Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Privacy The Internet

VOIP Progress To Be Hobbled By Wiretap Costs? 392

vaporland writes "This article @ nytimes.com talks about the reasons that development of commercial VOIP may be stifled by the costs required to allow the federal government to listen in on conversations. It is the intention of the FBI, et al, to provide a truly unfunded mandate to force VOIP service providers to develop and provide this wiretap access to them at no cost to the U.S. government, which is to say, the consumer of VOIP will foot the bill for allowing the government to listen in on our phone calls. Perhaps they should just hire some script kiddies to show them how to do it on the cheap?"
This discussion has been archived. No new comments can be posted.

VOIP Progress To Be Hobbled By Wiretap Costs?

Comments Filter:
  • Better idea.. (Score:5, Insightful)

    by t_allardyce ( 48447 ) on Monday August 23, 2004 @08:38AM (#10043733) Journal
    Perhaps we should just all (i mean everyone) start using encryption everywhere and make the whole thing pointless just so they give up..
    • by Anonymous Coward
      Encryption?! What are you, some kind of filthy terrorist?
    • Re:Better idea.. (Score:5, Interesting)

      by ifdef ( 450739 ) on Monday August 23, 2004 @08:41AM (#10043766)
      In that case, it won't be long at all before the use of encryption becomes illegal. Simply using encryption will be a enough to put you behind bars, regardless of what you are encrypting.

      That's how a police state works.
      • Re:Better idea.. (Score:3, Insightful)

        by Jane_Dozey ( 759010 )
        It's not likely to happen. Think about it. The government and military have extensive use for cryptography so an outright ban would have to exempt them otherwise it would do more harm than good. Big business also use cryptography to protect their assets and they would make it _very_ difficult to uphold that kind of legislation for long.
        Encryption is far too widespread to outright ban. A more likely (but still doubtful) scenario would be the government forcing users of encryption to hand over their keys so t
        • Surely your last point is prevented by the right to silence and the right not to incriminate yourself?

          • Re:Better idea.. (Score:5, Informative)

            by Alsee ( 515537 ) on Monday August 23, 2004 @10:55AM (#10045640) Homepage
            Surely your last point is prevented by the right to silence and the right not to incriminate yourself?

            The US Supreme Court has already revoked your right to remain silent when a police officer asks you your name. Google: Hiibel [google.com]

            And in 2001 the US signed the Cybercrime Treaty, [google.com] but fortunately the US Senate has not (yet) ratified it. There are a ton of problems with the treaty, from extensive wiretap/data_retention provisions, to requiring the US to issue such warrants and gather evidence and hand it over to foreign police - for activities which are LEGAL in the US (for example France could demand investigations and data for Nazi item auctions), it appears to turn copyright infringment into an extraditable criminal offence, criminalization of vital and fundamental software ("hacking tools").

            Oh yeah, and it also says you shall be compelled to divulge your passwords, keys, and other information. And obviously the only way they can do that is by throwing you in prison if you attempt to remain silent.

            While the treaty has been signed by 26 european nations, the US, Canada, South Africa, and Japan, it has only been ratified by Lithuania, Croatia, Estonia, Hungary and Albania. Of course Bush and the DOJ support it.

            -
    • Re:Better idea.. (Score:3, Insightful)

      by duffbeer703 ( 177751 )
      Then encryption becomes illegal, dumbass.

      Once upon a time, anyone with a few bucks and the desire could pick up a pistol or thompson gun at a department store and take it home.

      Then gangsters began killing people with pistols and submachine guns, so we began tightly regulating their sale and use.

      When the police convince the people that only criminals are using encryption, then encryption users will become criminals.
      • Re:Better idea.. (Score:4, Insightful)

        by grasshoppa ( 657393 ) on Monday August 23, 2004 @08:53AM (#10043912) Homepage
        And how, exactly, do you prevent people from using encryption?

        Hell, there are many ways to even HIDE the fact that encryption is being used. Imagine that on a grander scale ( music streams with hidden conversations, perhaps? ).

        No. Guns are physical objects, and in regards to "gangsta"s ( Thurstan Howle III accent please, pinky up ), should rightfully only be sold to adults ( ie: "grownups" ). Encryption is a whole different kettle of fish.
    • Re:Better idea.. (Score:5, Informative)

      by Cato ( 8296 ) on Monday August 23, 2004 @08:53AM (#10043918)
      Skype already does this, and is of course growing at an amazing rate (see skype.com) - because the signalling and voice data may go through another computer or two before reaching the final computer, all calls are encrypted end to end. Will be interesting to see how the lawmakers deal with Skype (which is Luxembourg based and hence not governed by US regulations, unless it sets up a US subsidiary).
      • Re:Better idea.. (Score:5, Insightful)

        by arivanov ( 12034 ) on Monday August 23, 2004 @09:10AM (#10044123) Homepage

        And that is just one of the reasons I have banned it as a network admin and will not use it.

