Posted by
chrisd
on from the law-and-technology dept.
cf_33073 writes "Scary stuff for the privacy advocates out there. Your Internet telephone conversations may soon be tapped by the government. Anyone else concerned about these intercepts being hacked?
Full text of the
RFC
Is available (mirror)"
does this mean that I'll have to start purchasing technology from other countries to keep my own government from snooping on me?
Welcome to intercept PGPfone
by
Anonymous Coward
·
· Score: 5, Insightful
All packets are freely available to the fed. No special intercept equipment required. Decryption may be a different story.
Re:Welcome to intercept PGPfone
by
ronaldcromwell
·
· Score: 4, Interesting
Is Crypto getting secure to the point that we don't have to worry about anyone decrypting our communications? As open-source solutions become more and more viable, will networks like Freenet set the standard in the future for those of us who actually give a rip about privacy? Are we doomed, or is there a light at the end of the tunnel?
Re:Welcome to intercept PGPfone
by
Tuxinatorium
·
· Score: 4, Funny
That is a lie. There are no such things as "packets". They are a fabrication of the American news media. These so-called "1"s and "0"s are committing suicide at the logic gates as we speak. Praise be to Allah!
Re:Welcome to intercept PGPfone
by
1u3hr
·
· Score: 3, Insightful
Encryption is useless if your keys are compromised. From the RFC:
* If the information being intercepted is encrypted by the service provider and the service provider has access to the keys, then
the information MUST be decrypted before delivery to the LEA or
the encryption keys MUST be passed to the Law Enforcement Agency
to allow them to decrypt the information.....
* Content Encryption: If the intercept content is encrypted and
the service provider has access to the encryption keys (e.g.,
receives keys in Session Description Protocol for Voice over
IP), then the keys can be sent via IRI. It is, however,
possible for end-users to exchange keys by some other means
without any knowledge of the service provider in which case
the service provider will not be able to provide the keys.
Re:Welcome to intercept PGPfone
by
Anonymous Coward
·
· Score: 2, Informative
Check out SpeakFreely , Unix and Windows versions available.
Use coded conversations, something like "I tell you, there are NO Americans in Baghdad!", which really meant there are Americans in Baghdad and you had better run and hide.
Long time coming
by
Anonymous Coward
·
· Score: 2, Interesting
CALEA (http://www.fcc.gov/calea/) is something that has been in the works for quite some time. Interesting reading if you are a privacy person. Oh, the days of Fiderus.....
I'm sure the security experts are much smarter then the hackers.
-- I am NOT a man!
I am a free number!
Concerned? Not in my case
by
djupedal
·
· Score: 2, Interesting
I'm more concerned over the rash of unauthorized charges on one of my credit cards over the last two weeks...
I'm seeing an unabated string of charges that appear to be 'internet phone' related. $30 here....$50 there.
I had one c'card number discontinued last Dec., over a string of eBay charges I didn't make, and now this. Anything that can help control this kind of abuse is ok by me...at least for now.
Re:Concerned? Not in my case
by
fredistheking
·
· Score: 2, Interesting
I had a similar problem with several $9.95 charges appearing on my bill from various national ISPs every month. I am about 95% certain that my number was abused by some random pricewatch vendor. Anyway, upon calling earthlink to cancel the service that I never signed up for, the person on the otherside of the phone line informed me, "I'm sorry I can't cancel your service, your name is not in our database." After alot of trouble and having to refuse to give them my SSN I was able to cancel the service.
Anway, back to my point. I found a solution to this problem, American Express have a service called Private Payments that allows you to get disposable numbers that only work once. Since I have been using this service I haven't had problems with my number being stolen. Also, since American Express allows you to dispute charges without paying for them unless you loose the dispute, I never had to pay any of the $9.95 charges.
Back on topic, as IP telephony becomes more widely used, encryption is going to be a neccessity. When people buy things and give credit card numbers over the Internet conversation, encryption will be the only protection against crackers intercepting the conversation and stealing numbers. When was the last time you ordered anything from a site that wasn't using SSL?
Another fine DMCA violation
by
Renraku
·
· Score: 4, Insightful
Add a layer of encryptation to your packets. The government won't like having to waste extra time decoding your Slashdot traffic, so they'll just make it against the DMCA to encrypt your packets.
Eventually, internet traffic today will be like people traffic. I'm sure if I wore a big cloak and walked down the street, the police would be nervous of 'what I'm hiding under there' and might be so inclined to ask me about it.
While its legal to carry a concealed weapon if you have a licence, most people don't bother. So criminals and police alike can see that people aren't hiding a rocket launcher on their person or trying to move their crate of coccaine.
-- Job? I don't have time to get a job! Who will sit around and bitch about being broke and unemployed then?
Re:Another fine DMCA violation
by
CAIMLAS
·
· Score: 2, Insightful
Yep, the only people that register their guns/carry concealed with a license are those that are the law abiding citizens.
Thus making a 'concealed weapons permit' completely pointless and self defeating - just like gun registration. It helps nobody but the gov't in controling your life and gathering information on you.
-- ~/ssh slashdot.org
ssh: connect to host slashdot.org port 22: too many beers
this isn't an rfc
by
keithmoore
·
· Score: 4, Insightful
it's just a draft by one guy. anybody can submit a draft. it doesn't mean anything in terms of IETF approval. however since it purports it might eventually get published as an Informational document (not a standard).
if you think this is a transparent attempt to get IETF to appear to endorse a heinous activity (as I do) then you might want to write the IESG and/or the RFC Editor (as I intend to) and object to such publication. in order to avoid flooding their normal mailboxes, perhaps someone would like to set up a mailing list?
when governments think they have the right to kill thousands of people with scant justification, the last thing we need is to help them standardize on surveillance technologies.
Re:this isn't an rfc
by
adri
·
· Score: 3, Interesting
If the IP world standardises on interception technologies then we'll have some idea of how to thwart it.
Bring it on. I know you're doing it anyway. Bring it on, let people see what you're doing, let privacy advocates explain to the general public that yes, major internet equipment supports sniffing their traffic, look here for the standard and bewm! Maybe you'll get some sympathy.
I've tried explaining to lay people (non-technical friends) what can be done with todays technology and they look at me dumbfounded. Track your position by your cell phone? Huge databases to analyse the spending patterns of people? What about communication interception? Heck, I've shown a few friends pictures of the golf balls in the UK and they still refused to accept it. sigh!
if you think this is a transparent attempt to get IETF to appear to endorse a heinous activity
The IETF basically told the FBI to bugger off with regards to working CALEA into standards a long time ago. One lawyer who handles CALEA related cases doesn't seem to think this was a good idea, though;
"The IETF's long-ago refusal to consider this issue was hailed as a civil liberties victory at the time. In fact, it has had the ironic effect of making it more likely that wiretap solutions will be proprietary and designed in quiet consultation with the FBI. Bottom line: the notion that the Net inherently resists government control is in for a bad decade."
