not just any random NOC monkey. All of this is completely
    • by TarPitt (217247) on Tuesday April 22, 2003 @02:48PM (#5783606)
      Black hats do get in...

      A story (I believe) in "California Lawyer" from maybe 3 years ago noted that Kevin Poulsen, while phreaking, had managed to discover phone taps planted by the US Government in various foreign embassies, including South Africa. A condition of his release was that he was forbidden to discuss the details.

      • It is already possibly for anyone to remotely eavesdrop on regular phone lines using a technology built-in by the phone company. And, it's really fscking easy to use. You just dial the number, enter a short code (usually 5 digits), and enter the number you want to listen to (usually limited to a given prefix).

        The "phreak" term for it is RemObS (short for Remote Observation System). These things really exist, contrary to many folks' opinion.
  • by phrawzty (94423) on Tuesday April 22, 2003 @02:18PM (#5783331) Journal
    I guess i can understand why Cisco is opting to build these types of technologies into their equipment, given the current U.S. political climate. But what about all the other nations of the planet that aren't reverting to McCarthy'ism? Will Cisco still be exporting non-backdoor-compliant hardware as well?
  • by xtal (49134) on Tuesday April 22, 2003 @02:18PM (#5783332)
    This doesn't seem to be that big a deal to me. If you're passing large amounts of data around that would attract the attention of people who could get a lawful intercept warrant, then I would assume you are smart enough to use SSH, IPSec, or some other similar secure communications technology that renders the capability of this system useless. I smell an attempt to get a law mandating that ISPs upgrade to this equipment, meaning they'll have to replace all their existing non-conforming equipment by some date. I imagine the post-dot-com networking market is taking a hurting now.

    "They" can already get IP logs and such that reveal a lot even without access to the information contained in the packets. Traffic analysis is a very powerful tool. The only people who would really stand a lot to lose from this would be the music and/or warez traders. Warez isn't that big a deal, and music copying isn't a big criminal deal here in Canada.

    *shrug* Another cash grab. Hope someone 0wns the system good and makes Cisco look stupid. Oh, wait, DMCA. Nevermind.
    • SSH & IPSec = no match to government security equipment...

      Do you REALLY think they don't have something to decipher all encrypted traffic?
    • by Speare (84249) on Tuesday April 22, 2003 @03:22PM (#5783900) Homepage Journal

      If you're passing large amounts of data around that would attract the attention of people who could get a lawful intercept warrant, then I would assume you are smart enough to ...

      If you read "Fahrenheit 451" and "This Perfect Day" at the library in the same month, you get your Subversive++ mark in some Fed profile, but you can't find out about it. That's used as justification to a rubber-stamp Justice-R-Us clerk to get a crypto wiretap.

      You order a copy of "Linux Exposed!" from Amazon. Hacker++.

      You have to fly to an ailing grandmother who had a stroke. You don't know how long you'll be there, so you make it one way. Terrorist++.

      You browse a MILF site and there's an image of someone who ain't a MILF. Paedo++.

      You get your regular results back from the community clinic. They note some kidney anomalies. AIDS++.

      Now, none of these conclusions are justified from the evidence, but they are just "mining." Sure, they'll do proper analysis later. Sure, you'll look like a normal rightful citizen when they trot out all this data in court (or worse, a secret grand jury).

      If you don't know what they're seeing about you, how can you possibly guess what conclusions to which they're jumping?

  • Other countries. (Score:2, Interesting)

    by incom (570967)
    How will they be protected from american surveillance? Buy nortel or some other such brand?
  • by sphealey (2855) on Tuesday April 22, 2003 @02:18PM (#5783339)
    Lawmeme is also covering this story [yale.edu].

    sPh

  • by Lumpy (12016) on Tuesday April 22, 2003 @02:19PM (#5783345) Homepage
    or the very stupid evildo-er.

