Net Taps Without Warrants? 474
disappear writes "In the wake of yesterday's threats to cryptography, more ominous news: Wired News reports
that a bill permitting warrantless Internet surveilance has been passed by the Senate." This is just part of the expected and unfortunate backlash from tuesday. The terrorists are winning simply because the govt. can use their threat as a blank check to take away our rights. The worst part is that this will do no good whatsoever. Does the govt really think that crypto export restrictions have prevented terrorists from having strong crypto?
Backdoors. (Score:5, Insightful)
Re:Backdoors. (Score:2)
Re:Backdoors. (Score:2)
This is a bill just as much against Open Source or Free Software as it is against crypto. What's even worse (if it can get worse) is that personal development could be outlawed unless you sign an agreement not to share your source or similar. Maybe even a 'programmer' license, with only licensees being allowed near a compiler.
/Janne
Re:Backdoors. (Score:2)
Possibly. I think it would be damn near impossible to prevent people from getting OSS crypto, not that they wouldn't try to stop it anyway
Re:Backdoors. (Score:2, Insightful)
I would need to research the details for specific examples.
Re:Backdoors. (Score:4, Insightful)
The counterpoint to that is that they can detect whether or not your data is encrypted. If it's encrypted, they'll decrypt it, and if they can't decrypt it, they've got you on a violation for not using back-doored software.
The counter-counterpoint to that is to just use the backdoored software, but to encrypt what you send through it (2 layers).
Then technicly you are not violating the law. So, if they are stupid enough to pass this law maybe they are not smart enough to consider the possibility that the "plaintext" is not really plaintext.
If they bring you up on charges of nothing other than not using backdoored software, then you know that they decrypted your messages. If that required a warrant, you could get the case thrown out on that technicality alone. Not requiring a warrant makes that defense impossible. I have not had time to digest the bill, but it appears to be written so that they would have to justify that it was in the interest of national security for them to know what you said to your aunt Martha.
Of course, the real terrorists will also use the backdoored software, but they will stego everything they send through it. Well, here on Slashdot, it's almost a truism that these laws don't work... would that it were the same in the larger world.
Re:Backdoors. (Score:2, Interesting)
The counter-counterpoint to that is to just use the backdoored software, but to encrypt what you send through it (2 layers)
Or send some true random data or claim that was what you sent. It is almost impossible to distinguish hard crypto without headers from true random data. It is impossible to distinguish an one-time-pad encrypte message from true random data.
Would that mean that creation, possession and transmission of random data would also be outlawed? Possession of a dice or a coin get you sent to prison for "owning illegal munitions"?
Worst case scenario (Score:2)
Re:Worst case scenario (Score:2)
Oh, if only that were true, then maybe would have a chance at "mutual transparancy" as described by David Brin. Here is an exerpt of his book [wired.com] from Wired. Brin says either we can have the government watch us and we are oblivious to what they do, or we can watch each other, and demand full accountability from the government. I fear that the government WOULD NOT be using the backdoored software. They would defend it in the interest of "national security" and sadly, most people will simply accept the fact that they are restricted to backdoored software while the government has full access to heavy crypto.
Re:Backdoors. (Score:2)
They can only enforce this for encryption software in the US.
Terrorists will be able to leaglly use encryption Outside the U.S. to do their planning.
There are other ways to send secret messages. I could post three goatsex trolls plus a Martian to signify message #14. A terrorist previously in a closed room could have memorized item 14 to be Redmond at dawn.
Re:Backdoors. (Score:2)
Outside the US, many governments will happily use this pretext to spy on their citizens. The UK has a long and dishonourable history of using terrorist attacks to extend state powers.
And countries that don't do what the US wants will be accused of habouring terrorists. I doubt you'll see the EU questioning Echelon any more, for example. And my own home is unlikely to want the US Pacific Fleet to turn up.
In fact, the main beneficiary of all this are US intelligence and millitary organisations. Poof, no moew hard questions about echelon, or Carniovore. Why you'd want to give more power to the very agencies who've not only failed to protect US Citizens, but actually funded and trained bin Laden is beyond me.
If I were a conspiracy nut, I'd start to wonder if the spooks staged the whole thing.
Who exactly (Score:5, Interesting)
Simple: The FBI is, when they knock on the terrorist doors.
If your computer is caught sending packets that are labeled (e.g. GPG headers) as encrypted, your computer will either be bugged to get your password or seized to search for plaintext secrets. In theory, this will allow terrorists to be subjected to legal scrutiny while they are still conspiring about acts of terrorism but before those acts are committed.
In reality, it won't work that way:
In otherwords, we're giving the government authority to review every law abiding citizen's digital communications, without judicial oversight (the FBI had your email, and you're going to take their word for it that nobody, with or without official permission, looked at it?), and without impairing the ability for lawbreakers to engage in undetected low-bandwidth communications (and you don't exactly need to videoconference to plan a terrorist attack) at all.
Did I miss anything?
Re:Who exactly (Score:2)
So could just about any multimedia file on the internet. Did that MP3 come out sounding lousy because you used an old encoder, or because you tried to pack in too many encrypted bytes? Do those photos on your web page look grainy because you used too fast a shutter speed, or because you've got hidden data in the low order bits? Does that AVI take up too much space because you used a codec optimized for slow CPUs, or because you packed explosives_manual.txt into it somehow?
Superficially, the steganography problem looks a whole lot like watermarks: one side wants to pack hidden data into a media file, the other wants to stop it... but it's completely lopsided in the other direction, because while we can filter and reencode the CD industry's "secure" data files to our hearts' content, the government doesn't have write access to a hundred million webpages.
Preventing, or even detecting, the use of cryptography is impossible! It's like trying to legislate pi=3, except it's a bit harder to explain the problem to your Congressman...
Re:Backdoors. (Score:2)
where was ECHELON during all of this? (Score:2, Interesting)
I hope not (Score:5, Interesting)
The problem with backdoors is that the terrorists might get access to them too, or enemy nations, etc. Or even criminals. Just think, with these master keys, they could eavesdrop on e-commerce transactions protected with SSL and steal credt card numbers...
Mistakes will be made? (Score:2)
Instead of those magic laws that solve all the world's problems, I suggest this: allow people to be free, but keep a technically competent, highly motivated, well paid, corps of crime fighters active at all times.