This comes from a letter to Politech last week. That letter, and a few more references re: IETF/CALEA, can be found here.
-- "BSD: Free as in speech. Linux: Free as in beer. Windows 10: Free as in herpes." --Man On Pink Corner in #52607549.
Why worry about lawful intercept?
by
patbob
·
· Score: 5, Insightful
Let's see if I have this right.. you broadcast your packets on a public network where you already assume anyone can potentially get access to them, then you worry about what happens when the government steps in and asks to receive a copy of those packets?
Like what, the government isn't already part of "anybody"?
I'm far more worried about entities that are not part of the government getting a copy of my packets. Flawed though their procedures, checks and balances may be, at least the government folks have some. What procedures, checks and balances are on the criminals?
-- Welcome to the net of 1000 lies. Upgrades are scheduled soon that should bring us to the 10,000 lies mark.
Re:Why worry about lawful intercept?
by
WolfWithoutAClause
·
· Score: 2, Insightful
Let's see if I have this right.. you broadcast your packets on a public network where you already assume anyone can potentially get access to them, then you worry about what happens when the government steps in and asks to receive a copy of those packets?
Just because they can do it, or even if they do it, doesn't mean that it is necessary lawful for them to do it. It may be considered a form of wiretapping, but it would be for the court to decide; I'm not aware of any case law on this.
Like what, the government isn't already part of "anybody"?
We elect "somebody", not "anybody"; if they start acting like they're anybody, then they're history in the long term in any true democracy.
--
-WolfWithoutAClause
"Gravity is only a theory, not a fact!"
Re:Why worry about lawful intercept?
by
netwiz
·
· Score: 4, Insightful
Not really. You don't actually broadcast packets, even at layer 2. In every case, there's a specific destination to the frame. It's like the gov't spying on your mail by opening them all in the post office. And while yes, they can do this, it requires a court order and probably cause to do so (someone back me up, I'm not actually certain of this fact).
As for private entities, packet capture is a time consuming task to perform constantly. I know for a fact that the ISP at which I work moves about a terabyte a day thru the network I maintain. It's not cost-effective (and there's not really any juicy stuff to be garnered), so they (corporations) won't do it.
Plus, the litigious backlash should ISPs start doing this of their own volition would be prohibitively expensive.
Encryption .. wont be legal much longer.
by
nurb432
·
· Score: 4, Informative
The only way these rules will work is if encryption is taken out of the hands of the public.
Can it be accomplished at this point? I donno, but a first start is calling the use of any un-approved ( i.e. , no governmental backdoor key ) encryption cause for the use to be investigated under the patriot act..
Then it will be made outright illegal, as its placed back on the 'controlled munitions' list.
-- ---- Booth was a patriot ----
Re:Encryption .. wont be legal much longer.
by
Scaba
·
· Score: 4, Interesting
Then it will be made outright illegal, as its placed back on the 'controlled munitions' list.
Thank god for September 11 2001
by
Anonymous Coward
·
· Score: 3, Interesting
Don't kid yourself, if September 11 2001 didn't happen, then the current government would have no collective trauma to exploit and introduce all these restrictions of freedom and a total violation of privacy. Only in Nazi, Communist countries do laws say, "well if you got nothing to hide then we can walse into your house uninvited".
Ever since September 11 2001, the hawks and zionists have been laughing in these joyous times. We've seen a complete restriction in our own freedoms, yet they preach to have brought freedom and liberation to Iraq although the place is in total anarchy. Who takes out the garbage, makes the trains run on time, runs the police, fire service, runs the hospitals? Currently nobody and it will be this way for a while.
In case you're wondering if Syria _is next, it is, and then it's the Palestinians and last of all the Osama Bin Laden. This should all have occured in time for the next election, sometime next year. This was expressed in a letter to the president on September 20 2001 by 25 hawks and zionists that have hijacked the whitehouse.
Letter to President Bush
Of course the saddest thing about this letter is that the people who are supposed to be protecting the american people and going after the perpetrators of September 11 seized it as an opportunity to fulfill their personal agendas. This is indeed a slap in the face to the victims and their families and to humanity.
Unpopular, I know...
by
Geekenstein
·
· Score: 4, Insightful
But I have to say it. For anyone who isn't a Montana militia, I hate everything law type, this isn't really a bad thing if proper judicial controls are instituted.
We do have an amendment to the constitution that protects against random search and seizure. Frankly, if law enforcement can give enough evidence to an informed judge that the party in question needs to be monitored in connection to a criminal offense, more power to them.
If you really think your geeky attempts at phone sex with some hot level 5,000,000 elf from EverQuest with a +50 con dildo are worth protecting from the evil shadow government, please encrypt!
Oh, and to head off all the "But the PATRIOT Act.." replies I'm sure to get, I firmly believe that its wire tap provisions are too ambiguous and when truly challenged in the Supreme Court, it will be shot down. Amazing how the whole checks and balances thing works, isn't it?
Re:Unpopular, I know...
by
Geekenstein
·
· Score: 4, Interesting
No, actually the Constitution does not give the judicial branch of government the power of review.
From the Court's website (supremecourtus.gov):
"While the function of judicial review is not explicitly provided in the Constitution, it had been anticipated before the adoption of that document. Prior to 1789, state courts had already overturned legislative acts which conflicted with state constitutions. Moreover, many of the Founding Fathers expected the Supreme Court to assume this role in regard to the Constitution; Alexander Hamilton and James Madison, for example, had underlined the importance of judicial review in the Federalist Papers, which urged adoption of the Constitution."
John Marshall, the first Chief Justice established the precedent of judicial review, and it has since become custom as strong as written law. The court's purpose has always been to interpret and explain the laws of the country, but if they put the kibash on something as unconstitutional, it becomes by decree unenforceable under the law(the court being the embodiment of law in the country).
Class dismissed.:)
Re:Unpopular, I know...
by
danoatvulaw
·
· Score: 2, Informative
I've got a vonage phone, which uses cisco hardware. (I've seen vonage ads on slashdot, and thought, hmm... they're hip to slashdot, must be good!:-) )
The first question I asked was about encryption, the response was that "any POTS line can be tapped, so it's just as secure". (yea, right..)
I doubt they'll ever support encryption, but I wish they would.
The present age seems really quite spooky, does anyone remember the MacArthy(sp) days? I'm curious to hear if the general atmosphere today is similiar to then.
I've spoken with some upper-level engineers at Vonage. They sell more of Cisco's ATA 186's than ANYONE else. Because of this, they dictate a lot of the hardware and software design/changes in the product to Cisco. You'd be surprised how responsive their upper-level techs are. They are definitely looking for new ideas and ways to improve their service.
