FBI Adds to Wiretap Wish List 471
WorkEmail writes "A far-reaching proposal from the FBI, made public Friday, would require all broadband Internet providers, including cable modem and DSL companies, to rewire their networks to support easy wiretapping by police. The FBI's request to the Federal Communications Commission aims to give police ready access to any form of Internet-based communications. If approved as drafted, the proposal could dramatically expand the scope of the agency's wiretap powers, raise costs for cable broadband companies and complicate Internet product development."
Screw you, government! You pay for the upgrades! (Score:3, Insightful)
Bottom line: The FBI can go piss on itself. Fuck the system.
fp
Re:Screw you, government! You pay for the upgrades (Score:5, Insightful)
Regardless, this is pretty intrusive on the FBI's part. Even though it isn't a blatant intrusion into our private lines located within our home, it may as well be, since our direct line to the internet for 99.9% of the population runs through commercial ISP's. I hope someone cries foul on this proposal in support for the protection of privacy. However, with the state of most American's line of thinking, such a hope is far-fetched.
Re:Screw you, government! You pay for the upgrades (Score:4, Funny)
That may have been true a few years ago, but fortunately we now have an administration with the will and wisdom to make our children and grandchildren pay instead. So live it up and just hope you die before the bill shows up!
Re:Screw you, government! You pay for the upgrades (Score:5, Insightful)
If you think deficit spending started "a few years ago" or with the current administration, you're sadly deluded.
Re:Screw you, government! You pay for the upgrades (Score:3, Interesting)
Yes, Johnson wisely knew that Americans would only support a senseless war as long as they weren't made to pay for it. That's how deep even the most strident patriotism runs sometimes.
And I remember the aftermath in the 70s, too: simultaneously soaring interest rates and unemployment. Look for more of the same as the Bushies continue to follow Argentina's example...
Re:Screw you, government! You pay for the upgrades (Score:4, Interesting)
- Ashcroft will sneak these provisions into Patriot Act III.
- Bush will use his patrotic propaganda to ensure its safe passage.
- It will become law right under the feet of many clueless individuals.
- Bush will ensure it remains with his "You must be a terrorist if you want to weaken our security forces" rhetoric.
It is a hope of mine that one day, the idiots in the government will come to realize that the Internet is supposed to be beyond any government's control. Unfortunately, I doubt the powermongers will ever let that happen.Re:Screw you, government! You pay for the upgrades (Score:3, Insightful)
Yes, but if government pays, the cost is distributed much wider than if your ISP pays (where you pay much larger share). If the 260 million want to enjoy the "benefits" of the FBI's snooping into my computer, then 260 million ought to pay for it, not just me and my ISP.
Re:Screw you, government! You pay for the upgrades (Score:4, Insightful)
Either way, the consumer ends up paying, be it in the form of increased access fees or a tax hike or, most likely with our govt, just tacking it on to the deficit. Bottom line: The FBI can go piss on itself. Fuck the system
Amen
Re:Screw you, government! You pay for the upgrades (Score:3, Interesting)
I'm right there with you, but I'm afraid we can't get there without crashing and burning first.
think our Congressmen, Representatives and top-level government administrators have forgotten that they are servants of the
Re:Screw you, government! You pay for the upgrades (Score:5, Insightful)
I disagree. Social programs have been decimated in the past four years. The Great Society has been destroyed in favor of corporations and the wealthy. Defense spending has been astronomical and does not need to get any bigger. If greater power is given for wiretapping we will be running headlong into a police state. At this point the government already has too much power and needs to cut money out of programs that only serve to arm the government to the teeth, only to attack its own citizens and other nations unilateraly. If we need anything right now it's programs that will get the people of this country back on their feet.
Re:Screw you, government! You pay for the upgrades (Score:4, Insightful)
Re:Screw you, government! You pay for the upgrades (Score:3, Insightful)
Bugging on such a large scale always comes up against the "little elves" problem - you have more data than you can possibly sift. The real question is, do you want to fund what amounts to a giant needle-in-the-haystack search which
Re:Screw you, government! You pay for the upgrades (Score:3, Insightful)
I've never heard of the US called "The Great Society", but if you think things like education, healthcare, social security, and pensions are the makings of an authoritarian regime, then you really need to reconsider your pers
Close, but not quite there (Score:3, Insightful)
Almost. How about no welfare, no projects and no help? You're absolutely right that the gov. has no business protecting us from ourselves. But the meme is strong, having been birthed by the Great Depression. Natural economic law would have had the US tank at that point because the economic system failed. But the government stepped in and suspended reality. That suspension is still in effect, as vast sums of money extorted from the public a
Re:Screw you, government! You pay for the upgrades (Score:3, Insightful)
Re:Screw you, government! You pay for the upgrades (Score:4, Informative)
Actually you are wrong. If you take actions outside of the realm of a normal solider then under the Geneva convention you are considered a spy and subject to execution if caught.