        In fact, if the letter of law is followed strictly it is already illegal in the UK (quite likely in other countries as well). UK laws mandate that you must be capable of supplying keys for any of your encrypted communications so that police can retroactively decrypt anything encrypted by you. It is called the RIP act. Thanks god, it does not yet have approved guidelines for enforcement as the initial proposal got shot down in flames because it was allowing even the post offices and local counsils to issue requests for keys... Bless his Blunketness for the jolly good idea...

        Skype session keys generation and key exchange mechanisms are not documented. In fact they are not publically available so the actual security is a big unknown. Anyway, if the police asks you for the keys you can only say Ugh... and swallow the corresponding 2 year jail sentence. So they are entitled to jail you for using it already at least in one EU country.

        • Despite Blunkett/Blair's attempts to the contrary we still have the right to remain silent and the right not to incriminate ourselves.

        • Re:Better idea.. (Score:3, Interesting)

          by topynate ( 694371 )
          No, being incapable of providing the key is a valid defence. Skype makes it easy to prove that you don't have the key, so no one can be imprisoned for using it.
        • Re:Better idea.. (Score:3, Insightful)

          by throwaway18 ( 521472 )
          UK laws mandate that you must be capable of supplying keys for any of your encrypted communications so that police can retroactively decrypt anything encrypted by you.
          Got a link for that? I don't think that's true. If asked for the keys you have to prove you don't have them which means getting an expert to say that your communications software dosn't store the session keys.
    • How about make it so easy to wiretap that anyone can do it. Just let everyone listen to everyone else. No reason the feds should have all the fun.
  • by ifdef ( 450739 ) on Monday August 23, 2004 @08:39AM (#10043735)
    If I don't pay for the wiretapping costs, don't wiretap me.
    • It's stupid anyway. Either they'll find a way to do it without help, which, since major phone companies are offering VOIP now, seems pretty likely, or they'll find another way of spying on people who they formerly wiretapped. Where theres a will, and billions of taxpayer dollars, theres a way.

      I don't know why they would telegraph their intentions like this. I mean, we all already knew, but still, they hadn't SAID it, we just assumed, but now they've SAID it. Weird.
  • by Anonymous Coward on Monday August 23, 2004 @08:40AM (#10043746)
    Users of VOIP are taxpayers. At least this can be considered a use tax. If a citizen never uses VOIP should they pay for your wiretap? Just a thought.
    • If people who are using a using phones are paying a use tax for wiretapping but are not being tapped should they pay? Just a thought.

      What would be better would be rather than having a system that encourages government agencies to not have to bother to do their job properly and wiretap whoever they want at no cost, how bout they pay for this wiretapping out of their own budget. I would suddenly imagine a world where they have to have much better justification for what they are doing, without the incentive

    • If the tax payer wants to be protected from 'criminals' who may send information via a phone system, should they pay to check up on those criminals even though they don't use a phone themselfs.
    • If a citizen never uses VOIP should they pay for your wiretap?

      If a successful hit on me is arranged over a VOIP phone, am I considered a VOIP user, even if I've never heard of them? Howabout if a VOIP phone is used to arrange a drug deal that, when it goes south, kills my innocent passerby daughter? I think it's safe to say we're not looking to protect only VOIP endusers here.

    • For the sake of argument, let's say that the that wiretapping VOIP is necessary for our freedom and well-being and children and all that.

      If the end-users do not pay the VOIP provider for the cost of the wiretap, then the money will ultimately come from taxes. Which method do you think would be more cost-effective and better managed?

  • by slashnutt ( 807047 ) on Monday August 23, 2004 @08:40AM (#10043748) Journal
    The PGP Phone Project is dead now but it would be great of GPGP would revive it. The script kiddes would have a much tougher time cracking this and this is why the goverment is wanting a little help.
  • by kfg ( 145172 ) on Monday August 23, 2004 @08:40AM (#10043749)
    Yeah. Why don't they just use their own money instead of making us pay for it?

    KFG
  • I forgot... (Score:5, Insightful)

    by ALeavitt ( 636946 ) * <aleavitt.gmail@com> on Monday August 23, 2004 @08:43AM (#10043780)
    When did it become the duty of a government to spy on its own citizens and force them to pay for the privelege of being spied on?
    • Re:I forgot... (Score:5, Interesting)

      by Sanity ( 1431 ) on Monday August 23, 2004 @08:59AM (#10043991) Homepage Journal
      When did it become the duty of a government to spy on its own citizens and force them to pay for the privelege of being spied on?
      Since the constitution went from being a list of things the government can do to a list of the things it can't.
    • Re:I forgot... (Score:4, Insightful)

      by ratamacue ( 593855 ) on Monday August 23, 2004 @08:59AM (#10043996)
      When government discovered it could make a profit off it. Whether the project is a "success" or not is irrelevant; they will still make a buck on the adminstration costs. The more it costs to implement this tracking system, the bigger the benefit to those in power.