More specifically, the tech said that the current hardware in the ATA's is insufficient for doing hardware encryption and that they are looking at a new modification on the ATA CPU to enable just the features you're looking for.
Just wait a bit - they finally got the 911 working, and I expect to see a lot of new things from this company.
Give up my freedom of speech for ~$300? Sure!
by
StupidKatz
·
· Score: 2, Insightful
You're just bleeding troll juice, but I'll bite. First, you not responsible for unauthorized activity on your CCs (call company, dispute charge, end of story). Second, if any card numbers were to be "stolen" from you, it is extremely improbable that they were sniffed off the wire; more than likely they were discovered on one of your pieces of litter, i.e. receipts. Third, if you want to give up your right to privacy for negating some petty inconveniences, I promise you that I'll hire you a maid/bodyguard if you let me hook up web cams to watch you everywhere you go as well as strap a GPS transponder on you.
And the problem is... what exactly?
by
Guppy06
·
· Score: 4, Insightful
"Your Internet telephone conversations may soon be tapped by the government."
Note the lack of the phrase "without a warrant" in this sentence. The RFC talks about "lawful intercept," which means they'd need a warrant before they're allowed to do it legally.
You don't say "without a warrant." The RFC doesn't say "without a warrant." You think maybe we can save our kneejerk reactions for somethingmoreworthy?
Re:And the problem is... what exactly?
by
cranos
·
· Score: 5, Insightful
The problem is that governments are trying to move to a point where they don't need warrants.
This is ridiculous. . .
by
Fritz+Benwalla
·
· Score: 4, Insightful
Of course I'm concerned that they will be hacked. ..Which is why I advocate that the design of these intercepts be standardized and subject to a public RFC process.
*Of course* we need a mechanism for *lawful* intercepts in this society. Some capability to (shall I say it again) *lawfully* monitor bad guys on the Internet is necessary to protect the rest of us, just as it exists in every other medium including human conversation. What I'm much more concerned about is half-wit J. Edgar Hoover wanna-bes who take an ad-hoc approach to collecting information, not giving a dump about collateral damage, and coyly taking an unregulated look at any other network traffic that "just happens" to get caught in their filters.
I suggest that this RFC is just the right way to go about it:
1. Publicly design a logical box that does what we need it to do and no more. 2. Force the authorities to stay inside that box. 3. Hand them their ass if they're caught outside the box.
As for the/. write-up, it's just (increasingly common around here) ill-informed, let's-go-occupy-the-provost's-office hyperbole.
What the privacy movement needs are intellectuals who can process enough complex facts to actually aid in the effort to balance a society that needs to be both free and safe. Automatically shouting "free!" when someone shouts "safe!" or "safe!" when someone shouts "free!" is not a useful debate. It's not even a good start.
-----
--
Believe me, I'm as surprised by my comment as you are.
It's not *that* bad
by
ragingmime
·
· Score: 3, Insightful
I did some research on McCarthy a while ago... the atmosphere today isn't nearly as bad as it was in his day. If it was, you'd probably be put on trial before the House Un-American Activities Committee (HUAC) - which was exempt from the requirement of due process - just for talking negatively about monitoring technologies, and your employer would likely fire you. I guess it's true that heightened fear of terrorism since September 11th has made US citizens a little more agreeable to legislation like the Patriot Act... it may not be the greatest situation, but can you blame us?
-- I produce electronic music and write little games. Have a look.
Many of the comments in response to this story demonstrate that the posters have neither read the referenced RFC nor understand the problem it is trying to solve. I'll restate it for the stupid or perpetually lazy among you (i.e. most of you who've responded so far):
Telecommunications companies in many countries must by law provide "assistance to law enforcement" on occasion. Note: in many countries, not just the United States. This assistance has traditionally been in the form of providing call intercept and tracing on voice networks. Some governments in many countries now want to do the same thing for data packets, but moreover, when data networks are used to emulate "traditional" voice services, the existing laws already apply. Just because your ISP's telecom backbone runs over ATM or IP doesn't mean that they're off the hook when it comes to lawful intercept and emergency services (e.g. E911) regulations. When voice is extended to "the edge" in packet form, little changes in that regard.
Now, that said, this RFC proposes an architecture to support tapping data (and any application layer-services that run on it, e.g. voice) in a uniform and scalable manner. Whether you like the idea of tapping or not is immaterial and irrelevant. Service providers must obey the law. If they cannot, they go out of business, or in some cases, never get off the ground. And make no mistake; this RFC is no more about "voice" than any other data service; it describes some of the special problems with enabling the enforcement of existing wiretap laws for packet voice, yet the aim of the RFC is to solve the general problem.
The architecture proposed makes no assumptions about the use of encryption except that no assumptions can be made about the use of encryption; i.e. deliver "tapped" packets to the LEA as packets, not transcoded or decoded into some other format.
Re:I'm thoroughly confused
by
Jeremi
·
· Score: 4, Insightful
can someone please tell me how "privacy" has anything to do with "freedom of speech?"
Surely there are things that want to say in private conversation that you wouldn't feel free to say if you knew (or suspected) that you were being eavesdropped on?
For example, the Iraqi government used lack of privacy (informers listening everywhere) to deny its citizens freedom of speech (anyone who was overheard saying something bad about Saddam was hauled off to prison).
--
I don't care if it's 90,000 hectares. That lake was not my doing.
You aren't worried about tapping? Read on
by
jsse
·
· Score: 2, Interesting
This is a true story.
My friend make a long distance call to me and at some point he jokingly said he'll "boom my ass". Just that. A moment later he excused himself and got the door only to be greeted by Government agents.
This sounds like a sick/. joke and I could never imagine it'd really happen. My friend was questioned and released but he was very pissed, questioning their ground of tapping, and his civil right. He even thought of file a racial discrimination suit(he's an American Chinese) but I suggested against his decision in view of present situation in US.
We aren't terrorists, scientists, secret agents or anything associated with them, and we've nothing to hide; but you really can't say it's not annoying to be tapped, like that.
Who changed the /. Calendar again?
by
CSG_SurferDude
·
· Score: 4, Funny
Now I KNOW somebody changed the/. calendar on me. We're only supposed to bash Cisco ON THE SECOND AND FOURTH THURSDAYS
and this is Wednesday in the U.S., and not even the right week count.
Can somebody please point me to the revised/. Love|Hate calendar so I can get with the program?
... knowing that a conversation took place can yield information as well.
So? run and use an anoymizer. Works the same way for TCP/IP connections, no? If you don't know your host number the packets can't find the host. If your host does not know your IP, the reply can't find it's way back. No need for the data to be voice over IP.
In the imortal works of Khan, "Let them eat static."
-- DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.
I agree with you, but it's hard to contact a party under watch without causing a stir doing that.
Both parties need to be anonymous.
