Oasis Forms "Lawful Intercept" XML Committee

An anonymous reader writes "Oasis has announced the formation of the Lawful Intercept XML Technical Committee. The announcement refers to it as a "universal global framework for supporting rapid discovery and sharing of suspected criminal and terrorist evidence by law enforcement agencies." It's not really clear if this is supposed to aid in information exchange about suspicious activities/individuals, or 'intercepting' in the sense of eavesdropping, or what exactly."

And don't forget

There current album, "Standing on the Shoulder of Giants" is out stores now.

Re:And don't forget

[pommiekiwifruit]

They make tasty soft drinks as well.

Gallagher Brothers

[TheVidiot]

I had no idea Liam and Noel were XML literate. THAT'S why you can't understand Noel... he hasn't released his DTD.

Re:Gallagher Brothers

[perky]

THAT'S why you can't understand Noel... he hasn't released his DTD.
nah. It's 'cos he's a scabby manc.

Re:Gallagher Brothers

You have trouble understanding Noel? You've never listened to Radiohead before, have you?

Re:Gallagher Brothers

[billburroughs]

Oh, I just thought it was because he was really stupid.

What does this mean?

[Big+Mark]

Lawful Intercept XML Technical Committee.

Aha! Your use of non-valid XML is in breach of the DMCA! Your entire possessions are to be seized and you will be shipped off to Guatameno Bay!

-Mark

Re:What does this mean?

[Kragg]

Because mayyyybeeeeee I don't really wanna clooose,
My opening taaaaags,
Cos my tag contents are null.

Maybe I parse on the fly,
The DOM overhead's too high,
Maybe I can't interleave,
Elements with Xerces 3,

My document is gonna live foreeeevvvvaaaaa...

Re:What does this mean?

[EpsCylonB]

You didn't use the word "fookin" or the phrase "mad fer it", othewrwise I would of modded you up.

ISP and Phone Logs...

[terrencefw]

...is what this is all about. Packaging ISP and cellphone data up into a nice easily-datamined format for law enforcers. Just what your average man in the street wants done with his data.

Re:ISP and Phone Logs...

[jodonoghue]

Indeed so. While 'uncool', lawful interception tends to be a prerequisite to deploying many types of technology - for example the GSM mobile system has had a detailed specification for what information can be intercepted, and how this must be achieved, for many years (you can start from GSM 01.33 specification and work your way out...)

This type of technology can, self-evidently, generate vast quantities of data, and each network equipment vendor currently generates in a different format. It's simply a way to ensure that data which would have been logged anyway is provided to law enforcement agencies in a standardised way.

Probably true to argue that this will be used for ISP logs etc. but the key point is this: "lawful interception". In the UK, and doubtless most of the 'Western' world, this requires a court order, but in these 'terrorist' domainated days, the criteria which are sufficient to get such an order are becoming ever less stringent "...well, he was a commie as a student, and anyone with a beard like that must be an international terrorist, your honour..."

The job of the concerned citizen is not to fight the enabling technology, but to ensure, through the democratic process, lobbying and protest as required, that the use by government agencies of these technologies stays within reasonable (whatever that means) grounds.

Re:ISP and Phone Logs...

"Oasis has announced the formation of the Lawful Intercept XML Technical Committee. The announcement refers to it as a "universal global framework for supporting rapid discovery and sharing of suspected criminal and terrorist evidence by law enforcement agencies." It's not really clear if this is supposed to aid in information exchange about suspicious activities/individuals, or 'intercepting' in the sense of eavesdropping, or what exactly."

"First they came for the Jews
and I did not speak out
because I was not a Jew.
Then they came for the Communists
and I did not speak out
because I was not a Communist.
Then they came for the trade unionists
and I did not speak out
because I was not a trade unionist.
Then they came for me
and there was no one left
to speak out for me."
- Pastor Martin Niemöller

"The smallest minority on earth is the individual. Those who deny individual rights cannot claim to be defenders of minorities."
- Ayn Rand

Re:ISP and Phone Logs...

