New Zealand Government To Snoop On E-mail 140
Hairy1 writes: "The New Zealand Government is planning to increase the powers of the police so they may intercept e-mail, according to the
The New Zealand Herald. Paul Swain wants to exempt police from laws against hacking so they may snoop into emails. Read the story." "Recent history suggests the usual glib official assurances that such organisations and people will not be snooped on by state security and intelligence services will be worthless," the story quotes the spokesman for a group called Gatt Watchdog as saying, but insert-your-cause-here. Hard to watch just a few people's e-mail.
I'm from the government.... (Score:3)
Only criminals don't want the police to search their car/house/purse/pockets?
The check is in the mail.
Three lies.
In a free country to keep ones rights, you can't surrender them. For when you do, it ceases to become a free country.
Re:Courageously following the US's lead (Score:2)
That is: There are NO "brain-dead voters" as you say. I remember reading that, per head of population, NZ has the largest middle class in the world. By that note, we arn't really that conservative. There is NO large "Mums against porn" movement or "drugs kill children" movement or any sign of "The internet is BAD" movement.
New Zealanders (Like myself) are quite happy to let others do what they like as long as you don't tread on my toes.
Infact, we've got along with our government so well, we don't have a constitution in the traditional sense.
This is very weird for me, it flys in the face of everything we consider normal. We have good privacy laws, it's almost fun using them
What is also very weird is the police assoc. spokesperson referring to political assasination! I see the Prime Minister every now and again walking down the main street (I live in the capital) visibly unprotected. No one even gets out of her way
I doubt it will fly in NZ. It all makes me wonder if this email snooper system could be an addition to the ECHELON system (Which NZ is a member). People will care, and it won't get too far.
Oh, BTW - We have not picked up guns in a over century to fight for our freedom, we should never do it again.
Re:The pattern is obvious. Echelon. (Score:1)
On the negative side for the Maori, they commited genocide against a genetically similar sub-race, called Moriori, who were (unfortunately for them) pacifists.
Re:If these get passed (Score:1)
NZ economy is one of the free-est in the world, and the government doesn't get much of a sanctioning voice in it. None (or very little) of that class crap either, whether breeding (UK) or money (US) .
As for resources, there are plenty of natural and people ones. The only problem is that the people type resources who are any good go overseas for more money.
Try working there, then in the EU or US and you'd understand that the average Kiwi is quite well skilled, and generally pretty competitive. Themain problems stem from small economy and distance to markets.
Re:Bogus, This is really *^&% Bogus. (Score:1)
Governments are all the same colour (Score:2)
Then Labour came into power, made a total about-face despite their pre-election statements, and brought in laws that are every bit as bad or worse than those which they had opposed.
Needless to say, the Conservatives are currently berating Labour for it, despite their previous stance. But when the Conservatives finally oust Labour again, they'll slam the iron fist down even harder --- guaranteed.
Because you see, it has nothing to do with the nature of politicians' beliefs, and everything to do with the fact that the machine of government (which is much more than just politicians) demands absolute control if it can get away with it quietly.
Well, in this instance it can get away with it, because in our innocence we've created an easily interceptable transport and storage mechanism to underpin the Internet's mail service. No big deal: let's create another mechanism which isn't susceptible to interception.
This might suck.. (Score:1)
Re:we live in frightening times (Score:1)
--
Re:Encryption ideas I haven't seen suggested befor (Score:1)
That leaves the receiving end as an exposed tap point. Use IRC/DCC as some kind of funky SMTP tunnel ?
One of these days we need a public mail-transport system *and* appropriate legislation to protect the priacy of such. Why is it so easy for the law enforcement agencies to get such draconian legislation passed, and so difficult for the average citizen to oppose it ?
- just another costmic ray -
Re:Socialists and Big Brother (Score:2)
Re:Don't complain, vote. Err... problem... (Score:2)
Unfortunately, that will make things worse here. The Government currently in power is pretty much a coalition of the parties least likely to endorse dubious police powers like this. The last government is (I think) still "on trial" for allegedly encouraging police abuse/over-reaction during the APEC summit here. Other notable features of that government included a huge campaign to get the public to anonymously report people who they suspected of recieving a social welfare benefit they were not entitled too. That one was right out of "Brazil" and had resident Jews who survived Nazi Germany writing of how fearfully reminiscient it was becoming. (Everybody yells "Nazi" against policy that they disagree with, but I sit up and pay attention when the people saying it are speaking from first-hand experience). Fortunately it was abandoned when something like over 80% of reports turned out be false alarms (read: made out of spite or ignorance)
The key, I think, is to bluff the Members of Parliment into thinking you would vote against them, and hope you never have to
Or even better would be the ability to mix'n'match the policies of the different parties, cause there ain't a single one whose policies don't have big problems. (read: things I disagree with
Re:Seriously. (Score:2)
As for 'public', don't take the term as literally as that. For all intents and purposes, it *IS* public.
Yes, it's a bunch of private/semiprivate/public/whatever else depending on jurisdiction, networks all hooked together by zillions of different agreements in different jurisdictions. To me, and to any sane individual, this is what 'public' is. You are carrying all kinds of traffic that you didn't originate. Especially if you are a larger carrier.
This is why it is 'public'.
Re:Encryption ideas I haven't seen suggested befor (Score:2)
The latest release of the free version of sendmail (8.11.0) includes some encryption features (specifically, STARTTLS. TLS is Transport Layer Security, and provides encrypted communications server-to-server). See sendmail.org [sendmail.org] for more info.