If you read deeper in cryptonomicon you will remember the idea about constant noise being better than burst traffic.
--
"Not my manner of thinking but the manner of thinking of others has been the source of my unhappiness." - M
You mean, amazing *if* ...
by
Heisenbug
·
· Score: 3, Insightful
... the whole checks and balances thing works. When the Supreme Court does strike it down, I'll be amazed right along with you.
What is so scary about this?
by
lethargic
·
· Score: 2, Insightful
First off, I wish the author/poster had pointed out that this is a _draft_ and that it has not been published.
Anyways, what is so scary about this? Any ISP between any two hosts that are transmitting packets to one another could intercept those packets, and they always could.
I'm sure you all know that what is being described could probably be accomplished by a *nix box running tcpdump if it receives copies of all the packets. However, I don't think very much high-end telco/ISP equipment was really designed to duplicate packets to someone other than the intended recipient. I guess cisco intends on adding this feature in to some switching equipment, so they've been doing their research.
I think the point of this draft is an in-depth explanation as to what the Lawful Intercept requirement really means on a technical level.
I just don't see this thing as such a big deal after reading the document and really thinking about it. How the hell did this article even get posted?
Re:What is so scary about this?
by
joejoejoejoe
·
· Score: 2, Informative
However, I don't think very much high-end telco/ISP equipment was really designed to duplicate packets to someone other than the intended recipient
I'm not much of a network guy, but in cisco lingo it is called "port span" which will echo the packet set to or from a port TO ANOTHER PORT. Just hook up a sniffer to the "spanned" port and you can listen to all the packets.
ISPs do this for their _secret_ monitoring / gov't-email-spying stuff. ISPs do it to find why they are having a network problem by monitoring the packets on a switched network without putting a hub in the middle.
If you do the span thing on a switch port that has a router on the other end you can see all packets leaving/entering the router.
Granted this captures a LOT of traffic, but if the monitoring box just drops stuff it doesnt want, the load is lighter (filters).
Here is a cisco doc on the topic: Switched Port Analyzer (SPAN) feature
-- Silly Rabbit: tricks are for kids.
The good and bad of this post...
by
El+Camino+SS
·
· Score: 3, Funny
The good news is that everyone thinks you're post was witty and stylish...
Now the bad news...
You're about to get 5000 catalogs in the mail.
Homeland Security
by
dbCooper0
·
· Score: 2, Insightful
What strikes me as odd (after briskly scanning through the RFC) is at the end of page 3:
Because of the requirement to limit accessibility to authorized personnel, as well as the requirement that LEA's not know about each other, this interface must be strictly controlled.
Isn't the Homeland Security Administration supposed to coordinate knowledge between (L)aw (E)nforcement (A)gencies?
WTF?
-- db Cig:
ôô /`
What's the problem?
by
birdman666
·
· Score: 2, Insightful
If it's lawful and legal, then it must obviously be right, right?
--
Nothing from nowhere I'm no one at all
I've been preparing for this
by
fobbman
·
· Score: 4, Funny
I speak ROT13 fluently.
And in the meantime....
by
lysium
·
· Score: 2, Insightful
...countless lives get ruined while the wheels of justice turn, slow year by slow year. But since Order, and not Chaos, causes the harm, it is quite alright! We kill civilians to make the world a better place -- it's for progress, it wasn't intentional, so it's not criminal!
If you really think your geeky attempts at phone sex with some hot level 5,000,000 elf from EverQuest with a +50 con dildo are worth protecting from the evil shadow government, please encrypt!
As amusing as your example may be, repeat it to someone documenting the atrocities of tyrants (ahem -- ironic), and they might not smile.
Checks and balances work until someone starts fooling with the calibration. For example : Just what sort of military action requires explicit Congressional authorization these days -- full scale Soviet invasion? Where in the Constitution (and related documents) does it mention the Judicary acting as the sole moral and ethical arbiter of the land? Your faith in a few politically-appointed men and women is quite honest, but very, very dangerous.
----------
-- Together, we will drive the rats from the tundra.
Sybase markets USA PATRIOT Act transaction scanner
by
nate.sammons
·
· Score: 5, Informative
This ad from Sybase has information about a "compliance solution" for customers complying with the new USA PATRIOT Act.
From their ad: "It integrates your existing customer and transaction information systems into a consolidated compliance system that detects unusual activity and automates its investigation and resolution in a timely, secure and meticulously documented manner."
Yikes.
Re:Anything huh?
by
araemo
·
· Score: 2, Informative
It says "Lawfull" intercept.. that implies they have a warrant.
Yeah.. I know that making it digital just makes abuse of it easier, but stop complaining and go make sure the privacy watchdog groups know about it, and help them make sure there are proper checks in place.
Interestingly enough...
by
Anonymous Coward
·
· Score: 2, Interesting
didn't Cisco sell China some equipment that allowed for some 'monitoring' already?
People will vote with their dollars...I wouldn't worry about it too terribly much. Behold, the glory of capitalism.
Now seriously...pop a prozac and move along. Not much to see here, as with most/. postings.
What I Want To Know Is..
by
FuzzyBad-Mofo
·
· Score: 4, Funny
Seems to me that VOIP transmissions could be pretty easily encrypted, just like E-mail can be with PGP. In fact, it's easier to encrypt digital traffic than it is any analog device (think POTS phones).
--
Bruce Lane, KC7GR,
Blue Feather Technologies
Re:I'm thoroughly confused
by
Buzz_Litebeer
·
· Score: 2, Insightful
I think you miss the point a little, if you think someone will hear it, and report it, and then have it interpereted as sedicious speach, then you might not put your ideas out there.
If someone is constantly keeping track of what you are saying, and what you are sending, you might worry about "everyone" hearing it, and someone taking actions against you. The government is an example of someone you might not want taking action agianst you. When people speak out, often it is to a select audience as well, people who most likely would support their views.
The actual big issue, is people control how they interact with others by how much they allow that other person to know them.
Imagine if you met a girl, and you knew from a quick lookup that she was single, likes doritos, has 2 children and never married.
That kind of thing she probably would not want you to know at all!
Or lets say that people take your information, and do correllations on it. The correllations dont necessarrilly "Have" to be true, the problem is you could be added to a trend group that you do not want to be in.
Lets use a lewed example, lets say that using your credit card your sweetheart goes out and buys any numerous sex toys. Now lets say some group called "friend search" takes this data (which is relatively public or could be construed that way) but then correlates the data to you (since it was your card).
So lets say you are in the same situation as earlier, you are now sans girlfriend (perhaps didnt enjoy her pencheant for sex toys) and the girl does a lookup on you, and finds you like male sex toys... and then doesnt give you a chance because she thinks your gay lol.
Or better yet, you get spammed by sex toy sites that bought your info from the credit card company, trying to entice you to buy more.
