FBI Complains About Wiretapping Difficulties Due To Web Services 228
c0lo writes with news that the Federal Bureau of Investigation is lamenting the difficulty in executing wiretaps because of "web-based e-mail, social-networking and peer-to-peer services."
"President Barack Obama's administration is debating ways to deal with Web-based services not covered by traditional wiretap laws, including incentives for companies to build in surveillance capabilities, said Valerie Caproni, general counsel at the FBI. Many Internet services are not covered by the Communications Assistance for Law Enforcement Act (CALEA), which requires traditional telecom carriers to allow law enforcement agencies real-time access to communications after a court has issued a wiretap order, she told members of a subcommittee of the US House of Representatives Judiciary Committee. But Caproni told lawmakers she was not asking for expanded CALEA powers. And she stopped short of calling for rules requiring Web-based communication providers to build in so-called back doors allowing law enforcement access to their software, although she said she's optimistic the US government can find incentives for companies to 'have intercept solutions engineered into their systems.'"
in the UK the cameras can see in to alot of homes (Score:4, Informative)
in the UK the cameras can see in to alot of homes and apartments.
its because of fed.gov I run my own mail server (Score:4, Informative)
When the fascists at the NSA and FBI started their massive domestic spying program (Echelon, Carnivore, etc), I decided to make their lives harder and run my own mail server. While they can still snoop on the big boys (yahoo, aol, msn, etc), at least email from my end is safe, and if I send emails to non US based mail servers over SSL, theres at least some chance the fascists cant read the traffic.
Freedom Box. (Score:4, Informative)
http://wiki.debian.org/FreedomBox
Inspired by Eben Moglen's vision of a small, cheap and simple computer that serves freedom in the home. We are building a Debian based platform for distributed applications.
Freedom Box is about:
* privacy
* control
* ease of use
* dehierarchicalization
Vision Statement
We live in a world where our use of the network is mediated by organizations that often do not have our best interests at heart. By building software that does not rely on a central service, we can regain control and privacy. By keeping our data in our homes, we gain useful legal protections over it. By giving back power to the users over their networks and machines, we are returning the Internet to its intended peer-to-peer architecture.
In order to bring about the new network order, it is paramount that it is easy to convert to it. The hardware it runs on must be cheap. The software it runs on must be easy to install and administrate by anybody. It must be easy to transition from existing services.
Re:What about encrypted communications? (Score:4, Informative)
Skype has been on the Infandous Imperial Elite's "Must-Crack" list for a couple of years now. German Intelligence tried first and soon gave up. Then the DoD's DARPA publicly offered a US$50K reward to the black-hatter - *any* black-hatter - who could ably provide *any* Man-In-The-Middle (MitM) solution at all, sans physical access to the box in question.
See http://theregister.co.uk for chronology and related details; just search the site for "Skype" and there you are. Seems Dynamic Key Encryption, when executed on-the-fly in realtime, is one tough nut to crack hands-off. As for Skype Corporation ever being Judicially Forced to backdoor the product:
1) If it were so ordered, well there goes Skype Inc's entire business model. I reckon the matter'd be tied up in court for a while afore any breach i' th' hull ever be allowed, Cap'n. ;)
2) Trust our own homegrown Practical Privacy Providers to come out with a block-um-out add-on widgit right quick anyway, if ever 1) above be implemented. (It's only 65536 ports and there is little likelihood of hardship-in-identification, methinks.)
On reflection, this rises to mind: A really healthy resistance effort, once sparked and fueled by such intrusion attempts as this hypothetical instance, just might simultaneously stop the tap-stream, spoof the outbound IP addy *and* spue forth a fine smelly-brown stream of plaintext keywords of the "Spook-bait" persuasion. (Virginia Langley knows the vocabulary very well, of course.) Indeed: As the Imperial Criminal USAn Police Globalization State attempts each additional intrusive advance in its greedily tyrannical drive to Control Just Everything, more and more able and goodhearted Sovereign Forced-Underclass Citizens the world around shall surely take up the Rallying Cry from Heaven: "DON'T TOUCH MY JUNK!!!!"
Sorted! I'll get me coat now. And that is all! 0{:-)o
Re:The Backdoor Exists Already. (Score:5, Informative)
No one checks to see if the cert is actually the one that the domain normally uses...
I do! Via Perspectives [cmu.edu]. I've very, very rarely had it alert me to anything, but it could be extremely useful the one time it does.
Re:we should make it easier for them (Score:5, Informative)
I think there are good arguments for giving them the power,
Such as? Despite what the media may try to represent, in real life there are few cases of "evil" people walking free because of legal protections when compared to the many people who have their constitutional rights abused because of this power. The right to expression is also followed by a right to secrecy just as the right to vote is followed by a right to secret ballot. Imagine how less free elections would be if everyone would know who and what you voted for (as ordinary citizens in elections, not as members of congress voting on bills). Just as the right to vote comes the right to be anonymous about what you vote for, so should the right to have secure and secret communication. Of course, just like you can tell everyone who you voted for, so can others hear, listen or read what you communicate, but the right to be anonymous (if one chooses) is needed to ensure a free society.
Re:its because of fed.gov I run my own mail server (Score:5, Informative)
You are aware that your emails are sent in plain text unless you only send email to people whose servers support an encrypted connection? Most do not.
STARTTLS has been around for awhile now. Are you sure that "most" servers don't support it?
A lot of larger financial institutions are even beginning to require other companies they do business with to enforce TLS encryption when communicating with them (so, for example, if you do business with JP Morgan/Chase, they want you to configure your outgoing SMTP server to refuse to deliver mail to JPMC's servers if a TLS connection fails, bouncing the message to the sender instead of falling back to plain text).
Re:A few reasons (Score:5, Informative)
referring to last week's news:
the DoJ pushed for a few dozen domain seizures just last week for some lame IP offense... and took out 84,000 honest folks along with them redirecting the sites to scary "under investigations" pages. Sorry we scarred your customers for life... move along.
Re:What about encrypted communications? (Score:4, Informative)
Encryptions is ubiquitous today, you just have to:
1. Log onto your bank's website.
2. Use Gmail with default settings.
3. Order anything online.
4. Use a VPN (many, many company laptops are configured with VPNs)
5. Use SMTP-TLS or POP-TLS.
etc.