Slashdot Mirror
FBI Wants to Tap The Net
Majik was among the stream sof people submitting this story about the FBI wanting to
tap the net. Makes carnivore look like a baby monitor since this tracks all packets, and would be placed at key locations on the net.
← Back to Stories (view on slashdot.org)
You know that's what they're after. Hoover left a more lasting legacy than we know...
I'm going to put the words anthrax, get the bomb, allah, and kill them all in every fucking packet. Let's see em sort through 800000 terabytes of crap a day.
Wouldn't this degrade the performance of the Internet in general? Tapping the 'net also has a few more drawbacks. It only examines packets enroute. That would tend to catch people doing legitimate things more than it would catch criminals. Meaning, they could see you sending and receiving traffic from some server that could possibly have illegal things on it (which is what? 90% of servers) and then swoop down and bust you for aiding a criminal or something stupid.
Job? I don't have time to get a job! Who will sit around and bitch about being broke and unemployed then?
I always though the NSA was doing this already. So why worry?
Whoa, this is getting confusing!!! What happens if an FBI agent uses a Windows machine running some packet-catching/sniffing program to "tap the 'Net"? Wouldn't this be a crime since they'd be using a terrorist-harboring operating system (see last Slashdot article) to search for terrorists? Uggghhh...
If you celebrate Xmas, befriend me (538
The next thing you know, they'll want control of all major routers; It's just one more step to bring the Internet under US control. Welp folks, it's time we built our own network...
Wooden armaments to battle your imaginary foes!
They can tap whatever they want. Can they PROVE, based on a few packets, who is sending the information?
Without stronger security/authentication in general, this will be useless for the purposes of stopping actual criminals.
Has anyone told them that the Net is an international affair? It could be argued that the States dictating all and sundry to the rest of the world is what got them into this mess in the first place.
Off by 17 years, no big deal...
It's pretty clear that everyone is going to scream about how horrible this is for privacy. Granted, it will be frightening in its approximation of of Orwell's Big Brother but don't overlook that this will slow internet traffic down considerably. Imagine peeking in on every packet sent! Further, to accomodate this I have a feeling the cost will be passed down to you and I--the taxpaying public. I see farms of servers collecting and storing data, offices filled with high-paid IT staff and IT forensic specialists. So, to recap: bad for privacy, slows down the net, and we'll pay for the privilege of being spied on. I'll have say this isn't in our best interest...
Of course we torture people, we need the information --Gen. Pinochet
And make this unfeasable for real production use.
Breaking 2048 bit DH compression on one packet or transmission is feasible, given time and a (very) powerful computer.
If the FBI were to have to crack even 2-5% of the billions of packets that went through their system, however, it would make this system completely unworkable.
Use PGP or GPG. Sign your messages. Let other people know that you prefer messages sent to you in encrypted formats. Surf and download from sites who use SSL. It's not that hard, and once you get in the habit of encrypting data, you'll feel safer and more secure.
The next Slashdot story will be ready soon, but subscribers can beat the rush and slashdot the links early!
Because having something to hide is not the same as being a criminal. I'm sure you can think of a few things that someone may want to keep private, other than evidence of their involvement in a crime. There are many things besides breaking the law that can get you singled out for harrassment and persecution in this country.
... does IPv6 have built in encryption? (or at least the ability to do encryption at the IP level?)
That could really put a dent in the ability to snoop (they still may crack it, but its going to cost a hell of a lot more processor cycles to do so).
In the 1900's, in the US, alone, off the top of my head, we have people who opposed US entry into "the Great War" being imprisoned for life, people who didn't agree with the conventional wisdom concering communism being imprisoned or hounded, people who J. Edgar Hoover didn't approve of being spied upon, harassed, intimidated, and blackmailed (by the government!), people who Richard Nixon didn't like being targeted by the IRS, people who Richard J. Daley didn't like being spied upon and shot, and so on.
sPh
So what? People have had the ability to listen in on network communications since the dawn of time (well, the dawn of networking, anyway :) If you have to transmit any sensitive or private information, encrypt it! Maybe this will finally get people to get off their asses and start using PGP/GPG like they should anyway.
Can't wait to see how this proposal flies with other nations that might have more strigent privacy laws. We might just end up with a USNet and an Internet (that includes everyone else but us). We're doing a real good job of isolating ourselves from the rest of the world tech community with things like this and things like the DMCA.
Hopefully this is all just talk that will get rationalized out. Then again, we are a nation in fear (don't let the red, white, and blue fool ya), and fearful people don't do rational things. How much further do we have to go before we get a big wake up call in the form of not being the #1 nation technologically?
Electronic Frontier Foundation for online civil rights information
Even if they pick up every single packet sent over the Internet, they would have a very hard time picking up useful content.
There are roughly a billion computers on the Internet, and each one sends out a heavy stream of packets, which contain any number of encryption and steganographic schemes.
To actually stop would-be terrorists from using the internet to transmit thought crime or seditious materials, they would need a very very big computer that filters out various pieces of traffic. No matter how hard you try, this will increase network latency, and piss off the average user.
If a massive, unprovoked attack on our rights to privacy, freedom of expression and thought doesn't stir the people to action, imagine Joe Sixpack when he can't view streaming porn as quickly. He'll be calling his congressman immediately.
"Look at me, I invented the stove!" -- Ben Franklin
Why the fuck does the FBI think this is necessary? What in the name of Eris are they trying to accomplish with this? Who are the assholes at the FBI, the individual men, who think this is a good idea?