      Remember the simple business model of government: You confiscate wealth from some people, you distribute some of it to special interests (either directly or in the form of some public service), and you keep a cut for yourself.

      Everything government does and could possibly do follows that simple business model. With that, it's pretty obvious why beaurocrats are so eager to spend tax money, even when it's an obvious waste -- they will profit either way.
      • These same points could be applied to the leaders of business, education, religion and public service groups.

        The point here is not that government is full of greedy bastards just trying to make a quick buck. It's that in a capitalist economy, power comes along with money. This is a universal constant. In fact, in any case where you have a powerful person without money, you should look to see who's really pulling the strings. Martin Luther King had some very wealthy backers.

        If you stop worrying about t
        • Re:I forgot... (Score:4, Insightful)

          by ratamacue ( 593855 ) on Monday August 23, 2004 @10:09AM (#10044911)
          These same points could be applied to the leaders of business, education, religion and public service groups.

          The fundamental difference is that government holds the "right" to initiate force as a means to an end, while private individuals and groups (including business) do not. Interaction through force is what defines government; interaction through voluntary association is what defines private organizations. (Any private individual or group which initiates force without the backing of government is criminal.)

          It doesn't matter what type of government you're talking about, or what era. The one thing that seperates government from private groups, and always will, is the ability to initiate force as a means to an end.

    • You already pay taxes that allow the government to conduct investigations (in your words spy) on it's citizens, and you're pretty much forced to pay taxes, so the governement has already taken on this duty.

      Besides, would you rather pay higher taxes for the government to figure out wiretapping VoIP or would you rather the VoIP providers figure out a way to do it? I'm guessing the VoIP providers can come up with a solution that, in the end, will be less expensive to the consumer than the Federal government.
    • When did it become the duty of a government to spy on its own citizens and force them to pay for the privelege of being spied on?

      Ever since the government started taxing us, it has been forcing us to pay for the privilege of being spied on.

    • force them to pay for the privelege of being spied on?

      Well, the right to tap phone conversations has existed in most Western countries for some time. The issue here is "who pays"?

      In this case, it's either the customer who's bought a VoIP service or the government.

      If the government pays, where do you think the government will get the money from? Free Clue: That tax you pay every year - not all of it goes to bombing third world countries whose name most Americans can't pronounce.
  • by jbarr ( 2233 ) on Monday August 23, 2004 @08:43AM (#10043789) Homepage
    While none of us would like to incur more fees, the simple fact that my Vonage bill is currently about $60.00 less per month then my Bell South bill, a small additional fee to cover this wouldn't be so bad. You can debate the pros and cons of whether or not VoIP wiretapping should even be done, but if it does, a small added fee to an already inexpensive service shouldn't be a problem.
    • by Anonymous Coward
      I have been a vonage customer without a traditional land line for about 6 months now. I dont use the phone often, and their 500 minutes a month plan works out perfectly for me. At only 14.99 a month, its about 10 dollars cheaper than having a phone line "turned on" in my house. And the benefits I get from being able to call long distance is just the frosting on the cake.

      Anyway, I knew when they announced that VOIP providers would have to start being tappable that the costs would eventually make it my wa
      • At the risk of sounding dumber than usual...
        Does anyone know what exactly the costs are that are associated with wiretapping? I mean maybe I just have recieved some misinformation someplace, but I always thought wiretapping-at least on traditional phone lines--was a simple matter of flipping a couple of switches or some other quick solution--IIRC, I thought I had heard someplace that phone companies had built in backdoors to allow that. So I guess my thought is--what is so costly about presenting a subp
  • Or.... (Score:3, Insightful)

    by AbbyNormal ( 216235 ) on Monday August 23, 2004 @08:45AM (#10043808) Homepage
    Drop the landline connection altogether. Its nice being able to call anyone in the world using your internet connection, but it seems a cooler solution would be some easy to use program that hooks your phone up to some chat utility. I realize that it would have to be a internet to internet call. Add your favorite encryption to the mix and voila no more fee's etc.
    • huh, how does this solve this problem? it doesn't.

      this problem is about having mandatory expensive tapping on that VOIP call of yours you would be making over the internet.