Now these are a bit extreme, but imagine everyone just sold the data, or was allowed to track your data without any kind of real strong privacy laws. This could inhibit your freedom of speech in that it could also limit your credibility. Now if you do not beleive credibility affects the impact of what you say in public, just ask Peter Arnette. Now Imaging your at a public rally, or write a web blog, and someone says "hey i got info where e-mails were exchanged from his account, and from credit info that he buys sex toys for himself" and lets say your trying to fight for some religious cause. your credibility would be destroyed because someone had access to info that should have been private for you anyway, but it affects your freedom of speech.
There are much better examples, like how it could "directly" affect speech, but im a bit tired and cant think of anything nearly as witty as buying sex toys.
-- If you don't vote, you don't matter, so don't waste your time telling me your opinion
Scatterbrained. Maxim 1. If it is true, it is true at the extremes. If it is not true at the extremes, it simply is not true.
You face the possibility of death at the hands of another just crossing the street. Do we embeded GPS systems on every vehicle and on every person with some override system overlooking it? And what if that system fails? Well, another system overlooking that system, ad nausem until the entire world is focused on your safety.
Or we could trust you to look both ways before crossing the street.
Freedom is not the same thing as a right. You are pretty much free to do anything you like (including kill someone). You however do not have the right.
A right implies that you can exercise a freedom without certain consequences. That is the balancing act, not security over freedom.
Basic to rights is the idea that everyone else also has that right (otherwise it is a privilege... see our gov. for more info). Also basic to rights is responsibility. If you can't be trusted to look both ways before crossing the street (i.e.- take responsibility for yourself), you will lose that right to about 3 tons of steel. No law will save you.
The most essential freedom is to live as you choose. Anything else is tantamount to slavery.
And really, aren't you free to kill someone else? Or should I have an illusion of security that this will not happen ('cause that's all security is, an illusion)?
I mean really, BS argument. Security and freedom are mutually exclusive (it has been my experience that those who say they are exclusive are tyrants. Very much like your experience of facing death at another's hands). It is naive to think that just because the is a law that against taking drugs and police to enforce those laws, that somehow someone isn't under the influence as we speak. Perhaps even driving. The laws are a set of consequences, nothing more.
And have you considered the full consequences of the law being purposed? Many calls I make would seem damnable by third parties who are unaware of the rapport I have with the person being called. Should I have to explain myself? Expect the people invading my right to privacy to share my sense of humor? Trust that the persons monitoring my calls would never abuse it? No, I have a right against. You are arguing to take away that right under the guise of an illusion.
"You knew the job was dangerous when you took it. Quit bitching about it now."
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC-2119.
Re:I'm thoroughly confused
by
moncyb
·
· Score: 2, Insightful
Your sex toys example is good, but there is a much more difficult situation it could put one in.
Let's say your gf buys the toys with your CC. A year later you are walking down the street, and the police pick you up. A woman was raped and murdered two blocks away, and you vaguely fit the description of the guy. The police may use the sexual CC purchase as "evidence" you are a sexual deviant and must have done it. They may even stop looking for the guy who really did it.
Then you go to court. The purchase is used there as "evidence" of "your" crime, and let's say you live in an area heavily influenced by the Taliban or the Christian Coalition, so the jury decides you must have done it.
Allowing the courts to use every purchase you made (or purchase you have appeared to make), and every word you have spoken as "evidence", is a very dangerouse thing. How many of you can really be confident you haven't made any purchases or said anything which, if used as "evidence" in any given trial for any given crime, would make you look guilty?
Yeah, if you bought a 3' LotR sword and a box of Hammerhead condoms the day of the crime, and those same items were used in the crime, then it may be circumstantial evidence linking you to it, but using everything you may have said and bought in your lifetime isn't.
Throw down schoolgirl!
by
TerryAtWork
·
· Score: 2, Informative
Listen - with a cheap pentium, two NICs and OpenBSD you can do stuff no $50,000 Cisco machine can do.
PLUS you can encrypt it out the wazoo.
ONCE WE GET A GRIP they can intercept all they want, for all the good it will do them.
-- It's Christmas everyday with BitTorrent.
Encryption
by
Anonymous Coward
·
· Score: 2, Interesting
I'm going anonymous coward on this one:p
Don't ask how I know, but I have SEEN (with my own eyes) products by this company http://www.verintsystems.com cut though encryption up to 256bit like butter in near real-time. 128 made it pause for about ½ a second while 256 took around 1-2 seconds.
Verint are also the people who make the black boxes that in real time scan every phone call for key words and if your saying naughty stuff record it for the Intelligence service. When I say black boxes, I mean black boxes, they have no markings and just sit in the bottom of racks in telcos. I know for a fact that every call (fixed, cellular and satellite) in the US, UK and Israel is passed through these systems.
You can encrypt all you want, it doesn't make any difference.
It's not about tech. It's about due process.
by
zerofoo
·
· Score: 2, Insightful
Lucent long distance switches have the ability to be tapped and have had it for YEARS. Most telecom gear is designed to be LAWFULLY tapped. I don't have a problem with network equipment vendors also providing these features.
My gripe is the lack of due process for government monitoring (post 9-11-01). I'm OK with monitoring any form of communications as long as the organization doing the monitoring has made their case to a judge, and the judge has granted them a warrant. Wiretap laws need to be expanded to include all forms of electronic surveillance. These laws require a court issued warrant before the use of any electronic surveillance by law enforcement. Any evidence obtained without proper authorization is inadmissible in court.
-ted
This is *GOOD* for Privacy concerns.
by
RobertNotBob
·
· Score: 3, Interesting
As a geek in the telecom world I have seen the large difference in regulations when it comes to intercepting data vs. voice communications. Here in the USA, judges have known since the creation of our country that speach needs to be protected. However since the dawn of the digital age, the extent to which that protection extends to data has been passionately debated.
I would be very pleased to see legislation that clearly identifies data communication as identical to verbal communication. After reading the document, I think that this (or something close to it) may be exactly what is needed to put a legitimate legal framework around this topic. The more we can make the technical process of LI (lawfull intercept... you did RTA right?) more like the technical process of wire tapping, the easier it will be to approximate the two in the minds of the people who make, judge and execute the law.
-- ___ I don't respond to Anonymous Cowards, and I Never Mod them UP.
Slashdot Mirror
William Gibson future HERE WE COME!!..
does this mean that I'll have to start purchasing technology from other countries to keep my own government from snooping on me?
All packets are freely available to the fed. No special intercept equipment required. Decryption may be a different story.
Since the connection is digital, it shouldn't be tough to add a layer of encryption onto your conversation. Let 'em monitor scrambled data.
CALEA (http://www.fcc.gov/calea/) is something that has been in the works for quite some time. Interesting reading if you are a privacy person. Oh, the days of Fiderus.....