When you think about the FBI wanting to tap the entire internet, think about it this way: Would you be okay with the FBI wiretapping EVERY PHONE IN THE COUNTRY without getting a warrant for each one first? Because that's essentially what they are doing.
And they want to CENTRALIZE DATA as well! Yep, nevermind the whole idea of a distributed network (not that the backbone providers give a shit about that anyway), let's just put all the data on one server so that the FBI can easily listen in to every conversation in the country!
What a bunch of fucking bullshit. </rant>
"Destroy science and religion. Science would re-emerge exactly the same; but not religion." - Penn Jillette, paraphrased
Carnivore *IS* a baby monitor. Just be glad there aren't video cameras all over the place like in London, that'll give you the Orwellian feeling you've been craving.
It shouldn't really be that shocking that a device like Carnivor exists, is used, and has analogs in other jurisdictions as well. The Canadian RCMP have something like that. They don't have an equivalent to Echelon, but then again Canadians are passive and wouldn't dream of plotting to overturn our ineffective government. No need to spend money on that, might as well setup more social assistance programs to help "refugees" setup a few more terror cells.
perl -e 'print $i=pack(c5, (41*2), sqrt(7056), (unpack(c,H)-2), oct(115), 10)'
One major problem exposed by this idea is that the Internet will suddenly have a single point of failure (and slowness) where all of the packets have to go through. Do you like your Internet slow and vulnerable?
I would also suggest organizing mock terrorist and organized crime cells. Have fun with the cops by sending logistics data back and forth between friends about assasinations, pipe bombs etc. Don't encrypt these, but make them sound serious. If they want to read our emails, then we should fuck with them.
This kind of stuff is especially serious for activists. Increasingly in Ontario at least, activists are being painted as terrorists. The Ontario Coalition Against Poverty is being labled as a terrorist organization for its campaign to defeat the nasty provincial government. Police powers really scare me, because I organize direct action which could be construed as terrorism by authorities trying to keep dissent in check. The actions that I organize are all nonviolent, nobody ever gets hurt, nothing ever gets damaged, but my rights to dissent actively (ie. more than just letter writing) could quickly disappear in this climate.
Jeremy McNaughton
------ Live simply so that others may simply live.
I don't understand the utility in doing this anymore than the libertarian opposition to it.
I would assume that any self-respecting bad guy will be using good strong encryption to protect any sensitive data. That would make the resulting packets read like garbage until decoded, which would make sifting through the data stream very difficult indeed. So widespread, readily available encryption will make this of little use to the Feds.
And I don't really worry about the threat of 'big brother' watching me any more than I currently worry about crackers getting at my stuff. Afterall, the measures one should take to protect yourself today (using SSH instead of telnet for example), will also protect yourself from being snooped upon by the government. So there's nothing new here.
The big concern is the tax dollars will be wasted by the feds to put this in place.
here at our org already ... let me tell you, you will need A LOT OF STORAGE SPACE to save this stuff off
web traffic alone we see about 500G a day, just from 250k workstations surfing and such.
I think we're looking at 50-500TB per day, but prolly more. time to buy some hard drive stocks.
-- www.globaltics.net
Political discussion for a new world
Ben Franklin
It's a paraphrase of Ben Franklin and the original quote was:
:)
"They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety."
For some reason this quote keeps coming up a lot lately. I wonder why
This sig has been temporarily disconnected or is no longer in service
I highly doubt that the FBI could pull this off. First of all, the budget for something like this would be huge to say the least... Secondly, the FBI doesn't have the engineering staff to support something of this size. Your talking about putting huge clusters at all of the NAPS. Even then they won't get info that doesn't pass through that NAP. What's going to stop terrorists from using a VPN? This sounds like a major waste of money, and a flawed solution...
Um, this is my sig.
It would also break the 'route around damage' paradigm that has served the internet so well.
Not that this already isn't the case, thanks to consolidation by backbone providers, but...
Say that the internet in the US is routed through 20 or so central hubs. I think this is about how many DNS root servers we have, but feel free to correct me. Hitting any one of those hubs with a 'terrorist attack' could knock massive sections of the internet offline.
Who multihomes their website? There are maybe a double handful of ISP's who multihome, and only a very few commercial websites.
Internet consolodation is a very bad thing. Instead, let's get in the habit of using wireless connections.
The next Slashdot story will be ready soon, but subscribers can beat the rush and slashdot the links early!
I know everyone is going to whine and complain... and I'll probably get mod'd down for trolling, but here it goes...
I run a webserver (as a business) and have run shell servers in the past. I don't think ANY of these people who have been on the receiving end of a 2 day DDoS attack. Now, if such a system would be put into place, there would be other advantages than just searching for "key words" in text. It would most likely be a enterprise integrated intrusion detection system used to find and stop DDoS attacks and the such. If these systems could use formulas to determine a DDoS and black hole routes before it can cause thousands of dollars of damage to an ISP, then it would save LOTS of money!
At one provider, I was received a bill of a few grand of bandwidth charges when my shell box was hit with a DDoS for several hours... image what it would cost Yahoo! and such sites in lost revenue.
Also, the FBI isn't interested in your e-mail. Sure, it would allow them to look at it but it's no different than being able to tap your phone now. So what's the difference between tapping your phone and tapping your internet connection? Nothing. There is no difference. They'll need a wire-tapping order to do it, still.. And yes, someone will respond "but they won't need one to do this!" and you're right... they also don't need one to tap your phone, but it's illegal without it. Hence, we would be protected under the same laws as the current wiretapping law.