The pattern is obvious. Echelon. (Score:1)
They are the countries member to Echelon.
This is obviously no coincidence. What we are seeing is the declassification of part of the Echelon system, without admitting its previous existence.
The fact that this is happening all at the same time in these very same countries is simply explained by the fact that we are witnessing a joint action, coordinated centrally, to officialize a system of spying on civil populations.
Why Echelon wants to make public part of what it already does beats me, frankly. Any ideas?
Its quite simple to avoid (Score:1)
For example, you could dial up a US ISP, and NZ will be unable to spy on you. Just the FBI. Oh.
Okay, so you dial up a British ISP, and neither the NZ authorities or the FBI will be able to spy on you. Just the British Government. Bugger.
Right, from now on, all my correspondence will be sent from China. At least we know that they're going to be spying. And also I'm not likely to do anything to upset them.
Re:What's the point? Won't criminals just wise up? (Score:2)
If the people responsible for some of these "excesses" (or, to put it in plain English, these crimes) routinely spent time in prison (real don't-bend-over-for-the-soap prison, not Club Fed), this argument would carry some weight. As long as the the "public watchdogs" have no real teeth to sink into abusive LEOs, they provide a mere illusion of protection.
Its not really that big a change if the taps are held to pre-existing standards of survielance.
The problem is that the de facto "pre-existing standards" are far too loose -- even if somebody gets caught stepping over the wide-ranging line, it doesn't much matter.
/.
Re:Echelon does this already. (Score:1)
We know what you have been posting and we
really can't have you speaking out anymore.
It just isn't polite to say these bad things.
Really, lets not fuss over this... your government
loves you and would not like to see your
messages get routed to say that girl you've
been talking to alot on chat. Really, what
would your girlfriend think? But we have been
having some problems with the old echelon box.
It is very tough to say what could happen.
*Evil Smiles*
--The Men Behind The Looking Glass
Court Orders, etc. (Re:Seriously.) (Score:1)
Or is that what you want?
While it may come as some surprise to you, US Mail cannot be searched/examined/siezed without due cause. And, yes, a lot of drugs did get shipped that way
Generally, "sane individuals" (as you put it) consider it an act of fascist/communist governments to go reading their mail, to find what they can find and create dossiers about people. Those good, sane people have been posting their concerns here a lot, probably because most SlashDoters come from the FREE WORLD (God bless it!).
But, unfortunately, there are dangers in the fact that the internet allows participation by all. Evidently you have lived under a fascist government, given your opinions. For instance, your definition of 'public' would apply to the world's phone system, as well. I'm not sure what highways would be. Evidently the U.S.'s would be private, but Europe's public. Typical RED propaganda here, denoucing the US for privatization, applauding socialist measures in Europe, and trying to place private resources like phone and internet communications in the so-called public's (read: you commie bastards) hands.
And who modded you up? Evidently there are a few more communists around here...
All bent on making the InterNet public property, no doubt, and then reading all our emails, and doing who-knows-what with our precious bodily fluids.
Well, we won't let you take over a good, private forum like SlashDot! VALinuxers, unite! Start IP filtering mods from current and former communist countries, NOW!, or all is lost!
Re:Governments are all the same colour (Score:1)
Re:Courageously following the US's lead (Score:1)
Don't worry, I've come to expect these kind of things from your type.
(yes I'm kidding - I find my race as irrelevant and funny as most people. In fact, I love screaming at people "it's because i'm black, isn't it?" heh heh heh)
Re:Courageously following the US's lead (Score:1)
Seriously. (Score:2)
2) Why do you assume you have a 'right' to privacy when you send cleartext data on the public internet? (I know we feel we DO have a right to privacy, but if it is there in the clear, a court can take it).
3) USE ENCRYPTION.
Well, it might be SUGGESTED as law someplaces.. (Score:1)
A fairly pointless and in my eyes dumb argument. But it's the law.
Now, form there and to allow people OTHER than the ISP to read the mail, in my eyes it's a small step. And I for one will start not only to encrypt my emails, but also to avoid countries with RIF or Canivore (or whatever), because they are no longer talking about "just email". They're also talking secure Business-2-Business comunication over the internet. I do not know/understand why more businesses have not stood up and argues their loss of profit. Because that WILL be a consequence.
Regardless, IF any laws are passed, I will (as I am now) avoid ANY and ALL comminucation with nodes that are "affected". In essence the discussion held on "cutting the US out of the internet". I for one MIGHT not have anything to hide, but that doesn't give ANYONE the right to look thourhg my communication which is DEEPLY personal (not that I'm buying sextoys or hookers on the internet, but I MIGHT), and the privacy should be respected. It would trouble me deeply to know that I could not send my mom an email without someone else (even if it's just a computer looking for "flagged words") reading it.
Contact details. Petition? (Score:2)
The Hon. Paul Swain: pswain@ministers.govt.nz
(Minister of Information Technology, Associate Minister of Justice, and proponent of the increased powers in the NZ herald story)
The Hon. Phil Goff: pgoff@ministers.govt.nz
(Minster of Justice)
Both can be snail-mailed at:
Name
Parliament Buildings,
Wellington
New Zealand (if you're overseas)
Now, does anyone know of any petitions or anything being organised that I can contribute too?
Re:Why one should be worried about other countries (Score:1)
haha
Why one should be worried about other countries (Score:5)
This is, of course, why people should be worried about what happens in other countries. Whenever something unpleasant happens in the US, smug Europeans tend to have a good laugh, and vice versa.
