Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Privacy The Internet United States Your Rights Online

FCC Asks For Comments On Internet Wiretapping 254

SECURITY GURU writes "Security Focus has posted a story about The Federal Communications Commission (FCC) launching a public comment period on its plan to compel Internet broadband and VoIP providers to open their networks up to easy surveillance by law enforcement agencies. The 1994 Communications Assistance for Law Enforcement Act (CALEA), a federal law that mandates surveillance backdoors in U.S. telephone networks, is what would allow the FBI to start listening in on Internet communications. The EFF, ACLU, and the Electronic Privacy Information Center all opposed the plan, and an ACLU letter-drive generated hundreds of mailings from citizens against what the group called 'the New Ashcroft Internet Snooping Request.' If you have a comment on why you don't want the governemnt reading your email please post it here. All comments are due by November 8th."
This discussion has been archived. No new comments can be posted.

FCC Asks For Comments On Internet Wiretapping

Comments Filter:
  • by turnstyle ( 588788 ) on Wednesday September 29, 2004 @08:40AM (#10382758) Homepage
    Interestingly enough, the EFF *wants* the government/music industry to tap how we use the internet when it comes to thier file sharing [eff.org] solution.
    • I call b.s. The kind of monitoring that's going on here is no different than a hosting provider that monitors how much bandwidth a customer is using, except that some packets (song1.mp3) are counted in one group and others (song2.mp3) are counted in another group.

      I'm all for appointing a dead guy over Ashcroft, but paranoia is only likely to miss dangerous abuses over normal behavior.
      • "I call b.s. The kind of monitoring that's going on here is no different than a hosting provider that monitors how much bandwidth a customer is using, except that some packets (song1.mp3) are counted in one group and others (song2.mp3) are counted in another group."

        No, it's not just about aggregate bandwidth consumption -- it's about tracking what files take up that bandwidth.

        It's not cool with me if ISPs are montoring my network usage to know what I'm doing, and it still baffles me that the EFF is act

    • p2p over the internet is essentially public space. there is no privacy in public.

      i mean, sure, the internet *could* be considered public space... but that'd be wrong.

      popular p2p networks could be policed while smaller "black market" p2p networks would pop up (oh hey! sounds familiar!) that circumvent the overseeing organization... i dont know

      /brain fart.
      • P2P means "point to point". When I sent a packet from my point to a packet at your point, I think of that as private communication that noone else has the right to monitor.

        The only thing that is public is the list of files that are available for sharing. The sharing itself, however, is a private transaction between two parties.

  • No reason for alarm (Score:5, Interesting)

    by MasterOfMagic ( 151058 ) on Wednesday September 29, 2004 @08:40AM (#10382760) Journal
    If you ever thought your unencrypted traffic was safe from snooping over the Internet, you get what you deserve. If you don't like the idea of a company divulging your secrets, don't use that company, or add another layer of encryption on top of it. PGPPhone over VoIP anyone?
    • by garcia ( 6573 ) * on Wednesday September 29, 2004 @08:51AM (#10382864)
      It's a slippery slope you see. Soon the assholes will want backdoors to encryption programs or they will ban them outright. Obviously only a terrorist wouldn't want the government to see their traffic.

      This isn't tin foil hat material folks... This is really what's going to happen if we continue down the road we have been traveling. If we don't stop it at the polls this year it's not going to be easily turned around.

      Governments (regardless of party affiliation) love to have power. If one party can get the public brainwashed into believing that the measures they are taking are both necessary and acceptable the other side isn't going to complain when they have just that much more control over the population...

      VOTE IN NOVEMBER AND PUT AN END TO THIS HORSESHIT.
      • Right, because covert government abuses were completely unheard of before 2000 and will be completely unheard of again after Kerry takes office.
      • VOTE IN NOVEMBER AND PUT AN END TO THIS HORSESHIT.

        I'm confused, do you honestly believe that Kerry would actually oppose the ability of law enforcement agencies to quickly and easily tap the internet communications of those suspected of crimes?

      • by Coppit ( 2441 ) on Wednesday September 29, 2004 @10:05AM (#10383495) Homepage
        Governments (regardless of party affiliation) love to have power.
        Here's my current .sig: "Government big enough to supply everything you need is big enough to take everything you have ... The course of history shows that as a government grows, liberty decreases." -- Thomas Jefferson
      • It's a slippery slope you see. Soon the assholes will want backdoors to encryption programs or they will ban them outright. Obviously only a terrorist wouldn't want the government to see their traffic.
        [...]
        VOTE IN NOVEMBER AND PUT AN END TO THIS HORSESHIT.