      dropping the landline having absolutely nothing do to with it(tapping voip)...
      --
      • um. no. this only for calls that pass trhough a regular phone system - i.e. VOIP Bob calls Land Line Sue for a good time. Skype or similar, used computer to computer, does not have to be wiretap friendly - but when it comes down to it, your ISP is probably happy to sell you out if it comes down to it.
    • Sure, but there are times when you want to be able to phone up Grandma... I'd like to see someone come up with something like this: http://www.tpc.int/ It's a loosely organized group of people who share their local fax modem and computer in order to minimize the 'last hop' to a fax machine. The idea would be that people could install their own VOIP=>POTS gateways and share them over the net. Of course, they wouldn't be any more secure than trusting some random hotel operator (only without any supervis
    • That's a very cool solution, indeed. Especially if you're saddled by problems like "people wanting to communicate with you." Not being accessible by any of the cell phones of the world or by anybody who doesn't have your particular internet phone client is a serious liability. In fact, it effectively limits your contacts to only those people you actively IM in the first place. And if a great deal of your friends aren't tethered to computers, you will never hear from them.

      Trust me, holmes. The month I
  • by bodrell ( 665409 ) on Monday August 23, 2004 @08:47AM (#10043836) Journal
    Any person who rolls their own VOIP can avoid being wiretapped at all. If I were a criminal who wanted to not be detected, I sure as hell wouldn't do my illicit communications over a regular phone, anyway. Much easier to just encrypt text and send it through insecure email. Even if the email is intercepted, who cares?

    Public/private keys are great and all, but for organized crime it would work just as well to use a symmetric cipher and just share the keys. If the criminals are all working together, it shouldn't matter if they all know the key.

    Anyway, it always rubs me the wrong way when the feds demand to have backdoor access to spy on us. It's bad enough they have the right to tap a phone at all, but now they're trying to make sure that ability is built into the software? No thanks--I'll use an offshore VOIP provider who doesn't have those nasty requirements.

  • Ditch the phone (Score:2, Insightful)

    by aklix ( 801048 )
    I havent used the phone in a LONG time, everyone i need to talk to is connected to an IRC network, or at the very least AIM (which i suspect logs the conversations anyways).

    That said most people say "why should i have to pay for the government to bug the phone lines?" Well, they have a reason to bug the phonelines, it's called security. They use it to catch criminals, and the US even got a hold of the terrorist messages before 9/11, too bad GB was too stupid to put it to use.
    • Re:Ditch the phone (Score:4, Insightful)

      by Hansu ( 234247 ) on Monday August 23, 2004 @09:07AM (#10044080)
      they have a reason to bug the phonelines, it's called security. They use it to catch criminals

      You misspelled 'invasion of privacy'. I always thought 'innocent until proven guilty' was somewhat dominant idea of US justice system. Obviously I was wrong.
      If you actually justify spying of people by the fact that some of them are (or may be) criminals you are stating, that all of them are guilty of a crime, until proven innocent.

      • Re:Ditch the phone (Score:3, Insightful)

        by Idarubicin ( 579475 )
        You misspelled 'invasion of privacy'. I always thought 'innocent until proven guilty' was somewhat dominant idea of US justice system. Obviously I was wrong.

        Yes, you're obviously wrong--you're just mistaken about which particular way you happen to be wrong.

        'Innocent until proven guilty' does not mean that police can only investigate crimes after they prove the guilt of the suspect. That doesn't make any sense.

        To search your home, car, or office, the police must obtain a search warrant. Do they have

  • On the bill (Score:5, Funny)

    by peterdaly ( 123554 ) <petedaly&ix,netcom,com> on Monday August 23, 2004 @08:50AM (#10043870)
    Oh how interesting things would be if the likes of Vonage added "Federal Wiretap Fee" as a lineitem on the bill.

    I bet some federal officials would get an earfull. If the general population will have to pay for this feature, they should at least know.
  • my own service (Score:5, Insightful)

    by mrpuffypants ( 444598 ) * <mrpuffypants@@@gmail...com> on Monday August 23, 2004 @08:50AM (#10043877)
    What prevents me from writing my own VOIP software and using that? Will it need to be wiretap-emabled as well? What if I use SSH or PGP to secure and authenticate the connections?

    Does the government really think that the terrorists are going to sign up for Vonage and not use Skype or their own small app?
  • by Skjellifetti ( 561341 ) on Monday August 23, 2004 @08:50AM (#10043883) Journal
    I've never understood how the VOIP cos. expect to survive long-term. VOIP is just another TCP/IP protocol like ftp or smtp. The only reason a VOIP connection requires a third party provider is because most of the phone network is still POTS and so VOIP cos are essentially brokers between the POTS and the internet. But eventually, most calls will be peer-to-peer across the internet just like most other IP protocols and there will be no need for VOIP cos.

    This makes the whole wiretap thing moot. The VOIP cos. won't survive anyway, so who cares if they die a little earlier because of some silly wiretap requirements?
    • VOIP cos are essentially brokers between the POTS and the internet.