[HiThere]

It seems that I've heard of several cases where no court order was obtained. The ISP was merely "requested" to cooperate. Well, it wasn't THEIR data. So they forked it over without compulsion, compunction, notification, or reason demanded.

Now they weren't legally obligated to do this. They could have held out for a warrant. But why should they? So they didn't.

Now one doesn't know how often this happens, as one only hears about it when:
1) It's used in court records
2) It's a slow news day, and
3) Some reporter happens to think it might make a story.

Of course, item 3 makes the whole argument dubious. (I've been at events that were later reported. ... Any similarity between what I saw and what was reported falls within 1 standard deviation of chance. [OK, so I exaggerate. But not that much.]) Still...

I'm sure that most police do the best job they can for the good of the community. Nearly all of the time. And that it's quite dangerous. Spies and wiretappers aren't "most police". And frequently neither are those setting the priorities or legal interpretations. And in most organizations the folk that rise to the top tend to be those that are most interested in rising to the top, not those most interested in doing a good job.

But you're right. There tends to be a requirement to provide a kind of quid-pro-quo to get a favor out of the government. Like approval for a new service. This doesn't mean that it's in the best interest of the citizenry, or even of the government, but the people who run approval processes display their status by exercising control. And this has to look at least halfway reasonable (if only so they aren't ashamed of themselves). And controllers love new fields to be controlled. So I can easily see why they would insist on "lawful intercept". (I might be dubious about it's constitutionality, but I doubt that the courts would be...I'm conservative in that way.)

As to how this will be used...
Cell phones are required to carry GSM transponders. I don't know whether they are live if the power is switched off (I suspect they aren't, as my battery lasts a long time). But this kind of standard format allows real-time tracking of what is already a large fragment of the population, and will probably soon expand to nearly everyone. And if batteries improve, then they'll probably adopt an "always on" approach rather like the latest desktop computers, where the power switch doesn't actually turn the thing off.

"Fight enabling technology"? That's not precisely the problem. We currently have the potential for more technologies than we can imagine. We select which ones we develop. By our choices, we are determining a part of the texture of the future that we will encounter. (And, yes, I do find this one quite dubious.)

Re:ISP and Phone Logs...

[jodonoghue]

A thought provoking and intelligent post, which I'd moderate up if I wasn't already a contributor in the thread. Think you've misunderstood how cellular phones operate somewhat, however. No mobile phone carries a 'transponder' as such, but a mobile phone needs to have some means of telling the network where it is, so that the network knows where to look if there is a call for the mobile.

This is normally done by having the mobile 'tell' the network when it moves from the coverage of one cell to another (in GSM it's called Location Update - see 24.008 specification (www.3gpp.org) for gruesome details. UMTS works similarly, CDMA2000 doubtless a little different, but the principle will be the same).

The consequence is that the network will have a log of which cell you are in at any given time that your phone is turned on. Now, this doesn't accurately locate you (although in many cities, where cell sizes are 300 meters, it could be pretty close), which could establish a pattern of behaviour (or invalidate a false alibi, for example). Forthcoming US legislation (E911, IIRC) requires closer location fixes ( 100 meters) to be possible in the US, and this will inevitably be deployed everywhere as it allows for many useful services (think "give me directions to the nearest bar/restaurant/train station etc"). Point is that your phone already does this, has for many years, and there's no need for an 'always on' connection to allow for this.

As it happens, I have absolutely nothing against the use of these technologies - indeed, I've even been involved with their design. I *do* think it's important to ensure that the authorities use them according to the law. Of course they normally will, because a conviction could be impossible if the evidence was gathered illegally, but you've correctly pointed out how this can be abused at times.

My point is really that concerned citizens of any nation should scruitinize the actions of their governments and ensure that they remain within what the majority find acceptable, and ensure that firm action is taken against those responsible when the accepted legal boundaries are overstepped.

Unfortunately, at this time, governments all over the world are using the current 'security' crisis as a means to extend the extent to which our actions are monitored. This may well be necessary, but an informed and intelligent is required about the balance between the need to protect citizens and the right to reasonable privacy when you are going about your lawful business.