This is a perfect example of why such smugness is so dumb. Attempts to grant police more draconian powers in .nz are being justified with the UK RIP bill; no doubt people in the US will be unpleasantly surprised when the FBI justify Carnivore (and more) on the same grounds.
Once it is considered acceptable for one country to behave abhorrently, other governments will do the same. How often have you heard proponents of strong government point to Asian dictatorships like Singapore as evidence of what could be achieved by strong government unquestioned (and unquestionable) by the people?
interesting (Score:1)
Re:Encryption ideas I haven't seen suggested befor (Score:1)
My 24x7 IP address, got reassigned to one of those list blocked IP ranges. Note: My email server does NOT have an open relay. ISP checks every couple of months. I discovered the ORBS listing, after an email bounced back from "Lucent", "the technology people", NOT!!!!.
I tried to get ORBS to remove/modify the IP range list without success. I.E I explained the due diligence by the ISP, open relay tests, etc. It didn't matter to them. Funny thing, guess where the ORBS representative was located??
Yup, New Zeland, How Ironic.
Re:Why one should be worried about other countries (Score:1)
Re:Bogus, This is really *^&% Bogus. (Score:1)
Are you sure about that? Recent legislation means you can now see what the SIS is holding on you ('bout bloody time), and things like the Privacy Act require that any database holding personal information be acessable and correctable by the people covered. Might it be the case that the police, as an arm of the government are exempt from civial requirements until some compliance date? (eg I know that the govt is exempt from it's Human Rights Act, and has postponed compliance with the Act, might this be something similar?)
Courageously following the US's lead (Score:2)
But seriously, this is a bad thing. It's a bad thing in the US, a bad thing in NZ, and a bad thing wherever else this type of thing happens. As superfluous laws crated solely to appease brain-dead voters (such as anti-porn/anti-prostitution, and especially in the US anti-drug laws). The Modern big governments seek to make anything that might be considered 'immoral' by anyone illegal, and make criminals out of all of us. And criminals need to be watched of course. Grab your guns people, our freedoms are being taken away every day.
Exempt from Hacking? (Score:2)
NZ Police history not great... (Score:1)
Re:The domino effect... (Score:4)
My Greek friends were bitching to me about this treaty a few years ago. Seems they used to have the mountains along the Albanian border mined, and never had any problems. Then the mines came out, and they started having problems with packs of armed bandits crossing the border at night, pillaging isolated houses, and slipping back before dawn.
I don't know how popular or unpopular the treaty was with most Greeks. But I do suspect mines, like most things, aren't such a black-and-white issue.
Whats the alternative? (Score:1)
Do we have an alternative?
Hacking is BAD too if you happen to see it from the government's point of view.
Obviously they know its no use searching for a term like "Let's Hack" through the email messages.
Its the same case as The Police has rights to search every house they suspect and have a warrant to search for. But here we are giving The Police an unlimited license to search for everything in emails. That's BAD too.
Why can't we come up with an alternative if we have to criticise the only solution in front of the government? Is there any other fool-proof (this isn't even) method to prevent "BAD" hacking?
Re:Why one should be worried about other countries (Score:2)
It is possible that neotrace et al think that it is in the US because it thinks that it is part of NSI's network (they hold the record to reserve it).
These are most likely machines on the ISP's network, though really they shouldn't be doing that (if you used the same addresses on your office network it would probably bggr up quite nicely).
That said they might be using these machines to spy on you, can't get anywhere without going through the ISP.
If you aren't paying for call charges set up an email address and get it on as many spam lists as you can and then get your comp to download and delete them overnight, give them something fun to read).
Re:oh, look at me, I'm new Zealand... (Score:1)
Re:Courageously following the US's lead (Score:1)
Well if there was any doubt as to whether the law would go through it's gone now :)
Got to wonder about the Echelon angle though, maybe the UK & NZ are test cases...
But hey that's just a bit too paranoid, isn't it??
Re:Quite the trend.... (Score:1)
a) I believe that there are actually subtle means of opening a non-sealed (as in ink/sticker, not as in glue) envelope. Even seals can be forged. So don't consider paper correspondence immune...
b) Not all terrorists are swift, shall we say. I'm reminded of the WTC bomber who went to demand a refund on the rented Ryder truck he used. Oops.
c) E-mail is a bit easier since there are usually archival backups and such. It can be difficult for, say, the White Hou^H^H^H^H^H^H^H^H^Hrandom people to be sure they've completely eradicated all traces of communications, such as tape backups and not-yet-erased files at intermediate sites and so forth.
Plus, networks go down, servers get confused... there's no real-time guarantee of fast service (I've personally had mail delayed for days, and very strange weirdness involving third parties.), so the occasional mail could even be intercepted, delayed, investigated, and THEN forwarded without necessarily arousing that much suspicion.
Civic Duty (Score:2)
Re:Encryption is not enough (Score:2)
Re:Of course there is (Score:1)
Like most things, it would generally be illegal for a citizen to open somebody else's mail (and in some countries, it might be illegal for a citizen to open his own mail, depending on the contents -- "Why would they have sent you this subversive literature if you are not a subversive?"), but I would bet that in 99.9% (Sealand might be an exception) of countries it is legal for the government to do so, provided that they give themselves permission first (I can't help thinking that judges aren't exactly in the private sector)
Re:Encryption ideas I haven't seen suggested befor (Score:1)
Re:we live in frightening times (Score:1)
We need to educate everyone in the use of encryption, starting with the same "not-so-savvy friends and business associates"...