      I'd like to claim the first no-shit-sherlock post in this thread.

      But eventually, most calls will be peer-to-peer across the internet just like most other IP protocols and there will be no need for VOIP cos.

      *sigh*

      Again, US != rest of the world. While this may be true in a more or less near future in the US, the rest of the world isn't the US and there are place in the world that don't have computers, or even the internet. Yes, really!
    • by Kordmp ( 731261 ) *
      1. Where there is money to be made, noone cares about how long you will be in business. Business these days isn't about survivability it is about how much money I can make now. 2. Non-Telco VOIP companies will probably not survive long-term...well at least not in the US. Telco VoIP companies will probably be running the ISP backbones in the next few decades. They will probably also decide what can and can't be sent across the link and right to cancel service if they believe you are using a non standar
    • by Jeff DeMaagd ( 2015 ) on Monday August 23, 2004 @10:14AM (#10044991) Homepage Journal
      If your internet connection goes down, how do you make calls, namely, for 911?

      The Internet connections most people have just aren't as reliable as electricity and POTS. It's not uncommon for ISPs to have planned downtime for a few hours every other month or so, but I personally haven't had a down POTS line in years.
    • by Frank T. Lofaro Jr. ( 142215 ) on Monday August 23, 2004 @11:36AM (#10046197) Homepage
      The public switched telephone network will never die.

      Packet based systems are too unreliable. You need to be able to reach 911, etc reliably, lives depend on it. How many times packets just get dropped? "Connection timed out" errors, etc? Much more than phone system failures. And with circuit swtiching, you know immediately and with certainty if the next link is up, and can provide feedback right away that the lines are down, allowing immediate rerouting (at best) or giving a notice to the user, such as a fast busy signal (at worst). With IP, you just have to wait for a timeout and then report it down, and it might have just been really overloaded.

      Also, dropped packets in an open conversation will cause severe artifacts in the audio. With circuit switching, once the circuit is up, it is up, unless some equipment or lines fail. No loss in quality due to dropped packets, or because your path over the net speed dropped from 64 kbps to 24 kbps due to congestion, and now YOU sound like you have (nasal) congestion to the other end because there isn't enough bandwidth to make the audio sound right.

      And if an IP link fails, it takes a while to know. Did the other person go silent, is the line dead, just congested, what? With circuit switching, you can tell immediately.

      IP is not the way for telephony.

      As long as there is a public telephone network, there will need to be interconnects between it and the Internet.
  • by n()_cHIEFz ( 203036 ) <{moc.liamtoh} {ta} {sfeihcon}> on Monday August 23, 2004 @08:51AM (#10043892) Homepage
    which is to say, the consumer of VOIP will foot the bill for allowing the government to listen in on our phone calls.

    Ummm, the consumer is going to have to foot the bill one way or another. If the Federal government chips in to pay for it, it's going to come from some form of tax, otherwise it's just going to be a higer bill from your VoIP provider.
  • doesn't wiretapping a VoIP conversation going through a microtelco not much more difficult than doing a tcpdump and sending the stream off to the authorities? And with ad-hoc VoIP connections, those that happen from machine to machine without going through a centralized server, surely it's possible to do the same thing at one of the two parties' ISP, with a regular subpoena.

    So what's the big cost here? if nothing else, it would seem less costly than a regular phone tap...
    • Oh my no, its much more expensive than you think.

      Firstly, theres all the hackers using something called "Linux", the young Feds were trained on MS Windows, and then they have to rebuild their FBI hard coded network monitor to operate on a port other than 80.

      Most of all, the retraining fees are needed because they are no longer using mice with balls, they have upgraded and now have mice with frikkin lazer beams attached to their underbelly.

      I fail to see really how this can be implimented without actually
  • nytimes.com talks about the reasons that development of commercial VOIP *in the US* may be stifled by the costs required to allow the federal government to listen in on conversations.
  • by Anonymous Coward on Monday August 23, 2004 @08:56AM (#10043953)
    Does it ever occur to anyone to wonder what the reaction of the founding fathers would have been to all this crap?

    "Hey, how about we

    (1) make sure the government can listen to folks' private conversations, and make 'em pay for the privelige?

    (2) restrict political protest to 'free speech zones' where no-one can hear it?

    (3) have armed government agents at all ports?

    (4) make everyone carry ID documents if they want to travel, and arrange it so we can secretly scan them without the citizen even knowing?

    (5) refuse to let someone travel if their name resembles the name of someone we have declared an enemy?

    (6) etc etc etc"

    Bottom line: do you think the framers would have

    (a) enshrined the government's right to do this crap in the constitution, or

    (b) enshrined the People's right not to suffer this crap in the constitution?