In my opinion, at least here in the UK, we had that balance about right 5 years ago, and are moving somewhat in the wrong direction. If the majority feel I'm wrong, and after due consideration, that's fine with me.

Re:ISP and Phone Logs...

[pod]

The job of the concerned citizen is not to fight the enabling technology...

WTF is 'enabling technology'? All tech is enabling. It's enabling someone to do something they couldn't before. Whether it's enabling me to make mp3s, or enabling someone my ability to do so.

Re:ISP and Phone Logs...

ahem! global is a sneaky way of saying "world". so why do we need a "world" law enforcment? people you are seeing the building of what will become a "world government" first you need the ability to filter (spy) on public dissent and be able to locate the source to capture the trerrorist (patriots). with data mininig around the world it just makes thier job easier. yes i know it sounds lame, but do you think "they" are gonna tell you in order to provide security to the world we need a "world government" to do this.
thier is no way your gonna hear about world government because the means to control (wich is happening now) are not fully in place to bring it about. the time and the people are not ready (dupped) to go along with it. so it`s prermature and public outcry would be more adverse against them around the world.
i challenge everyone here to help so we wont have some type of "world" government, control, global police, call it whatever you want but it`s going to happen unless we do something. so people the only thing I can think of is every person in every country speak out NOW!! and demand that your government sign a document by every nation declaring that under no circumstance by eaither famine, naturl disaster, eco system (including plant and animal life), civil unrest, economy, an act of war, a body of government, or a single person SHALL NOT create any form or type of control or appearance that could be used for world government. also, that ALL people and nations will remain FREE from the threat and power of "Global Tireany". in order to pervent the creation of a form of "World Government" every person from every part of the earth are granted the right to protest, arm and defend agaist the creation of any such formation of a world government!

well you get the point maybe someone could say it better....

XML easedropping

At first I thought this had to do something with Microsoft's new ISA server's ability to "firewall" XML content...ah, the idea of a server that can spy on service content....hmm, didnt we already have echelon for this??

Terrorist using XML?

[godIsaDJ]

So now terrorists are supposed to use valid XML (with respect to the approved Bin Laden DTD) to arrange bombings and the such. This is a natural step forward since XML is easier to parse and to detect by law enforcement agencies... This IS a joke, right?

Re:Terrorist using XML?

That'd be SemteXML then, or OsaML, or um... yeah, gotta be a joke...

Re:Terrorist using XML?

[skillet-thief]

Do you think Bin Laden would be tree or event?

Re:Terrorist using XML?

Bin Laden doesn't use a DTD, because he's such a Schemer...

Sorry, had to do it.

Re:Terrorist using XML?

It's all part of the grand plan to clamp down the net on the pretext of the war on terrorism.

There is ABSOLUTELY NO EVIDENCE that any major terrorist organization has ever coordinated attacks using the net or attack national computer infrastructure. If anything, Bin Laden has foiled the US intelligence gathering apparatus by using couriers to deliver messages. No phones, no e-mail, just a man with the message memorized in his head.

Yet, control freaks like Rumsfeld are constantly pushing for "cyberlegislation" and "cyberwar" as a response to "cyberthreats" that the terrorists supposedly pose.

Re:Terrorist using XML?

[Masik]

I won't be wander if terrorist organizations have their own net, and I'm sure that they have the best computers, the best and the most modern software. I think that "a man with the message memorized in his head" was just a warning for all people. Becouse not an everybody, especially in our country, has an access to Internet, but everybody can wait for a man like that.

Hey kids!

[Nemus]

Come on everybody, grab your Buzzword Bingo cards, and lets play the game!

On the other hand, for those of you, like me, who have just woken up, a translation is provided below:

[translation]"We're gonna, um, do some security stuff, because, uh, security is cool, and uh, terrorism, is like, bad. We don't know what we're going to do yet, though. Or how. Or why. But, ummm......dude this is some good shit *sniiiiiiiifffffff*"[/translation]

Sorry for the sarcasm, but any press release that takes up three pages, and could be summarised into thirty words, deserves to be mocked shamlessly. Mod me down, it needed to be said!!