Re:Backdoors. (Score:2)
Not as bad as it sounds (Score:4, Informative)
Many civil liberties are restricted during threats to "National Security." Ever heard of martial law and curfews?
Re:Not as bad as it sounds (Score:5, Insightful)
Re:Not as bad as it sounds (Score:2)
This country has never had martial law declared.
Re:Not as bad as it sounds (Score:2)
Re:Not as bad as it sounds (Score:2, Informative)
Re:Not as bad as it sounds (Score:2, Insightful)
Re:Not as bad as it sounds (Score:3, Interesting)
Circumstances that don't require court orders include an "immediate threat to the national security interests of the United States, (an) immediate threat to public health or safety or an attack on the integrity or availability of a protected computer."
I wonder if "an attack on the integrity of a protected computer" could conceivably include technological access controls on a copyrighted work?
Re:Not as bad as it sounds (Score:2)
I am not a lawyer, contact one for legal advice.
LOOK AT THE AMENDMENT (Warning: LOTSA legal cites) (Score:4, Informative)
Yes, this is scary stuff. Pay attention to section (E) and you'll see that it only refers to those crimes which 18USC1030(c)(2)(C) applies. From that section:
Now, let's go looking at (a)(4), (a)(5)(A), (a)(5)(B), or (a)(7), for those of you with clean sheets (if you don't have one, you're hosed, as pretty much anything under 18USC1030 gets punished under (c)(2)(C) if you're a repeat offender, as the other portions of (c)(2)(C) point out):
Note that (a)(5)(C) was specificially excluded:
Subtle shading between (a)(5)(B) and (a)(5)(C), but the key is recklessly causing damage versus simply causing damage.
Essentially, going item by item, if you
then you're open to this, according to the law . Now, all the white hats, and an overwelming majority of the grey hats, can likely agree to these conditions. That being said.. There are enough loopholes here to drive a truck through, and I doubt that prosecutors will take the full time to research those specific sections of 18USC1030 which this newfound power would allow them to use. Three cheers to the first person who beats the "slam dunk" case because a prosecutor got a little too zealous in their wiretap and blows the chain of evidence right at the start.
Now, let's look at what this law does NOT cover from 18USC1030. Let's kick it first with (a)(2) and (a)(3).
Wait a second... You can hack (without the non-judicial wiretap, though you're still fux0red under existing law) BANKS, THE GOVERNMENT, AND ANYTHING ELSE, so long as you're not under (a)(4), (a)(5)(A), (a)(5)(B), or (a)(7) as well.
Even further, under (a)(6), also not covered under the Anti-Cyberterrorism amendment, you can keep trading passwords (without the non-judicial wiretap--again, you're fux0red under current law though).
In all, it's pretty bad, but they could've done worse. If you give ANYONE the legal authority to wiretap without judicial oversight, you're giving a monkey a loaded revolver. In this case, however, the monkey's more likely to shoot itself than it is to shoot you.
ObDisclaimer: I am not a lawyer, but I play one on Slashdot.
Microsoft == Taliban (Score:2, Funny)
Re:Microsoft == Taliban (Score:3, Funny)
Fookin bizarre.
Conventional and Unconventional Wars (Score:5, Insightful)
I wonder if the Internet was used heavily in this action, and if it would be used heavily by such groups in the future. we all know the security issues involved with using technology (and read that as a privacy issue as well). Its been reported that bin Lauden doesn't use cel phones or other wireless devices any more to keep the US from triangulating or tapping in on his communications. Much as I hate to admit it, these people arn't stupid. Tapping the internet without warrants won't keep them from communicating, they'll go to other methods less easy to tap.
Meanwhile we loose a bit more of our own liberty. There is the first lesson, and likely the terrorist's first victory.
Re:Conventional and Unconventional Wars (Score:2, Informative)
Passing a bill to allow for unwarranted searches strikes me as being another reaction made by leaders who weren't born to lead.
Re:Conventional and Unconventional Wars (Score:2)
Anybody know exactly how these terrorists use encryption and the internet?
Re:Conventional and Unconventional Wars (Score:2)
I wonder if the Internet was used heavily in this action, and if it would be used heavily by such groups in the future.
This article [msnbc.com] talks a little about bin Laden's use of technology, and this article [humanunderground.com] in particular mentions the NSA's efforts towards listening to bin Laden in the past.
Thats wyat the Supreme court is for (Score:3, Funny)
The congress will push, the courts will push back, and life wil lgo on as it has in the US.
I get the feeling a significant cross section of slashdot just likes to run around hystericly like the sky is falling.
Re:Thats wyat the Supreme court is for (Score:5, Insightful)
That's dead wrong, and life does not just go on as usual for many people in the U.S.. You obviously need to brush up on your history, as an immediate example comes to mind: the Espionage Act of 1917. Passed in support of WW1, it horribly abridged freedom of speech. People were thrown in jail with extremely long sentences for such things as writing communist literature, and one man was beaten to death after being arrested under it. Here's [schoolnet.co.uk] the best web page I could find on it in short notice, but I recommend heading down to the library and finding a good history book.
PGP Links... (Score:2, Informative)
MIT PGP Link: http://web.mit.edu/network/pgp.html
International PGP Link: http://www.pgpi.org/
Totally Unfortunate (Score:4, Insightful)
Similarly FBI and the Govt would use Carnivore in a similar way, touting its use among the people without deriving anything valuable out of it. And when the war against Bin Laden is over, they would turn it on us, the people. By then, it would be too late. Any efforts to revoke Carnivore would never win, as the Govt would be quick in pointing out that its needed to prevent further bloodshed, and the Congress would happily send Carnivore on its way.
Civil Liberties have been trampled on the ground once again and theres nothing we can do about it right now. Lets stand on the sidelines and watch, for now.
Bye, bye war on drugs (Score:4, Interesting)
"1984", author George Orwell, 1949, ISBN 0-679-41739-7
Re:Bye, bye war on drugs (Score:2)
http://www.seebo.net/iron.html
Forgot HTML 101 (Score:2)
[What's this lameness filter message?
Your comment violated the postercomment compression filter. Comment aborted ]
Re:Bye, bye war on drugs (Score:2)
Re:Totally Unfortunate (Score:2)
What I find especially unfortunate is the ossification of thought this shows in our government. We seem to be stuck with decades old ways of coping. Clamp down on the press and dissent generally. Wage conventional warfare. Dehumanize your enemy. If they consider encryption backdoors and warrantless searches an important part of our protection it reflects a huge error in judgement, or an intentional power grab, not sure which is worse.