    It baffles me why Americans are not rioting in the streets.
  • Outdated thinking (Score:4, Insightful)

    by Sanity ( 1431 ) on Monday August 23, 2004 @08:57AM (#10043963) Homepage Journal
    This is yet another example of outdated "tail wagging the dog" thinking. Government regulation of the communication infrastructure is no-longer necessary, and the government is going to have to accept this fact.

    How are they going to force non-US VoIP companies to comply with this requirement? It isn't like there aren't already a variety [gnupg.org] of ways to communicate in a manner that thwarts government snooping, the fact that the old phone system made this relatively easy is no reason to cripple modern communication mechanisms.

  • by danharan ( 714822 ) on Monday August 23, 2004 @08:57AM (#10043964) Journal
    With allies like Congress, who needs competition?

    Put in idiotic, technically dubious and extremely expensive regulations, and watch as start-ups flounder. Meanwhile, watch foreign corporations refine their (simpler) systems and develop low-cost ways to deliver their service.

    The US now has a choice to make: paranoia or progress.
  • Comment removed based on user account deletion
  • Non-news (Score:3, Insightful)

    by Kombat ( 93720 ) <kevin@swanweddingphotography.com> on Monday August 23, 2004 @08:58AM (#10043986)
    This is really non-news. This is already standard procedure for all phone systems, and has been for decades. The same situation exists with both wireline and wireless phone systems. From practically the very beginning, phone companies were required to provided wiretap services to the authorities. As a former Nortel employee, this was something that we had to include in every single wireless switch that is sold. And no, the government doesn't pay for it. The phone companies (that is to say, the customers) eat the cost, and always have.

    The writeup makes it sound like this is some unfair, new thing being lobbed at VoIP. It's not. It's just applying the exact same rules that exist for current system to the new system.

    What next? "Government attempts to scuttle VoIP by requiring them to abide by 5 9's reliability and provide 911 service?"
  • ...which is to say, the consumer of VOIP will foot the bill for allowing the government to listen in on our phone calls.

    Newsflash: through taxes, consumers pay for EVERYTHING that the government does.
  • in the case of SIP, (Vonage, etc), the media travels as a seperate stream and you need to have access to the SIP packets to figure out what media packets to capture... However, the media packets could be anything, like voice data, and/or video data, and/or text messages, like Messenger for example, which also uses SIP. So not only does the gubment get to snoop on voice conversations, they get to snoop on video, and they get to snoop on your text messages. And as far as encryption goes, the encryption key
  • Fears for the future (Score:2, Interesting)

    by JaJ_D ( 652372 )
    Is it just me or does this entire concept scare the bejesus out of you?

    The fbi etal want, as a default option, the ability to listen in to ANY call made by VOIP. This means that, as standard, any/all calls can be monitored, any/everyone (even non-American people[1]) whenever they want or indefinatly.

    Now people can say "yes but they wont", but as soon as the Intelligent Agencies[2] have this nice new toy how long before they start a) using it, b) exploiting it, and c) turn it off.

    The more I see of the c
  • by PetoskeyGuy ( 648788 ) on Monday August 23, 2004 @09:30AM (#10044368)
    a little plugin that detects the wiretap and pops up a little notification dialog.

    "The drugs are hidden in the... "
    [Ding Dong - You've Got Feds!]
    "..medicine cabinet, just take two asprin and call me in the morning"

  • by telemonster ( 605238 ) on Monday August 23, 2004 @09:48AM (#10044581) Homepage
    Okay, the current system is called CALEA. I believe it consists of a Sun board in a generic box racked out at every landline, wireless and many large hotel (Vegas) switches. If you google for it there were some Phrack articles and other hack scene publications on them. I believe each one has a t1 interface, so that is 24 voice channels it can listen to. Maybe it can only redirect 12, as 12 other channels are required for redirection.

    So now Vonage and Packet8 would have to drop these on their switches, assuming they properly support the standards that the CALEA boxes use. They should have the advantage of easily providing this ability from a single point, I'd imagine their servers are all in a few locations.

    The funny thing is, you could just get a VOIP endpoint from a provider in a different country and wala, no CALEA. No fuss. Alot of long distance fees, though.

    The last job I worked at, supposidly our employer or a related agency listened in on the home telephone conversations of an employee. The rumor I heard was that an employee was under the scope for downloading hacker utilities (a utility that determines if a host is up by pinging it?). Supervisor heard, called employee at home from his cell phone, both got nabbed, the supervisor for tipping off the employee. This was at the Navy's NMCI project. This was the rumor going around, and I don't know who the people were.

    When we were younger we found what we guess were illegal phone tapes while xxx-99xx scanning. Too funny.