Knowledge, to use an old saying, is power, so let's empower 'the masses' !
And fight these government policies at all levels!
Re:Hmmm... (Score:1)
make interception legal for everybody? (Score:2)
In order to make laws like in the UK that require giving up keys meaningless, I think we should also start keeping random data on our hard drives (e.g., filling the empty blocks with random data) and adding random bits to our communications (for images and speech, the low order bits are usually already random enough). That's good security anyway. Here is a start--or is it a secret message... ?
QUDIHKOO DPKAPOAM REFPQTII ITOXOBWF WANELCSO RCOHRPUJ TZYKTHTB AHYOJUUF UHKFKCUC FIJXXEGR EFBXMUYM CXBMSVSN DCTNFNPK VZHSDOKH TLEFGDRJ ATVSONFR QYEVLUGG TNZXCJFV VJBBNSKN MGFAUKRK JVGUQMBJ AAHCKMXG WYIJRTWD ZCETMVEV
Re:Courageously following the US's lead (Score:2)
- NZ law has always favored police.
- NZ politics periodically limits their activities.
- This proposal is more likely to be changed than the usual one.
This proposal probably comes from organizational imperatives. There are only a couple of checks&balances.One analysis of New Zealand civil society is that it is "an unenforced police state". The police have quite a good image in NZ, and mostly do good work. They do have a history of being *very* nosy about groups with views unpopular with voters or the govt of the day. This proposal comes with the constraint that the highest court commonly available to NZers (I think you can still try to get the UK Privy Council to overrule) has to affirmatively say that each suggested snooping is OK. Getting details about what the High Court thinks in these cases appears to be difficult.
Common experience is that the police can do most things they want to until some judge uses an interpretation of common law to shut a particular activity down, or the voters learn about it and complain loudly, whereupon the govt of the day tells the troops to cool it or changes the rules of combat.
Statutory law is rife with exceptions in favor of police. (Look at the text of the censorship legislation for a great example). Some of this is in the nature of the business (it is an error to make *all* reading of censored material illegal- who then would decide what is censored?) but the legislation is crafted so that there is essentially no review outside internal police hierarchy.
NZ is a small country, so it is quite likely that new police behaviour will be noted. There is some sense of fairness and common courtesy that the voters seem to demand, not just pocketbook calculations.
(In one example, the govt decided that suspected overstayers from Pacific islands should be rounded up. This hit the national media next day and the govt retreated in a week, despite the clearly described expected benefit of higher wages for the average New Zealander.)
If police snooping on email is regarded like police searching in private homes, look for public outrage and massive editing of the proposal.
If most folk think this is like phone tapping, this should go thru with minor changes.
-Expat NZer
Netsape PGP plugin (Score:2)
Re:The domino effect... (Score:1)
Also IIRC they have refused to give information on how to safely defuse the landmines to these monsterous International Organisations who are actually doing something about them as it threatened US security.
So they just have to go out poking around with long sticks.
Interesting term 'Rogue nation', what is the definition?
Echelon does this already. (Score:4)
Not only that, but our Government doesnt even have access to this data - they let the US and Australia snoop our private communications and cant even check to see that it's not being abused!
Much more frightening that someone reading my personal mail (usually innane messages to my friends anyway) is the thought of other countries using this information to make sure that the next international contract my company is tendering for goes to someone else!
That will be all.
Re:What's the point? Won't criminals just wise up? (Score:1)
Genuine NZ Kiwi - Eats roots and leaves.
Cute (Score:1)
Re:Why one should be worried about other countries (Score:1)
So I notice any time I contemplate nipping to Spain for a holiday 8)
Seriously, it's a trend, and that's one example. One could equally cite people who feel smug that they aren't in Australia, for example.
Re:Maybe it's because I don't understand the NZ go (Score:2)
Both. New Zealand cabinet ministers are typically involved in several roles, usually with one primary area of responsibility and a number of assistant roles.
The main potential problem we have inNew Zealand is that the New Zealand Labour party is cursed with a desire to emulate Tony Blair's Labour Party, right down to having a little proto-facist in cabinet (Phil Goff, the .nz Minister of Police, should be called mini-Straw).
The Libertarianz are very much on the fringe of New Zealand politics; we're futher to the left here, and, historically, the left have been guardians of civil liberties in most areas. Sadly, as I mentioned earlier, their desire to emulate .uk's New Labour extends to a mindless "get tough on law and order issues" posture.
Re:Courageously following the US's lead (Score:1)
Which is insane. If anyone was going to be offed, it would have been Muldoon.
I wonder to what degree some of this nonsense is a result of the previous, right wing government, importing so-called experts from .us organisations to come and preach at Kiwis about how we should have a proper US style war on drugs and the like. Hopefully we'll be too sensible as a country to listen.
Re:Courageously following the US's lead (Score:1)
Most of the exceptions here are in favour of the Customs department, not the police.
And, indeed, if it is tightly regulated and targeted - like phone tapping by police (but not the SIS) - then it's hardly an alarming proposal. Unfortunately, it appears that the police are pushing for draconian powers in this area, and the idea of the SIS gaining more powers in this area is downright scary, given their record of responsible use of their other powers.
Yes and no. Personally, I'd like a bit more scepticism in the area of the police here, but .nz is a curious beast here. There are plenty of people, for example, who hardly have unreserved love for the police as a result of the Springbok riots, but are quite happy with general police performance. Proposals to give the police arbitary powers in many areas (eg fighting drug or gang crime) quite regularly fail.