Re:Hey kids!

[Hellkitten]

Real translation:

Telecoms, ISP-s etc in some countries are required by law to intercept data when the police asks them to (with a warrant). Since the police isn't that bright we'll make a standard format to provide this information in to make it easier for them

Re:Hey kids!

[David+Gerard]

tcpdump or sniff and hand them a tape ;-)

Re:Hey kids!

[EvilAlien]

Except that the law enforcement (or other) agencies are responsible for interpreting the intercepted data. These types of investigations don't typically involve Random Joe Patrol Cop, so there is no reason, legal or otherwise, for service providers to go to great effort to make it easy.

Open standards

The whole point of XML is to be extensible to store any kind of information. For my money, this is better than having it stored in some opaque proprietary database format.

It's also a lot easier to hack and change at will, if that's your bag.

Have fun.

Cut out and keep handy glossary:

[MrFredBloggs]

Suspected criminal: Anyone.

Re:Cut out and keep handy glossary:

[sn0wcrash]

Don't you mean "everyone"?

Lawyers and XML

[mmoncur]

It appears that when you combine lawyers and XML you end up with a linguistic quagmire that is completely impossible for mere mortals to comprehend, or escape from.

Re:Lawyers and XML

[Amazing+Quantum+Man]

I think you don't ned lawyers for that.

P2P

[giel]

Why don't they simply download Kazaa? It has been proven to be very usefull for sharing all kinds of information, no matter where and how one got it.

Oasis?

[marketnoize]

I didn't realize the band was so techno-savy. I loved the song "Wonderwall".

XML - the criminal's choice

[alext]

...we predict a resurgence of interest in CSV files among diabolical masterminds everywhere.

Just wondering whether this really has anything to do with XML... if so, should it? Not sure when a data structure last had its own universal global framework for supporting rapid discovery and sharing of suspected criminal and terrorist evidence by law enforcement agencies but I suppose this counts as progress of a kind, though personally I think I'd sleep better if the authorities kept an eye on all manifestations of Directed Acyclic Graphs.

Just a guess

... I haven't read the article, life is too short, but at aguess this is a badly worded way of saying that they want to set up an international standard XML-based database for the storage and retrieval of information about known or suspected criminals/terrorists/rogue states/.

Of course, I'm protected by my foil beanie so even if I'm wrong, they can't get me!

uh unsure of what it is?

[lunius]

OASIS Members to Create Framework for Global Sharing of Criminal and Terrorist Evidence XML Specification Will Deliver Reliable Authentication and Auditing to Safeguard Privacy and Increase Effectiveness of Lawful Intercepts. That sounds pretty clear to me.

The KGB and the Stasi (or in Soviet Russia)

[hughk]

One of the things that caused problems for the KGB and the Stasi (the state security organisation of the former DDR) was the work involved in processing an intercept. Despite the fact that both regimes were totally fscked, they used legalistic and bureaucratic procedures. The system became limited by the need to approve and process their equivalent of intercept warrants and what to do with the information.

Neither the KGB nor the STASI had much in the way of computer power to process the information gathered and the legal procedures were manual. What is happening here is that one of the last brakes to quick intercepts is being removed. The bottleneck connected with the approval process made law enforcement types think before ordering an intercept: Do they really need it?

It will be possible for intercepts to be implemeneted with less controls and far faster than in Soviet Russia).

Re:The KGB and the Stasi (or in Soviet Russia)

[shoppa]

I appreciate your concern that once they know how to use computers, they can be lightning-fast and eliminate all the paperwork. But, realistically, will this ever happen?. If anything, the introduction of a computer system to any government agency only results in more copies of more pieces of paper flying around, not less. (That's assuming that the computer system is ever put into production; 95% of government-procured systems are either never delivered or by the time they're delivered they've forgotten why they bought them.)

