Slashdot Log In
US Policy Would Allow Government Access to Any Email
Posted by
ScuttleMonkey
on Mon Jan 14, 2008 05:27 PM
from the what's-the-date-again dept.
from the what's-the-date-again dept.
An anonymous reader writes "National Intelligence Director Mike McConnell is currently helping to draft a new Cyber-Security Policy that could make the debate over warrantless wiretaps seem like a petty squabble. The new policy would allow the government to access to the content of any email, file transfer, or web search."
Related Stories
Firehose:US plan allows government access to any email by Anonymous Coward
This discussion has been archived.
No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Full
Abbreviated
Hidden
Loading ... Please wait.

Really? (Score:5, Insightful)
Not that I support this, but I sure as hell don't intend to make it easy for people to invade my privacy when I'm not doing anything illegal.
Re:Really? (Score:5, Interesting)
Re:Really? (Score:5, Insightful)
Re:Really? (Score:5, Insightful)
So, how exactly is revealing a password any more incriminating than say, allowing police into your home -which is "standard practice"?
-Don't tell us that you killed her -which would be incriminating, just tell us your password -which is something absolutly neutral.
Re:Really? (Score:5, Funny)
Re:Really? (Score:5, Insightful)
Still, as long as the constitution holds out, they can ask you your password and you can plead the fifth.
Re:Really? (Score:4, Insightful)
C'mon. You should know by now that the constitution went belly up back in 1798 [wikipedia.org]. Well, the bill of rights anyway. The parliamentary stuff in the main body is still holding up.
Re:Really? (Score:5, Informative)
No, it doesn't. See sneak and peek [uga.edu] warrants.
You can try encrypting all of your files but if they can gain physical access to the machine(s) in question without you knowing about it then it's a simple matter to install a keylogging device and obtain any passwords needed to decrypt your data.
Re:Really? (Score:5, Insightful)
I don't feel comfortable taking such a narrow interpretation of the bill of rights that only things that are literally and directly incriminating are protected.
Sadly, it doesn't matter what you feel comfortable with. It's what a judge feels comfortable with. And lately they seem to be quite comfortable with broad, in some cases overreaching IMHO, interpretations of the bill of rights.
Or You Could Go With the Reagan/Bush/Rove/Cheney (Score:5, Funny)
"I don't recall"
Re:Really? (Score:5, Insightful)
Want to try to deny you disagree against government policy, or that you wont vote to keep them in power, or that you don't 100% agree with a corporation that supports the current government and your life and the future of your family will be systemically targeted. Unless you publicly support them and their chosen evangelical religion of power and control, you will become the enemy, and will be accused and judged by the 21st century Internet inquisition and potentially targeted for harsh interogation techniques.
Don't fit their current preferred 'mold' of what they define to be a good, white, evangelical, american and honestly how well will you and your family fare under the 21st century Internet inquisition. Conspire to be free and believe in democracy and justice and you will learn how easily conspiracy laws can be abused.
Re:Really? (Score:5, Interesting)
No sources (Score:5, Insightful)
Has anybody actually SEEN the draft so that we can comment on it intelligently without relying on "I think the US government is bad, so I'm going to assume they're doing horrible things"? The PDF link in the Rawstory unsigned editorial doesn't work, so it's awfully hard to evaluate their claims. The homepage of Rawstory makes their bias pretty clear, so I'm inclined to not just take their word.
Re:No sources (Score:4, Informative)
Has anybody actually SEEN the draft so that we can comment on it intelligently without relying on "I think the US government is bad, so I'm going to assume they're doing horrible things"?
The problem with this reasoning is that it doesn't take much effort to know that the US federal government has done bad things. It's not a matter of conjecture. The US has spied on law abiding citizens, check out MLK, done medical experiments on people without their approval, and has forcibly sterilized people. The US has also broken a number of treaties.
FalconRe:Really? (Score:5, Insightful)
This doesn't work for public discussion lists, or even private ones, unless they're very strictly controlled.
It also doesn't help for p2p traffic, as those are between two essentially anonymous parties, and thus, have no way to prevent a man in the middle attack, even if they DO use encryption (unless the tracker mediates, which, for most implementations that I've seen, it doesn't, even if it's using SSL)
The simple fact of the matter is that encryption is the wrong mechanism to solve this problem. Removing power from your government is the right mechanism, ideally.