Re:Seriously. (Score:1)
Re:Quite the trend.... (Score:1)
There's probably a certain truth to that. Nothing so desperate as government functionaries staring at disestablishment.
Re:how can we have distributed email encryption? (Score:1)
You should be able to hack on mailman or majordomo to have it run pgp/gpg over mail. You should also have a look at using MTAs that support TLS extensions (SMTP with SSL). Exim, qmail, sendmail, postfix, zmailer all have or are currently adding these.
New Zealand is Screwed! (Score:1)
Of course there is (Score:1)
claviola@rj.sol.com.br, uin# 55799523 */
Re:We've already lost (Score:2)
Hmmm (Score:1)
100 (Score:1)
Nothing is stoping them from doing it now (Score:1)
Re:NZ Police history not great... (Score:1)
Get used to it: Quantum Cryptoanalysis (Score:2)
Get used to your e-mails being insecure. I know people are going to say "encryption", but think about this:
Before Quantum Cryptography [mcgill.ca] becomes available, Quantum Computing [qubit.org] will have arrived (many suggest within a few years) and it will render insecure [qubit.org] most or all encryption methods using conventional computers. It has been proven that a quantum computer will be able to factor large primes (see reference in RSA's overview [rsasecurity.com] which, interestingly, predicts that quantum cryptography will be realised before quantum cryptoanalysis -- but they would say that, I guess ...).
(Find more about Quantum Cryptoanalysis [altavista.com] on AltaVista [altavista.com].)
Sorry guys, but encryption will soon be a thing of the past (before it rises again in a different form on a different infrastructure). Bye, bye privacy, bye e-commerce, bye.
Learn to live with it.
(For the record: there is a different issue in some of the comments: should the Govt snoop your e-mails as a matter of routine? I don't think they should, any more than I think they should read all the postcards that are sent through the mail.)
---
"Where do you come from?"
Steganography (Score:2)
I should have added that steganography will probably still work. However, that is not what most people are using or seem to be talking about when they say "encryption". Shame, really.
---
"Where do you come from?"
Don't complain, vote. (Score:2)
In all cases, these politians make generalizations that claim that criminals are making use of the Internet (please, no more "cyberspace" or "the Web") as a means of communication.
Don't buy this bill of goods without proof. Demand proof that established criminals and terrorists are using the Internet as an intergral part of their planning and execution of their crimes.
Otherwise, this is only another means for scared, outdated governments to try and tap into our privacy.
Vote against all politicians who suggest, fund and advocate the usage of electronic surveilance of innocent civilians. Put your money where your vote is.
Christchurch, NZ (Score:2)
There seems to be a trend of Christchurch becoming a new center of technology in the Austrialiasia sector, some companies have been bought by international outsiders and then left alone to continue their efficient development models. Lots of large companies (Compaq, Trimble Navigation, Pulse-Data, The Holliday Group, etc) have their heavy-duty development houses here.
Because of the scale of the country, many new technologies are trialed here first, and then implimented otherwhere once proven successful. The government is being put under enough pressure to change immigration procedures for information technology people.
Don't count New Zealand out just yet.
NZ Privacy Act & Police Snooping (Score:2)
In New Zealand we have a little piece of paper known as the Privacy Act. This little bill makes it illegal for anyone to obtain, use, distribute or whatever, anything about me unless they have MY direct permission to do so. In all the discussion I have read on Slashdot, no one seems to have taken this into consideration.
Effectively what this means is that the police cannot read my emails unless I give them permission to do so, or they obtain them from the intended recipient with their permission. It is just the same as the police being unable to give out my name, address, phone number and criminal record details unless they have a court order or my permission.
So how does this play into effect as far as I'm concerned?
Simple. Primarily, for the government and the police to pull this off, they'd have to amend the already existing and established Privacy Act before they could even pass this new bill before the house. Secondly, we live in a democratic country. If we can get enough people to back it and sign a petition, a referendum can be forced which would request that all those eligable to vote do so on this particular topic. The downside is that this requires that there be those willing to stand up, make a stand and prepare a petition. There also needs to be awareness of this petition for people to sign it.
The first thing us NZ'ers need to do is write to our local MP (Member of Parliament) and express our concern and state exactly what our views on this issue are. Tell them exactly why we think this is a bad idea and why we consider it a breach of our privacy. In New Zealand, if you contact any MP or Minister, they are legally required to reply in some form or another.
As a service to all out there, here is the website to go to to find the email address of not only the Prime Minister herself, but also of the MPs and Ministers.
http://www.parliament.govt.nz/mp s-and-ministers.html [parliament.govt.nz]So what about this argument of using encryption? I don't encrypt mail when I send it snail mail. I don't encrypt my cheques when I pay bills. I don't encrypt my postcards home when I'm overseas. I don't have to decrypt my newspaper when I read it in the morning. Would someone tell me why I should have to encrypt email? It is my right to send email in the manner I so choose. I know there are elements on the internet that are "shady", but I calculate that risk into the content of the email every time I press the send button. I don't see why a government should force me to use encryption simply because a few bad eggs on the net have gotten smart enough to use a computer instead of the phone.