    If I simply send everything encrypted AND send lots of fake packets... I.E. random sized files that consist of the contents of /dev/random to all my comrades they will never EVER figure it out.

    It's called hiding in a sea of garbage. Now write a nice small program that is a P2P sharing app (or a plug-in for one) that sends around some of those random files to other users (small ones 1-100K in size then keep your files in that size range)

    Screw with them as they screw with you.

    so a freenet node will completely hose this "eavesdropping system"
  • by frenztech (302220) <slashdotNO@SPAMfrenzy.org> on Tuesday April 22, 2003 @02:20PM (#5783355) Homepage
    "multiple police agencies conducting simultaneous wiretaps must not learn of one another" -- If the police cannot determine if a wiretap is running on the router, then what is to stop a malicious party from running one there without administrative knowledge?
  • encryption (Score:5, Interesting)

    by JDizzy (85499) on Tuesday April 22, 2003 @02:21PM (#5783365) Homepage Journal
    What is the point of encryption if you have to give up the keys. I say its up the the spooks to have the capabilities to crack my encryption rather than force me to hand over the keys. Even then, I'd only hand over the keys in encrypted form, still forcing them to use their supper computers. Serriously, encryption is a black and white area... some grey, but mostly either a situation where you use it, or don't... </rant>
    • Even then, I'd only hand over the keys in encrypted form, still forcing them to use their supper computers

      You can do better than that! Encrypt the encrypted keyring, ROT-13 it, and hand it over on shuffled, waterlogged punch cards.

      That will force them to use their dinner, lunch, and midnight snack computers, as well!

  • It's a 2-Sided Coin (Score:5, Interesting)

    by serutan (259622) <(moc.nozakeeg) (ta) (guodpoons)> on Tuesday April 22, 2003 @02:21PM (#5783367) Homepage
    McCullagh makes an excellent point that US government agencies have a history of illegal surveillance. If protecting the public justifies building in eavesdropping capability, then it equally justifies building in accountability. Terrorists and civilian criminals aren't the only menaces to the public. Surveillance activity should be logged and sent to secure storage which can be accessed through well-defined legal channels.
  • by Anonymous Coward on Tuesday April 22, 2003 @02:22PM (#5783384)
    Pine, a Dutch company already created such software [lawfulinterception.com].
  • by mark-t (151149) <markt@ l y n x.bc.ca> on Tuesday April 22, 2003 @02:24PM (#5783393) Journal
    Since eavesdropping on quantum encrypted transmissions is always detectable.
  • by bigberk (547360) <bigberk@users.pc9.org> on Tuesday April 22, 2003 @02:24PM (#5783400)
    If they do start to implement such eavesdropping facilities, I imagine that a lot of people might switch to routers powered by open source (such as Linux, BSD) so they can really know what's under the hood. Remember that a low end Pentium running Linux can easily route 10/100 Mbps.

    That being said, Cisco knows that companies that used to buy from them will still probably buy from them. So this can't be a huge risk to their company. But the 'new features' would firmly embed government eavesdropping facilities in major ISPs, banks, large companies, schools, universities, etc.
  • DPUG Protocol (Score:2, Interesting)

    by jkindoll (114886)
    In case you haven't picked it up from the article, the designation for this new protocol is DPUG..Double Plus UnGood.
  • by nurb432 (527695) on Tuesday April 22, 2003 @02:29PM (#5783440) Homepage Journal
    If you don't like the ramifications of using a Cisco product, then don't buy one. ( i know i wont purchase another )

    Then, tell them why you wont buy their product and choose a competitor that hasn't vowed to violate their users privacy rights.
  • phones (Score:5, Informative)

    by ih8apple (607271) on Tuesday April 22, 2003 @02:31PM (#5783458)
    The only thing that surprises me is that they have been so slow to implement it. The government already has the equivalent of this for phone tapping:

    Virtually all phone calls (cellular and land line) in America run through certain switches controlled by Verint [verintsystems.com] and they are always used by law enforcement for wiretapping (and are constantly accused of abusing their authority). (Google [google.com] for Comverse, the company's name before the recent change to Verint.)
  • by MoeMoe (659154) on Tuesday April 22, 2003 @02:32PM (#5783467)
    'and multiple police agencies conducting simultaneous wiretaps must not learn of one another'

    Because if they did then all they would do all day is send data to each other through the router about what doughnut, gun, and police force is best...