Re:The KGB and the Stasi (or in Soviet Russia)

[poot_rootbeer]

the Stasi (the state security organisation of the former DDR)

Fortunately, when the Dance Dance Revolution came they were the first against the wall!

Re:The KGB and the Stasi (or in Soviet Russia)

[hughk]

Yes, it does seem unlikely that it would really work but I still don't like the idea of speeding up the process - it would be just a little too dangerous if it functioned properly.

Effficient bureacracy did a lot of damage during the era of Nazi Germany. It wasn't enough to win them the war but it caused a lot of people to be eliminated (all with supporting paperwork). This is an extreme example, but I like the fact that certain processes needed by law enforcement take time - it makes everyone think whether they really should be doing this.

New pork barrel identified, XMLies join the queue

[Doctor+Hu]

--
Film at 11.

Cops

Did you miss the LAWFUL interception part? There are plenty of good reasons to tap phones, rooms and net traffic.

If you people had a cop in the family or for a friend, you'd know that they the vast majority of them aren't nightsticking thugs or hellbent on invading your privacy. Yes, if you dig deep enough you will always find dirt and there are always a few rotten apples in the basket. However, that applies to doctors, lawyers, system administrators, coders, janitors and to any other profession as well.

Re:Cops

[plague3106]

If you people had a cop in the family or for a friend, you'd know that they the vast majority of them aren't nightsticking thugs or hellbent on invading your privacy. Yes, if you dig deep enough you will always find dirt and there are always a few rotten apples in the basket.

I did have a cop as a friend of the family. He confirmed that most ARE 'rotten apples', as you put it. That, coupled with the stories people have for being pulled over without cause leads me to belive the old saying: 'Power corrupts.'

Re:Cops

Heh. Amen.

When I was a teenager (about 14) I was mixed up with some friends who were caught shoplifting. I didn't know they had done it until we were all leaving and a security guy stopped *all* of us and called the cops. The cop took all of us to a detention center but I refused to speak. I knew my rights. But since I didn't speak, he insulted me the entire trip to the detention center and then in his report, invented a bunch of things that I never said. Threatening and incriminating things. I mean, I never said a *word* to this guy.

So this asshole cop made up a story that got me a week in the detention center before they let me go. The rest of my friends spent a night and then their parents were allowed to come pick them up. I guess this cop just wanted to break me of the habit of excercising my rights while I was young lest I think I could use them later in life too.

Re:Cops

[Rasputin]

Did you miss the LAWFUL interception part? There are plenty of good reasons to tap phones, rooms and net traffic.

The part you're missing is that recent legislation - like the "patriot" act - has greatly expanded what can be considered lawful interception. Concurrently King George II has limited your ability to get information out of the government. The result is a civil rights train-wreck waiting to happen.

More beauracracies and committees

[shoppa]

Ah, yet another committee or new beauracracy created to fight terrorism. I bet those terrorists are really scared now.

The only good thing about the formation of the Department of Homeland Security is that it will set back by years the attempts of individual government agencies to spy on US citizens.

Re:More beauracracies and committees

[perky]

Yeah, I wondered about this a while ago. The Department for Homeland security is a federal agency charged with ensuring national security, right? So what the hell does the NSA do? Aren't they a bit pissed off that there's this new kid on the block treading on their toes?

Perhaps I'm missing something here, but even if that's not what the NSA do, there must have been some kind of group looking after domestic security before 9/11?

Re:More beauracracies and committees

[shoppa]

So what the hell does the NSA do?

Small hint: I work in downtown Washington DC.

The Federal Government, like most behemoth agencies, is very good at over-reacting to a problem after it is far too late to do anything about it. What amazes me is that the Department of Homeland Security seems to be a much bigger beauracracy than any of the agencies that it is "swallowing", yet it's being built by an administration that sells itself as anti-big-government.

Translation

[Badgerman]

"We figure there will be benefits to helping out law enforcement, so it's jumping on the bandwagon time."

After cutting through the buzzwords and acronyms, thats all I could really get out of this article.