The most amusing part to all this is that the last time there was any terrorist activity in New Zealand was when a few Frenchmen bombed the Greenpeace boat "Rainbow Warrior" in Auckland harbour. (What is it about the French and blowing things up? Rainbow Warrior, Muaroa Atol and the nuclear testing, and more recently a Concorde full of Germans.) With the lack of terrorist activity in NZ, and crimes being mostly theft and road issues, why does the police even need to snoop emails? Bank robbers in NZ just go into a bank with a gun and a stocking and demand money over the counter.
If anyone in NZ wants to get a petition going (I've already started one in my area of Auckland) look at my user info page, remove the "nospam" from my email address and get in touch with me.
Re:Its quite simple to avoid (Score:2)
Terrorism smoke screen (Score:4)
Freedom comes at the price of bloodshed, folks. And these days, it's surprising little bloodshed. Terrorism exists precisely because the enemies of freedom lack the power to do significant damage, so they concentrate on some high-profile but not especially great carnage. Terrorism should be suppressed to the best of our ability, of course, but please bear in mind that more people die in domestic disputes every night in America than die in terrorist attacks in a decade. Terrorism is only an issue because we allow ourselves to be panicked by a few crazies.
In the one case that could have been a major terrorist disaster -- the World Trade Center bombing -- the disaster was averted by the ignorance of the terrorists, not Carnivore. The intelligence agencies like to make mysterious noises about all the attacks they've averted, but we never see any evidence to back up those claims.
State security is a dangerous thing. The very apparatus necessary to ensure total security is the same apparatus necessary to ensure totalitarian rule.
I can't speak for other countries, but we have much more pressing problems in America. Tens of thousands die every year on the highways due to drunk drivers; somewhere between one-sixth and one-third of all women will be sexually assaulted at least once in their lives; child abuse and neglect is rampant; the two leading causes of death for minors are murder and suicide. When we make progress on those fronts, then let's pour our resources into chasing a handful of terrorist acts. Until then, don't tread on me.
how can we have distributed email encryption? (Score:2)
I was having a discussion a week or so ago on a mailing list about Carnivore and how to get around it by using encryption. Encrypting email between specific people is relatively easy (if you can convince them to use encryption), but the question came up about how we could easily encrypt list traffic.
The list structure is the common one where there's a central address that recieves mail and churns it out lots of times to everyone who's signed onto the list - but since people can subscribe and unsubscribe dynamically, posters don't know who is on the list at any given time.
The only obvious way I can think of doing this is if everyone encrypted their postings to the central list-server, which would in turn decrypt it and re-encrypt it maybe hundreds or thousands of times over for each person subscribed to the list. This doesn't seem very efficient and I'm not sure if there are any list servers out there that will do this, anyway. (Please yell out if you know of any.)
Does anyone know of any relatively efficient methods of running distributed mailing lists where all the traffic is encrypted? (Preferably something that's not very difficult to set up.)
I'm fully aware that people could just subscribe to the list, but I don't think it's as important because there might still be standard security steps like requiring authorisation before joining.
===
Very smart (Score:2)
Why are they trying to get it done so quickly?
So when EVERYONE and their mother is online, the won't know the difference betwixt the (non-existant) privacy they have now, and the privacy people used to enjoy years ago.
Now is pretty much the time to get our asses in gear and make a statement that we will not tolerate this kind of flagrant violation of our civil liberties. Anyone else remember anything about illegal search and seizure? Write your congressmen, vote...and most importantly - VOTE WITH YOUR POCKETBOOK! This is the online equivalent of the FBI or whomever basically just coming into your home and looking through your shit while you're not there. The only difference is most people don't know enough right now to care. CHANGE THAT! MAKE PEOPLE AWARE!
I, for one, am making PGP a standard. (Apologies for the US specific references....you all get the point).
FluX
After 16 years, MTV has finally completed its deevolution into the shiny things network
Re:we live in frightening times (Score:2)
Yeah, but that's false reasoning and the public and the authorities must be taught that encryption does not imply that crime.
Encryption is not enough (Score:3)
The problem is inherent in the current naive SMTP/POP3/IMAP model of mail service. It served us well for two decades, at a time of network openness and innocence. That time has now gone. DARPA researchers wanted to make their network stand the odd atomic bomb. Now we have a different evil to overcome.
Here are the key aspects of the problem, and the areas that a solution would need to address: Time to replace SMTP/POP3/IMAP. [slashdot.org]
Maybe it's because I don't understand the NZ govt- (Score:2)
(a) the Information Technology and Associate Justice Minister as referenced here [herald.co.nz] or is he
(b) the Commerce Minister as referenced here [herald.co.nz]?
I read this, and actually started getting interested in New Zealand politics. (slow weekend) A bunch of good starting points here [yahoo.com]
IANAL (I am not a Libertarian) but maybe these guys have the right idea: Libertarianz [libertarianz.org.nz]
Altho as a whole, Libertarians are pretty strong on intellectual property rights, a whole 'nother issue...
Re:Quite the trend.... (Score:2)
Re:Hmmm... (Score:2)
Re:Echelon does this already. (Score:2)
use gpg [gnupg.org] or pgp [pgp.com]. use mailers like pine, mutt [mutt.org] or eudora [eudora.com] that support them.
Privacy threatened (Score:2)
Quite the trend.... (Score:4)
We'll, we've been hearing about the United States governments actions in regards to the monitoring of email (the carnivore system, etc), and now its about the right time for the rest of the world to come in a bit too. It does look as if all governments are taking it upon themselves to monitor email for "illegal activity" which brings up some interesting questions.