Re:Really? (Score:4, Insightful)
That said, there are NO sources for this statement. The PDF link gives a 404 and they don't explain what they meant other than using broad terms. It sounds like a lot of FUD without a source to back it up. Does anybody have the PDF? If not then I'd like to see more sources than just an un-signed editorial on Raw Story.
Re:Really? (Score:5, Informative)
If you RTFA, it's from The New Yorker. Or, at least it was in TFA when I read it earlier today before Slashdot posted it.
I'm too lazy to check to see about the link now, but fortunately, since I thought the article interesting, I saved it. So here it is [googlepages.com]. It's an 18 page PDF, The proposal is mentioned on page 11.
Re:Really? (Score:5, Insightful)
Re:At least they won't be able to mass-scan... (Score:5, Informative)
The main obstacle to mass encryption these days is Microsoft. I expect to be skating over Hell's frozen wasteland before Microsoft adopts encryption in Outlook/Hotmail.
I've been encrypting and signing mail in Outlook Express and Outlook for years. The certificates are installed via XENROLL.DLL or CERTENROLL.DLL. Windows actually has a really good encrytion API.
If you go here [comodo.com] you can get a free e-mail certificate. Once you install it to the cryptography store you can sign and encrypt mail in any Microsoft email program. If you use the Windows Live Mail [live.com] application you can encrypt messages in Hotmail too.
Re:At least they won't be able to mass-scan... (Score:5, Informative)
There is a firefox plugin Firegpg [tuxfamily.org] that you can use with gmail to encrypt, sign, and decrypt email.
I dunno if it works with yahoo....it might...
Re:127 hours? (Score:4, Funny)
The Constitution... (Score:4, Insightful)
Re:The Constitution... (Score:5, Insightful)
email? Does anybody think that email is private? It is sent in clear text so I would say that it is as private as a postcard.
There is an election coming soon. So for those that really fear this find out where the candidates stand on it.
Then vote.
BTW don't focus so much on the President BTW take a hard look at your congressional reps.
Re:The Constitution... (Score:5, Insightful)
Re:The Constitution... (Score:5, Insightful)
As I say in every discussion of this nature, "private" in the sense of "can a police officer legally look at this and use it as evidence?" is completely different than in the sense of "could a malicious person who wanted to snoop on what I was saying possibly look at this, the law be damned?"
E-mail is about as physically private as a letter. They are fairly trivial to read but it does require you take take deliberate action to do so. As opposed to a post card which could literally fall out of the postman's hand text-up and be read by accident, other people's emails don't just randomly show up on your screen even if you are an email server sysadmin.
And thanks to recent precedent email is becoming -legally- as private as a letter. Which to repeat, is a different standard, and regardless of the fact that letters are easy to read, they are still considered private. So while a malicious mail man could read your mail whenever they chose, a cop who wanted their evidence to stand up at trial could not without a warrant.
We need to remember both of these. First if you want real privacy even from malicious people, you need to encrypt your email. Second, we still need to keep unencrypted email to be legally private, since otherwise the idea is that if the police -can- read your encrypted emails then they don't count as private and thus no warrant is needed.
There is an election coming soon. So for those that really fear this find out where the candidates stand on it.
Then vote.
BTW don't focus so much on the President BTW take a hard look at your congressional reps.
True that. Sadly enough it's hard enough to get specific answers on what the Presidential candidates' stances are on the subject, much less all the representatives.
Re:The Constitution... (Score:5, Insightful)
Bill of Rights Toilet Paper (tm)
It comes with all 10 printed on each sheet. Congress Critters find it to be heavy duty absorbent. Somehow though, that stuff you water the Tree of Liberty with seems to slip through anyway, just a little, but it slips through....
Correct (Score:4, Insightful)
So, that would mean that the societies with the most surveillance were the most secure, right?
Luddite revolution (Score:5, Funny)
He's just stretching the constraints (Score:5, Insightful)
Diminishing returns (Score:4, Insightful)
In the end, it's probably a lot more trouble than it's worth to go about things this way, rather than doing the 'traditional' sort of real-life investigation leading to a warrant &c.