Stop and look around at who is supporting the FBI: Democrats and Republicans.
An obviously unconstitutional government organization, one that spends so much of our tax dollars but has done relatively little to help us (if at all).
If this isn't a reason to vote Libertarian and only Libertarian, and shut this group down, I don't know what is.
There is no need for an FBI. If a crime extends past state lines, there is nothing preventing the two police agencies from working together to solve it.
After the FBI comes knocking at my door asking me why I always play T.
Somewhere, something incredible is waiting to be known. -- Carl Sagan
It won't be long before they install monitoring systems at KFC and Micky D's so they can find out who's ordering the same fast food as the terrorists did.
"9 Filet-o-Fish sandwichs ordered at Drive-Thru. SWARM!! SWARM!!"
Without the ability to act private and say what we want, the corporate interests controlling the congress will enact more and more bad law, creating a behavioral minefield in our land of freedom.
Does a citizen have a right to hold a private conversation?
Perhaps the FBI can use its packet sniffing capability to identify pockets of resistance to the DMCA. Black helicopter forces can be dispatched to deal with said resistance.
Or, much scarier, they just might pass additional laws that make it illegal to conspire to defeat the DMCA. The packet sniffer will detect your illegal motions, even inside the room.
Distributed collection, perhaps distributed storage and forwarding of data over (possibly) private network. Collectors targeted to IPs under suspicion. All these means is more efficient data intercept orders with the sniffers already deployed. This would cost a helluva lot of money that should be spent on education or given back to the tax payers. Boxes that do this stuff aren't cheap.
Port mirroring or silimar tactics would be used to send copies of data to the collectors. Another big question raised by this is will these collectors be accessibly on public address space? How will they be secured? When (not "will") they become targets for crackers, info-terrorists, and hostile foreign governments?
perl -e 'print $i=pack(c5, (41*2), sqrt(7056), (unpack(c,H)-2), oct(115), 10)'
Why does everyone here get all worked up about the governement watching us if they truely have nothing to hide?
You've got it backwards. The question should be:
Why is the government all worked up about watching us if we're not criminals?
Fascism starts when the efficiency of the government becomes more important than the rights of the people.
Friends, I think we need to ressurect the store-and-forward modem-based network. Otherwise, nothing that we say will ever escape government notice again. Remember that governments change, and sometimes not for the better. Even if you trust our government today, how do you know you will trust it in the future?
Dog is my co-pilot.
Doesn't this seem to imply a radical change to the architecture of the net? How far has the internet gotten away from its original ability to route around damage because there weren't any single locations that all packets had to travel through in order to get to their destinations? Isn't that what the FBI wants to do -- remove that ability to bypass damage so that all packets have to go through a few choice locations they regulate? And doesn't that imply that a very few terrorist acts against these traffic monitors could bring down the entire Internet?
Just curious...
All along, I've been thinking these carvnivore type systems are a total invasion of privacy and that they are un-called for, but after more thought... Are they that bad?
It's definately an invasion of privacy and that sucks, but we should be able to trust the FBI and know that our private information isn't going to get into the wrong hands.
I mean, what NEW information are they going to get on us? Our ISPs already know where we browse the web.
If there were some extreme control that could be put on this sort of project I don't know that I'd be intimidated by it.
For instance, if they had it in place everywhere but were only authorized to use it on a case by case basis after getting a warrant and having good reason, what bad could come from it?
If they catch a bunch of terrorists or a bunch of child molesters and don't interfere with my rights, more power too them.
I guess a lot of the slashdot crowd is worried about "hackers and crackers" being caught.
Well, I guess I'd be a little worried about them going overboard in that area. If they catch crackers, more power to them. Keep them out of my bank account please. However, I can see them abusing this power when it came to situations where people would stand up against the DMCA, etc.
What other real world situations prove that this truly is a bad idea?
The man who trades freedom for security does not deserve nor will he ever receive either. - Benjamin Franklin
Wasn't there an Internet-Draft a few years ago that involved adding surveillance to basic router function, that was shot down loudly by the IETF community?
sulli
RTFJ.
Common sense tells us that unencrypted data is not secure, and encrypted data will attract attention and possibly unauthorized decryption.
What we need to do is establish firm limits as what the gov't can do with the intercepted data. I don't know how such limitations would work, but the events of Sept. 11 make it necessary to accept more government involvement in the Internet than any of us would like. Since 99.999% of us are not terrorists, we need to establish reasonable policies on network monitoring so that the authorities can go after the bad guys without having the FBI turn into the RIAA's counterinsurgency division.
Getting your voices heard isn't going to work as those voices don't hold up big money. Go donate some money to a POLITICAL party so they can advertise and get votes. Even $50 helps reach 2500 people.
It's unthinkable that terrorists would dare to target such a potent symbol of US power and authority.
No... wait... that was before September 11th.
This proposal is vile and ahborent in moral, technical and security terms. Three for three.
If you were blocking sigs, you wouldn't have to read this.
A user in the USA can send mail with crypto, but other ISP traffic (irc, http, nntp, etc) might get ssh tunnelled to your ISP and then end up in the clear in the USA. I suppose it would end up being more private to ssh tunnel to a foreign ISP.
I can totally believe that the FBI would love to do this, given the chance. I just need a little more evidence before I am to go around saying that they *are* doing it.