During the Battle of the Bulge the Germans sent English speaking special operations forces behind allied lines dressed in American uniforms to disrupt communications. When these forces were caught they were summarily executed by the allies.
If you want the Geneva convention to apply to you then I suggest you put on a uniform and face us on the field of battle. It doesn't apply if you fly airliners into our buildings.
Re:Screw you, government! You pay for the upgrades (Score:3, Insightful)
It was an act of war. Just because they don't wear uniforms and don't act like soldiers doesn't mean it isn't an act of war. If the Japanese had sabotaged the fleet at Pearl Harbor using intelligence officers instead of airplanes would that hav
Re:Screw you, government! You pay for the upgrades (Score:3, Insightful)
When I said torture I was refering to sleep deprivation. Sure, there are worse things you could do to someone, but how long have they been there now, a year or more?
The real problem is when you look at things in black and white, good and evil terms you never stop to examine the evil you may be doing yourself (not that
Re:Screw you, government! You pay for the upgrades (Score:3, Insightful)
"They" (the illegally detained people in Guatamalla) are not the people who flew a plane into a couple of your corporate buildings. Those people are dead. These detainees have not even been given a trial so no one who claims to believe in the USA's ideals of 'justice' can say that these people are guilty.
> If they want those concerns addressed they should talk to us about them.
This is either an extremely sarcastic jo
Re:Screw you, government! You pay for the upgrades (Score:3, Informative)
If you need a site, I'll be happy to dig one up for you.
You want to complain about welfare? Start making noise about corporate welfare!
Welfare bums (Score:5, Interesting)
1 - I have a problem with this Puritan idea that work is a moral obligation. "Work" should be something you do to solve a problem: If there's not enough food, you grow more food. If there's a hole in the roof, you fix the hole. If people are dying of disease, you make a vaccine. Our society has reached a point where there aren't enough of those problems to keep everyone employed; so what do we do? We create problems where there weren't any before. 20 years ago, were people truly suffering from the lack of GameBoys?
2 - As a former manager in a small business, I can tell you that I wouldn't want those slackers working for me. I don't want employees who are forced to work for me; I want employees who do the work because they find it interesting, or because they like their co-workers, etc. If I have to give up 0.2 % of my paycheck to keep these lazy fucks out of my hair, I consider that a worthwhile investment.
3 - If we do accept the above-mentioned Puritan work ethic, then we should apply it equally to all. What about the hereditary billionaires who never did a day's work in their lives? If they were forced to work for a living, it might keep them out of mischief. Like running for office.
Re:Screw you, government! You pay for the upgrades (Score:4, Insightful)
Well, for a start, the federal government has a constitutional mandate to provide for a common defense. It doesn't have any constitutional authority to take money away from Party A to spend on benefits for Party B. But I'd certainly agree that the government's military/intelligence activities are far in excess of anything that could be legitimately called "defense".
Both of them are a symptom of the same problem, namely, that our government has long ago slipped off of the leash the Constitution was intended to be.
Now, we have to figure out how to get the leash back on....
Re:Screw you, government! You pay for the upgrades (Score:4, Insightful)
Re:Screw you, government! You pay for the upgrades (Score:5, Insightful)
Re:Screw you, government! You pay for the upgrades (Score:5, Insightful)
Re:Screw you, government! You pay for the upgrades (Score:3, Interesting)
They've only got 8 more months to do this shit. I'm a fiscally conservative (and social moderate) Republican, but IF I vote it'll be for Kerry. I want this asshole Bush out of office before kids have to learn to goosestep and wear brown shirts in kindergarten. The religious right must've spooged in their shorts when the supreme court handed the Presidency to Bush, but it's set back democra
Re:Screw you, government! You pay for the upgrades (Score:3, Insightful)
I'm not sure exactly what you mean by "religious right", but I think I fit that description (Christian, pro-life, opposed to gay marriage, etc.) and I hate this administration. I despise Bush the retard, Cheney the evil money man, and Ashcroft the tyrant fascist.
I guess my point is to be careful painting people with such a broad brush...
Re:Screw you, government! You pay for the upgrades (Score:3, Insightful)
Why if you vote? Get out and do it! Make a difference.
I guess I'll have to deal with that Massachusetts asshat Kerry raising my taxes and giving welfare mothers more of my money for 4 years, but it's better than the fascist fucks in office right now.
I'd suspect that you see better budgets and smaller deficts with Kerry in office then Dubya. The Republicans don
Re:Screw you, government! You pay for the upgrades (Score:5, Funny)
Improves law enforcment and cuts the budget.. What could be wrong?