I'm sure the security experts are much smarter then the hackers.
I am NOT a man!
I am a free number!
I'm more concerned over the rash of unauthorized charges on one of my credit cards over the last two weeks...
I'm seeing an unabated string of charges that appear to be 'internet phone' related. $30 here....$50 there.
I had one c'card number discontinued last Dec., over a string of eBay charges I didn't make, and now this. Anything that can help control this kind of abuse is ok by me...at least for now.
Comment removed based on user account deletion
Add a layer of encryptation to your packets. The government won't like having to waste extra time decoding your Slashdot traffic, so they'll just make it against the DMCA to encrypt your packets.
Eventually, internet traffic today will be like people traffic. I'm sure if I wore a big cloak and walked down the street, the police would be nervous of 'what I'm hiding under there' and might be so inclined to ask me about it.
While its legal to carry a concealed weapon if you have a licence, most people don't bother. So criminals and police alike can see that people aren't hiding a rocket launcher on their person or trying to move their crate of coccaine.
Job? I don't have time to get a job! Who will sit around and bitch about being broke and unemployed then?
it's just a draft by one guy. anybody can submit a draft. it doesn't mean anything in terms of IETF approval. however since it purports it might eventually get published as an Informational document (not a standard).
if you think this is a transparent attempt to get IETF to appear to endorse a heinous activity (as I do) then you might want to write the IESG and/or the RFC Editor (as I intend to) and object to such publication. in order to avoid flooding their normal mailboxes, perhaps someone would like to set up a mailing list?
when governments think they have the right to kill thousands of people with scant justification, the last thing we need is to help them standardize on surveillance technologies.
Like what, the government isn't already part of "anybody"?
I'm far more worried about entities that are not part of the government getting a copy of my packets. Flawed though their procedures, checks and balances may be, at least the government folks have some. What procedures, checks and balances are on the criminals?
Welcome to the net of 1000 lies. Upgrades are scheduled soon that should bring us to the 10,000 lies mark.
The only way these rules will work is if encryption is taken out of the hands of the public.
Can it be accomplished at this point? I donno, but a first start is calling the use of any un-approved ( i.e. , no governmental backdoor key ) encryption cause for the use to be investigated under the patriot act..
Then it will be made outright illegal, as its placed back on the 'controlled munitions' list.
---- Booth was a patriot ----
Don't kid yourself, if September 11 2001 didn't happen, then the current government would have no collective trauma to exploit and introduce all these restrictions of freedom and a total violation of privacy. Only in Nazi, Communist countries do laws say, "well if you got nothing to hide then we can walse into your house uninvited".
Ever since September 11 2001, the hawks and zionists have been laughing in these joyous times. We've seen a complete restriction in our own freedoms, yet they preach to have brought freedom and liberation to Iraq although the place is in total anarchy. Who takes out the garbage, makes the trains run on time, runs the police, fire service, runs the hospitals? Currently nobody and it will be this way for a while.
In case you're wondering if Syria _is next, it is, and then it's the Palestinians and last of all the Osama Bin Laden. This should all have occured in time for the next election, sometime next year. This was expressed in a letter to the president on September 20 2001 by 25 hawks and zionists that have hijacked the whitehouse.
Letter to President Bush
Of course the saddest thing about this letter is that the people who are supposed to be protecting the american people and going after the perpetrators of September 11 seized it as an opportunity to fulfill their personal agendas. This is indeed a slap in the face to the victims and their families and to humanity.
But I have to say it. For anyone who isn't a Montana militia, I hate everything law type, this isn't really a bad thing if proper judicial controls are instituted.
We do have an amendment to the constitution that protects against random search and seizure. Frankly, if law enforcement can give enough evidence to an informed judge that the party in question needs to be monitored in connection to a criminal offense, more power to them.
If you really think your geeky attempts at phone sex with some hot level 5,000,000 elf from EverQuest with a +50 con dildo are worth protecting from the evil shadow government, please encrypt!
Oh, and to head off all the "But the PATRIOT Act.." replies I'm sure to get, I firmly believe that its wire tap provisions are too ambiguous and when truly challenged in the Supreme Court, it will be shot down. Amazing how the whole checks and balances thing works, isn't it?
I've got a vonage phone, which uses cisco hardware. (I've seen vonage ads on slashdot, and thought, hmm... they're hip to slashdot, must be good! :-) )
The first question I asked was about encryption, the response was that "any POTS line can be tapped, so it's just as secure". (yea, right..)
I doubt they'll ever support encryption, but I wish they would.
The present age seems really quite spooky, does anyone remember the MacArthy(sp) days? I'm curious to hear if the general atmosphere today is similiar to then.
You're just bleeding troll juice, but I'll bite. First, you not responsible for unauthorized activity on your CCs (call company, dispute charge, end of story). Second, if any card numbers were to be "stolen" from you, it is extremely improbable that they were sniffed off the wire; more than likely they were discovered on one of your pieces of litter, i.e. receipts. Third, if you want to give up your right to privacy for negating some petty inconveniences, I promise you that I'll hire you a maid/bodyguard if you let me hook up web cams to watch you everywhere you go as well as strap a GPS transponder on you.
"Your Internet telephone conversations may soon be tapped by the government."
Note the lack of the phrase "without a warrant" in this sentence. The RFC talks about "lawful intercept," which means they'd need a warrant before they're allowed to do it legally.
You don't say "without a warrant." The RFC doesn't say "without a warrant." You think maybe we can save our kneejerk reactions for something more worthy?
Of course I'm concerned that they will be hacked. .
*Of course* we need a mechanism for *lawful* intercepts in this society. Some capability to (shall I say it again) *lawfully* monitor bad guys on the Internet is necessary to protect the rest of us, just as it exists in every other medium including human conversation. What I'm much more concerned about is half-wit J. Edgar Hoover wanna-bes who take an ad-hoc approach to collecting information, not giving a dump about collateral damage, and coyly taking an unregulated look at any other network traffic that "just happens" to get caught in their filters.
I suggest that this RFC is just the right way to go about it:
1. Publicly design a logical box that does what we need it to do and no more.
2. Force the authorities to stay inside that box.
3. Hand them their ass if they're caught outside the box.
As for the /. write-up, it's just (increasingly common around here) ill-informed, let's-go-occupy-the-provost's-office hyperbole.
What the privacy movement needs are intellectuals who can process enough complex facts to actually aid in the effort to balance a society that needs to be both free and safe. Automatically shouting "free!" when someone shouts "safe!" or "safe!" when someone shouts "free!" is not a useful debate. It's not even a good start.
-----
Believe me, I'm as surprised by my comment as you are.