Let's hope they use better thinking, or have better motives for the other things they do in our defense. I am not hopeful.
Re:Totally Unfortunate (Score:2)
This is the part I don't get. The governments of democracies in the western world do have sophisticated intelligence-gathering apparatus at their disposal, be it Carnivore, Echelon or whatever. Legally or otherwise, I don't think anyone's kidding themselves that the governments are not using this stuff. And yet, they failed to spot the most damaging terrorist attack in history. That can lead to only one conclusion that I can see.
Spyware doesn't work.
That being the case, I find it incredible that supposedly democratic nations are proposing to do more of this stuff, even without accounting for the immense cost to civil liberties that increase represents. When you consider that cost as well, it's beyond contempt. Are they not then giving up their fundamental values, the very things those terrorists want to undermine?
It is tragic that so many people died this week, and my heart goes out to their loved ones. It will be even more tragic if the wrong lesson is learned, and their deaths are for nothing.
Any evidence? (Score:5, Insightful)
Here's a great idea (Score:2)
It seems that the idea here is that the network is different from other, more traditional communication networks (telephone, fax, mail, newspapers, etc). I don't see that much of a difference, and I would like our legislature to tell us why the net should be treated differently. Not that they will, but its a nice thought.
Which brings me to the next idea. Could a constitutional defense be brought up against this law? If you need a warrent to tap phones, and a warrent to open someone's mail, why should the networks be any different? While our lawmakers might not ask this question, a good lawyer might be able to make a judge ask them.
Until then, PGP and SSH. Encryption will save the day. The only problem is with protocols that don't have encryption (a lot of the IM's I use since that's what the majority of the people I communicate use, IRC (with some exceptions), simple webbrowsing, etc. There are hacks for some of these, but not all of them. The net is insecure, and the bullies out there include our government. What can we do to harden our defenses?
This is a bunch of CRAP. (Score:2, Informative)
List of Senators and Contact info [senate.gov]
Like they'll listen now... (Score:2)
I doubt you'll get much of an audience. I know in reality restricting encryption won't make any difference as encryption is widely available outside the US but after what happened, the so-called "intelligence" community has been perceived as having their dicks in the wind when this was going down. Now they are trying to save face. What they really need to concentrate on are the gaping holes in aviation security as well as more thorough scrutiny of those entering North America. Soliciting the cooperation of Canada and Mexico will be essential.
Re:This is a bunch of CRAP. (Score:5, Interesting)
Dear XYZ,
Like you, I am aggrieved at the tragic loss of life resulting from the horrendous events of Sept. 11. Every American has been touched by this trauma which will linger forever in the memory of our nation.
Though I want to see the perpetrators of these acts brought to justice, I must beg you not to compromise American civil liberties in your pursuit of justice. The loss of American citizens' ability to move and communicate freely would be a greater casualty than the thousands killed Tuesday morning.
Benjamin Franklin said that those who give up necessary liberties for security deserve neither security nor freedom. I must echo his sentiment. Do not allow our sacred rights of freedom of speech, association or movement to be abridged in the coming days of difficult choices. America's enemies hate us precisely because we are a free and open society, and they fear the potential that that represents. Do not give them the victory they cannot themselves win by destroying the core of our society, our beloved liberties.
God Bless America,
Text of the debate and amendment (Score:4, Informative)
Sen. Leahy (D-VT) and Sen. Levin (D-MI) are the only ones asking for restraint and thought before bulling forward with this amendment to the Commerce, State and Justice appropriations bill (which is sure to pass).
Re:Text of the debate and amendment (Score:2)
The ammendment is actually surprisingly layman-readable. It appears that most of it is fairly straightforward stuff; telling various government agencies to carry out studies to see what they should do to help out with their corner of combatting terrorism. Those parts should be relatively noncontroversial.
It gets a bit more interesting toward the end, where they appear to be ammending existing rules for wiretaps. Unfortunately, because those parts are mostly adding phrases to existing laws it's a bit tougher to follow, but it looks as though most of what they're doing is adding language expanding existing rules about phone taps to network taps. That bit should also be relatively uncontroversial, because existing rules for phone taps are fairly strict. The part that's really bad is at the very end, where they expand the rules for when authorities are allowed to use taps without judicial review. I'm always very worried about laws that negate important rights in "Emergency Circumstances"- the description of when the special rules are in effect. Even worse, the circumstances are fairly vague. What exactly constitutes "immediate threat to the national security interests of the United States" or "immediate threat to public health or safety"? Those both provide a lot of wiggle room.
Re:Text of the debate and amendment (Score:3, Insightful)
Now I have an answer. Less than 72 hours.
Write your Representative [house.gov] and your Senator. [senate.gov] Compose a well-reasoned letter and urge them to NOT trample on the freedoms of the People of America. This bill is simply a facade of terrorism detection plastered over a first step in the abolishment of the 4th Amendment. It will affect only the law-abiding citizens of this country instead of the ones it is being promoted to target. Funny how Hatch and Feinstein have a history of that, isn't it?
I live in Indianapolis, and I will spend a goodly amount of time this weekend composing a letter to Senator Richard Lugar. [senate.gov] The Representative for my District is Julia Carson. I will also write to her as well, but she has spoken out against the Bill of Rights during her campaigning, so I am afraid I will be speaking to an enemy of the American people.
ANY law that is a blow against the freedoms of the people is a success for those who would destroy freedom, including terrorists.
Are rights under attack (Score:2)
I found this very pertinent... (Score:4, Insightful)
I'm hoping that one of my USian friends put this in front of the right sets of eyes. Let freedon reign.
Soko
What's so hard about getting a warrant? (Score:2)
Or maybe you keep federal courthouses staffed with at least one judge with a security clearance 24x7, if its so important.
Benjamin Franklin said it best... (Score:5, Interesting)
"They that can give up essential liberty to obtain a little temporary safety
deserve neither liberty nor safety."
- Benjamin Franklin, Historical Review of Pennsylvania, 1759.
Citizens are the true enemies of government. (Score:2)
As the war on drugs and various other zero tolerance policies and similar idiocracies proved, the true enemy of the government are within. The citizens are the ones that are a target of every government in the world, be it the eastern or western block or the 3rd world countries or the middle east countries. Its same all over.