    The funny thing is... I'm an army reserve and Auxiliary Police Officer which means I can make fun of myself!
  • So, the cops can packet sniff. Really, they could do that before, all this does is provide a better mechanism to do so. If we are talking about privacy, hardware is not the issue, the current laws are. If packet sniffing requires a courts approval, what does it matter if it is implemented in the hardware or not?

    I guess, to me, this really isn't a huge deal, just an easier way for the cops to do their job.
  • All hail encryption. All the more reason to encrypt everything.

    Time to setup white list mail servers that only accept email from other white list mail servers where the keys have been shared via offline media.

    These servers will interconnect via PPP over SSH connections (the keys will also be shared offline)

    The filesystems on these machines will be encrypted also using keys stored on easy (and quickly) destroyable media (such as meltable USB memory sticks)

    Just ideas...
  • maybe you all don't or have not done telephone work but this is the case (built in eavesdropping) in every telephone switch. Most office PBXes have it too.

    So please get your heads out of the collective sand and realize that if your voice, VOIP or data traffic leaves your facilities its going to be picked up if someone wants to see it. So this is not new, nor is it news nor is it any different than what we already have in place.

  • I think the real motivation for the undetecatblilty by other snoopers clause is for this reason: if you were doing something illegal, and it were possible to detect a tap if you were also tapping, then it would make sense to tap your own connection, and you could determine if anyone else (the feds / police) were doing so
  • So go with Sun or Linux for networking gear. IMNSHO Solaris [sun.com] and IPFilter [anu.edu.au] makes the best firewall anyway. Linux has good support in other areas such as 802.1Q spanning tree bridging and other neat tidbits. If the technology is open there is no where to hide.
  • I can't think of a single decent managed switch that doesn't come with a spanning port. This isn't any different in practice--it's just a system that allows for particular LE situations to be handled correctly. And for christs' sake, what's wrong with a lawful warrant? They even have those in fucking Canada and France, so why does "lawful intercept" immediately turn into "Evil American Facism"?

    Did it ever occur to any of the bitchers and moaners here that when the FBI or the cops need to intercept netwo
    • by Dyolf Knip (165446) on Tuesday April 22, 2003 @03:27PM (#5783949) Homepage
      PATRIOT 2 Act would allow for wiretapping without a warrant. Britain already has laws that require you to give up encyption passwords on demand and you just know Bush and Co. will want to 'harmonize' with them. Given the complete technical ineptitude the cops and the FBI have demonstrated in the past, why on earth should we trust them to do whatever they want, whenever they want to, without permission or accountability? Do you want to have citizenship revoked and be summarily deported (also a PATRIOT 2 power) because you pinged whitehouse.gov and some first-year moronic agent tapping your line mistook it for a DOS attack?

      This government of ours is acquiring ridiculous amounts of power and the freedom to do anything they want with it. This is simply unacceptable.

      Real people, who sometimes commit very real crimes, use it, too

      Fine. If that is the case, the cops can go get a fucking warrant and actually perform some effort finding evidence. Forcing people to help the feds hoover up potentially incriminating data about _everyone_ is insane. Absolutely nobody would think it a good idea to put master-key capability into locks or bank vaults that only our Beloved Leaders could use. This sort of all-pervasive surveillance combined with the sheer stupidity of current tech laws is a very, very bad combination. The laws cannot be accurately or totally enforced, so they'll be used only for political or corporate pissing matches like the DMCA has been.