Oh right.. paying for being innocent.
Civil Protest (Score:3, Interesting)
Bottom line: Saturate your download bandwidth.
If Everyone did this, it would likely hamper any monitoring capability.
I hate to advocat this this type of protest, but the bottom line is fuck you, get a warranat if you want to monitor my shit.
From this day forward, my download bandwidth will be saturated.
Like the SBC commercial in CA. "I'm gonna download the whole internet"!
Re:Civil Protest (Score:5, Funny)
Similar concept but I think everything should be encrypted. Notes to mom, grocery list to the s.o., plans for laser beams mounted on fricken sharks, encrypt it. Fuck em, let em spend a ton of money decrypting a note to my g.f. asking to pick up drycleaning... Overload the system.
Re:Civil Protest (Score:5, Insightful)
Re:Civil Protest (Score:5, Interesting)
I agree generally with the intent your statement, but have two concerns:
1) The government still should not have the right to monitor packets; you don't want them use the 'well, you can always encrypt your traffic' argument to support general sniffing, and
2) Even if they can't decrypt the payload efficiently, they can still tell where the packets are going and presumably draw conclusions from that. Most likely they'd use such conclusions to get warrants for further access to your systems.
For example, you get spam or other traffic from some hijacked computer in Syria/Chad...these days that would be enough to establish possible terrorist links--especially if the payload was encrypted.
No monitoring whatsoever is appropriate.
Re:Civil Protest (Score:3, Insightful)
Then again, how many people have access to their reverse DNS information?
Then, too, there is _NO WAY_ I am going to be able to send an encrypted message to my mother, unless the process is COMPLETELY transparent.
In the case of a lot of users, that implies support built into WinDoze. And frankly, I wouldn't trust that any such support did NOT contain a government-enabled back-door.
Can you say
If they make it easy for the FBI to wiretap... (Score:3, Insightful)
Or spyware for that matter.
Re:Screw you, government! You pay for the upgrades (Score:5, Interesting)
Re:Screw you, government! You pay for the upgrades (Score:5, Interesting)
China: Repressive government with deep love for monitoring citizens and harsh penalties for political dissent.
Australia: Extremely socially conservative government with love for censoring Internet.
Britain: Anti-gun, laws forcing people to hand over passwords/keys upon request, leader has mouth firmly glued to Bush's cock.
Netherlands: Apparently anti-encryption government?
Man, I wish some hacker would grab email from a couple of important figures in the Netherlands and post said data all over.
This worked nicely in the United States when protesting "trash rights". Theoretically, when you throw something out, you no longer lay claim to it, and it isn't yours. That means that anyone (even without a warrant) can come along and root through your trash for interesting information. The police force of some town busted someone for marijuana-growing or something after monitoring their garbage for a long time without a warrant. The local paper ran an editorial criticizing them. The mayor and police chief both bashed the editor of the paper, saying that the paper didn't know what it was talking about and should shut up. The police chief sent a letter in to the paper saying that the ability to monitor garbage wasn't an invasion of privacy and was perfectly acceptable. The editors of the paper ran out and collected the *mayor's* and *police chief's* trash for two weeks (using the same argument of legality that the police chief used), then published a rather embarassing dossier on each.
Re:Screw you, government! You pay for the upgrades (Score:4, Interesting)
ANYWAY He is agitated like I am at the FBI for their complete incompetence, we already eroded our right for them and they still FUCK UP. The track record of the FBI is they consistently do more harm then good (anyone heard of them going after the guys who wrote Louie Louie for subversion?).
Re:Screw you, government! You pay for the upgrades (Score:5, Insightful)
We have one. It's called "the current system", where if you want to tap someone's VoIP connection you have to stick someone out by their house with a parabolic mic or plant a bug in their house. This makes for a wonderful check on the system -- LEAs simply can't *afford* to monitor each and every person, do fishing expeditions, or do the sort of thing the French claim in the form of Echelon. I rather like this system. It means that if the police *really* want to bug someone, like a mob boss, they can, but they can't just wildly run out and monitor huge swaths of society.
Stock Tip (Score:5, Insightful)
Re:Stock Tip (Score:5, Insightful)
This is all about traffic analysis. They can work out who is talking to whom over the air via the NSA's listening network (or rather, GCHQ's network, via reciprocal "let's get around domestic spying laws" deals), but they need hardware on the wires to look at those packets.
Sure, if you're under investigation, they might use this hardware to log the contents of your traffic; but they'd do that anyway. These changes are about identifying possible suspects based on who they associate with.
Re:Stock Tip (Score:3, Informative)
Install it today - you will need it working tomorrow.
Re:Stock Tip (Score:3, Informative)
Re:Stock Tip (Score:3, Funny)
The people running the IM server, of course. Only terrorists encrypt their traffic, and if you're not with us, you're against us.