I did some research on McCarthy a while ago... the atmosphere today isn't nearly as bad as it was in his day. If it was, you'd probably be put on trial before the House Un-American Activities Committee (HUAC) - which was exempt from the requirement of due process - just for talking negatively about monitoring technologies, and your employer would likely fire you. I guess it's true that heightened fear of terrorism since September 11th has made US citizens a little more agreeable to legislation like the Patriot Act... it may not be the greatest situation, but can you blame us?
I produce electronic music and write little games. Have a look.
Ahem,
When I am able to have any degree of privacy (short of living in a bomb shelter) would someone please notify me--contact information below.
Roger Hammond
164 Rochester Ln
Tucson, AZ 8546
U.S.A.
Phone:(520)791-4544
Fax: (520)791-4124
Email: rhammond64@excite.com
AIM/MSN/Yahoo!: rhammond64
My Server: rhammond.org
I also post here quite often.
Thank you,
R.E.G. [good thing I didn't tell 'em my middle name]
FEARLESS AND STUPID
Many of the comments in response to this story demonstrate that the posters have neither read the referenced RFC nor understand the problem it is trying to solve. I'll restate it for the stupid or perpetually lazy among you (i.e. most of you who've responded so far):
Telecommunications companies in many countries must by law provide "assistance to law enforcement" on occasion. Note: in many countries, not just the United States. This assistance has traditionally been in the form of providing call intercept and tracing on voice networks. Some governments in many countries now want to do the same thing for data packets, but moreover, when data networks are used to emulate "traditional" voice services, the existing laws already apply. Just because your ISP's telecom backbone runs over ATM or IP doesn't mean that they're off the hook when it comes to lawful intercept and emergency services (e.g. E911) regulations. When voice is extended to "the edge" in packet form, little changes in that regard.
Now, that said, this RFC proposes an architecture to support tapping data (and any application layer-services that run on it, e.g. voice) in a uniform and scalable manner. Whether you like the idea of tapping or not is immaterial and irrelevant. Service providers must obey the law. If they cannot, they go out of business, or in some cases, never get off the ground. And make no mistake; this RFC is no more about "voice" than any other data service; it describes some of the special problems with enabling the enforcement of existing wiretap laws for packet voice, yet the aim of the RFC is to solve the general problem.
The architecture proposed makes no assumptions about the use of encryption except that no assumptions can be made about the use of encryption; i.e. deliver "tapped" packets to the LEA as packets, not transcoded or decoded into some other format.
Surely there are things that want to say in private conversation that you wouldn't feel free to say if you knew (or suspected) that you were being eavesdropped on?
For example, the Iraqi government used lack of privacy (informers listening everywhere) to deny its citizens freedom of speech (anyone who was overheard saying something bad about Saddam was hauled off to prison).
I don't care if it's 90,000 hectares. That lake was not my doing.
This is a true story.
/. joke and I could never imagine it'd really happen. My friend was questioned and released but he was very pissed, questioning their ground of tapping, and his civil right. He even thought of file a racial discrimination suit(he's an American Chinese) but I suggested against his decision in view of present situation in US.
My friend make a long distance call to me and at some point he jokingly said he'll "boom my ass". Just that. A moment later he excused himself and got the door only to be greeted by Government agents.
This sounds like a sick
We aren't terrorists, scientists, secret agents or anything associated with them, and we've nothing to hide; but you really can't say it's not annoying to be tapped, like that.
Now I KNOW somebody changed the /. calendar on me. We're only supposed to bash Cisco
ON THE SECOND AND FOURTH THURSDAYS
and this is Wednesday in the U.S., and not even the right week count.
Can somebody please point me to the revised /. Love|Hate calendar so I can get with the program?
LongTail SSH Brute Force analysis tool is here!
So? run and use an anoymizer. Works the same way for TCP/IP connections, no? If you don't know your host number the packets can't find the host. If your host does not know your IP, the reply can't find it's way back. No need for the data to be voice over IP.
In the imortal works of Khan, "Let them eat static."
DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.
... the whole checks and balances thing works. When the Supreme Court does strike it down, I'll be amazed right along with you.
First off, I wish the author/poster had pointed out that this is a _draft_ and that it has not been published.
Anyways, what is so scary about this? Any ISP between any two hosts that are transmitting packets to one another could intercept those packets, and they always could.
I'm sure you all know that what is being described could probably be accomplished by a *nix box running tcpdump if it receives copies of all the packets. However, I don't think very much high-end telco/ISP equipment was really designed to duplicate packets to someone other than the intended recipient. I guess cisco intends on adding this feature in to some switching equipment, so they've been doing their research.
I think the point of this draft is an in-depth explanation as to what the Lawful Intercept requirement really means on a technical level.
I just don't see this thing as such a big deal after reading the document and really thinking about it. How the hell did this article even get posted?
The good news is that everyone thinks you're post was witty and stylish...
Now the bad news...
You're about to get 5000 catalogs in the mail.
Because of the requirement to limit accessibility to authorized personnel, as well as the requirement that LEA's not know about each other, this interface must be strictly controlled.
Isn't the Homeland Security Administration supposed to coordinate knowledge between (L)aw (E)nforcement (A)gencies?
WTF?
db
Cig:
ôô
If it's lawful and legal, then it must obviously be right, right?
Nothing from nowhere I'm no one at all
I speak ROT13 fluently.
If you really think your geeky attempts at phone sex with some hot level 5,000,000 elf from EverQuest with a +50 con dildo are worth protecting from the evil shadow government, please encrypt!
As amusing as your example may be, repeat it to someone documenting the atrocities of tyrants (ahem -- ironic), and they might not smile.
Checks and balances work until someone starts fooling with the calibration. For example : Just what sort of military action requires explicit Congressional authorization these days -- full scale Soviet invasion? Where in the Constitution (and related documents) does it mention the Judicary acting as the sole moral and ethical arbiter of the land? Your faith in a few politically-appointed men and women is quite honest, but very, very dangerous.
----------
Together, we will drive the rats from the tundra.
This ad from Sybase has information about a "compliance solution" for customers complying with the new USA PATRIOT Act.
From their ad:
"It integrates your existing customer and transaction information systems into a consolidated compliance system that detects unusual activity and automates its investigation and resolution in a timely, secure and meticulously documented manner."
Yikes.
It says "Lawfull" intercept.. that implies they have a warrant.
Yeah.. I know that making it digital just makes abuse of it easier, but stop complaining and go make sure the privacy watchdog groups know about it, and help them make sure there are proper checks in place.
didn't Cisco sell China some equipment that allowed for some 'monitoring' already?
/. postings.
People will vote with their dollars...I wouldn't worry about it too terribly much. Behold, the glory of capitalism.
Now seriously...pop a prozac and move along. Not much to see here, as with most
.. does this mean Cisco will honor the evil bit?
Seems to me that VOIP transmissions could be pretty easily encrypted, just like E-mail can be with PGP. In fact, it's easier to encrypt digital traffic than it is any analog device (think POTS phones).