  • performance (Score:3, Interesting)

    by hpavc (129350) on Tuesday April 22, 2003 @02:58PM (#5783678)
    i am curious what the performance of a router is going to look like with two agencies peering into it.

    on the face of it this is going to look like a provider outage i am thinking. since its completely 'transparent' even with multiple big brothers or any blakc hat people that might have jumped on the router as well i am thinking.

    if nothing is going to show up in the interface statistics and nothing in the cpu is going to account for the activity. but when you look at your csu/dsu (or equivlent) you will see the activity.

    maybe the best way to deal with this is to forget using the real traffic, but rather use the rfc that they propose for actual communication since its invisible to the other peers. sounds like a stealth vpn to me of sorts.
  • by Deagol (323173) on Tuesday April 22, 2003 @03:16PM (#5783852) Homepage
    or muscled into compliance by special interests, what's the current status of various VPN and/or IPSEC open source implementations for Linux/UNIX?

    I'd love to create some crypto traffic between my home box and work machine (besides the normal SSH, of course). The more white noise packets floating around out there, the better. TCP/IP spook fodder, if you will.

    Better yet, is there an encrypted, routed "internet" I can plug into at will when I'm online, just to obfuscate my traffic a bit? Or is that what Freenet is about?

  • by ggwood (70369) on Tuesday April 22, 2003 @03:35PM (#5784015) Homepage Journal
    Quote from Fred Baker, "There are two sides. One is that Cisco as a company needs to let its customers abide by the law. The other is the moral and ethical issues. There are two very separate questions."

    First of all, this makes it sound like there was a law passed which specifies all routers must have this kind of capability. I sure have not heard about that.

    It sounds like currently an ISP can be subpoenaed to find out what a particular person is sending. Currently, the ISP seems to provide complete logs and allows law enforcement to sort through it. This just sounds like bad practice of law. If we lived in John-Ashcroft's-wet-dream-land where every packet has a personal ID number on it which could not be forged or faked, sure you could ask for what a person sends. This is so far from the case that it is a joke. Even if I only use one computer and it has one IP address, what if someone else uses it? Even if the email has a name on it, what if it was forged? It would be laughably easy to plant evidence on, say, a business rival. Bottom line: computer are not very secure, in general. (Side note: sure, your computer may be very secure but visit, say, a law office. You may be surprised - even by very large law offices with nice wood panneling and mugs with the partner's names on them.)

    If subpoenaed for John Q. Terrorist's internet activity, knowing what we know, we cannot hand anything over with a clean consience. If, on the other hand, all of IP address 64.22.xx.xx is subpoenaed, sure, we have to hand it over but we cannot say who did what with any great certainty.

    Lastly, Mr. Baker seems to indicate providing a product is separate from morality. This is a very disjointed view of work - almost on the verge of: "what I do at work should be totally separate from morality." This is quite frightening. Perhaps this is too strong. He is clearly saying if the company follows the law, this is completely separate from morality. Again, this should be frightening: if you follow the law, morality is not at issue? The most obvious reaction is that if the law is wrong, in America, you have a responsibility to not follow it. Being part of a corporation does not absolve you of your duties as a citizen.

    In my opinion, the workplace is where people are least moral (in my experience) and thus it is exactly where people need to be thinking of morality the most - certainly not separating it and arguing "we are just following the law".
  • Transcript (Score:3, Funny)

    by saqmaster (522261) <stu.hotmail@com> on Tuesday April 22, 2003 @04:11PM (#5784368) Homepage
    Like this?

    Line 1: Sssh, I can hear something.

    Line 2: Hey bob, we got something.

    Line 1: It's them!

    Line 2: They can hear us!! Quick, drop the hardline.

    Line 1: They've gone, call downtown!

    Downtown: Oops sorry, we forgot to update the IOS.

    nb: laugh

Vitamin C deficiency is apauling.

Working...