Re:Stock Tip (Score:3, Interesting)
The problem is that the FBI may require "backdoors" in commercial software products.
This represents a HUGE hassle for anybody programming these things, not to mention all the open source implications (like does the open source become illegal if it reveals the FBI's backdoor?).
I'm with the earlier poster. If the FBI wants it, they can buy it. It shouldn't be anybody's burden to provide the FBI with free wiretapping services.
Dial Up (Score:4, Interesting)
You watch.... (Score:5, Insightful)
Re:You watch.... (Score:5, Insightful)
It makes me almost glad that we went through the nonsense with encryption during previous administrations - first the Phil Zimmerman prosecution, export controls, and even the Clipper chip attempt. It mobilized & organized a whole lot of pro-encryption people who otherwise would not have cared. The arguments for encryption controls were mostly theoretical and less fear-inducing before the current climate of fear, too. It actually made us stronger, I think. If we had never gone through that and the administration now banned strong encryption, we would be scrambling to come up with good arguments for allowing encryption, and the public hysteria over "secret terrorist messages" would probobly drown us out given the current media climate.
Man, who would've thought during the Clinton administration that we'd be nostalgic for those days? Ah, Janet Reno, Louis Freeh, Phil Zimmerman, Clipper... great times, eh?
Re:How this relates to P2P... (Score:3, Informative)
Re:How this relates to P2P... (Score:3, Interesting)
I think you're missing the point -- most pro-P2P'ers still want the authors to be compensated for their work.
I don't know Mute, but I'm assuming that it's some sort of anonymous P2P? If so, then it's also at odds with the idea of compensating authors within a new system that embraces P2P.
Again, my point is that we generally like the idea of privacy, but in the effort
Money Power Politicss (Score:3, Interesting)
Carless wire tapping will some how turn into a corpate espionage tool. Give yer brother bill whos a cop a couple bucks, get access to the competitions phone wires, walla!! corpate espionage.
can i use the word "walla" in a hypothesis?
Re:Money Power Politicss (Score:3, Informative)
Re:Money Power Politicss (Score:5, Funny)
Everyone else has fixed your error, I'm just here to laugh at you.
Encryption (Score:2, Insightful)
can the FBI break 128 bit encryption? (Score:5, Insightful)
Big waste of time
No... (Score:5, Insightful)
You might net the Martha Stewarts of the world with wiretaps, but with most criminals you'll have better luck just siezing all their gear and reading their hard drives anyway. For domestic terrorists, conventional surveilance methods seem to fall short anyway, so in either case I'd have a hard time justifying the added cost of being able to tap their internet communications.
I think the best way of defeating terrorists may be education. Convince the people who tend to turn a blind eye to suspicious activities out of misguided loyalty that ignoring those activities is not beneficial to their community or cause. Take Iraq for instance. Terrorists there are merrily targetting Iraqi citizens at least as much as they are American troops. A lot of the people there blame the USA for "not providing enough security," but how many of those same people are letting those same terrorists crash at their houses, or know someone who is? As long as those people tolerate it, the problem will not go away.
Re:can the FBI break 128 bit encryption? (Score:5, Insightful)
Re:NSA (Score:5, Insightful)
What was your point?
Re:NSA (Score:5, Insightful)
I have never heard anything that indicates Clancy has special sources into the military and intelligence community. Hunt for Red October caused a tizzy in the Navy because it was so accurate about various things, but it was discovered that he simply did a hell of a lot of research using public sources. Unfortunately, his later books have slid rather downhill.
The idea that the NSA has a quantum computer powerful enough to be used to crack cryptography while private researchers are struggling to make ones that can factor the number 15 is ridiculous. Working for the NSA does not automatically turn you into a Grade A genius, so their genius population is necessarily limited and proportionate to the level found in the private sector.
I know that it's fun and exciting to believe that the NSA, CIA, and FBI are these amazing, magical places where things can be done that can't be done in the regular work-a-day world, and certainly this image is constantly perpetuated by books and movies, but reality is more mundane. They are government bureaucracies like all others, which happen to work in a certain area and are reasonably good at getting their job done. They are populated by people; inexperienced new guys, career politicians, mediocre middle managers, etc.
They have that in Russia (Score:5, Interesting)
Crypto in Russia (Score:4, Informative)
It is not clear if the specified regulations actually apply to private citizens or to private-owned companies, but there is no article in Penal Code about illegal use of encryption. It is clear that this law (as well as many other evil laws) was never actually enforced. (Thank God!) The fact that everybody, including government, uses SSL in daily practice due to using existing OS and browser software incorporating it is quietly ignored.