"The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized"
So, are they going to go into court, and affirm that they need a warrant to tap the communications of 300 million people?
James Madison had reasons for writing this the way he did, and the biggest reason was that under the power of the General Warrant, officers of the crown were abusing their power. So much so, that we had to take down our rifles and overthrow the King.
Now, considering that the FBI still has the name of J. Edgar Hoover on their headquarters, and considering what that closet case did to Martin Luther King, I'm not too happy about giving them unlimited power to eavesdrop on our communications.
If they actually get this, then the damage Bin Laden would have inflicted on us will be far greater than the murders of September 11.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
One thing to think about is that SSL may not be secure for the purpose of stopping this type of wire-tapping.
Normal SSL allows the server to send a hunk of bits to you. If they an get a key signed by one of the CA's that is installed in everyone's browsers, then they can fake you into believing that you are talking to the end customer.
From the end web-sites point of view, they would never know that a man-in-the-middle style attack is in progress, since 99.999% of SSL does not use client side certs.
As for them getting someone to sign their bogus key, a little pressure can go a long way. You might even expect to see the next Microsoft service pack to have a new CA that is a front for the "We are just looking for terrorists and anyone else who is doing something that the current regime does not approve of" folks from the FBI/CIA/NSA/...
Time to start using GPG with long keys to protect anything you really care about, since there YOU are the CA, not the folks that we know we can trust.
In short, SSL does not make it safe to download your k****e p0rn.
Are you paranoid if you know that they just want to know everything you say and do?
Comment removed based on user account deletion
Would you trust both Bill Clinton and Richard Nixon with that kind of power ??
Both of them DID get elected.
"My opinions are my own, and I've got *lots* of them!"
I can just see it now. Start sniffing on an ATM backbone and analyze those packets 48 bytes at a time. You go G-man!
ELINT has its uses but some perspective is needed here.
I don't want knowledge. I want certainty. - Law, David Bowie
Why does everyone here get all worked up about the governement watching us if they truely have nothing to hide?
Because we have something called The Bill of Rights that was designed two centries ago to limit the power of the federal government. See Amendment no. 4. [findlaw.com]
How would you like if if the Police stopped by every day and searched your house without a warrant? You have nothing to hide, right, so what's the worry?
I'll tell you the worry: Where is it going to end? Can they listen to my phone conversations? Make me take a lie detector test? Force me to turn over my PGP keys to some type of gov't clearinghouse?
--
For the book says, "We may be through with the past, but the past ain't through with us."
Scene: Windowless van parked next to the sidewalk under a streetlamp. Two slightly overweight first-year FBI agents sit in the van splitting a box of Crunch-n-Munch. The air smells like two slightly overweight first-year FBI agents eating Crunch-n-Munch.
Agent 1:"Turn on your monitor. The sniffer is receiving something."
Agent 2 wipes the crumbs off his hands against the leg of his jeans and flicks the switch on his flatscreen.
Agent 2:"It's coming in. It says: 'ALL...YOUR...BASE...ARE...BELONG...TO...US...' What the fuck does that mean?"
Agent 1:"I don't know, but add it to the MOVE ZIG and FOR GREAT JUSTICE files. I think we're onto something.
Meanwhile, down the street, a ten-year-old geek chortles and crawls under the covers.
Why do users with IDs under 100,000 or over 700,000 usually have the most worthwhile comments?
When you take a position in an elected, appointed, or law enforcement position with the government, you make a sworn oath to uphold and protect the Constitution.
The FBI agents and elected officials supporting them who are planning on implementing this overt violation of the IV Amendment of the Constitution either:
a. Didn't understand the oath they took. Which makes them very stupid, and are therefore unfit for their position.
or
b. Are knowingly violating their oath. Which makes the dishonest, and are therefore unfit for their position.
I leave it to you to decide which one applies.
-- Will program for bandwidth
After a while, these people will be rounded up and questioned, intimidated and possible detained. And if the current set of laws that just passed gets any worse, then you might even get jailed without due process, and incarcerated for life based on these information retrieval practices. Sound ominous so far? It should. This stuff is right in line with Nazi Germany too. Lets just hope they don't start lining us all up and shooting us because we are "terrorists, hackers, druggies", etc. Never forget that it was Orrin Hatch who called for the Death Penalty for anyone caught using drugs.
www.enthea.org
Damn, where are my MOD points when I need them?
"Study your math, kids. Key to the universe." -The Archangel Gabriel
It really is. I'm not joking.
Law enforcement can now 'dictate' to data communication providers what types of functions their service MUST incoproate, in order to comply with the needs of law enforcement.
How does this NOT equate to the government telling you how to run your business?
IANAL, but this one won't hold up in court for a number of reasons, mostly it's a violation against the 4th Amendment -illegal search and seizure of private property.
The feds cannot tell an ISP how and where to route it's traffic. That's an illegal seizure. Never mind the privacy violations.
I can see (but not agre with) the government getting a court order to tap someone's e-mail, web traffic, etc,. but that's an entirely different matter. It's not hijacking every citizens private communications. But a blatant spying on our citizens is a no no and has been shot down by the Congres and Supreme Court many times. It won't happen.
--- RFC 1149 Compliant.
How is it different? It's extremely different! In case you didn't know, the FBI still needs a court to approve phone tapping, and it's only supposed to be done when there is reasonable suspicion that you're involved in serious crime.
The phone eqivalent of this proposal would be that the FBI taped every phone call ever made. It's like being in permanent arrest. Everything you say can be used against you, or anyone you may talk about.