        If you think that a Democrat government would have done any differently, think again. ISP's in my country, the Netherlands, have been compelled to install backdoors for government snoopers for a number of years now, and at their own expense. This pol

      • It's a slippery slope you see. Soon the assholes will want backdoors to encryption programs or they will ban them outright.

        A good insight, except it's about 20 years too late; "they" already tried preventing the exportation of crypto, anad that battle has largely been lost (as I see it). Anyone and everyone can use near-military grade encryption and the US Government already can't do anything about it. The traffic they really care about in terms of national security is already encrypted (most likely) an
      • It's a slippery slope you see.

        I keep hearing of all these slippery slopes. We never seem to slide down any of them though. Perhaps it is tin foil hat material.
      • Soon the assholes will want backdoors to encryption programs or they will ban them outright.

        All the more reason to get as many people as possible using strong encryption *now*. Once use of encryption by rote becomes widespread (mainstream) there is no way it can be stopped. People in the US will NOT put up with the government having "backdoors" to their private communications. They've tried to get this before and the outrage was just too overwhelming - even without a critical mass of users.

        The NSA ma

    • by kfg ( 145172 )
      You're absolutely right, and anyone who thinks their email is a purely private communication is either ignorant and/or an idiot.

      That said, there is a huge difference between your ISP being able to read your email if they want to and having them compeled to provide that capability to a government agent.

      KFG
      • It is a major distinction, agreed, but it doesn't change the fact that it's a public network, and if they can't compel your ISP to hand over your email, they can just as easily intercept it BEFORE it gets to your ISP. Also, aren't most ISPs happy enough to hand over your email if they get a court order? It's always been an illusion of privacy, and if people think that a public network gives them any privacy, they are sorely mistaken.
        • by kfg ( 145172 )
          . . .and if they can't compel your ISP to hand over your email, they can just as easily intercept it BEFORE it gets to your ISP.

          Exactly.Your own rebuttal is my rebuttal to your rebuttal. Problem solved without the application of an offensive law that broadens the rights of the government to spy on its citizens.

          KFG
          • I'm not for the law, by the way. I'm just saying that if you think this gives them any new powers, you're wrong.
            • by kfg ( 145172 )
              I'm just saying that if you think this gives them any new powers, you're wrong.

              And I'm just saying that if you think this would not give them new powers under law you are wrong. There is a difference between capability and legal powers.

              There are technical defenses against technical snooping. There is no defense against law without becoming a criminal. The fact that they can interecept my email is something to consider when sending email and that's all, like sending a postcard. The fact that they are seek
      • I know there are individual programs/processes to encrypt parts of your traffic (PGPPhone, email encryption, freenet..etc). But, is there anything in development out there for us to all encrypt everything? A totally encrypted network within the network? I'd guess it would start with people running server/nodes like the nym servers that give you an access to the non-encrypted world but, in a private anonymouse manner....but, all traffic inside is encrypted.

        The freenet stuff is similar to what I'm talking ab

    • Or you could always send information encrypted on a CD-ROM, floppy-disk or flash card.

      Alternatively, you could always use a wireless access points to transfer information between computers without actually meeting.
    • by Sheepdot ( 211478 ) on Wednesday September 29, 2004 @09:04AM (#10382977) Journal
      Hmm... Let's see here. Name, Address, Email, and Phone. Yeah okay, filled out. After all, when the German government required registration for gun owners in 1938, they didn't immediately turn around and seek those people out when they banned guns. Err wait.

      I would highly advise you to *not* fill out this form with any legitimate info (which is probably required for the comment to be considered). In fact, I would falsly fill it out with the personal information of your state auditor, governor, or other public figure.

      I'm not a conspiracy theorist, but it should bother *anyone* that they request all this ridiculous information for simply leaving a comment.

      (Note: 1928 was the first gun registration, but it was "improved" in 1938 to include mandatory registration for any type of weapon)
      • by Tackhead ( 54550 ) on Wednesday September 29, 2004 @09:31AM (#10383191)
        > Hmm... Let's see here. Name, Address, Email, and Phone. Yeah okay, filled out. After all, when the German government required registration for gun owners in 1938, they didn't immediately turn around and seek those people out when they banned guns. Err wait.

        At the moment, they need your name, address, email, and phone number, and it's a disincentive for the public to participate - your post being a prime example.

        Which is why a wiretapped society could be good for democracy. You see, after they've tapped the 'net, you won't have to enter any identifying details. Ideally, you won't even have to fill out a form. When they want your opinion, they'll be able to just pull it out of the database!

      • there's a box at the bottom... under the big "OR" ... you can just leave a short 70 character comment if you dont want to leave all your vital info.
    • by Anonymous Coward
      How are you +5 again? Perhaps the moderators should google a little first. seeing how pgpFONE [mit.edu] is not much of an option: MIT is no longer distributing PGPfone. Given that the software has not been maintained since 1997, we doubt it would run on most modern systems.
    • 'If you have a comment on why you don't want the governemnt reading your email please post it here.'