In real life, unless you actually find anyone getting busted for this, you should ignore the rumors and use crypto if you feel you need it. Practice is much more of a criterion than written law in this country. For example, there's no law prohibiting the usage of GPS devices for purposes other than construction work, but people do get in trouble for using them anyway, on the grounds of misinterpretation of the existing regulations - like the absurd notion that all geographical coordinates more precise than 200 meters are classified.
In all my communication... (Score:5, Funny)
Easy way of securing your mail (Score:5, Interesting)
I used this [joar.com] tutorial on how to certify my email adress so the one receiving my email will know that's it me. Also when the receiver and the sender got a certified email adress you can encrypt your email adress.
Yes I know about PGP but this is much easier since Mail automatically adds the senders key for you when you get a mail that's signed.
... outside of the U.S. (Score:3, Interesting)
Re:... outside of the U.S. (Score:3, Insightful)
Listening in on X-Box Live? (Score:5, Funny)
To avoid any potentially deadly misunderstandings, I'd advise you not to play a Counter-Strike "terrorist."
1984 (Score:5, Funny)
Re:1984 (Score:3, Informative)
Vacancies at the FBI: (Score:5, Funny)
Encryption. (Score:5, Informative)
This is probably more for the "VoIP" segment of the universe than "XBox Live", this is a perfect reason to enable IPSEC over VoIP.
Too often the open source community thinks of the unreasonable approaches before the reasonable, and that's only because you have to fight fire with fire. In this case, you have to have as much reason as a politician will -- and yes, that sometimes means being as evil as they can be -- that is to say, with transparent encryption, it makes it unreasonable for a state agency to tap because it would mean confiscating servers and disrupting business (the state, in the US, must have a compelling state interest to do just about anything). This can have two effects: (1) Hosts increasingly require unreasonable agreements (CYA). (2) The disruption of business is so much that is becomes a burden for politicians to support.
My point being: look guys, we're Slashdotters, and we administrate public networks, and we're smarter than them, and with no disrespect, we can make prior art out of whatever aged notions of data security they have. That's what open source is about; the gathering of the people above those with green and power.
We should assume our data is being intercepted in the first place -- that's why you provide data security. Thou shalt encrypt.
ALSO SEE: Due Process, Fourth Amendment.
Re:Encryption. (Score:3, Informative)
Just to make sure readers know:
Snopes on Frog Boiling [snopes.com]
In short, the adage isn't literally true, although it might be figuratively true.
Further proof that the internet is a luxury (Score:3, Insightful)
The internet isn't a necessity, particularly if survellience becomes unavoidable.
Freeswan (Score:4, Informative)
There is only one way to oppose this.... (Score:4, Funny)
Any bets on the timeline for hacking it? (Score:5, Insightful)
I can't believe the government is actually considering putting a backdoor in every cable modem. Karnivore, while of debatable, legitimacy, is at the very least, secure because its physical components are kept very far away from crackers (in secured buildings of Tier one providers). Thus, it works on a fairly good premise of obscurity and limited access.
If this type of backdoor was inside the cable/DSL modem next to your computer, imagine how quickly both the obscurity and limited access factors disappear. You can kiss any type of sibilance of security on the internet goodbye because, in no time, every script kiddie running windows will be able to packet sniff your computer.
Sometimes, I really wonder how highly funded groups like the FBI can ignore common sense problems. If there's ONE thing I think we've all learned in the past twenty years in regards to computer security is: if it's even minutely possible for them to do so, they (geeks) will figure it out. If you put an encryption scheme on every DVD drive in the world, they will figure it out. If you don't address a security bug in a prominent piece of software, they will figure it out. And if you put some uber-packet sniffing device on every cable/DSL modem in the country, they will figure it out with probably an extra sense of haste.
So if this does come to pass, how long do you think it'll take for it to be cracked? My guess is a week. *sigh* Your hard earned tax dollars at work.
-Grym
A Week?! (Score:3, Funny)
I give it 37 minutes. Tops.
this would be a good time... (Score:5, Insightful)
People really need to stop bitching about this stuff in web fora and actually try to interface with the people that can put a stop to some of these intrusive inanities.
in The Netherlands (Score:5, Informative)
Not likely (Score:5, Interesting)
1. The FBI is only "asking" the FCC which, anyway, lacks jurisdiction to tell IRC programmers how to program.
2. The Internet is becoming more decentralzed (e.g. anonymous wireless LANS,P2P networks, etc.) so there will be too many small time non compliant ISPs to go after. And the government, not for want of trying, has so far shown only futile attempts at regulating the Internet.
3. The only people for this are the FBI and a few conservative politicians. They're going up against the communications giants and equipment manufacuters -- financially secure industries with campaign contributions, lobby groups, and lots of lawyers.