Why do governments beleive that email is different than snail mail? Is it because its easier to use, or just easier for them to read? I'm not quite sure, I tend to think that they are treating it like phone lines because they can, not because of any sort of precedent. You can't open up a snail mail letter because of the envelope and people would know you're reading it, but you can easily tap a phone line, as its not as easy to detect the intrusion of privacy. Email follows the path of the phone line, but its just easier, as they can just intercept it before it gets there, and there is really no way for anyone to know if they've read it. I guess this is quite obvious material...
While I have nothing to hide in my emails, I guess its just starting to piss me off that all the governments of the world are starting to take their turns reading my email just in case I might be a terrorist threat. Seriously now, how many terrorist organisations would be dumb enough to not encrypt their emails that they send to each other, its ludicrous. I for one am going to start encrypting everything just to piss of the government...
If enough people would do this sort of thing, it would be impractical for the government to do this sort of thing, and hopefully it will just go away.
we live in frightening times (Score:5)
Fucking government assholes... if you weren't such snooping bastards, maybe I wouldn't feel it was necessary to ensure my privacy. My problem is that not-so-savvy friends and business associates require me to use cleartext e-mail. Ah, life is depressing...
---------///----------
All generalizations are false.
PGP (Score:2)
Stop whining, and start encrypting. Then they can read all the email they like... course... decrypting it would be harder... and you'd at least be aware of the fact that your email is compromised if they court-order your private key.
Be vigilant. -----BEGIN PGP SIGNATURE----- Version: PGP 6.5.3 iQA/AwUBOYNAL8Q/V8QYw1ouEQKrjQCfSajlPpgnBxpDeWJNi
It's time to replace SMTP/POP3/IMAP folks (Score:3)
1. Mail addressing is in the clear during transport.
2. Mail content is in the clear during transport.
3. Mail storage is in the clear after delivery.
4. Senders send mail to their own ISP's servers.
5. Recipients receive mail from their own ISP's servers.
(This refers to the mail services used by the largest proportion of Internet users, the ordinary Joe Bloggs with a dynamic dialin account with a free or very low-cost high-volume ISP.)
These features together have been instrumental in the current domino effect as more and more countries decide to violate their citizens' privacy. They provide the interceptors with a known fixed point at which to intercept any given person's mail, full knowledge of where his mail is going, full knowledge of the source of incoming mail, and full legibility of the content of correspondance.
If you consider the nature of the people concerned, one might as well have called these mail standards the Please Intercept Me Protocol. We've made it ridiculously easy for them to snoop, so they're doing it. It's our fault. You can't blame them for lack of scruples -- if they had any, they wouldn't have placed themselves in a position where they can wield coercive power over others.
So, let's take our standard catch-all phrase and modify it to suit the new circumstances: The Internet interprets mail interception as a fault and routes around it.
In other words, let's create a mail system with the following attributes:
1. Mail addressing details are not visible except between pairs of delivery points, which see only the from/to information that applies to them at that point in the transport. Multiple layers of encryption keep all other details of addressing invisible. Something along the lines of onion routing seems feasible.
2. Separation of payload from addressing, and the payload is of course always encrypted. Encryption must not be optional, ever, and apart from a strong default, the encryption algorithms used must be arbitrary, multiple, and unidentified.
3. No storage of mailboxes on a customer's ISP's servers. This can be addressed either by using remote servers in safe jurisdictions, or preferably by doing away with the concept of remote mailboxes altogether, ie. keeping mail in transit at various dynamic funnel points until the destinee appears online and signals his presence.
4. No single transit destination for a person's mail. The biggie here is that MX records direct mail to the fixed point of the ISP's choosing, so this whole methodology needs revising to allow the use of a dynamic set of customer-chosen remote funnels instead.
5. Senders should not send mail to their own ISP's relay as smarthost, but bypass it, ie. communicate directly with some remote destination. Unix-type boxes already do direct end-to-end delivery by default anyway, but the new scheme should make that the norm on all platforms.
Well, that doesn't sound like a particularly difficult spec. Let's have a little think about it, rummage around the IETF to see if there's anything already in the works that might do the trick or be a good starting point, and get to it.
Re:Quite the trend.... (Score:2)
Also it is worth noting that most legitimate targets for SIGINT have dried up over the years. Crypto like DES, RSA, Blowfish, etc. has been around for many years and is for all practical purposes unbreakable. Except for the occasional slip-up, and traffic analysis, there is no data to be gleaned from legitimite targets, they are mostly smart enough to use an unbreakable crypto scheme. I believe that legitimate for for SIGINT are only Military or Diplomatic targets. The only things that use weak or no crypto are private and commercial communications. Therefore it seems that much of the data gleaned by SIGINT is going to be non-Government targets, that they shouldn't be targeting.
Personally I think that most of the SIGINT force should have been buried when strong crypto made is so much less effective. It only exists now as a possible threat to liberty if it ever falls into the wrong hands. Like the START and SALT nuclear weapons treaties, this weapon too should be disarmed and disbanded.
If annother big war comes then we may need to revive the old knowlege but I don't want to see our SIGINT services turned into the agents of some Big Brother/Though Police organization--only used to keep Commerce high and the people in control. The road to Hell is paved with good intentions they say, and there need be no "Grand Conspiritor", only people doing what they believe is right and what they believe is in their best interest.
Annother rant filed.
why snooping is okay (Score:2)
I can't exactly say I like snooping, but I don't think it's unnatural given what the Internet is.
