Slashdot Mirror
Net Taps Without Warrants?
disappear writes "In the wake of yesterday's threats to cryptography, more ominous news: Wired News reports
that a bill permitting warrantless Internet surveilance has been passed by the Senate." This is just part of the expected and unfortunate backlash from tuesday. The terrorists are winning simply because the govt. can use their threat as a blank check to take away our rights. The worst part is that this will do no good whatsoever. Does the govt really think that crypto export restrictions have prevented terrorists from having strong crypto?
Yeah, so all new versions of encryption software are gonna have to include backdoors so government officials will be allowed access if they need it. Great idea, but uhm, who exactly is gonna make the terrorists all upgrade to the new version?
--It's Pimptastic!--
Many civil liberties are restricted during threats to "National Security." Ever heard of martial law and curfews?
personal attacks hurt, especially when deserved
Sadly the acts that the terrorists took part in on Tuesday were very much conventional warfare, in that it was likely planned and executed through a cell-structure, and with conventional 'weapons' (ie non-NBC).
I wonder if the Internet was used heavily in this action, and if it would be used heavily by such groups in the future. we all know the security issues involved with using technology (and read that as a privacy issue as well). Its been reported that bin Lauden doesn't use cel phones or other wireless devices any more to keep the US from triangulating or tapping in on his communications. Much as I hate to admit it, these people arn't stupid. Tapping the internet without warrants won't keep them from communicating, they'll go to other methods less easy to tap.
Meanwhile we loose a bit more of our own liberty. There is the first lesson, and likely the terrorist's first victory.
Beware the Whyte Wolf.
With a gun barrel between your teeth, you speak only in vowels...
Civil liberties are most affected at times like this - when the majority are affected by some sort of crisis or bloodshed. This move would work for a month or an year, till FBI or the Govt is successful in rooting out this evil. At the end of it they would claim Carnivore helped them bring these criminals to justice, the same way Patriot missiles were at first claimed to have a 90% success rate, where as later it was found that the success hits were much much below the previously claimed numbers.
Similarly FBI and the Govt would use Carnivore in a similar way, touting its use among the people without deriving anything valuable out of it. And when the war against Bin Laden is over, they would turn it on us, the people. By then, it would be too late. Any efforts to revoke Carnivore would never win, as the Govt would be quick in pointing out that its needed to prevent further bloodshed, and the Congress would happily send Carnivore on its way.
Civil Liberties have been trampled on the ground once again and theres nothing we can do about it right now. Lets stand on the sidelines and watch, for now.
Rapid Nirvana
Is any representative of the FBI or of Congress presenting any evidence at all that the Internet was an indispensible part of the attack on Tuesday?
Sen. Leahy (D-VT) and Sen. Levin (D-MI) are the only ones asking for restraint and thought before bulling forward with this amendment to the Commerce, State and Justice appropriations bill (which is sure to pass).
"1984", author George Orwell, 1949, ISBN 0-679-41739-7
Free cell phone tracking
I'm hoping that one of my USian friends put this in front of the right sets of eyes. Let freedon reign.
Soko
"Depression is merely anger without enthusiasm." - Anonymous
A lazy man's paradise, right? You can just sit back, not worry about your Constitutional rights, because they'll all be protected for you.
That's dead wrong, and life does not just go on as usual for many people in the U.S.. You obviously need to brush up on your history, as an immediate example comes to mind: the Espionage Act of 1917. Passed in support of WW1, it horribly abridged freedom of speech. People were thrown in jail with extremely long sentences for such things as writing communist literature, and one man was beaten to death after being arrested under it. Here's the best web page I could find on it in short notice, but I recommend heading down to the library and finding a good history book.
"They that can give up essential liberty to obtain a little temporary safety
deserve neither liberty nor safety."
- Benjamin Franklin, Historical Review of Pennsylvania, 1759.
"A microprocessor... is a terrible thing to waste." --
GeneralEmergency
Sadly, terrorism is the perfect threat for those who want to take liberties away. Liberties are always curtailed in wartime (read the Bill of Rights: writs of habeus corpus can be suspended during war) and everyone in Washington is saying that this is a war. But in a normal war there's a clear enemy, and some way of telling when the war is over. Fighting against terrorists, though, there is nothing but a mass of shadows. There's no way of telling when they've all been caught of have given up, so there's no way to tell that the fight is over. That means that there's no time when the liberties that are ignored in the interests of pursuing the war should be reinstated- so they likely never will be. We must fight to preserve them now or we can kiss them goodby forever.
There's no point in questioning authority if you aren't going to listen to the answers.