      It's not I who have to justify or give any reason why I don't want my mail read; rather, the state must justify why they should have the right to read my mail.

  • by The Queen ( 56621 ) on Wednesday September 29, 2004 @08:40AM (#10382761) Homepage
    ...with that tired argument, "If you're not doing anything wrong, you have nothing to worry about."
    That is hardly the point.
    • I got into this argument with my wife, and that was her response to my frustrated defense of my privacy. How do I respond to this?

      Any response that involves the government abusing its power comes off sounding like a conspiracy nut. I'm finding it difficult to defend my privacy without sounding crazy.
      • by The Queen ( 56621 ) on Wednesday September 29, 2004 @09:55AM (#10383398) Homepage
        How about this one: lack of privacy leads to mass conformity, which leads to a loss of individuality, loss of creativity, and loss of PROGRESS. Artists, scientists, philosophers and dreamers are a NECESSARY part of society. Without privacy, there is no freedom - freedom to say, think, do and create.

        If that doesn't work, send her to my house. ;-P
      • "If you're not doing anything wrong, you have nothing to worry about."
        I got into this argument with my wife, and that was her response to my frustrated defense of my privacy. How do I respond to this?
        Like always: by saying You're right, sweetheart! ...
      • by Sven The Space Monke ( 669560 ) on Wednesday September 29, 2004 @10:47AM (#10384084)
        I answer it two ways. The first way is my favorite, and most agree with it. The second is a fallback that doesn't work often, but it's still worth a shot.

        1 - We all go to the bathroom. Everyone does. It's biological. Nothing wrong with it. At one point or another, we've all made embarrasing sounds in the bathroom. Again, nothing wrong. But who would welcome an intrusion in that private moment? I wouldn't. There are times where I am engaging in activities that aren't wrong, but I'd be really upset if someone was watching/listening in. The same goes for comunications of any kind. We all discuss things with people that we don't want others to know. Even if the person listening in is benevolent and has no interest in revealing our secrets (or honestly doesn't even care), we'd still rather have that unknown third party not know. For your wife, ask her if she'd have a problem with some government terrorist sniffer listening in on a conversation she had with her doctor about a yeast infection. The spook doesn't know her, doesn't care, and would likely rather not have been privy to the details - but I doubt that would comfort your wife. All she knows is that an intimate discussion with a medical professional has been monitored and possibly recorded in a massive databse, JUST IN CASE.

        2 - Sounds a little tin-foil-hattish, but here goes. Let's assume that we can trust the government of today not to abuse the power. We can pretend that everyone in power has the genuine intention of using this technology/law to stop suicide bombers (not a safe assumption to make, but hey - for the sake of argument, why not). What assurance do we have that the government of a year/5 years/10 years from now are just as trustworthy? We don't know that, we can't know that. But the law/technology will still be there, but the honest people it was meant for may be gone and replaced with a government you cannot trust. These things happen, even in American history (see: McCarthy, Hoover). Even if we can trust the leaders of today, it won't be the leaders who actually use the laws/technology. It will be hundreds or maybe thousands of government employees -- and anyone who has ever had experience with a civil servant can tell you that not all of them can be trusted. Maybe someone tries to get a job as a 'line sniffer' just so that they can listen in to private calls and jack off later to them (not likely, but hey - sick people exist). I know I'd feel violated because if that happened. Or maybe one of them hears something like a call between someone (such as a respected member of a conservative community) and asubstance abuse councelor about their secret addiction? Well, lookie-lookie. All of a sudden, this line sniffer has blackmail info. Or a more likely scenario - a call to a shop-by-phone company. With that one call, a crooked sniffer would have your name, address and credit card number. What's to say that government employees aren't subject to the same temptations as the rest of us? All it will take is time before you get the right combination of a morally-loose sniffer and the big promise of enough cash.

        Hope that helps!

    • My reply to "If you're not doing anything wrong, you have nothing to worry about." is this:

      If the government isn't doing anything wrong, you have nothing to worry about. With footnotes to Filegate [epic.org], Yasser Hamdi [humanrightsfirst.org], and Brandon Mayfield [cnn.com] to name three off the top of my head.

  • oh, nevermind
  • Why not? (Score:5, Funny)

    by Seeth42 ( 138589 ) on Wednesday September 29, 2004 @08:42AM (#10382775) Homepage
    Hey, if Ashcroft wants to read all my spam before I can purge it, can I get an ammendment to the act to allow them to delete it for me?
  • WE ARE CITIZENS! (Score:5, Insightful)

    by garcia ( 6573 ) * on Wednesday September 29, 2004 @08:42AM (#10382779)
    Why the hell are they asking people for arguments against it? It's obvious it's unnecessary. We have processes in place to allow for wiretaps. The processes might not be easy and that's a GOOD THING.