And while it may save some people thousands, it will cost billions to do so, so it's probbaly not that great from that angle either.
Conclusion obvious: Because it's plainly obvious that this will not locate terrorists, the logical conclusion is that finding terrorists is not why they want to implement this.
It works on immature crackers, so why not apply it to the FBI as well?
There's no real way to catalogue every packet on the internet this without some sort of computerized searching technology. They may even call it 'AI', but what it will boil down to is an application looks for suspicious strings to flag for human eyes.
Therefore, it would be very possible to fool and overtax any kind of system like this by building a new kind of honeypot-style server.
Some Ideas:
Have this server connect to different IRC nodes bot style and create suspicious sounding chanels like '#BombUSA' or something similiar. Have it talk to itself Eliza style through IRC, but with terrorist keywords like 'Anthrax', 'Jihad', 'Hijack', etc... You could also substitute keywords for other kinds of illegal activity. Drugs, Pr0n, and other illegal/questionable vices all have keywords which would raise any LEO's eyebrows.
If two servers happen to meet on a chanel like this, they can exchange POP email addresses and start sending smtp packets to eachother with the same kind of information. Maybe throw in a few uuencoded attachments of the Osama and Bert poster.
One last thing. Have each server that does this engage in plaintext dialogue 4/5ths fo the time, and then, psuedo-random bitstreams the rest to simulate encryption. If/when they do try to crack those streams, it will use up their resources so that they can't as effectively be used against individuals who do have valid reasons to use crypto.
The next Slashdot story will be ready soon, but subscribers can beat the rush and slashdot the links early!
- by default apache should use https instead of http
- fork the email protocol so it *only* uses PGP/GPG and retrieves the public key of the recipient
- telnetd and ftpd should be removed from all open source distros
Perhaps LUG's could even offer certificate signing. I really would like to have an parallel email protocol that only allowed signed and encrypted emails.From www.thefreeworld.net:
"I'm a US citizen, but why would I care?
The DMCA is only enforced against criminals, right?
First they came for the Communists,
and I didn't speak up,
because I wasn't a Communist.
Then they came for the Jews,
and I didn't speak up,
because I wasn't a Jew.
Then they came for the Catholics,
and I didn't speak up,
because I was a Protestant.
Then they came for me,
and by that time there was no one
left to speak up for me.
by Rev. Martin Niemoller, 1945"
That is a bit from Rev. Martin Niemoller, a european Reverend who suffered under the Nazi oppression. Ever see a cartoon where a snowball rolling downhill gets bigger and bigger? The same thing happens when the government starts going after freedom. It has happened time and time again throughout history. It led to the horrible conditions of feudal Europe, where government progressed from:
Everyone own land, and elects some people to protect it and them.
Some people own land, and they chose who protected it and them.
One person owned the land, and decided to how to protect everyone on it.
One person owned the land, and everyone who lived on it.
Another example to look at would be african slavery. At first the tribes of Africa enslaved their wartime enemies, treating them like members of the tribe, but with no freedom to leave or choose work. It progressed to slaves being possessions. Eventually slaves could even be sold. After a while the Africans were selling each other to the people colonizing America and the Carribean, where the slaves were regularly raped, tortured and murdered.
What it all boils down to is simple: Never trust your leaders. The best way to keep America free is to remind our leaders that they are public servants, and to do so by whatever non-violent and constitional means are necessary. Bitching about it in online forums is doing little good.
What we need to do is establish firm limits as what the gov't can do with the intercepted data.
We've done better than that, we've established firm limits on how and when the government can "intercept" data in the first place.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
I use SSL Apache to secure our troubleticket system in a public school environment. I didn't give a hang about proving I'm a trustworthy vendor. I just didn't want the kiddies sniffing my building techs and screwing up my database. I just generated a certificate. Sure the browsers put up a big scary message about the "untrustworthy" key but that is okay. I'm not collecting credit cards from my building techs, I'm just locking other parties out of some work-related http usage. The SSL version of Webmin also comes with an unsigned certificate.
In short, unsigned SSL certs are a great way to secure http communications where money is not involved. Let's get cracking throwing that little 's' in front of http. That should give those gubmint creepazoids something to play with.
"AMERICAN investigators are considering resorting to harsher interrogation techniques, including torture, after facing a wall of silence..."
The Times is one of the most respected, conservative papers in the UK. The FBI really are considering this abomination. Even Robert Blitzer, a former head of the FBI's counter-terrorism section, has criticized this in public!
Events such as Sept. 11 seem to bring to the forefront agendas which serve to transfer oversight, control, rights and responsibilities to an evermore intrusive central government. With only good intentions of course, but it's worth noting that the proposals come from the proposed recipients.
a tu re.html/page1.html
The fact is, our government had the infamous Mr. Atta in its grasp earlier this year and broke our own existing laws to give him a free pass. See the URL below if you want more info.
http://www.newtimesbpb.com/issues/2001-10-18/fe
Granted that these people had good intentions, too, but the transfer of rights and responsibilities to govenment isn't just words. It results in actions taken by people no more prescient than you or me, but with consequences on a much grander scale.
We all probably agree with the principle that choices should be made at the lowest level possible in a business organization, so why not apply that same wisdom to our country and society at large?
Speaking of business, I wonder if the business forces at work trying to transfer intelligence from the nodes of the net to a more centralized architecture like the FBI proposal?
Reports of my deaf have been greatly exaggerated.