Even the terrorists get more respect and care from the government than their own citizens. Recent support of US for Chechna conflict that was supported by the same Osama bin Laden who is said to be behind the recent attacks and the same one who was trained by CIA for a terroristic actions against superpower (at the time Russia invading Afghanistan).
These terroristic attacks are merely an excuse of the government to leverage more laws in the war on its own citizens. Before you will think about oppresion, just think about the number of people who sit in the jail for completely harmless crimes. If smoking pot is so dangerous, why the tabaco smokers (much worse drug) are not serving even longer terms? I bet they would, if half of the legislators would not be heavy smokers of tabaco themselves.
The government will not prevent terrorists from having strong cryptography, but thats not the goal, they can always bomb them afterwards in the worst case. And these attacks help them get through more anti-citizen laws. (DMCA, SSSCA, anyone?) Its the citizens that need to be watched at every steps and no warrant wiretapping and backdoor in avg. Joe's crypto is exactly what every police state needs.
The internet is actually showing in last years how much is government trying to be in control and that there are not many differences between how US and Russia govt. operate after all. They need to do something about it FAST. Expect more soon. I can see the zero tolerance policy against any use of cryptography in near future.
If you have anything to hide, you are criminal!
Enjoy!
The TRUTH! (Score:2, Insightful)
irresponsibility. Washington has pursued a course that has inflamed
the hatred of large sections of the world's population, creating
an environment in which recruits can be found for bloody terrorist
operations. In rare moments of candor, foreign policy specialists have
acknowledged that the actions of the United States provoke hatred and
the desire for retribution. During the Balkan War, former Secretary of
State Lawrence Eagleburger stated: "We've presented to the
rest of the world a vision of the bully on the block who pushes a
button, people out there die, we don't pay anything except the
cost of a missile
trying to deal with the rest of the world in the years ahead."
This insight has not prevented the same Eagleburger from declaring
Tuesday night that the United States should respond to the destruction
of the World Trade Center by dropping bombs immediately on any country
that might have been involved.
The same media that is now screaming for blood has routinely applauded
the use of violence against whatever country or people are deemed to
be obstacles to US interests. Let us recall the words of New York
Times columnist Thomas Friedman, who had this to say to the Serbian
people during the US bombing campaign in 1999: "It should be
lights out in Belgrade: every power grid, water pipe, road and
war-related factory has to be hit.... [W]e will set your country back
by pulverizing you. You want 1950? We can do 1950. You want 1389? We
can do 1389."
Given this bloody record, why should anyone be surprised that those
who have been targeted by the United States have sought to strike
back?
George W. Bush's address to the nation Tuesday evening
epitomized the arrogance and blindness of the American ruling class.
Far from America being "the brightest beacon for freedom and
opportunity in the world," the US is seen by tens of millions as
the main enemy of their human and democratic rights, and the main
source of their oppression. The American ruling elite, in its
insolence and cynicism, acts as if it can carry out its violent
enterprises around the world without creating the political conditions
for violent acts of retribution.
In the immediate aftermath of Tuesday's attacks, US authorities
and the media are once again declaring that Osama bin Laden is
responsible. This is possible, although, as always, they present no
evidence to back up their claim.
But the charge that bin Laden is the culprit raises a host of
troubling questions. Given the fact that the US has declared this
individual to be the world's most deadly terrorist, whose every
move is tracked with the aid of the most technologically sophisticated
and massive intelligence apparatus, how could bin Laden organize such
an elaborate attack without being detected? An attack, moreover,
against the same New York skyscraper that was hit in 1993?
The devastating success of his assault would indicate that, from the
standpoint of the American government, the crusade against terrorism
has been far more a campaign of propaganda to justify US military
violence around the world than a conscientious effort to protect the
American people.
Moreover, both bin Laden and the Taliban mullahs, whom the US accuses
of harboring him, were financed and armed by the Reagan-Bush
administration to fight pro-Soviet regimes in Afghanistan in the
1980s. If they are involved in Tuesday's operations, then the
American CIA and political establishment are guilty of having nurtured
the very forces that carried out the bloodiest attack on American
civilians in US history.
The escalation of US militarism abroad will inevitably be accompanied
by intensified attacks on democratic rights at home. The first victims
of the war fever being whipped up are Arab-Americans, who are already
being subjected to death threats and other forms of harassment as a
result of the media hysteria.
The calls from both Republican and Democratic politicians for a
declaration of war foreshadow a more general crackdown on opponents of
American foreign policy. General Norman Schwarzkopf, who commanded
American troops in the 1991 invasion of Iraq, spoke for much of the
political and military elite when he declared on television that the
war on alleged terrorist supporters should be conducted inside as well
as outside the borders of the US.
It is the policies pursued by the United States, driven by the
strategic and financial interests of the ruling elite, which laid the
foundations for the nightmare that unfolded on Tuesday. The actions
now being contemplated by the Bush administration--indicated by
the president's threat to make "no distinction between the
terrorists who committed these acts and those who harbor
them"--will only set the stage for further catastrophes.
the goal is to make crypto use stand out (Score:2)
No.
The government thinks that they can discourage use of cryptography by the general public. Thus those using cryptography will stand out, and thus can be given greater scrutiny. There are much easier ways to find the contents of a message than breaking cryptography (for example, keystroke recorders).
Terrorists are the perfect enemy (Score:4, Insightful)
Sadly, terrorism is the perfect threat for those who want to take liberties away. Liberties are always curtailed in wartime (read the Bill of Rights: writs of habeus corpus can be suspended during war) and everyone in Washington is saying that this is a war. But in a normal war there's a clear enemy, and some way of telling when the war is over. Fighting against terrorists, though, there is nothing but a mass of shadows. There's no way of telling when they've all been caught of have given up, so there's no way to tell that the fight is over. That means that there's no time when the liberties that are ignored in the interests of pursuing the war should be reinstated- so they likely never will be. We must fight to preserve them now or we can kiss them goodby forever.