    Get your fucking warrant, set up your equipment, and do your thing. If that takes too long and you miss your chance to get what you need, tough fucking shit. I have no sympathy for you.

    Just because we were attacked (and have threats of more) recently does NOT mean that we should treat every god damn citizen like a criminal. Why can we not learn from the past? McCarthyism/Cold War??? Come on, wake up, do NOT stand for this bullshit.

    We are citizens and we have rights as such. Why the hell are we allowing the government to walk all over us? Make your complaints known to the FTC and in the polls in November.
    • by MasterOfMagic ( 151058 ) on Wednesday September 29, 2004 @08:51AM (#10382865) Journal
      Unfortunately, there are too many citizens willing to trade liberty for safety. They WANT the government to be able to look at the bad guy's traffic, and that's how the government bills this. They only time that they care is when it personally inconveniences them. That's not going to happen to the average Joe until everyone is using VoIP and the law enforcement officer starts snooping on THEM. It is not until they personally feel violated that they care. Otherwise, they're playing the, "must get the terrorist" game.
    • While I think there is no need for the general internet monitoring, I think you miss the point of this law on the VOIP side. The point is to make it so they can monitor VOIP calls with a wiretap warrant. As far as I know, they are not trying to get around needing a warrant (for a change) but trying to make sure that when they have a warrant it can be executed, even on VOIP phone equipment. They are extending the law for current phone equipment to the new phone equipment of VOIP, which I have no problem w
    • Why the hell are they asking people for arguments against it?

      They're probably just going gather data on each person that protests and mark them as people who's communications they should be intercepting :-)
    • forget privacy for a minute I am pissed at the cost of wire taps. I forget where I read it but that average wire tap costs around $50,000 most of that in labor. This seems to be yet another collosal moneysink for the government. Wire taps need to be harder toget if only because I don't like paying for them.
  • by Anonymous Coward on Wednesday September 29, 2004 @08:43AM (#10382783)
    Oh yeah, the constitution is kaput!
  • by Ckwop ( 707653 ) * on Wednesday September 29, 2004 @08:44AM (#10382798) Homepage

    Internet wiretaps don't make the world safer they do the opposite - they make the world less safe. Any serious criminal will encrypt their connection meaning that the only people a wiretap would be useful against are idiots.

    Wiretaps have been abused and these will also be abused - I'm not happy about giving police that power that the return is likely to be so small.

    Simon

    • All you need is a point anywhere along the network to receive all of the packets on that network.

      If its not your IP address, you're supposed to ignore 'em. They want to bug the phones, they don't ignore 'em. Its called sniffing.
      • AFAIK, if encrypted protocols like SSL are used, each of the two parties just generates a new public/private keypair randomly, and they exchange the public key, using certificates to verify the authenticity of the other party's public key. After that, all traffic from A to B is encrypted by A using B's public key, so only B can decrypt it using his private key (actually a symmetric key is generated and exchanged in this way and symmetric ciphers are used after that to improve performance, but this does not
    • by dirk ( 87083 )
      Most criminals are idiots. Most criminals are not computer experts, so they don't know anything about encryption, much less how to use it to secure their communications. The readers of /. understand encryption because we deal with technology issues every day. Most criminals don't do this, so they don't understand that encryption could save their ass. There are some who understand this I'm sure, but they are in the minority.

      As far as wiretapping havin the potential for abuse, you are correct. So do gun

      • Most criminals are idiots.

        We're weeding them out and, through evolutionary forces, hoping to create a new, more formidable and sophisticated criminal.

        Looking around, I'd say we're succeeding beyond our wildest dreams.

    • Or worse, it would mean that anyone who encrypts anything on the Internet could be subject to criminal investigation.
  • ACLU (Score:5, Informative)

    by spangineer ( 764167 ) on Wednesday September 29, 2004 @08:45AM (#10382809) Homepage
    The ACLU also has a site set up for reading more about what's involved and for faxing your petition - ACLU [aclu.org]
  • Just because they CAN tap into you communications doesn't mean the WILL. Law enforcement is still required to get a court order to tap into your communications. That means they have to have probable cause. Whichmeans there is a good chance you are doing something you shouldn't be. I don't see the problem here. Do we NOT wnat to havbe the bad guys taken down? Or should we all just get out the tinfoil hats because "This means the those wascally wepublicans will eavesdrop on my porn line calls! Oh No3s!
    • I disagree, anyone who CAN, WILL. It also depends on "who" wants to know what you are saying. FBI agents do not need a court order to tap any of your communications.