It is still very difficult to get a wiretap warrant, both for email and telephones; the burden of proof is extremely high. Now, I'm not saying illegal wiretaps are not done, but it's still just as difficult to get one legally. I'm not in law enforcement, but I'm also not a paranoiac. Mod me down for both acts of reason.:P
jaz
Death to Argument by Slogan!! (This post twice-encrypted with ROT-13. Replies not using same will be ignored)
Dear XYZ,
Like you, I am aggrieved at the tragic loss of life resulting from the horrendous events of Sept. 11. Every American has been touched by this trauma which will linger forever in the memory of our nation.
Though I want to see the perpetrators of these acts brought to justice, I must beg you not to compromise American civil liberties in your pursuit of justice. The loss of American citizens' ability to move and communicate freely would be a greater casualty than the thousands killed Tuesday morning.
Benjamin Franklin said that those who give up necessary liberties for security deserve neither security nor freedom. I must echo his sentiment. Do not allow our sacred rights of freedom of speech, association or movement to be abridged in the coming days of difficult choices. America's enemies hate us precisely because we are a free and open society, and they fear the potential that that represents. Do not give them the victory they cannot themselves win by destroying the core of our society, our beloved liberties.
God Bless America,
"Research is what I am doing when I don't know what I am doing." -- Wernher von Braun
Does the govt really think that crypto export restrictions have prevented terrorists from having strong crypto?
/. crowd is being fair with this one. The idea isn't to stop the criminals from using crypto; it's to make it a slightly faster process to DEcrpyt their stuff.
::flamesuit on:: Actually, that's probably not the reason the gov't wants to ban crypto. Think about it for a second:
Every day thousands of geeks and perhaps dozens of terrorists send back and forth messages that have been encrypted. The geek messages may be frivolous, just simple messages about life and groceries and the kids and other trivial things. Even if they have a right to, there's no real reason for geeks to encode these things. Big Brother doesn't give a rats ass about what you're writing.
Now, make it illegal to encrypt messages (example) and this flow of messages from the geeks will cut of SLIGHTLY. However slight, the decrease in the number of encrypted messages intercepted per day could drop, thus translating into fewer messages that need to be decrypted and thus translating into faster processing time for the NSA (or whoever).
Do I support this? No. But I don't think the
Give the gov't some credit. They're not stupid. Just misguided and corrupt.
student of animation and the fine arts
Complacency contributed to this disaster. The couple of security exposures I can highlight immediately: 1) You don't have to go through a security checkpoint again when you get off a plane and board a new one. You should. 2) Procedures for pilots handling unruly passengers. Were pilots trained to hole up in the cockpit and land at the nearest airport (And possibly lower the cabin pressure to the point where everyone in the back passes out) when something like this is going on, this incident would never have happened. Cryptography is not the danger, complacency is.
The Internet is already years behind where it should be because the US Crypto Stance has pretty much eliminated the possibility of a commercial software package using cryptography on a large scale. Cryptography is vital for the authentication of identity on the net and this application has gone largely unimplemented. How many illegal stock manipulations would have been prevented if all companies PGP signed all their press releases, for instance? And spam could be all but eliminated if everyone encrypted their E-mail and refused messages not encrypted to their key. It seems to me that lawmakers want to put the genie back into the bottle not by eliminating all crypto software but by eliminating the Internet itself. This is just one of several increasingly unfriendly pieces of legislation introduced recently.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Simple: The FBI is, when they knock on the terrorist doors.
If your computer is caught sending packets that are labeled (e.g. GPG headers) as encrypted, your computer will either be bugged to get your password or seized to search for plaintext secrets. In theory, this will allow terrorists to be subjected to legal scrutiny while they are still conspiring about acts of terrorism but before those acts are committed.
In reality, it won't work that way:
In otherwords, we're giving the government authority to review every law abiding citizen's digital communications, without judicial oversight (the FBI had your email, and you're going to take their word for it that nobody, with or without official permission, looked at it?), and without impairing the ability for lawbreakers to engage in undetected low-bandwidth communications (and you don't exactly need to videoconference to plan a terrorist attack) at all.
Did I miss anything?
Kids today. Never teach 'em history.
Perhaps you ought to spend some time reading US history, focusing on government agencies who are supposed to be involved in law enforcement and the like.
During the time J Edgar Hoover headed the FBI, which was founded to focus on interstate crime, he refused to allow it to focus on the Mafia, and pronounced on more than one occasion that there was no such thing; all those high-profile Mafia busts of the thirties and forties were by the US IRS, or by State and Local police acting at the behest of District Attornies or Governors.
What did the FBI spend its time on? Un-American activities! The FBI spent most of the Fifties looking for "Communists" while ignoring the Mafia, and most of the Civil Rights era ignoring racial crimes while harrassing and trying to shut down Martin Luther King.
There's plenty of precedent to make you scared of the BFI getting more rights, because they're more likely to come after citizens exercising their democratic rights than criminals or terrorists.
For that matter, the NSA already have a bottomless budget, Echelon, and virtually no oversight. They have nearly limitless powers. Why didn't they notice this? Why would giving the BFI more power, like the NSA, help?