The Internet is just a bunch of networks joined together with archaic unreliable agreements, carrying each other's traffic. It's impossible to tell what's going to happen to data once it's transmitted into the open system, and if people want to monitor the traffic passing through their system I don't think anyone can really complain about it. I do have a problem when governments coerce ISP's into letting them watch, but it even if they didn't it can't be relied upon that the ISP wouldn't simply choose to show the government what was in your email anyway.
The whole point is that by default the net is insecure, and the idea has always been that integrity and security have to be established at each end. To do otherwise is like talking in an open courtyard and assuming everyone will turn their backs, ignore you, and not talk over the top of you.
Right now we have some great end-end protocols for ensuring integrity (and I guess TCP is the most obvious), but it really irritates me that there are so many people out there who don't give a damn about the security part of it. (Probably because of the sudden explosion in people who aren't interested in what goes on behind the send button.)
Has anyone out there ever had any real success in convincing people (not just computer geeks) to use encryption automatically?
===
Socialists and Big Brother (Score:4)
Re:Get used to it: Quantum Cryptoanalysis (Score:2)
But I can factor arbitrarily large primes without any computer! OTOH factoring composite numbers is a bit tricky.
--
If these get passed (Score:3)
Damn, but this whole thing stinks.
--
Encryption ideas I haven't seen suggested before (Score:3)
In a perfect world, this would in fact be the optimal solution. But, realistically, since this isn't happening any time soon, how about some other options that at least get us part of the way there?
1) Add encryption into sendmail's transmission of mail. The goal here is to have the actual email traffic sent over the open wire encrypted, like ssh traffic is. OpenSSL could be used for this. Of course this does nothing to protect you if your computer is cracked or stolen (including by the gov't), hence:
2) Store mail (in
Despite the complications in 2), these still both seem very doable to me. 1) would require extending the SMTP protocol slightly, so that mailers can talk to each other and send things between each other in an encrypted form only if both are encrypted-capable. Has anyone else thought of doing something like this before? Is it as feasible as I think it is (or am I just low on sleep and not thinking clearly)?
---
Re:The Case of the Missing E-Mail (Score:2)
Why new tech gets govt interest (Score:5)
Think back to before the telephone. Criminals has to meet face to face or send letters, and I doubt letters did much for simple crime. Most likely, to organize a bank robbery or any kind of activity, they met face to face. The only way for police to listen in was informers in the meeting, or ear to the door. I doubt there was much ear to the door stuff, it would be too easy to prevent. So there wasn't a whole ot of police listening in on crooks.
Then along comes the phone. Crooks weren't stupid, they could see how they could get together for a combined effort so much easier with a few phone calls. Police recognized this too, but suddenly they had the *capability* of listening in without having to put their asses in danger from twitchy guards protecting the meeting. And just like nowadays, they conned a mostly ignorant public into going along with their plans, with much the same message -- the innocent had nothing to fear, there would be no abuses, etc.
IIRC wiretaps were originally thrown out of court until Congress passed some enabling legislation, which did not get completely smooth sailing. There was debate, but not enough. Probably a web search would refresh my memory, but I haven't a clue now where I read this, or how much I remember correctly.
--
Hmmm... (Score:3)
Reds in the beds! (Score:2)
The funny thing is that, at least in NZ, this is completely the opposite way around. The government that let the secret service (SIS) off the hook without explanation was the same one that pushes for free market etc. Hell there was even a report from the Herald that they were intending to give the SIS the ability to search someone/someplace without a warrant. They got found out and had to back-pedal on that one.
The people most likely to shoot this one down are both extremes of the spectrum. The Greens (You can't get more socialist!) and Act (Almost managed a flat tax rate, and ditching of social welfare). The real evil is the ignorant centre, who have never had to campaign for anything in their lives.
Re:Terrorism smoke screen (Score:2)
Re:What's the point? Won't criminals just wise up? (Score:2)
Yes, I think its "OK" for law enforcement agencies to monitor my communications after demonstrating reasonable cause for suspicion but before formally charging me. Thats what warrents are for. So, I guess I don't need to worry ablout constitutional garantees of privacy.
Personally, I do believe in privacy, but as a balanced, rather than absolute right. That is, all things being equal, people should have a right to personal privacy. However, the world is full of situations in which all things are not equal and the right to privacy must be balanced against other equal or more important rights. Unfortunately, /. is the land of absolutes and slippery slopes, making a reasonable balancing of rights nigh impossible.
As for the title question, I don't think criminals will "wise up" to the extent of making this useless. Taps are useful at the stage where the criminal does not yet know how suspicious the leos are of him/her. Everyone who commits a crime is not a criminal mastermind with an evil tech wizard advising them on how to stay one step ahead. Email taps will be helpful for leos, and public watchdogs will continue to act against excesses of all kinds by leos. Its not really that big a change if the taps are held to pre-existing standards of survielance.
-Kahuna Burger
Re: Echelon does this already (Score:2)
Imagine your boss giving you the feedback: "Ooops, your poorly worded e-mail got the organization into trouble today..."
Your last jibe about corporate spying could shed more insight into the continued Echelon sabre rattling...
US spy relic has Europe talking quietly [boston.com]
(I doubt the referenced corporate example was from a *random* Echelon interception.)
What's the point? Won't criminals just wise up? (Score:2)
From the article:
So, won't criminals just use PGP and anonymous remailers (based in other countries with strict privacy laws) now?
Citizens should be pushing for constitutional protection of privacy (in nations that don't have it already; it exists in the US, but only by Supreme Court fiat, AFAICT). Unless you think it's OK to read your mail before even charging you with anything.