      The spirit of the constitution wasn't based on WILL it was based on CAN, or more specificly CAN'T. Laws usually last a really long time, just because it isn't resonable for someone to use a law to a certain end now, doesn't mean they won't in the future. Look at the anti-trust laws, or whichever "This will NEVER be used to...." law of your ch

      • Re: (Score:3, Insightful)

        Comment removed based on user account deletion
        • by funkdid ( 780888 ) on Wednesday September 29, 2004 @10:08AM (#10383541)
          The final version of the anti-terrorism legislation, the Uniting and Strengthening America By Providing Appropriate Tools Required To Intercept and Obstruct Terrorism (H.R. 3162, the "USA PATRIOT Act") limits judicial oversight of electronic surveillance by: (i) subjecting private Internet communications to a minimal standard of review; (ii) permitting law enforcement to obtain what would be the equivalent of a "blank warrant" in the physical world; (iii) authorizing scattershot intelligence wiretap orders that need not specify the place to be searched or require that only the target's conversations be eavesdropped upon; and (iv) allowing the FBI to use its "intelligence" authority to circumvent the judicial review of the probable cause requirement of the Fourth Amendment.

          The FBI already has broad authority to monitor telephone and Internet communications. Current law already provides, for example, that wiretaps can be obtained for the crimes involved in terrorist attacks, including destruction of aircraft and aircraft piracy. Most of the changes to wiretapping authority contemplated in the USA PATRIOT Act would apply not just to surveillance of people suspected of terrorist activity, but to investigation of other crimes as well. The FBI also has authority to intercept communications without probable cause of crime for "intelligence purposes under the Foreign Intelligence Surveillance Act ("FISA"). The standards for obtaining a FISA wiretap are lower than those for obtaining a criminal wiretap.

          Minimal and Inadequate Standards for Access To Internet Communications Section 216 of the USA PATRIOT Act substantially changes current law. Under current law, a law enforcement agent can get a pen register or trap and trace order requiring a telephone company to reveal the "numbers dialed" to and from a particular telephone. To obtain the order, the law enforcement agent must simply certify that the information to be obtained is "relevant to an ongoing criminal investigation." This a very low level of proof, far less than the probable cause standard (probable cause that a crime has occurred, is occurring or will occur.) - a standard that must be met now to authorize access to the contents of a communication. Under the proposed Section 216, the judge must grant the order upon receiving the certification. Even if the judge disagrees, and believes that law enforcement officers are on a fishing expedition that will yield up no relevant information, the judge must issue the order. The judge is therefore not positioned to protect the privacy of a person's telephone communications; he wields a rubber stamp.

          Section 216 of the USA PATRIOT Act would extend this low threshold of proof to Internet communications that are far more revealing than the numbers dialed to or from a telephone, and to portions of e-mail communications that cannot readily be separated from content. Section 216 gives law enforcement agents who obtain pen register and trap and trace orders access to "dialing, routing and signaling information." The bill does not define those terms. They would apparently apply to law enforcement efforts to determine what websites a person has visited. This is like giving law enforcement the power -- based only on its own certification -- to require the librarian to report on the books you had perused while visiting the public library. This is extending a low standard of proof -- far less than probable cause -- to "content" information even while Section 216 purports to exclude content.

          The contents of a telephone call are readily separated from the telephone numbers dialed to and from a telephone. However, the same cannot be said of an e-mail address and the contents of an e-mail message. This information moves together in packets. To execute the pen register and trap and trace orders authorized by Section 216, somebody must separate the e-mail address from the contents of the e-mail message of the target. The FBI's answer to this problem is troubling. It obtains access to the entire message. Then, it asser

    • Law enforcement is still required to get a court order to tap into your communications.

      They are also supposed to have arrest warrants and follow do process to hold people. Especially if they are arrested inside the country. I think a few Muslims in our generation, and Japanese in our grandparents generation, may have something to say about that.

  • by reporter ( 666905 ) on Wednesday September 29, 2004 @08:45AM (#10382817) Homepage
    Unlike the telephone, wiretapping has only limited utility on the Internet. A culprit with a sinister motive could communicate with his accomplice by using encryption (e.g. PrettyGoodPrivacy) to send and receive e-mail. The culprit would not be submitting articles to bulletin boards on Slashdot. Further, the culprit would not be engaged in conversations on real-time chat rooms. The culprit would confine herself to only those forms of electronic communication that can be encrypted.

    • "The culprit would confine herself to only those forms of electronic communication that can be encrypted."