4. Besides all that, they just don't get it. Any two connected nodes communicating by pulses (ones and zeros) can always encrypt their conversation. Language is a secret handshake.
Joe Blow's encryption (Score:5, Interesting)
Currently, this is the case. I think that no matter what, there will be pragmatic issues. However, the FCC's role in regulating Internet-based things is very much up in the air, and conflicting opinions have been taken.
The Clinton administration, barring a few moves, took a very federal-hands-off approach to the Internet (taxes, especially, were a big sticking point). Bush largely continued that. At some point, though, it's a good bet that someone's going to try regulating the Internet in various ways, and the FCC is the most obvious choice to designate as a starting point.
2. The Internet is becoming more decentralzed (e.g. anonymous wireless LANS,P2P networks, etc.) so there will be too many small time non compliant ISPs to go after. And the government, not for want of trying, has so far shown only futile attempts at regulating the Internet.
Not necessarily. For certain major systems, like VoIP, there will likely be a few large ones due to network effect. Think of AIM and ICQ today. If you don't play by the rules, you can't interoperate. These services are centralized, so it's easy to monitor and pick up on noncompliant systems.
3. The only people for this are the FBI and a few conservative politicians. They're going up against the communications giants and equipment manufacuters -- financially secure industries with campaign contributions, lobby groups, and lots of lawyers.
Now this is a damn good point, but I can think of a couple of legitimate counterarguments. The first is that telcos are scared of the VoIP. It breaks down barriers to entry that have existed for a long time to nothing. They have a *lot* of overhead and costs that have cropped up over years, and they're looking for a way out. If VoIP systems required key escrow and *federal approval* before they can be rolled out, it makes for a *very* nice barrier to entry. You just have to donate some money to the appropriate politicians, and you've good a good reason for companies to want to play along.
4. Besides all that, they just don't get it. Any two connected nodes communicating by pulses (ones and zeros) can always encrypt their conversation. Language is a secret handshake.
In theory, yes. In practice, there are only so many easy-to-use mass-market clients out there. It would be difficult but feasible to go after noncompliant types. For techies, this is a non-issue, since it's easy to whip something else new up each day. For Joe Blow, this is very effective.
I first realized the "Joe Blow"-"techie" separation when the Feds stopped going after Zimmerman for PGP. It didn't *matter* that a couple of security nuts with the dedication to get gpg and a wrapper and mutt set up. There aren't many people who were willing to copy and paste text in and out of Eudora each thime they wanted to encrypt or decrypt a message. As a result, the masses did not use PGP, so PGP was not a huge issue. The hard-core security nuts and cryptographers are kept shut up, because they *can* set up PGP, and the Fed is happy because the masses *don't* use PGP.
However, with VoIP, the issue came up again. Email is generally read on a computer, where you can add PGP on, and hence software vendors don't bundle PGP support. However, if you start selling VoIP embedded devices, you probably need to bundle native encryption support for it to be used. It will be easy-to-use and probably automatic. This is unacceptable, because the masses will start *using* end-to-end encryption.
The thing is, I can't work up much dislike by the FBI, because they're getting displaced by the OHS, which is ever so much more nasty and has ever so much less oversight. At this point, the FBI is the lesser of two evils -- by a long, long, long shot.
FBI (Score:4, Insightful)
I am pretty sure that the majority of Internet users have nothing to hide, and are involved in no illegal activities, or at least no such activies that would be of interest to the anti-terror force that is the FBI, but privacy is one of the most basic principles of a free society, and making broadband users pay more so that the perverse desires of some unknown FBI agent "searching for terrorists" can be fulfilled is, in my opinion, outraging. The FBI already has some power when it comes to eavesdropping on the Internet, but breaching the privacy of the gigantic Broadband userbase of the USA, when they only need to track a few individuals, is I think horribly exaggarating.
What have the Broadband ISPs said about this? They stick to revolting against delivering confidential information of their heavily downloading clients, but they don't even try to stick a word in when their whole userbase's privacy is at risk?
Some implications (Score:5, Insightful)
Firstly, if there is a easily available backdoor for everything, what's to stop criminals and terrorists from using it as well? People don't seriously think that they are not going to be able to get the technical information easily. Especially if *every* software program that allows communication the way they describe requires these backdoors. There's no-way you can keep all those civilian mouths shut. These backdoors will be built-in security holes. Just like mandating only low-level encryption may mean that it is easier for the US government to break into your data, but it also makes it easier for criminals to do so as well. The likely ease with which the technical information will spread will mean that hackers will probably make versions of the programs w/o the backdoors and spread them through the underground. Real (smart) criminals and terrorists will use these backdoorless programs leaving the American government to spy on harmless citizens and the inept.