This thing is going to track what?
I give it a week before the packets flood the data storage and crash the spying hardware.
I give it a day before it starts loosing data to keep up.
I give it an hour before someone figures how to bypass it
I give it 15 seconds before somebody finds a way to trigger a national alert that there are terrorists at a former employers location.
I give it a month before Microsoft realises the Windows in testing is crashing due to packet moddifications by FBI due to a minnor defect in FBI software. Blame the FBI Os.. retract when they discover it's Win 2K.. and clame the problem is still there when the FBI fixes it by switching to BSD... (Thought I was gona say Linux didn't ya?)
I don't actually exist.
I can imagine some fairly interesting possibilities though:
If the various three letter agencies actually attempted to log or filter all packet information they would have simply too much information to do any good with it. The information they would have would be less than insteresting though. All true terrorist communications would be encypted, encoded or hidden in such a way as to be missed by filters. The only thing left would be gigs of usenet and slashdot postings ranting about our government's pathetic attempts to catch terrorists (come on guys, there are much better ways that don't require so much time, money and invasion of liberty).
Microsoft will start to charge licensing fees for thier implementation of VPN, which will suddenly come into much wider use. I cannot imagine the FBI or NSA making much headway in filtering data from tunneled communications.
Stupid criminals who have not figured out how to use PGP and other privacy tools will be weeded out leaving a population of smarter super criminals to rule the net.
Seriously, this proposed tool could provide a serious threat to the privacy of all netizens, but it is not the ultimate threat. We need to worry much more about the possibility of our government becoming so fed up with thier own inaptitude that they outlaw encryption and anonymity. That would be a true disaster.
Systems like this have obvious value: they can be used to fight terrorism. They also have uses that most Slashdot users fear: tapping private communications between users that don't present any real danger to national security, and using that information against those users.
When would they do this? What if myself and several friends were to make a plan to engage in questionable, though not necessarly illegal, behavior, for instance, Critical mass? The FBI could use our plans to stop us even before we begin riding.
David Brin suggests, in The Transparent Society, that surviellence mechanisms such as this are on the rise, and our best hope of retaining our freedom is to "watch the watchers". We need to the ability to monitor what the FBI is monitoring. Granted, in cases like this, that would be difficult to do without making private communications public. But if we are to accept these intrusions (which, hopefully, we won't), we need a way to keep the monitoring agencies in check.
Comment removed based on user account deletion
That's a clever idea. Won't it require PKI though? (You can't pre-share a secret with someone you don't know.)
sulli
RTFJ.
of the Internet Architecture Board on enabling wiretapping
RFC2804
So now we have the group that defines internet standards saying that requirements to implement wiretapping should not be included in protocol design discussions. That does not mean that the FBI couldn't put a BIG HONKING device in a couple of places on the internet and globally adjust all routing tables so that packets went to it... but then there is something about too much information hidding the data
From what I'd heard reported in Wired Magazine and other places, this had already been accomplished, mere weeks after the 9/11 attack.
Legally, they may even have a leg to stand on; they can argue that people using email or browsing the web have no "expectation of privacy", and they'd be right. Any one of a score of ISPs or individuals could be monitoring your email or browsing habits right now, and most people shrug it off.
Further, if you rely on a court's ruling that people aren't allowed to spy on your messages or browser use, you're even more of a fool. Even if you aren't concerned about the police using the information and then simply never revealing it as evidence, what about nerfarious individuals monitoring you for purposes of identity theft or fraud?
There's only one real solution, and that's cryptography. Routine, casual public-key encryption on internet transactions. We have the megaflops to do it now; all we need are the protocols.
Not only do they want to scan everything, all the time, regardless of just cause, they intend to physically restructure the internet to make it more convenient for them to do so. This is startling, as it would seem to represent an active rather than passive approach to intelligence gathering. AFAIK, it usually involves adopting strategies which adapt to monitor the subject matter; this represents altering the way we live to make it more convenient to monitor, at great expense and a loss of functionality. With a line of thought such as this, we won't be able to institute new protocols and innovations as they arise, on the grounds that they would be "security concerns" or somesuch nonsense because they wouldn't be easy to keep tabs on. Pffft.
/. story about whether the ban on taxing the 'net would be reinstated or not. Hey, go for it! While we're at it, we can tax Europe outright. Or what about Neptune? A place that size must represent awesome amounts of untapped tax potential. We'd be silly not to!
Secondly, the notion of tapping the entire internet, aside from the massive outlay of resources that would entail (which is a whole nother thread entirely) is simply ludicrous. The internet is by definition global; the internet traffic of Swiss citizens (for example) is none of the FBI's concern (or shouldn't be, at any rate). You want to talk about a lack of jurisdiction? This all-encompassing, manifest destiny approach is reminiscent of the recent
Seriously, the more I think about this the less it disturbs me. I find it unlikely that the other countries would volunteer to reengineer their networks to assist the U.S.'s FBI in monitoring their traffic. What bothers me is why, presumably knowing this, they're funding a project like this anyway. Perhaps they're just looking to bottleneck the U.S. traffic, in which case we'd be known as Lag Central to the rest of the world. Yup, that'll certainly help e-commerce. ("Oh, don't shop there, they're U.S.-based. Their pages always take forever to load.") I shudder to think what happens when the FBI's systems suffer occasional downtime; do they halt the country's traffic until they can get them up and running again? They'd have to. To do otherwise would be a security risk, and we can't have that.