      Not necessarily...this would tend to hold true where the 'culprit' had knowledge of decent levels of security or any technical expertise. There are more spammers out there that know about the technologies concerned than 'terrorists', who've been getting unwarranted 'bigging up' by Hollywood.

      The main problem with all of this is that people don't trust their government to take a dump without handy in
  • by Lord Grey ( 463613 ) * on Wednesday September 29, 2004 @08:46AM (#10382823)
    Previously, we could only say something like, "Someone may tap into your communication channel" to steal credit card information, listen to your VoIP, etc.. Better start using encryption! Lots of people ignore vague warnings like that. This would give us an actual "enemy of privacy" to point at.
  • by WormholeFiend ( 674934 ) on Wednesday September 29, 2004 @08:47AM (#10382833)
    But aren't "they" doing it already with ECHELEON [wikipedia.org]?
    • by I confirm I'm not a ( 720413 ) on Wednesday September 29, 2004 @09:02AM (#10382960) Journal

      Yes, but Echelon only provides as much intelligence (on US citizens in the USA) as Canada, the UK, Australia and New Zealand [1] can gather electronically. This will allow the (US) Three Letter Agencies to gather much more intel, much more freely.

      [1] Echelon is the UKUSA nations - USA, and the 4 listed above. It's a neat way to for the five nations to avoid spying on their own citizens - by getting their allies to do it.

  • by NoMoreNicksLeft ( 516230 ) <john.oyler@noSpAm.comcast.net> on Wednesday September 29, 2004 @08:47AM (#10382836) Journal
    We're already implementing https and ssl irc over our network... not that they'll see even that far, they'll likely never see past the exterior VPN tunnels.
  • by Jakhel ( 808204 ) on Wednesday September 29, 2004 @08:49AM (#10382852)
    If you have a comment on why you don't want the governemnt reading your email please post it here.

    Don't you mean, "if you want the government to flag your IP address as a potential "iCriminal" post your comment there..along with your home address so we'll know where to send the net cops when it's time to serve warrants"?

    Then again, it's not like Ashcroft will make decisions based on the peoples' opinions anyway. I am willing to bet that this is just an attempt at gaining the public's confidence by providing an open forum (regardless of how useless it will be) for gripes and concerns.

  • by Kumorigoe ( 816912 ) <rromig@hotm a i l . c om> on Wednesday September 29, 2004 @08:50AM (#10382857)
    For all of those thinking that this is a step in the direction of government regulation of the internet... Wake up. There is no way possible to regualte, of even monitor all internet-based communication. Anyone here who has heard of ECHELON and CARNIVORE knows how unreliable and backlogged those two systems are. One created to monitor VoIP would be similarly handicapped.
    • "Anyone here who has heard of ECHELON and CARNIVORE knows how unreliable and backlogged those two systems are."

      Thank god we're limited to 2400bps, 386 processors, bus speeds of 7Mhz, and these things are never updated.

      As quite a few people here use naive bayesian filtering on their email, it doesn't seem entirely out of sorts that Carnivore and Echelon could end up extremely effective in, say, pulling out corporate secrets from specific email addresses, or other such market cornering activities.
  • by salimfadhley ( 565599 ) <ip@stodge.FREEBSDorg minus bsd> on Wednesday September 29, 2004 @08:54AM (#10382882) Homepage Journal
    The whole point of VOIP, is that it becomes so easy to set up your own private voip exchange. You dont need to use your ISP for anything other than carrying encrypted TCP/IP.

    So all you really need is a VoIP system like Asterix and Pingtel, plus some standard VPN software at the sites where you need to use it.

    So with off-the-shelf and open-source software you can create a network that is both isolated from and most likely incompatible with federal wiretaps.
  • Why should... (Score:5, Insightful)

    by jeffkjo1 ( 663413 ) on Wednesday September 29, 2004 @08:56AM (#10382900) Homepage
    Why should the government require private corporations to pay to give the government easier access to their networks. That's what this is, an unfunded mandate. The government doesn't care how technically difficult this is, or how much it would cost to implement.
    • IANAL

      I guess this is a matter of how much you trust them and what is being done by the companies and their customers.

      We know how willing corporations are to follow regulations...that's why we have no problems with corporate corruption.

  • by Nuclear Elephant ( 700938 ) on Wednesday September 29, 2004 @08:57AM (#10382912) Homepage
    Send Comment Files to FCC (Attachments)

    BAD idea. I wonder how much ASCII Donkey pr0n they're going to get.
  • durisdiction (Score:2, Interesting)

    by Anonymous Coward
    what happens to the rights of the other party in the conversation if the conversation happens to be international?
  • How about... (Score:5, Insightful)

    by LilMikey ( 615759 ) on Wednesday September 29, 2004 @09:10AM (#10383015) Homepage
    ...creating holes and backdoors in these services will lead to exploits of those holes and backdoors above and beyond our kind benevolent government. Only a fool thinks that ISPs and government are above the curve when it comes to hackers.
  • by Anonymous Coward on Wednesday September 29, 2004 @09:11AM (#10383024)
    If you have a comment on why you don't want the governemnt reading your email please post it here.