FUD from Wired. Notice the "?" in the Headline. (Score:5, Informative)
It is still very difficult to get a wiretap warrant, both for email and telephones; the burden of proof is extremely high. Now, I'm not saying illegal wiretaps are not done, but it's still just as difficult to get one legally. I'm not in law enforcement, but I'm also not a paranoiac. Mod me down for both acts of reason.:P
jaz
MOD Parent up! (Score:2)
Anyone notice... (Score:2)
Carnivore, facial recognition, et al (Score:2, Informative)
This is precisely what I was worried about when talking with my friends the other day. Already an anti-encryption rider has passed through Congress with the $40 billion worth of aid. Once we start to let the government take one small thing away from us in the realm of privacy, we are more likely to allow more.
There is much talk of installing facial recognition software (which many people have pointed out has many flaws resulting in false matches) at airport concourses, customs and gates. Even furthur, there are those who are planning to install such things at sporting events like the Olympics much like they did at the Super Bowl last year.
What really concerns me is that most people seem to be accepthing this without question. Again I ask, who will be using this data? For what ends? With what warrants? How will they know what to check?
Write your congressional representatives and ask these questions. If they can't answer them well enough then this should not be allowed.
Any loss of freedom is a loss for all freedom.
Chris
Is this so bad? (Score:2, Insightful)
I have a hard time with the common view around here that:
- The government should stay out of our business
- Unless we happen to be Microsoft
Maybe I'll lose kharma over that, and maybe my views are skewed by the recent attacks, but I'm pretty sure the government has no wishes to read your email or spy on your telnet sessions. That's not what this is about. I actually think this is more along the lines of something I've heard a lot about on CNN lately, regarding making sure the authorities have no obstacles in their way of obtaining the information they need to prevent terrorist attacks and such. I think this is only a small part of that, but of course since it involves the internet and "privacy", it's
I'm all for constitutional rights, don't get me wrong. If someone is spied on without just cause, they should (and I think do?) have every right to pursue legal action; but as I heard quoted on CNN (I've been glued to it for 3 days now), "this is a new world". I do not think anyone is going to be spied on without good reason.
There are many things changing all of a sudden that might be a bit drastic; most of the new air port security standards would not have prevented Tuesday's attacks. But this particular issue doesn't sound to me like it will really affect any of us, unless the government have reason to believe there is a national security issue.
Who is "the government"? (Score:2)
If by "the government", you mean President Bush, I agree completely. You'd probably be right about 99% of Congress, too. If the government was a monolithic hive-mind, we'd have no more worries.
But isn't the NSA part of the government? The FBI? The CIA? The Houston Police Department? The State Senator you've been helping a political campaign against? The FBI agent that Senator asked for wiretapping assistance, who thinks your Slashdot posts smack of communism? The sysadmin who set up that agent's computer, who thinks he can snag blackmail-worthy personal information with a ten line perl script? The script kiddie who found a computer left unpatched by that sysadmin over a 3-day weekend?
If I send an encrypted message from myself to my friend, then unless one of us gives it away or one of our computers has been compromised, our message is safely restricted to us. Do you think it's that easy to safely restrict that message to 3 people instead of 2? No. 300, maybe.
But this particular issue doesn't sound to me like it will really affect any of us
Not all of us. Everybody who never sends private information over the internet should be fine.
unless the government have reason to believe there is a national security issue.
When will the government not have reason to believe there is a national security issue, now? When terrorists around the world decide to work toward peace through song instead? Perhaps measures like this would be palatable if this were a real war (although if it was, wouldn't the last thing we want be civilians' "loose lips" flapping unencrypted?), but real wars end eventually. This threat will never end, and so anyone who suggests a "temporary" measure towards reducing it is trying to sell you a lie.
Re:Is this so bad? (Score:2)
But this sort of thing has happened in the past. It may not have involved MP3 files, but people have been persecuted for things an American might consider equally trivial. Are you, or have you ever been associated with the Communist party?
It seems strange to us that an otherwise sane populace could ever elect or support some of the totalitarian regimes that we read about in history textbooks. Strange, at least, unless people's actions are taken in the proper context. Fear and uncertainty, continuous crisis-- these things gradually lead people down a dangerous path. Fascism wasn't born full-grown; it developed over time in people's minds as a reaction to constant fear and anger.
You imagine that Americans are too sane to give up any of the really important liberties. You imagine that we're a strong people, not capable of being manipulated by our leaders. If that's the case, then how did we arrive at McCarthyism? What about Vietnam, the bombing of Cambodia? Japanese internment camps? Yes, we moved on from many of these mistakes, but only because we realized that the threat was not what we thought it was. And not before we'd done a lot of damage. But if we're really "at war" now, meaning that this Tuesday's horror will become a way of life for us, look for America to change in a great many ways. Don't count on our sense of morality and righteousbess to hold us back from great mistakes.
In any case, don't expect simple black-and-white arguments and solutions. It's the nature of society that we all have to give up some of our freedoms. But we all have a duty to prevent this abdication from snowballing into totalitarianism. We have to prevent ourselves from doing harm to our fellows-- this is why we have a case against Microsoft. But it's also important that we question every act that is taken in our name that might impact our freedom. There are plenty who have desperately tried to keep the government away from Microsoft, regardless of the court findings, simply because they believe the government should exercise great restraint when interfering with a corporation's rights. Hopefully there would be an even greater number who who would defend our right to communicate privately because this issue affects all of us. Unfortunately, after this disaster, those people are likely to be more concerned with the perception of safety than with abstract concepts such as personal freedom.
I believe in safety too. But what we need to ask ourselves, before we shrug this law off, is whether it provides enough safety to balance out its impact on our freedom. In order to do so, we need to be rational about it. At this point, there is unlikely to be any sort of rational discussion on the issue, and this is why we have an even greater duty to bring it up.
Wrong way of thinking about it ... (Score:4, Insightful)
::flamesuit on:: Actually, that's probably not the reason the gov't wants to ban crypto. Think about it for a second:
Every day thousands of geeks and perhaps dozens of terrorists send back and forth messages that have been encrypted. The geek messages may be frivolous, just simple messages about life and groceries and the kids and other trivial things. Even if they have a right to, there's no real reason for geeks to encode these things. Big Brother doesn't give a rats ass about what you're writing.
Now, make it illegal to encrypt messages (example) and this flow of messages from the geeks will cut of SLIGHTLY. However slight, the decrease in the number of encrypted messages intercepted per day could drop, thus translating into fewer messages that need to be decrypted and thus translating into faster processing time for the NSA (or whoever).