Have any of you people ever stopped to reason exactly what you're saying here?
When the tragic events of 11th September occurred, the finger was squarely pointed at the US intelligence services for failing to prevent the horror. It is now five weeks since that horrible day, and the stereotypical slashdot paranoia/anarchy has raised its ugly head once more.
How can you expect your intelligence agencies to do their jobs if you limit their powers over the tools of the terrorists? Sure, you may argue that any good terrorist would use crypto, but what about the one that doesn't (or forgets to)? Could that single interception save a life? Plus, they already intercept landlines, cellular, fax, telex and pager messages. Radio and satellite TV is picked apart for subliminal propaganda. Mail is opened and then re-sealed perfectly. For all of you who harp on about Echelon and how it invades your privacy - Apply for a job with ??? agency and go and see the truth. You'll be surprised at just how wrong you are!
If the installation of a few "privacy invaders" such as carnivore (etc etc) can save even ONE life, surely it is worth it? Would you stop someone listen to some random phone call to your gas board or would you rather see your next door neighbour's kids climb into a black limosine to trail behind a hearse because their mum/dad was killed in the latest bombing/crash/bio-attack?
This message will be modded as a troll or flamebait, but then again, isn't everything that doesn't subscribe to the "I use Linux and I'm a victim of persecution by the government" school of thought. I'm prepared to accept that there are valid issues in the protection of privacy, but none that can justify the loss of even one single life.
`
Use IPsec for security, maybe over an L2TP tunnel if NATs are involved. Then they can only map connections on the IP layer...
LedgerSMB: Open source Accounting/ERP
I am reminded of the NSA's escapade with taping the single fiberoptic line under the atlantic (one line tapped, of several in place). The flood of information was too much for them to do ANYTHING with.
For the FBI to pull this off, they would certainly need quantum computers... And what of speling myst-aches? This requires more computing power... Even Caeser cyphers become effective means of defeating these because of computational limits...
LedgerSMB: Open source Accounting/ERP
all they have to do is ask al gore he invented it anyways....
This must be Thursday, I never could get the hang of Thursdays.
and tapping the net will help stop snail mail virus contamination how ??
Win this thing ?? the War on Terrorism is as futile as the War on Drugs. 50 Billion later and things are THE SAME, only the DEA and the drug problem have gotten larger.
Lets attack the situation in a rational manner, what drives a normal human to sacrifice his or her life in a destructive manner, hate or love ??? There must be a HUGE volume of hate out there. Why ?!
We as American need to ensure that we know what our 'Illustrious' government is doing in our names, I think many people would be sickened by the things the US government has done in the name of FREEDOM. That said, GOD DAMN the individuals responsible for the WTC bombing.
errr....umm...*whooosh* *whoosh* Is this thing on ?
the simple threat of a bomb or assassination of a public official is a crime, and it matters not whether you think you were serious or not, if they do you ARE GUILTY and deserve punishment.
I have to agree with everything ELSE you've said though...I regularly encrypt my email and I use an Echelon Friendly signature, which is DIFFERENT from fake threats but seeks the same end.
errr....umm...*whooosh* *whoosh* Is this thing on ?
My executive knowledge is a bit spotty (I have historically been a fairly lazy voter. No more!) but isn't this exactyly what "write in's" are all about? I know that it is highly unlikely that enough people will all write the same name in, but I also fear that it is equally unlikely that people would bother to spend the time to vote just to say "They all suck."
That's just my impression of my fellow man. I personally like the idea.
I'm not sure whether to mod this +5, Funny or -50, Complete Fucking Moron. Can someone help me decide?
-Ryan, with the unoriginal sig
I was under the impression that one of the benefits of using IDEA (or the other PGP/GPG ciphers) over, say, XOR, is that hostile intercept of multiple encrypted messages (even with plaintext provided!) does not ease cryptanalysis. If they have one encrypted message of yours, they can try brute forcing a 128-bit keyspace to break it (or try brute forcing a 2048-bit keyspace of primes to get your public key). If they have 1000 encrypted messages of yours, well, they still have to do the same (universe-exhausting) brute force attack.
All you need to do is run the numbers really. ASCI White runs about 12 TFLOPS and is the single most powerful computer you're going to find anywhere. This is pretty powerful by most standards but given a single POWER3 chip can probably do about a million and a half DES keys per second and ASCI White's got eight thousand or so processors, do a quick computation to figure out how long it would take it to go through 2^4096 keys. Even if you had an ASCI White sized system with a custom ASIC that could crank through a key in five cycles it would still take a long ass time to find the key for a big DH cypher. Now lets say you run some cyphertext through more than once you end up really fucking somebody who wants to read your stuff. The FBI and NSA may have really powerful computers locked in some basement somewhere but they aren't so super duper that you can't keep them boggled for a while.
I'm a loner Dottie, a Rebel.
> But how hard would it be to crack a 4096 DH/DSS key
A 4096 bit DSA key probably isn't any harder than a 2048 bit one, the maximum the DSS allows, so long as you use SHA-1 as the base (and so a 160-bit prime).
And no, it's not a trivial crack for any system, unless the NSA have some serious mathematical advances we don't know about - brute force with known methods isn't enough.
rant
The excuse of looking for terrorists was a lie - so they dropped it.
Nobody could explain how using carnivore, or putting in backdoors will stop terrorists communicating by other means e.g. personal courier and steganography.