    Or simply email your comment to a friend ;-)
  • If I were a bad guy, intent on committing something evil, here's what I'ld do:

    1. Setup several email accounts. Most are reserved for sending bogus traffic (trolling for ye olde jack-booted thugs). One or two will be reserved for actual correspondence.
    2. When zero-hour approaches, send messages indicating "something will happen in (some place) on (some date)" using the trolling accounts. The message is intended to draw attention and resources away from the actual target and attack methodology. These would be encoded using a method with known problems. The encoding method used should be crackable, but not easily - We can't appear to be too st00pid.
    3. Send all "real" correspondence via high security encryption. To make it more interesting, I would pre-arrange with my cohorts that only messages sent at certain times of day, even using the "real" accounts, would be considered valid. All other messages would be "bait".
    I'm sure I'm not the first to come up with something like this. I'm pretty sure the Allies sent many bogus messages prior to the Normandy invasion. [utexas.edu]
  • by inmate ( 804874 ) on Wednesday September 29, 2004 @09:24AM (#10383142) Homepage
    the BBC just ran a story on how the FBI are already drowning under a huge backlog of telephonic recordings.
    http://news.bbc.co.uk/1/hi/world/americas/3696344. stm [bbc.co.uk]

    any more 'surveilance' just doesn't seem very practicle to me.

  • by Nuclear Elephant ( 700938 ) on Wednesday September 29, 2004 @09:26AM (#10383162) Homepage
    For those of you who don't take crap like this seriously, just look at how far we've come with disolving American's rights since pre-9/11. I don't care if they don't take me seriously, I'm at the very least chiming in with them. Here's my comments to them below.

    I have been involved with Internet architecture and security for more than ten years. I must warn you that what you're about to do will be devastating to privacy on the Internet and will ultimately lead to such a strong distrust of the Internet that it may render it useless for any type of corporate or personal communication. There are three very serious issued here that must be discussed.

    First, the effects of putting a full-blown monitoring system in place, aside from its immense cost to the taxpayers, will ultimately lead to only one conclusion: a wide open hole for any Internet hacker to direct their exploits at with the reward of full access to anyone's information on the Internet. Security of such a tool would be futile, and trusting a government agency with the security and management of such a tool dangerous in light of the government's inability to secure their own systems. Privacy concerns, corporate espionage, and even snooping on other government agencies are all serious concerns that would undermine America's use of the Internet.

    Second, Abuse by those in control. Supreme court justices and high officials are not those many are concerned about with regards to abuse - these individuals are not the individuals who are commissioned to secure and manage such a system. It is underpaid government systems administration staff who would be responsible for managing it, people who are very likely to abuse their power to snoop on the private correspondence of others. Keep in mind we're not necessarily just talking about email, but personal media (pictures for example), online banking communications, and even possibly streaming video which should remain confidential from prying eyes.

    Third, Electronic correspondence is all too easily analyzed and mined. Clandestine government operations to collect and store data about an individual over a period of years could easily compromise the integrity of the Internet as a whole and lead to the unjust profiling and intervention of law enforcement agencies who seek to use the information for purposes other than wiretapping.

    I sincerely hope you are giving this the most critical analysis possible. The 1994 CALEA law was not passed for Internet surveillance; it was passed for telephone wiretapping. In 1994, the Internet wasn't a legislative concern, therefore to allow the FBI to apply this act to the Internet's backbone is a terrible travesty of justice. Do not allow the FBI to become the legislative branch! Demand that a law be passed specifically for Internet wiretapping before you consider anything. If a system like this were to be put in place, I for one would strongly consider abandoning the Internet and I suspect millions of others would do the same.
  • by Thrymm ( 662097 ) on Wednesday September 29, 2004 @09:32AM (#10383198)
    If this passes and becomes mandatory, you know who gets the shaft in the end? The people. VoIP companies will blatently use this to pass the buck and probably even moreso than what it will cost to implement the back door all in the name of the dollar. The people get screwed on rates as it is in many cases, here's another to pill to swallow!
  • Cue the ill-informed Ashcroft bashing.