Re:Diminishing returns (Score:5, Insightful)
Let's say you do something to piss some mucky-muck off and you get on the monitor list. It's only a matter of time before you mention in passing that you copied a DVD or any other heinous crime and bingo! The FBI/Federal marshals/etc are at your door.
Paranoid? I grew up in a communist state. I hate to think I've escaped to one, too....
Re:Diminishing returns (Score:5, Insightful)
But if the government really wants your hide, then they'll have it whether they have any real evidence or not--witness Cardinal Richelieu's words: "Give me four lines written by the most innocent of men, and in them I will find something to hang him." That was just as true then as now.
Re:Diminishing returns (Score:4, Insightful)
Other respondents have pointed out the arms race between spam and spam filtering; I had that in mind when I made my response. In essence, as a detection tool, this is going to be more or less useless, outside of the occasional one in a million lucky strike; really, the only way to use it would be to go mining it once you've already detected something nefarious and you want a more solid case--something that could easily be handled by a warrant and seizure of the suspect's computing assets.
Re:Diminishing returns (Score:5, Funny)
rj
They found a way to make encryption mainstream! (Score:5, Insightful)
Then again, it's almost certain that they're already reading all the e-mail. This law is probably just to prevent them from getting sued about it later. Ug
I got an idea.... (Score:5, Insightful)
That should sufficiently prevent this from becoming law!
Re:I got an idea.... (Score:5, Insightful)
Sounds like FUD (Score:5, Informative)
PGP + Constitution (Score:5, Informative)
You can't let the terrorists win (Score:5, Insightful)
Oh hang on we were fighting for freedom and liberty weren't we? So you need to give up all your freedoms to protect your freedom? You'd almost thought that the government was a repressive regime that wanted to subjugate people.
Re:You can't let the terrorists win (Score:5, Funny)
As this applies to regular mail, I think that it applies to email as well despite the government not getting a cut of the money.
No person shall be held to answer for any capital, or otherwise infamous crime, unless on a presentment or indictment of a Grand Jury, except in cases arising in the land or naval forces, or in the Militia, when in actual service in time of War or public danger; nor shall any person be subject for the same offence to be twice put in jeopardy of life or limb; nor shall be compelled in any criminal case to be a witness against himself, nor be deprived of life, liberty, or property, without due process of law; nor shall private property be taken for public use, without just compensation.
Self Explanatory, encrypt. Also as the beginning states they cannot do anything to you unless they bring you before a Grand Jury. The wording is clear that the only exception are members of the Military. Which brings me to a fun story.
When I was in the Army deployed to Iraq they told us that they had to scan our computers before we left to look for secrets and obscene material. Well this made me very angry so first I offered my services to a few friends and setup truecrypt volumes for them. Then I took a picture of myself flipping off a camera, labeled them things like Fuck Me hard(several different variations on that theme) and distributed 30,000 copies all over my hdd. Let's just say that when they put in the scanning disk the person performing the scan got really tired of seeing me flip him off and they didn't find anything. I know it was petty and he really wasn't doing it because he wanted to, but I think that I made a point even if it was in a very small way. The leadership never ever scanned anything of mine again.
Re:You can't let the terrorists win (Score:5, Interesting)
Let me put it as easily as I can, we all worked a ummmm special mission. We were all very well trained with how to handle security and put in a position of trust. Yes it was my personal laptop and yes they can scan it which pretty much says that they don't trust me. However as you seem to be an officer just what would you have done? Can you punish me for having pictures of myself on my personal computer? Would JAG back that up? Also a few more circumstances here, they do care about obscene material as they scanned my computer mid tour and found some nude pictures of my wife and demoted me for that. I also was the guy that as a specialist redesigned the entire IT infrastructure that we were using to increase productivity substantially, I ran the entire network by myself, I ran a pacing item by myself, ran the websites by myself, built a server for them, and was the main CRO all that in addition to my regular job of 98C. Another thing that was fun was whenever the Trojan Spirit II went down they had to call me in no matter what time it was to come fix it(at least once a week because no matter how hard I screamed for them I couldn't get the A/C units fixed). I asked for people to train on the various systems, but they couldn't spare even one tech oriented person even though I had guys volunteering for it. I spent three days in the back of that damned thing working on it one time without sleep or food because my NCO's couldn't be bothered to at least bring me food, towards the end of that the ACE Cheif came to bitch about it not working. I politely told him to shut the fuck up and let me finish my job. So if I wanted to do some damage or betray anyone I damned well knew how to do it, scanning my personal equipment was a slap in the face to me and did not deserve my cooperation. Needless to say I had no respect for any level of my leadership as I was trying my hardest for a long time to be a good soldier and cooperate only to be fucked constantly. Yes, my point of view is one sided, but if they had a real problem with me then dammit that's what a counseling statement is for(I was an NCO for a while until the incident) and it could have been spelled out so I could fix it. I just didn't play games and called people out on bullshit so they didn't like me. So fuck the Army, I'm out now and they can kiss my ass.