People are missing the other ramification of a mandated cryptographic backdoor.
I'll bet that within a week or two, the backdoor is cracked, even if there is some 'sealing technique' used in the software. After all, they cracked Microsoft's AARD, and that was pretty thoroughly protected. Within another week, organized crime, Drug Lords, and even terrorists will have access to it.
Once the backdoor is cracked, encryption is effectively worthless for anything but protection against other law-abiding citizens. But that's not the worst.
One of the most essential uses of crypto is SSH, OpenSSH, and the like, so we can administer the machines that make the Internet hum. Even WinNT/Win2k uses an encrypted channel for admin. Except now we're mandated to use only crypto with a backdoor, and the blackhats can open it, too.
No secure remote administration. No secure credit transactions. No Internet. No nuthin. It all falls apart.
The living have better things to do than to continue hating the dead.
Yes, this is scary stuff. Pay attention to section (E) and you'll see that it only refers to those crimes which 18USC1030(c)(2)(C) applies. From that section:
Now, let's go looking at (a)(4), (a)(5)(A), (a)(5)(B), or (a)(7), for those of you with clean sheets (if you don't have one, you're hosed, as pretty much anything under 18USC1030 gets punished under (c)(2)(C) if you're a repeat offender, as the other portions of (c)(2)(C) point out):
Note that (a)(5)(C) was specificially excluded:
Subtle shading between (a)(5)(B) and (a)(5)(C), but the key is recklessly causing damage versus simply causing damage.
Essentially, going item by item, if you
then you're open to this, according to the law . Now, all the white hats, and an overwelming majority of the grey hats, can likely agree to these conditions. That being said.. There are enough loopholes here to drive a truck through, and I doubt that prosecutors will take the full time to research those specific sections of 18USC1030 which this newfound power would allow them to use. Three cheers to the first person who beats the "slam dunk" case because a prosecutor got a little too zealous in their wiretap and blows the chain of evidence right at the start.
Now, let's look at what this law does NOT cover from 18USC1030. Let's kick it first with (a)(2) and (a)(3).
Wait a second... You can hack (without the non-judicial wiretap, though you're still fux0red under existing law) BANKS, THE GOVERNMENT, AND ANYTHING ELSE, so long as you're not under (a)(4), (a)(5)(A), (a)(5)(B), or (a)(7) as well.
Even further, under (a)(6), also not covered under the Anti-Cyberterrorism amendment, you can keep trading passwords (without the non-judicial wiretap--again, you're fux0red under current law though).
In all, it's pretty bad, but they could've done worse. If you give ANYONE the legal authority to wiretap without judicial oversight, you're giving a monkey a loaded revolver. In this case, however, the monkey's more likely to shoot itself than it is to shoot you.
ObDisclaimer: I am not a lawyer, but I play one on Slashdot.
The truth about Scientology, Xenu, and you: Operation Clambake
Removing civil liberties to preserve American freedom is like fucking for chastity.
The enemy know where our weaknesses are. They have analized them carefully. Don't let them use political Akido to use our own force against ourselves.
The only way to preserve freedom is to grant it, and defend it.
KFG
CmdrTaco: "Does the govt really think that crypto export restrictions have prevented terrorists from having strong crypto?"
This is such an obvious and sensible objection that it makes me wonder. My guess, and it is only a guess, is that a large part of the U.S. government no longer serves the purpose of democracy. The war may be, not on terrorists, but on the American people. My guess is that it is not conspiracy, but widespread government corruption.
That's the only conclusion that supports all the information. For example, the U.S. CIA trained Osama bin Laden. See the 1998 MSNBC article referenced in the first paragraph of What should be the response to violence? where I've tried to pull together some of the facts.
Whenever there is a problem, there seem to be two situations that go together: 1) The U.S. government intelligence agencies say they did not foresee the problem, and 2) the intelligence agencies had a years-long prior involvement with the person who caused the problem. Osama bin Laden is one example of this.
Another example is General Noriega of Panama who had a working relationship with the U.S. CIA for years before he was accused of drug trafficking. Was the exposure of Noriega caused by his not taking orders? A quick Google search on "Noriega General Panama CIA" gave a link to a chapter in a book by Noam Chomsky, The invasion of Panama. Chomsky's book is called What Uncle Sam Really Wants.
Another link on the first Google page was, The Real Drug Lords, A brief history of CIA involvement in the Drug Trade by William Blum.
Bush's education improvements were
Back when DES was being developed, the NSA helped make it secure-- but under the condition that the key length was reduced from 64 bits to 56 bits (which the NSA at the time probably could crack through brute force if they REALLY had to).
The problem with backdoors is that the terrorists might get access to them too, or enemy nations, etc. Or even criminals. Just think, with these master keys, they could eavesdrop on e-commerce transactions protected with SSL and steal credt card numbers...
LedgerSMB: Open source Accounting/ERP