Do I support this? No. But I don't think the
Give the gov't some credit. They're not stupid. Just misguided and corrupt.
the new motto will be... (Score:2)
But really, I'm going to wait and see what happens before I condemn Congress for this.
For one thing, it seems the interference with civil liberties is well known even to the nightly news anchors, so it's not just a few of us geeks vs. everybody else. A lot of people are wise about these things and they'll get the message across.
Though if you want to mail your congressperson a letter, be sure to include a small paragraph or two describing basic RSA encryption, to demonstrate how simple it is to implement and how the algorithm could be easily memorized by anyone with advanced math skills.
The backlash has started. (Score:3, Insightful)
Sixty years ago, out of fear and anger, members of my family, along with thousands of other Canadians and Americans of Japanese descent were put in internment camps. I say this to remind people that, the road from finger pointing and mindless reprisals to invasion of privacy, censorship and suspension of individual freedom is very short indeed. With all the recent media comparisons to Pearl Harbor, I fear that history may be heading in a very disturbing direction.
Vigilance is paramount now, not in looking for scapegoats or suspects, but in watching for government abuses. Don't look back twenty years from now and think "I can't believe such an abuse of civil liberties happened in this country". It may be happening already.
Re:The backlash has started. (Score:2)
What I want to know is when are formal charges going to be filed against staff members at the Logan airport? We already have systems in place that would stop this but they were "too expensive" or "too inconvenient" and now 5000 people are dead. Thats criminal neglect on the part of security at Logan and the Federal Aviation Regs (FAR -- also 14 CFR) already describe the penalties for inactions resulting the the deaths of passengers. We don't need any new laws, we just need to stop ignoring some of the ones we have.
Moving the discussion forward (Score:2, Insightful)
While I fully agree with the point they try to make, I really cannot imagine that it hasn't been made in the legislative bodies as well. Your aaverage politician really is not that stupid, even if it is trendy to claim otherwise.
So I'd like to request that instead someone who has talked to these people or who has read the proceedings of their meetings tells us exactly why this argument isn't being accepted, or why it is being overruled. No speculation and no "because their morons" statements, please. Just the facts.
Reiterating the same thing over and over in front of the same crowd of devoted followers is not going to change anything other than your /. karma. What really needs to be done, is to find (and then propagate) the proper reply to the reasons why the people who see things differently hold that opinion. Only then do we stand a chance of getting anywhere.
Breeding Complacency (Score:5, Insightful)
Complacency contributed to this disaster. The couple of security exposures I can highlight immediately: 1) You don't have to go through a security checkpoint again when you get off a plane and board a new one. You should. 2) Procedures for pilots handling unruly passengers. Were pilots trained to hole up in the cockpit and land at the nearest airport (And possibly lower the cabin pressure to the point where everyone in the back passes out) when something like this is going on, this incident would never have happened. Cryptography is not the danger, complacency is.
The Internet is already years behind where it should be because the US Crypto Stance has pretty much eliminated the possibility of a commercial software package using cryptography on a large scale. Cryptography is vital for the authentication of identity on the net and this application has gone largely unimplemented. How many illegal stock manipulations would have been prevented if all companies PGP signed all their press releases, for instance? And spam could be all but eliminated if everyone encrypted their E-mail and refused messages not encrypted to their key. It seems to me that lawmakers want to put the genie back into the bottle not by eliminating all crypto software but by eliminating the Internet itself. This is just one of several increasingly unfriendly pieces of legislation introduced recently.
Re:Breeding Complacency (Score:2)
That's a very interesting suggestion but it has some weaknesses.
1) At low altitude it won't work, because the external air pressure is high enough. So as you try to land you're going to be dealing with some really ticked off terrorists.
2) Wouldn't the oxygen masks drop? (maybe it's controlled by the pilots..) The terrorists could just work their way up the aisle stabbing anyone who resisted.
Digging deeper I found.. (Score:2, Informative)
Relevant clipped text:
"(a) IN GENERAL.--(1) Upon an application made under section 3122(a)(1) of this title, the court shall enter an ex parte order authorizing the installation and use of a pen register or trap and trace device if the court finds that the attorney for the Government has certified to the court that the information likely to be obtained by such installation and use is relevant to an ongoing criminal investigation. The order shall, upon service of the order, apply to any entity providing wire or electronic communication service in the United States whose assistance is required by effectuate the order." My emphasis added.
This can be applied to much more than the 'net. I am glad to live in Utah, so I can NOT vote for the Honorable Sen. Hatch next election.
Bush Sr about HUMINT... (Score:2)
He then offered a broad criticism of the evolution of the C.I.A., saying it had moved too far away from "human intelligence," involving agents who infiltrate organizations, to relying on the Internet, bugs and satellites.
"Many of our human intelligence sources dried up" because of the risks, Mr. Bush said, noting that using people who are willing to betray their friends and their country was a "dirty business" filled with "unsavory" characters, but perhaps necessary.
He said the nation needed to "strengthen our intelligence," adding, "I think you're going to see a little effort to do that."
In other words, simply banning encryption isn't going to make the problem go away. Somebody is going to have to go out and get up close and personal with these scumbags.
It's not overseas terrorists... (Score:2)
Now, I'm NOT saying that I am in favor of this, or the backdoor encryption rules. But in the WTC/Petagon attack, the thugs were living in the US for a while. One can imagine that they were communicating and firming up plans.
By and large, if someone is going to strike at the US with a terrorist attack, they will communicate with someone in the US. Unless they are going to launch missiles at the US...and then we're back at the Missile Defense can of worms...
-jon
Crypto is still too hard (Score:2)
We really need crypto to be easier to use, if we want to combat routine, unnecessary, unaccountable, and and secret privacy violations.
Today, I briefly considered how I could make so that when two of my machines happened to be exchanging mail with each other, they would do so through a crypto tunnel (at the transport level, not the message-body level), but after looking at the documentation [sendmail.org], I realized that it would take me at least a week or two to get it working, if I'm lucky. And I just don't have the time.
The only way crypto is going to get used is if it's on by default.
We are so not there yet.
What's better, Carnivore or Terrorism? (Score:2)
If we can stop this madness from ever happening again without turning the US into a military state, I'm all for it. I don't just want action AFTER disaster strikes, I'd like action BEFORE this evil ever happens again.
There's ways to keep our Privacy (really, what do you have to hide? Not all of you are freedom-loving idealists!) and keep a grip on the wack-jobs out there.