    There are also rumors that CALEA boxes are insecure, have been owned, are connected to the internet and are using public IPs. Another conspiracy theory says they were implemented by companies that are foreign owned and were being unknowingly used to listen in on the president and led to premature release of the Monica Lewinsky audio to reporters. That is all conspiracy theory, search around. You never know, the gov't does some pretty dumb things sometime.

    There is a good article in Business 2.0 about drug cartels using the data from phone switches to track federal agents and their people, by cross referencing phone numbers. They used an AS/400.

    And in case you didn't know, you can listen to a Popeye's chicken drive thru in Southeastern Virginia live... open http://audio12.hrconnect.com:8000/popeyes.m3u in any mp3 player that supports internet streams/m3u playlists. Enjoy! Don't forget, EST time.

  • by CurMo ( 172974 ) on Monday August 23, 2004 @09:54AM (#10044665)
    I was a software engineer on Nortel Network's VoIP "succession" line of products, and I can attest that wiretapping ability is something that was required for us to add.

    The issue is with conversations now being transmitted in packets as opposed to analog signals, its impossible to tap the wire conventionally. The only place you could do that is from where the signal is converted back to POTS (plain old telephone service) to the house. Which, in a perfect VoIP world, isn't going to even be an option as people are using things like cable modems as their VoIP gateways (so its digital all the way from the house).

    However, I don't think this "feature" hobbled our progress. It was just another feature in an extremely long list of features that were necessary. I don't think it took the engineer more than a week to implement, but possibly its more difficult in different architectures? (A key to Nortels architecture was being able to seemlessly integrate with POTS service, so digital->analog conversion was basically a built-in).

    Now, whether I agree with the "feature" or not is a different story, but I won't go into that....
  • Simple solution... (Score:3, Insightful)

    by thrill12 ( 711899 ) * on Monday August 23, 2004 @10:00AM (#10044760) Journal
    ... just like Kazaa, VOIP could put their NOC's in countries that do not support these laws [sealandgov.com].

    VOIP data can go encrypted from the US to the NOC's and from thereon routed to wherever it should go (again, encrypted).
    The only place where it is unencrypted is either at the endusers or maybe at the endusers and at the NOC.
    But even in the latter case, the NOC being in a country with no FBI jurisdiction, there should be no problem - privacy is thus protected.

    Or maybe, thinking out loud here, a Bittorrent like network of unassociated nodes can be laid out to secure communication. Most likely there are already some realworld examples of these.
  • *sigh* (Score:5, Insightful)

    by FireFury03 ( 653718 ) <slashdot@nexTIGERusuk.org minus cat> on Monday August 23, 2004 @10:24AM (#10045138) Homepage
    *sigh* no it won't kill VoIP because:

    • Believe it or not, the whole world doesn't hinge on the US - it may stop development by companies in the US but it won't stop the rest of the world. Once the rest of the world have VoIP the US will _have_ to catch up or be left out in the cold
    • The _only_ time you need to go via a 3rd-party VoIP provider is when you're gatewaying to the PSTN. Calls made purely over the internet don't need to go via "VoIP providers", they can be made as end-to-end calls in the same way as you SSH into a machine. You don't even need to pay a provider to route your VoIP calls since the ENUM system lets you translate normal PSTN numbers into VoIP URIs. So unless you're gatewaying to the PSTN I don't see how these laws are enforcable - you can't regulate end users like that. And if your call is ending up on the PSTN it's tappable there anyway.
    • IMHO eventually (hopefully sooner rather than later) the PSTN will die out in favor or a purely VoIP system. We will nolonger have those hard to remember phone numbers, it will all be tied in with DNS the same as the rest of the internet, so we won't even need PSTN to URI translation systems. i.e. at the moment you can phone IAX2/pabx.nexusuk.org/slashdot and you will get through to the speaking clock running on my VoIP server.


    So basically what I'm saying is that VoIP wiretapping regulations seem to be pointless. They can't prevent individuals from encrypting their own traffic when making direct connections to eachother anymore than they can prevent people from using SSH or HTTPS. And the only time 3rd party VoIP providers (who can be regulated) are even needed is when gatewaying to the PSTN, which can be tapped anyway.
  • De-centralize (Score:3, Interesting)

    by Fuzzums ( 250400 ) on Monday August 23, 2004 @10:24AM (#10045145) Homepage
    like DC++ or Kazaa.

    Provide services around the VOIP like a voicemailbox or a phonebook. charge for those services, not for the VOIP.

    Since you're not into VOIP, let the FBI go elsewhere with their demands.

    for free VOIP: http://www.speakfreely.org/
  • Maybe they should... (Score:4, Interesting)

    by Muad'Dave ( 255648 ) on Monday August 23, 2004 @10:25AM (#10045151) Homepage

    ...quit trying to force the use of technological solutions. I'd rather require them to physically place a bug in my cell phone (or PC mic) than require all of this accursed intrusion and cost.