Who cares? (Score:5, Insightful)
Make your voice heard (Score:5, Funny)
I know, it's not original.
Encrypt your email (Score:5, Interesting)
Seriously. There are already libraries such as FLTK [fltk.org] and QT for the graphic front end. For the back end, you could use XySSL [xyssl.org], OpenSSL [openssl.org], or even GNU GPG.
I'm about 20 hours into an encryption client, and I've already got people using it. I initially wanted to use GPG, but realized that most technophobes won't go for a command line application. So I pulled out FLUID (the FLTK design utility) and had a prototype working within hours.
Today, there's no excuse for not encrypting your email. I realize that you may think you have Constitutional rights in this regard, but GW & Co. have the guns, the taxpayer financing, and even the (unsolicited!) cooperation of the major network carriers. It doesn't matter what you think the Constitution says if you can't even get a trial. You're on your own from here on out.
So why encrypt, even if you've nothing to hide? Well, simple, really. Why let the government violate the 4th ammendment with impunity? If you encrypt your email, the government can't perform secret, mass surveillance. Sure, they can pound on your door, and even demand the key. You might even have to give it to them. But in them doing so, you've achieved three key goals:
Encryption is highly Constitutional (TM) software. It keeps terrorists from eavesdropping on our conversations, knowing our whereabouts, and stealing our valuable intellectual property. If the government can't read my email, neither can the terrorists.
Be patriotic. Support the Constitution. Encrypt everything.
Unless it's bundled with Windows... (Score:5, Interesting)
Encryption should have been built into the protocols from the start but now I'm afraid the horse has bolted.
Impeach Them Already (Score:4, Insightful)
I mean, they're still spinning down how a Filipino Monkey [wikipedia.org] almost gave Bush a pretext for armageddon with Iran last week, continuing to blame Iran.
They still act like they don't even really know for sure who is "the enemy" in Iraq, or when the next Taliban attack [nytimes.com] will show how badly we're losing in Afghanistan to a bunch of medieval hicks hellbent on returning to the Stone Age.
And yes, they're still spying on every email, Web hit and phonecall in the US (hi, Dick!), while hustling to hand telcos amnesty for breaking the law at their request, even though they can't even pay the phonebill so it gets shut down.
These Keystone Konservatives would be hilarious if they weren't the most dangerous people ever in the world.
We have to call our lazy, complacent congressmembers and insist they impeach these criminal retards, instead of just easily running against them this year and inheriting all their catastrophic tyrannical powers.
Re:Impeach Them Already (Score:4, Informative)
Laugh while you can.
Your sorry assed demagogues have succeeded in squandering international goodwill towards the U.S., sold military technology [findarticles.com] to China in order to insure low prices at Wal-Mart and guaranteed that not only *you*, but your children (if you stop doing the hand dance long enough to have any), and their children's chidren will be paying the price [nationalpriorities.org] for their stupidity.
The long and short of it laughing boy, is that *your* party attempted to impeach a sitting president over a stain on a blue dress and failed, but have sufficiently befuddled the nation with misdirection and divisiveness that we are failing to impeach a president and his cronies who have lied to us [bushlies.net], lead us into a quagmire [findarticles.com], are shredding the constitution [truthdig.com] at every turn, and who felt the need to put safeguards in place [antiwar.com] to prevent them from being charged as war criminals like his father [deoxy.org] was.
So, yeah, good ahead and laugh, I for one will shed a tear.
It's in the New Yorker's print edition (Score:5, Informative)
<