Now, how long until there are copycat activities claiming better methods, more efficiency? Watch as various security consultants have yet another bag of tricks to bring out to sell their services.

It's basically EDI for the Cops

[dilute]

What this appears to be is XML so that the authorities can trade information they gather via intercept, much like businesses communicate with each other via XML. I suppose the idea is to get law enforcement people using a common markup convention, to get them all on the same page. Not a bad idea, it seems to me.

Re:It's basically EDI for the Cops

Re:It's basically EDI for the Cops

Define EDI!

Only for use between agencies, not spying

[mghiggins]

After reading the announcement and a couple of the links off it, this sounds more like an XML standard that law enforcement agencies and legal departments can use to send each other information during an investigation - not something they'd foist on the general public to make it easier for government to spy on us.

Diety?

[gazbo]

Are they Gods that desparately need to lose weight?

oxymoron?

[Unfallen]

All my own emphasisising...

"XML Specification Will Deliver Reliable Authentication and Auditing to Safeguard Privacy and Increase Effectiveness of Lawful Intercepts"

So they're coming up with a standard to protect your data and make it available? Nice.
Roll up, roll up, get yer snake oil!

Protecting our Privacy?

[Lodragandraoidh]

If you read between the lines, they mention protecting privacy while enhancing the ability to do legal interception...

Between all the happy-speak this sounds a bit sinister. Could this modification to the XML standard be the software equivalent of the clipper chip?

Re:Protecting our Privacy?

In essence, no.

Basically this is a XML DTD for easy communications between departmens, not anything really revolutionary. There were no changes to the XML spec.

A fair chunk is already in use in the Netherlands

[dirkx]

See for example www.opentap.org. Since August 2000 internet providers had to comply. The original standard JTS ( Justitiële Tap Standaard) was outdated; the ETSI standard (which oasis does build on) back then does not meet the requiremetns of the netherlands (google 'RapportageTWRT' if you can read dutch); a temporary system was instated for the time being (see SC/28/02/2000; again, in dutch only). What is interesting is that this is a mix between intelligence (which generally does not get to be used (or is usable) in a court against anyone) and the more real information gaterhed by the police authoritys for further criminal actions.

Dw

Is anything OASIS does clear?

I'm sitting here trying to convince myself to use DocBook for my next book and finding it very difficult to justify it as anything other than an intriguing intellectual exercise.
XML sounds great when you're in the planning stages of a big project, but once you get into the details it seems to make even simple tasks more complex than they need to be. It's tempting to go for it if you're the only one on the project, but a complex project rarely fits that criteria. Trying to keep everyone on the same page when you're working with people who are only going to be doing small parts is tough unless everybody understands the big picture and that in itself becomes a major hurdle.

Obviously..

[mattr]

The sample xml uses the Poindexters' home phone log.

(urk)

Lawful Interception only?

[Qzukk]

I suppose there will be a click through agreement:

"I agree not to use this technology to spy on CEOs to determine when to sell my stock. I also agree not to use this technology to spy on my SO, neighbors, or to get juicy blackmail bits on the person who cut me off this morning on the way to work."

Of course, with the FBI's proven track record, they'll just hit I Agree and do it anyway.

Re:Slashdot ....

[DEBEDb]

You mean a Spelling committ

This one needs a spelling rollback...

Correction

[uptownguy]

What amazes me is that the Department of Homeland Security seems to be a much bigger beauracracy than any of the agencies that it is "swallowing", yet it's being built by an administration that sells itself as anti-big-government. {Emphasis added by me}

Correction... it is being built by an administration that sold itself as anti-big-government. See, there was this thing that happened called 9/11 and a lot of people shifted their positions on a lot of things. Its not like this is a big secret and its not like you are going to inspire outrage or shock by pointing out that DHS is big government.

...Seriously, I swear half the people on /. have at least a mild case of Asperger's Syndrome.

Re:Correction

[uptownguy]

Nice ... somebody actually wasted mod points to mod my parent comment a troll but didn't even have the courage/imagination to post anonymously saying what they disagreed with...