Government say about surveillance - "you've nothing to fear - if you are not breaking the law"
This argument is made to pressure people into acquiesce - else appear guilty of hiding something.
It does not address the real reason, why they want this information - they want a surveillance society.
They wish to invade your basic human right to privacy.
This is like having somebody watching everything you do - all your thoughts, hopes and fears will be open to them.
All your finances for them to scrutinize - heaven help you if you cannot account for every cent when they check on your taxes.
Do not believe the lies of Government - even more money spent on Carnivore will not protect you from terrorists.
Incidentally, the United States Department of Commerce and the United Nations World Intellectual Property Organization know the solution to domain name and trademark problems.
You will find it at WIPO.org.uk.
When the government fears the people there is freedom, when the people fear the government there is tyrrany.
Which of these two scenarios do you think the FBI would rather see?
I fear the FBI far more than I fear terrorists, the Mafia, drug smugglers, kiddie pron traders, bank robbers, or any other group or entity the bureau uses to justify its existence.
What gets me is when I hear of members of congress justifying the passage of bills that undermine our rights on the basis that it is what the FBI wants. Last time I checked our representatives were supposed to be there to represent US, not the FBI. What the FBI wants or doesn't want is irrelevant when it goes against what we the people want. I can't think of anyone who wants the government peeking in our windows and looking over our shoulder out of fear that we might be some kind of criminal. There are people of course who are easily fooled into wanting just that because it is sold to them as a means of making the country safer. Crime is the favorite boogeyman of those who would enslave us. Fear of crime combined with the propaganda that the state can protect you better than you can yourself is what leads to things like this, along with attacks on the second amendment. It has long been said that those who would trade freedom for safety will have neither, and this is a very true statement. You want protection from criminals? Get a gun and learn to use it. In every state where legislation was passed making it easy to get a concealed carry permit the violent crime rate dropped significantly. Don't believe me, look up the stats yourself. Compare that to places like New York and Washington DC where it is for all practical purposes illegal to own a gun.
The FBI needs to be taken into hand and taught that it will not conduct a private war on the rights and freedoms of the american people. The best way I can think of to do this is cut its funding to the bone. If they don't have much in the way of funding, then they won't have the ability to be the wolf at the door.
Lee
P.S. For all you "liberals" out there I am not in fact a Republican. I'm proud to be a Libertarian.
Muslim community leaders warn of backlash from tomorrow morning's terrorist attack.
Detainee: But i didn't do anything wrong.
FBI Agent: Acording to the data from our tracking systems, your toilet paper consumption rates, the number of gardening books you buy per year and the number of bad jokes about CmdrTaco that you post on Slashdot per week match those in our profile for "Higly Dangerous - Possible Megalomaniac Persons". To prevent any crimes from your part we are hereby detaining you for psychiatric treatment.
It's not necessary to "imagine" government agencies with all the power they want; we've seen the results in reality again and again (and again and again and again and again).
Personal responsibility is a more promising approach.
/. If the government wants us to respect the law, it should set a better example.
Whew, I feel better already.
Get real here. The problem is that the federal government does NOT have the right to search people without due cause, process, and describing exactly what is to be searched. Read the fourth amendment.
I personally want to be able to view look at a politicial site and not be profiled by my government. I want to buy stuff on Amazon.com and not have the government look at it. I want to be able to use email to talk to my wife, my lawyer, my pastor, and my doctor without worrying that my messages are going to be searched, scrunitized, and read by people who don't have a time to get a warrent.
Being searched automatically, without notice or due cause, and having no private communications just sucks. Yes, it's going to cause problems, and yes people will die because of them. How can we though, in good concense take away the freedoms that so many others have died to protect?
And yes, privacy, AKA, the right to be left alone, is one of those rights. So is not being searched without cause and process. Lets talk about how what the government is doing is completly illegal, immoral, and just plain criminal. Unless of course, criticizing our government and asking questions of our leaders is a 'terrorist act'.
Pakistan harbors terrorists that strike against the Indian part of Kashmir. Ireland harbours the IRA. USA harbors abortion-clinic-bombers.
Without hipocracy and consistency, the real world would probably grind to a halt..
Stop the brainwash
A dedicated terrorist will use encryption. Duh. So what's the use in sniffing all our legal, unencrypted packets? It will NOT catch any terrorists.
This is yet another example of the feds trying to heartlessly profit from the ongoing tradegy. Just say no, folks! (Or start using https, ssh and ssl whenever possible)
Stop the brainwash
I am simply amazed at all the people that are so concerned about what length's the government will goto to "invade their privacy". Give it a rest. Ask the 5000 people at the WTC if they would have minded if the FBI had their power expanded in order to prevent the 9-11 things from happening.
Exactly how would expanding the FBI's power have done anything to stop these attacks? Intelligence on the people concerned already existed, but wasn't used, it would have been even less likly to have done any good burried in a mountain of trivia.
Write in's for candidates are only counted if the candidate written in is a government approved candidate. Nobody knows how many votes Pat Paulsen got. They weren't counted.
I think we've pushed this "anyone can grow up to be president" thing too far.
They just want the O.K. so if they get caught they won't get in any trouble. Hell they would probably keep it quiet anyway, so who knows why they want it legal, it's not like it matters. A little OT here, but this is pissing me off. After they attacks in NYC they have tried to limit (or just take away) our freedoms to keep other people from dying. I would like to think that our country is so great compared to some of those little dinky terrorists countries that we wouldn't have to do such things.
--------------------------------------
58.0% slashdot corrupt