Secondly, I can see governments like China rejecting any protocol or programs which has these backdoors installed. They are already paranoid enough about rumoured backdoors. If they are sure they exist (say through a FCC mandate) they are going to drop American software like a hot stone. While the Chinese government is a police state and would love the ability to spy on their *own* people, the last thing they want is to allow the American government to spy on *them*. Other countries, like the EU, UK might have a few qualms of letting the US government spy on *them*, though I wouldn't put it past them (esp. the UK ie. Blunkett) to start thinking of mandating their own spyware for their citizens....Say goodbye to the American software export industry...
I also wonder how these things would work in conjunction with Trusted Computing?
The last thing is, I presume that all rules and regulations will apply to open source software as well. So I guess all open source developers of the mentioned program types will have to submit their programs to the US government for approval before they can release it. And how does this affect the open source nature of development if you need government oversight *every* time you want to release any sort of new code?
Silly Feds (Score:3, Interesting)
I've had a detective show up twice at my ISP and ask to see records for IP addresses regarding a criminal investigation (eBay fraud, as it turned out). He was amazed that we didn't have *all* traffic, like logs of the actual content of e-mails, from several months earlier. I tried to explain that something like that would require storage that we couldn't afford, and he said "well, AOL saves all e-mails." Rigghht, of course they do. Hell, it would be trivial for us to sniff and archive every single e-mail for a year.
Freaking morons.
Re:Silly Feds (Score:4, Insightful)
It's the fact that they consider it politically acceptable for a complete log of everything everyone does on their computer to be kept. Forever. Seriously, *what* the *fuck*.
I wish to God I could send encrypted email to people, but they refuse to use PGP (probably because it's a fucking pain in the ass to use with most clients -- mutt and *perhaps* Mozilla are the only clients I've seen that are acceptably usable, and both requires a fair amount of technical configuration work that Joe Blow cannot do). The front ends really suck. The only time I ever found someone that I wanted to send an email to (a major open source author) that also provided a PGP key, I got a "sorry, I only keep my key at work -- can you send this again in plaintext unless it's confidential?". Sigh.
If PGP were idiot-proof, easy-to-use, and bundled with email clients, it would be *everywhere*. However, PGP is *useless* if the only person I know of that regularly uses it is me (and since I'm the only one that can do so, I can just sign emails).
I wish people would set up PGP and use it. They don't have to encrypt their emails, just sign them. People will start picking up on the fact that PGP is being used, and then will start encrypting emails to them....
Never felt safer (Score:3, Insightful)
I am frightened (Score:5, Insightful)
I am going to keep in mind that this is seen through the filter of cnet, which tends to be somewhat Slashdottish -- kind of liberal, pro-tech, anti-regulation. I really need to see the "85-page document" to decide.
That being said, this is possibly the most disturbing thing I have heard proposed from the federal government yet. Besides the obvious issues of holding back innovation, I find the privacy issues unacceptable. If you want to wiretap someone, fine. Go to wherever they are, and use a parabolic mic or physical bug or something similar. Yes, it doesn't let you tap the population en-masse. There is no justifiable reason for this request. The only thing it does is make cheap, easy, and hard-to-detect-abuse-of wiretapping much more feasible and tempting. I *want* it to be a pain in the ass to wiretap people. It's worked well for hundreds of years, and I see no reason to change this.
I also want to make it clear that I will not follow any such directives requiring programs to including monitoring backdoors. If I have to, I will develop anonymously, through Freenet or similar (no, I'm not brave enough to do something like this openly as a protest and get hammered for it), but I will not begin inserting backdoors into the software I work on.
I am absolutely appalled that something like this would be suggested. It is the sort of thing that people that I considered "tin foil hatters" were worrying about for a long time. I would like to see an EFF analysis of this. If this is as bad as the article makes it out to be, this will be the thing that tips me over the edge to sending money to the EFF.
I would like to know what evidence cnet has for claiming that the Bush administration backs this. If they really are, they are going well beyond even what I thought Ashcroft's most tyrannical police-state aspirations were.
Among other things, I claim that this will:
* Limit innovation. This is a *real* issue, not a "we can't bundle Internet Explorer and now innovation is being suppressed" whine. Putting backdoors in protocols is a serious issue.
* Damage US credibility internationally when it comes to secure software. The cryptographic export restrictions did a phenomenal amount of damage to the US computer security industry, and let foreigners take over the market. When you want smartcard systems, you don't go to a US company. This is absolutely unacceptable, as computer security is becoming ever more important as more and more people are using it.