Finally, XML is good for something

[Anonymous+Coward++1]

So what, are they going to have a catch terrorism web service? In any case, it's good to see the government fighting terrorism.

Just think... 9/11 could've been prevented

[Aexia]

if the FBI and CIA had the authority to intercept e-mails using the [terrorist] XML tag.

Curse you liberals and your "bill of rights"! How many more people have to die before you let go of your precious "freedoms"?

DIY

[Charlie+Bill]

I, for one, am glad that they are giving us the opportunity to properly form our incriminating evidence against ourselves. I was convinced that I would need to come up with my own file spec for that.

Example: how it is already done in Switzerland

There is an example for what such a specification might look like. The second pdf document (in English) is especially interesting as it gives some rather technical details of how the surveillence data must be structured (XML) and encrypted (PGP) before sending it to the Swiss authorities.

Re:lawful xml intercept

[galapagos]

folks , ddos with xml

Privacy

So rather then strengthing privacy laws to protect my freedom and liberty the powers that be decided to circumvent the courts' warrent process.

Why not minimum 12 years for gathering and using information from online activities, period. Few opportunities allow for the foresight of "putting up the stop sign before the accident" and this may one of them.

First spotted at:

I first spotted the concept of XML based digital "warants" to request the real-time tapping of intercepted ip traffic in the dutch ISP tapping debate. Politicians called for what they called "lawfull interception"(a link?). A standard whas proposed, I believe by university students. I can`t find this spec among related documents(great technical site, has various versions of the specs for transporting intercepted traffic from isp`s to central tapping rooms).

This spec proposed the use of xml documents to transfer the acount details of isp clients that police officials wanted tapped to the tapping system instaled at isp`s. The spec didn`t include any technical provisions for digitally signing these warrants (say, by a judge and noone else) as the idea was that the police would bring them to the isp by hand on cd`s. It would make sense if the spec whas worked out not to make it posible for cops without technical experiance to tell the tapping box what to tap, but, to make it easy to send the warrant to the tapping machine by the net nice and automated from a central tapping room like the ones used for telephone tapping. Ofourse the lacking of digital signatures shows the priorities of the original designers of this spec (easy automation, easy implementation for tapping system vendors (isp`s where complaining about the costs) and the use of cool gimicky standards)

The technical debate on how to tap internet users has been going on (although it has died down now isp got the money and the police got their new toy, at least in the Netherlands), but what makes the frequent popping up of XML interesting is the idea that it "smells" like automation, posible lage scale, of the tapping requests. In its self a great idea, less chance to end up tapping the wrong users just becouse a cop couldn`t remeber a dial in username. But it also has a dark side, its a smaller step to tap (a very small one if the tapping box at an isp doesn`t need a signature from a judge just like carnivore), but what if the police cant decrypt the traffic going from a tapped host to another, or if they think an other hoste is probably very suspicious indeed ver likely terrorists material? Well the first host is a very dangerous terrorist anyway, lets tap host-2 TO!, and then when the terrorists is in an encrypted p2p net how do you know what all those other hosts are up to? I know let automate the proces of requesting a tap on the comunication partners of the host we where orginally investigating!

tapping the net is just like tapping phones, now stop complaining and come and help us catch some terrorists, you know you want to, they are *evil* after all!

ILETS AND THE ENFOPOL 98 AFFAIR

[vinsci]

Compare:

SPECIAL INVESTIGATION: ILETS AND THE ENFOPOL 98 AFFAIR
America's guiding hand revealed - the secret international organisation behind Europe's controversial plans for Internet surveillance

Related stories: Telepolis-enfopol papers

Re: BuSab

I guess hope is that increased efficiency will lead to increased efficacy. Problem being that in a lot of these domains, it is often the inefficiency itself that puts a throttle on abuse.

Frank Herbert has something interesting to say about this.

Well if bombs wont burst

[iramkumar]

And the shelters don't cave We will "standardise" it into XML And send Osama to his grave!