    We all (well.. all of us who aren't conspiracy nuts) recognize that the Government has the right to tap a telephone line under limited circumstances, with probable cause, and with a court order. I don't see why the "internet" or "on-line" should be any different. As long as the right checks and procedures exist (like court orders) and are followed, then there will be no problem. Remember, any information that is gathered is subject to challenge by defence lawyers in c
  • Question: Do the same rules that apply to tapping phones apply here?
    IIRC, in order to get a tap, the law enforcment folks have to get some kind of warrant from a judge, and the have to show proabable cause as to why they want the tap. And even after they get it, and the records, the defendant can still challenge the original warrant, and have the wiretapping thrown out at trial. I think.

    If the same requirements exist for tapping someone's IP connection, then what's the worry? So the ability to do
  • Crypto, at least in this country - is perfectly legal, and has a decent legal basis for being legal.

    Something like this will provoke widespread adoption of cryptographic measures, and don't forget, the world doesn't stop at the US border. Worldwide adoption puts pressure on to support and that starts a positive feedback loop.

    Yes, governments will then start to clamour for backdoors - and then we can have a much more heated debate about what we want the western world to look like in 50 years.

    I suspect the
  • What's a "provider"? (Score:4, Interesting)

    by Gorimek ( 61128 ) on Wednesday September 29, 2004 @11:04AM (#10384315) Homepage
    The interesting question here is what they'll do about homegrown/open source systems. If I write VoIP software and talk to my friends through it, will I/it be considered a provider and forced to supply this tapping service?

    If no, it is so easily circumvented that it will only catch stupid and careless criminals. Note that this may well be a large portion of the target population and ebough to make this worthwhile.

    If yes, it seems extremely intrusive, and since I would be my own provider in this case, also fairly useless. When they order me to implement the tap on my self, it will probably make me more careful what I talk about.
  • Attention!
    Your attention please!
    A newsflash has this moment arrived from the [suburban] front.
    Our forces in [your house] have won a glorious victory.!
    I am authorized to say that the action we are now reporting may well bring the war within measurable distance of its end.
    Here is the newsflash:
    times 17.3.04 gwb speech malreported africa rectify
    times 19.12.03 forecasts 3 yp 4th quarter 83 misprints verify current issue
    times 14.2.04 dhs malquoted code orange rectify
    times 3.12.83 reporting gwb day order
  • First off, without such a law, I think the admissability of such evidence in court would be suspect. If you want some of the undesirables (child pron distributers, etc.) off the net, there has to be a mechanism by which the government can collect and present evidence. IANAL, but without a legal mechanism for wiretapping, wouldn't such evidence be inadmissable?

    Second, the bloody thing grew out of DARPAnet right, and DARPA stands for what? And who pays DARPA's bills? I'm not drawing any conclusion here,

  • Due to the nature of the Internet, the ability to "tap" into communications is difficult. It places an unfair onus on service providers for very little benefit, past a "big brother" ability. This is due to the ethereal nature of Internet communications. Independent enterprise should not be a legal enforcer. We already have laws that require the disclosure of records, etc. There is no need to expand the reach of the observational capabilities. Not to mention the fact that if there are any exemptions, suc
  • If we don't have these types of measures...how do you do?

    I respect a persons right to privacy but..

    When all is said and done...when someone does something against the law...how is the legal system suppose to prevent illegal acts from happening or gain proof of a wrong doing in the high tech world?

    Do you pick up the pieces after the crime (and hope no one was killed or all the money was taken) or do you try and prevent it?

    If you pick up after the crime then it seems to me normal legal procedures(getting
  • C'mon people, just do it. Generate a key if you don't already have one. Put it up on biglumber [biglumber.com]. Then meet with other people in your area for a keysigning party. Meet others when you travel.

    Too shy to meet? Sorry to hear that; I think you'll enjoy meeting other nerds. I have. But if you can't handle it, then at least get signed by a robot. [toehold.com] It's better than nothing. (Really. That's actually a debatable point, but I say it is.)

    We nerds can form the backbone WoT infrastructure, then non-nerd leaf-

  • Oh, please. (Score:3, Insightful)

    by Fantastic Lad ( 198284 ) on Wednesday September 29, 2004 @02:53PM (#10386997)
    There is already full-spectrum surveillance in effect. What? Echelon and similar systems can't understand emails or VoIP? You think high-level encryption is any defense? Give me a break. These are people who can hear your conversations in a running shower stall from freekin' orbit if they so choose. Even a lightbulb can be a two-way transmitter if you have technology sensitive enough to exploit them, which some groups certainly do.

    This FCC request is two things: 1. A piece of PR bullshit which only affects a meaningless department within a meaningless department, and which is primarily designed to shape public consciousness and herd populations. And 2. to clarify the list of trouble makers for later liquidation.

    In short, the powers that matter are not going to ask your permission before eavesdropping.


    -FL

Understanding is always the understanding of a smaller problem in relation to a bigger problem. -- P.D. Ouspensky

Working...