* Provide an impediment to international software projects. The United States is not the world, nor is it even "effectively universal" on the Internet. If you ban something like development of a VoIP system without key escrow, development will simply move overseas. Sure, you could make *using* software without escrow a federal offense (thank you Britain, which has set the path for this wonderfully stupid approach). It will do *nothing* to stop propagation of software. The last time the FBI tried to meddle with the Internet via legislation like this was when they arrested Mr. Zimmerman for releasing PGP. It *didn't work*, and wouldn't have protected their ability to snoop on people. We have come up with many approaches to deal with US laws limiting computer security, and can be used again in this case.
* Is stunningly short-sighted. You can't make a single effective law like this. What if I ssh to a system and use an IM system there to talk to someone else on the same system (and I *have* sshed in and used talk or phone on a Unix or VMS system before).
Let them a go, but fuck'em (Score:3, Funny)
Diplomatic communications between embassies and the homeland are encrypted. And to make sure they're not vulnerable to decryption, information is continuously transferred. However, when there is no information to be transmitted, random garbage is sent.
So, what we need to do is to flood the Internet with random garbage; let the FBI sift through that!!!
Oh, wait! This system already exists: it's called USENET!!!!
Well a few points. (Score:4, Insightful)
Ok, fair enough I suppose. But the fact however, as has been pointed out here, is that not all programs are being written in the US. To make IM, VoIP, IRC, and or whatever other type of program that allows communication over IP have backdoors is bad enough. But to expect that every program on the planet has one is just downright silly. But, thats not really the bad part...
Under CALEA, police must still follow legal procedures when wiretapping Internet communications. Depending on the situation, such wiretaps do not always require court approval, in part because of expanded wiretapping powers put in place by the USA Patriot Act.
Bad, bad, bad. Is it so much to ask for due process here? I mean it's part of our own set of friggen laws. Is it so much to ask that the Feds follow the laws before they make new ones?
Just a coincidence, I hope (Score:3, Interesting)
Germany already has this (Score:5, Insightful)
The sick thing about all Internet wiretapping is that when asked why this is required, the cops always just say "child pornography", and everybody rolls over; the media has created the impression that about every second byte transmitted has something to do with child porn. Between our War on Terrorism (With an Occasional Aside for Oil) and child porn Internet hysteria, we have two beautiful excuses to slowly rip up the Bill of Rights, piece by piece.
Here comes the next shred.
Encryption products will be next (Score:5, Insightful)
We'll be back to either mandating weaker forms of encryption or requiring backdoors be installed at the encrypted tunnel layer. SSL/TLS, IPSec and SSH all come to mind (key escrow, anybody?). By designating the tunnel endpoints as "service providers" (they ARE in fact providing some sort of service or else you wouldn't be communicating with them), they could require a backdoor be installed at the endpoint.
Shape of things to come...
Re:Encryption products will be next (Score:4, Insightful)
The timing of this article (Score:4, Interesting)
Natrual Progression (Score:4, Insightful)
This will pass, and people will accept it since it 'protects me'..
Eventually we will get to ongoing monitoring of all activities, regardless of any suspicion.. Even in your own home...
Don't laugh, if you don't see it coming, then you are a fool.
Worse than China? (Score:3, Insightful)
Re:Where are the civil libertarians? (Score:3, Insightful)
May I point you to my favorite civil libertarian [harrybrowne.org] author's thoughts on the subject of privacy [harrybrowne.org].
Re:FUCK GEORGE BUSH (Score:3, Insightful)
On a side note, does anyone notice a kind of resignation to
Re:FUCK GEORGE BUSH (Score:3, Interesting)
I'm actually a nice guy and i'm not out of control. I'm just becoming more defensive and vocal about what i think is happening to our country.
I think i'm more inspired, than out of control. Because i will listen to all points of views.
Despite my "Fuck George Bush" rant... I'm not a party guy. There are good republicans... The problem is whats happening now and the leadership must be held accountable.
I think things like the patriot act will continue to evolve into more intrusive fo
Re:This is WAR!! (Score:5, Insightful)
I suspect many of them would like to see people like you wiped out on the spot for suppressing their religion, intimidating and screwing with their country and economy, etc.
9/11 al Queda members didn't wake up one day and decide, for no reason at all, to spend their own lives to try to hurt people they saw as oppressors. There was a reason that they feel the way they do, and I doubt that trying to use force and intimidation is going to work all that well. It didn't work for the Soviets (and they could be awfully brutal). It just makes more people that hate you enough to die to hurt you.
But, whatever. Bush doesn't need to solve the terrorist problem to get votes. He needs to make people feel good to get votes. And beating the crap out of someone makes people feel good.
Re:This is WAR!! (Score:3, Insightful)
9/11 al Queda members didn't wake up one day and decide, for no reason at all, to spend their own lives to try to hurt people they saw as oppressors. There was a reason that they feel the way they do[...]
Sure they have reasons for what they do. That doesn't make those reasons legitimate, or compatible with what the rest of the world