Sunset Clause? (Score:2, Interesting)
we can't export it... (Score:2)
Who wins here? The terrorists. Now we get to live in a next to police state. JUst watch. First they take away crypto on the net, then they will allow phone taps, as well as cell phone taps. Then carnivore or some program like it will be required on teh net as well as some automated phone listening system. Then we can take away peoples right to go to the airport unless they are flying. They do it in India (I'm told from someone who would know). Then what?
We are at war on our own soil, with an enemy which we cannot see.
Personally, I don't have anything to really hide in "email" in the way of information. Of course this affects SSL so there goes the credit card online shopping....
Of COURSE they don't (Score:2, Interesting)
Of course not. But they will pretend that it is so, because it gives them a pretext which cannot easily be argued against in the present climate of public opinion (bomb the bastards etc.). The real motive has to do with the ruling elite's passionate desire to improve monitoring and control of citizens by the state. This is something I think is common to all governments unfortunately.
Ironic, isn't it. The one thing every democratic government fears is an informed and empowered electorate since that is the one thing that can remove them from their comfortable position. They can only remove the threat by centralizing control and keeping the public in the dark about what's really going on.
Under normal circumstances a democratic government can't get away with this easily (at least not in one fell swoop) but given a dire enough disaster they can blow it up into an national emergency and invoke all sorts of "special provisions" that were quietly sneaked onto the statute books but that most people never thought would see the light of day even if they knew.
What you are now beginning to see is the spooks coming out of the woodwork to seize what they no doubt see as a god-given opportunity before the sense of panic fades away and the people regain their senses.
It's not just the US either. Why do you think just about every other government jumped on the bandwagon? Most people in these countries are a bit shocked by the week's events but they're already used to terrorism much closer to home and an attack in New York is, well, thousands of miles away. Just something they saw on TV, like the civil war massacres and famines in Africa, the earthquake in India and so on. No, the reason these governments rushed to jump on Dubya's bandwagon is that they want a piece of the action too, so they can find a pretext to clamp down on their own populations.
I mean, there is Bush talking about an international collaboration to fight those prosecuting a war against "freedom and democracy" and yet even the Chinese government, author of the Tiannanmen massacre, is signing up for it.
Figure it out for yourself.
Cracking the back door... (Score:4, Insightful)
I'll bet that within a week or two, the backdoor is cracked, even if there is some 'sealing technique' used in the software. After all, they cracked Microsoft's AARD, and that was pretty thoroughly protected. Within another week, organized crime, Drug Lords, and even terrorists will have access to it.
Once the backdoor is cracked, encryption is effectively worthless for anything but protection against other law-abiding citizens. But that's not the worst.
One of the most essential uses of crypto is SSH, OpenSSH, and the like, so we can administer the machines that make the Internet hum. Even WinNT/Win2k uses an encrypted channel for admin. Except now we're mandated to use only crypto with a backdoor, and the blackhats can open it, too.
No secure remote administration. No secure credit transactions. No Internet. No nuthin. It all falls apart.
The meat of the issue (for me) (Score:3, Interesting)
Problems with Crypto Backdoors (Score:2, Interesting)
A good crypto program is based on a function f[x] such that f[x1] = k, and you cannot find x1 if you know the function f[x] and the encrypted k. This, folks, is hardcore advanced mathematics!
To add in a regulation that there be some "backdoor" (eg: some function that will always take g[k] = x1 for an encrypted value k). Once that function g[x] is known by anyone (f[x] would have to be made in a way such that g[x] must exist btw.. it doesnt just happen) then the communications of everyone that uses that encryption algorithm is compromised.
Think of the problems -- no secure transactions (haulting "e-business"), no secure transmissions of trade secrets (look at france -- the companies just moved to a different country), and generally no information is secure.
Now.. to find a way to convince/explain this all in everyday words...
ideas?
So you think you're safe (Score:2)
The Effects of Hatred... (Score:2, Insightful)
Warrantless 'National Security' E-Surveillance (Score:3, Insightful)
In Katz v. United States, Justice White sought to preserve for a future case the possibility that in 'national security cases' electronic surveillance upon the authorization of the President or the Attorney General could be permissible without prior judicial approval. The Executive Branch then asserted the power to wiretap and to 'bug' in two types of national security situations, against domestic subversion and against foreign intelligence operations, first basing its authority on a theory of 'inherent' presidential power and then in the Supreme Court withdrawing to the argument that such surveillance was a 'reasonable' search and seizure and therefore valid under the Fourth Amendment. Unanimously, the Court held that at least in cases of domestic subversive investigations, compliance with the warrant provisions of the Fourth Amendment was required. Whether or not a search was reasonable, wrote Justice Powell for the Court, was a question which derived much of its answer from the warrant clause; except in a few narrowly circumscribed classes of situations, only those searches conducted pursuant to warrants were reasonable. The Government's duty to preserve the national security did not override the gurarantee that before government could invade the privacy of its citizens it must present to a neutral magistrate evidence sufficient to support issuance of a warrant authorizing that invasion of privacy. This protection was even more needed in 'national security cases' than in cases of 'ordinary' crime, the Justice continued, inasmuch as the tendency of government so often is to regard opponents of its policies as a threat and hence to tread in areas protected by the First Amendment as well as by the Fourth. Rejected also was the argument that courts could not appreciate the intricacies of investigations in the area of national security nor preserve the secrecy which is required. The question of the scope of the President's constitutional powers, if any, remains judicially unsettled. Congress has acted, however, providing for a special court to hear requests for warrants for electronic surveillance in foreign intelligence situations, and permitting the President to authorize warrantless surveillance to acquire foreign intelligence information provided that the communications to be monitored are exclusively between or among foreign powers and there is no substantial likelihood any 'United States person' will be overheard. (http://caselaw.lp.findlaw.com/data/constitution/
The Senate Can Pass Any Damn Thing It Wants (Score:3, Informative)
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause,
supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
If I might rephrase a saying of the 60s. . . (Score:5, Insightful)
The enemy know where our weaknesses are. They have analized them carefully. Don't let them use political Akido to use our own force against ourselves.
The only way to preserve freedom is to grant it, and defend it.
KFG
1st ammendment (Score:3, Informative)
Occam's razor: (Score:3)
The cynical answer is "yes, of course they are".