  • by ca1v1n ( 135902 ) <`moc.cinortonaug' `ta' `koons'> on Monday August 23, 2004 @10:35AM (#10045331)
    The only reason we don't have mini-PBXs built into our home wireless routers already to handle this with ultra-paranoid encryption and key control is that we need backwards compatibility with POTS, or so we believe. The best way to solve this seems to be by usage creep. It's taken a long time, but for many people email has just about entirely supplanted postal mail, and the only exceptions to this are generally financial documents whose physical delivery is mandated by law. It's done so more by convenience benefits than cost benefits. When people realize that they can have conference calls and the like using VoIP, they'll really pick up on it. What we really need are VoIP services that are capable of handling either internet addresses or POTS exchanges as endpoints. If user@host rises to equal status in people's minds as (###)###-#### then we'll start seeing people dropping off the POTS network completely, and then we can really have decentralized phone service. When that happens, they can wiretap my phone calls when they pry my soldering iron from my cold, dead hands.

    If I had to guess where this trend was going to start, I'd say college campuses. Large companies have their own internal phone networks anyway, but they need to be reachable to the outside world. I ditched land telephones altogether as a result of college living, and I'm hoping to never go back, unless maybe for VoIP. College students are already using Xbox games for free long distance to their high school friends who have gone off to other institutions. They get to share all the gossip they normally would over their high-bandwidth, low-latency connection, except it's free, and if your buddy confesses that he hooked up with your old flame, you can shove a rocket down his throat.
  • disconnect (Score:3, Insightful)

    by Doc Ruby ( 173196 ) on Monday August 23, 2004 @10:52AM (#10045578) Homepage Journal
    Republicans have taken over the government so completely that they're inevitably confronting some of its "contradictions". Senator John Sununu Jr (R-NH) wants to keep VoIP free of taxes. The rest of the Republicans want *every* business to be free of taxes. But they want their government to perform expensive operations, like tap those VoIP calls. Since they have no accountability, they propose broken solutions that would get any programmer fired that afternoon, if suggested in a system that actually has to work. This should all come as no surprise in a country running a $.5 trillion war budget, and billions in tax cuts for the rich, on top of billions in corporate welfare.
  • Sports Analogy (Score:3, Insightful)

    by PingXao ( 153057 ) on Monday August 23, 2004 @12:37PM (#10046899)
    In sports a good coach will develop his game plans around his team's strengths. The best coaches are able to adapt to changes in the roster due to injuries, player moves, etc. The most successful coaches have always been able to adapt their methods and strategies accordingly.

    Law enforcement, on the other hand, wants everyone to adapt to their way of doing things. They've always been able, from a technological point of view, to listen in on telephone conversations. It was convenient and more or less easy for them to have that capability. Now technology is changing. Instead of learning to adapt they want to force new technologies to adapt to their methods. This is just dumb. Eventually there's going to be technology that is immune to eavesdropping and no law is going to change that. What are they going to do then, outlaw it? They should be using their resources to develop other ways to obtain infromation on the activities of criminals. And in my mind, using one particular form of technology should not be a crime in and of itself, regardless of the restrictions it may impose on law enforcement vis-a-vis what they've been able to do in the past.
  • I don't get it. (Score:5, Interesting)

    by pclminion ( 145572 ) on Monday August 23, 2004 @02:52PM (#10048755)
    Why do you people complain about this, but not about traditional wiretaps on traditional phones? You seem to think the government is eager to listen to your communications, yet the vast majority of people continue to use the telephone system regardless. Are you being purposefully inconsistent, or just stupid?

    Are you trying to say the government should never be allowed to eavesdrop on criminal communications even with a warrant?! I can't distinguish between that and anarchy. Can somebody please help me?

    • Re:I don't get it. (Score:3, Informative)

      by rfc1394 ( 155777 )

      Are you trying to say the government should never be allowed to eavesdrop on criminal communications even with a warrant?! I can't distinguish between that and anarchy. Can somebody please help me?

      I have no problem with them tapping phones with a warrant. What I have a problem with is their refusal to pay the costs involved, but instead requiring the entire rate base to pay the cost of the wiretaps that they want to use instead of having to pay for them out of their own budget. If the FBI had to pay the

      • Re:I don't get it. (Score:3, Insightful)

        by pclminion ( 145572 )
        What I have a problem with is their refusal to pay the costs involved, but instead requiring the entire rate base to pay the cost of the wiretaps that they want to use instead of having to pay for them out of their own budget.

        In other words, you want me to pay for it, even though I don't use VoIP? Where exactly do you think federal money comes from?

Over the shoulder supervision is more a need of the manager than the programming task.

Working...