...but sometimes I wonder. You and I both realize that these supposed "countermeasures" are completely meaningless in terms of terrorism, because we're Informed. The general populous is Uninformed.
Let's assume for the moment that the government is Informed. The certainly have the resources, and they have people working for them that know "what's up".
The simplest explanation is that government opprotunists are simply using this as an excuse to take away our civil liberties, so they can more effectively control us.
And to think they could be doing something productive with our tax dollars.
Columnist calls for Draconian Net-crackdown (Score:3, Informative)
http://www.politechbot.com/p-02514.html
In an opinion column in the London Daily Telegraph, John Keegan calls
for a combined US/Russian/British invasion of Afghanistan:
http://www.dailytelegraph.co.uk:80/dt?ac=006026
He then goes on to say, and I quote:
==========
"There are other current movements of which to take note, as yet
insubstantial but certain to gather concrete form. One is the retreat of
human rights lawyers from the forefront of public life. America in a war
mood will have no truck with tender concern for constitutional
safeguards of the liberty of its enemies. The other, which ordinary
Americans will have to learn to bear, is interference with their liberty
of instant electronic access to friends and services."
"The World Trade Centre outrage was co-ordinated on the internet,
without question. If Washington is serious in its determination to
eliminate terrorism, it will have to forbid internet providers to allow
the transmission of encrypted messages - now encoded by public key
ciphers that are unbreakable even by the National Security Agency's
computers - and close down any provider that refuses to comply."
"Uncompliant providers on foreign territory should expect their
buildings to be destroyed by cruise missiles. Once the internet is
implicated in the killing of Americans, its high-rolling days may be
reckoned to be over."
==========
The "Torygraph" is the most conservative of Britain's serious
newspapers, and is edited from (IIRC) the 30th floor of London's tallest
office tower, which overlooks London City Airport, from which STOL
planes take off pointing straight at the tower. I know, I've been there
myself, it scared me then. Their fear is excusable. Their
bloodthirstiness is understandable. Their stupidity is neither.
Ken Brown
Still serving the purpose of democracy? (Score:5, Interesting)
CmdrTaco: "Does the govt really think that crypto export restrictions have prevented terrorists from having strong crypto?"
This is such an obvious and sensible objection that it makes me wonder. My guess, and it is only a guess, is that a large part of the U.S. government no longer serves the purpose of democracy. The war may be, not on terrorists, but on the American people. My guess is that it is not conspiracy, but widespread government corruption.
That's the only conclusion that supports all the information. For example, the U.S. CIA trained Osama bin Laden. See the 1998 MSNBC article referenced in the first paragraph of What should be the response to violence? [hevanet.com] where I've tried to pull together some of the facts.
Whenever there is a problem, there seem to be two situations that go together: 1) The U.S. government intelligence agencies say they did not foresee the problem, and 2) the intelligence agencies had a years-long prior involvement with the person who caused the problem. Osama bin Laden is one example of this.
Another example is General Noriega of Panama who had a working relationship with the U.S. CIA for years before he was accused of drug trafficking. Was the exposure of Noriega caused by his not taking orders? A quick Google search on "Noriega General Panama CIA" [google.com] gave a link to a chapter in a book by Noam Chomsky, The invasion of Panama [zmag.org]. Chomsky's book is called What Uncle Sam Really Wants [zmag.org].
Another link on the first Google page was, The Real Drug Lords, A brief history of CIA involvement in the Drug Trade [magnet.ch] by William Blum.
Re:Question: (Score:2, Interesting)
This sort of thing has happened repeatedly throughout history, and it's one reason why the founders insisted on a Bill of Rights to explicitly protect citizens from the government.
Re:Question: (Score:2)
Re:Question: (Score:4, Insightful)
Kids today. Never teach 'em history.
Perhaps you ought to spend some time reading US history, focusing on government agencies who are supposed to be involved in law enforcement and the like.
During the time J Edgar Hoover headed the FBI, which was founded to focus on interstate crime, he refused to allow it to focus on the Mafia, and pronounced on more than one occasion that there was no such thing; all those high-profile Mafia busts of the thirties and forties were by the US IRS, or by State and Local police acting at the behest of District Attornies or Governors.
What did the FBI spend its time on? Un-American activities! The FBI spent most of the Fifties looking for "Communists" while ignoring the Mafia, and most of the Civil Rights era ignoring racial crimes while harrassing and trying to shut down Martin Luther King.
There's plenty of precedent to make you scared of the BFI getting more rights, because they're more likely to come after citizens exercising their democratic rights than criminals or terrorists.
For that matter, the NSA already have a bottomless budget, Echelon, and virtually no oversight. They have nearly limitless powers. Why didn't they notice this? Why would giving the BFI more power, like the NSA, help?
Re:NO nein nicht nay naught (Score:2)
Remember, after a war which resulted in several orders of magnitude more Americans dead on American soil (the U.S. Civil War) we did not give up our freedom in order to ensure security.
Surely 140 years has not dacayed our love of freedom so much that this relatively small (by Civil War standards) tragedy (by any standard) can cause us to falter! Aren't we a tad more patriotic than that? Don't we want to see the bastards LOSE more than that? Don't we want to be RIGHT more than that?
If so, we should have a lot more respect for the constitution than for our heat-of-the-moment blood-lust.
Re:let the paranoia begin (Score:2, Insightful)
Yeah.. deporting all Americans of the Muslim faith might stop it from happening again too. Of course that's a little more outlandish, but where do you draw the line? Appearantly in WWII it was somewhere just near that line of putting American citizens, some of whom were war veterans themselves, into camps as if they were no longer fit for citizenship. I don't know. At the time appearantly that seemed like a reasonable freedom to give up, so once this starts, who will stop it.. You?
Re:SSH (Score:2)
Do remember that SSH gives you other advantages than hiding your passwords, as important as that is.
Say you want to access a box behind a masquerading box. On the box behind the masquerader, you can run a reverse-tunnel (-R) to a box you already have access to. Then you can contact the box you normally have no access to through the box you tunnelled to. It comes in very handy when you have to support masqueraded boxes.
That kind of stuff, when you know how to do it, makes your bosses think you're some kind of god.
Re:This is not so bad (Score:2)
If you think the people handling that letter or handling the switchboards should stay the fuck away from the contents of the message traversing it, then why do you think that inet routers are any different?