Bruce Lane, KC7GR,
Blue Feather Technologies
I think you miss the point a little, if you think someone will hear it, and report it, and then have it interpereted as sedicious speach, then you might not put your ideas out there.
If someone is constantly keeping track of what you are saying, and what you are sending, you might worry about "everyone" hearing it, and someone taking actions against you. The government is an example of someone you might not want taking action agianst you. When people speak out, often it is to a select audience as well, people who most likely would support their views.
The actual big issue, is people control how they interact with others by how much they allow that other person to know them.
Imagine if you met a girl, and you knew from a quick lookup that she was single, likes doritos, has 2 children and never married.
That kind of thing she probably would not want you to know at all!
Or lets say that people take your information, and do correllations on it. The correllations dont necessarrilly "Have" to be true, the problem is you could be added to a trend group that you do not want to be in.
Lets use a lewed example, lets say that using your credit card your sweetheart goes out and buys any numerous sex toys. Now lets say some group called "friend search" takes this data (which is relatively public or could be construed that way) but then correlates the data to you (since it was your card).
So lets say you are in the same situation as earlier, you are now sans girlfriend (perhaps didnt enjoy her pencheant for sex toys) and the girl does a lookup on you, and finds you like male sex toys... and then doesnt give you a chance because she thinks your gay lol.
Or better yet, you get spammed by sex toy sites that bought your info from the credit card company, trying to entice you to buy more.
Now these are a bit extreme, but imagine everyone just sold the data, or was allowed to track your data without any kind of real strong privacy laws. This could inhibit your freedom of speech in that it could also limit your credibility. Now if you do not beleive credibility affects the impact of what you say in public, just ask Peter Arnette. Now Imaging your at a public rally, or write a web blog, and someone says "hey i got info where e-mails were exchanged from his account, and from credit info that he buys sex toys for himself" and lets say your trying to fight for some religious cause. your credibility would be destroyed because someone had access to info that should have been private for you anyway, but it affects your freedom of speech.
There are much better examples, like how it could "directly" affect speech, but im a bit tired and cant think of anything nearly as witty as buying sex toys.
If you don't vote, you don't matter, so don't waste your time telling me your opinion
US Democracy:The best person for the job (among These pre-selected choices...)
Scatterbrained. Maxim 1. If it is true, it is true at the extremes. If it is not true at the extremes, it simply is not true.
You face the possibility of death at the hands of another just crossing the street. Do we embeded GPS systems on every vehicle and on every person with some override system overlooking it? And what if that system fails? Well, another system overlooking that system, ad nausem until the entire world is focused on your safety.
Or we could trust you to look both ways before crossing the street.
Freedom is not the same thing as a right. You are pretty much free to do anything you like (including kill someone). You however do not have the right.
A right implies that you can exercise a freedom without certain consequences. That is the balancing act, not security over freedom.
Basic to rights is the idea that everyone else also has that right (otherwise it is a privilege... see our gov. for more info). Also basic to rights is responsibility. If you can't be trusted to look both ways before crossing the street (i.e.- take responsibility for yourself), you will lose that right to about 3 tons of steel. No law will save you.
The most essential freedom is to live as you choose. Anything else is tantamount to slavery.
And really, aren't you free to kill someone else? Or should I have an illusion of security that this will not happen ('cause that's all security is, an illusion)?
I mean really, BS argument. Security and freedom are mutually exclusive (it has been my experience that those who say they are exclusive are tyrants. Very much like your experience of facing death at another's hands). It is naive to think that just because the is a law that against taking drugs and police to enforce those laws, that somehow someone isn't under the influence as we speak. Perhaps even driving. The laws are a set of consequences, nothing more.
And have you considered the full consequences of the law being purposed? Many calls I make would seem damnable by third parties who are unaware of the rapport I have with the person being called.
Should I have to explain myself? Expect the people invading my right to privacy to share my sense of humor? Trust that the persons monitoring my calls would never abuse it? No, I have a right against. You are arguing to take away that right under the guise of an illusion.
"You knew the job was dangerous when you took it. Quit bitching about it now."
speaking just start. Understand they will not!
All RFCs are written like that:
Your sex toys example is good, but there is a much more difficult situation it could put one in.
Let's say your gf buys the toys with your CC. A year later you are walking down the street, and the police pick you up. A woman was raped and murdered two blocks away, and you vaguely fit the description of the guy. The police may use the sexual CC purchase as "evidence" you are a sexual deviant and must have done it. They may even stop looking for the guy who really did it.
Then you go to court. The purchase is used there as "evidence" of "your" crime, and let's say you live in an area heavily influenced by the Taliban or the Christian Coalition, so the jury decides you must have done it.
Allowing the courts to use every purchase you made (or purchase you have appeared to make), and every word you have spoken as "evidence", is a very dangerouse thing. How many of you can really be confident you haven't made any purchases or said anything which, if used as "evidence" in any given trial for any given crime, would make you look guilty?
Yeah, if you bought a 3' LotR sword and a box of Hammerhead condoms the day of the crime, and those same items were used in the crime, then it may be circumstantial evidence linking you to it, but using everything you may have said and bought in your lifetime isn't.
Listen - with a cheap pentium, two NICs and OpenBSD you can do stuff no $50,000 Cisco machine can do.
PLUS you can encrypt it out the wazoo.
ONCE WE GET A GRIP they can intercept all they want, for all the good it will do them.
It's Christmas everyday with BitTorrent.
I'm going anonymous coward on this one :p
Don't ask how I know, but I have SEEN (with my own eyes) products by this company http://www.verintsystems.com cut though encryption up to 256bit like butter in near real-time. 128 made it pause for about ½ a second while 256 took around 1-2 seconds.
Verint are also the people who make the black boxes that in real time scan every phone call for key words and if your saying naughty stuff record it for the Intelligence service. When I say black boxes, I mean black boxes, they have no markings and just sit in the bottom of racks in telcos. I know for a fact that every call (fixed, cellular and satellite) in the US, UK and Israel is passed through these systems.
You can encrypt all you want, it doesn't make any difference.
Lucent long distance switches have the ability to be tapped and have had it for YEARS. Most telecom gear is designed to be LAWFULLY tapped. I don't have a problem with network equipment vendors also providing these features.
My gripe is the lack of due process for government monitoring (post 9-11-01). I'm OK with monitoring any form of communications as long as the organization doing the monitoring has made their case to a judge, and the judge has granted them a warrant. Wiretap laws need to be expanded to include all forms of electronic surveillance. These laws require a court issued warrant before the use of any electronic surveillance by law enforcement. Any evidence obtained without proper authorization is inadmissible in court.
-ted
I would be very pleased to see legislation that clearly identifies data communication as identical to verbal communication. After reading the document, I think that this (or something close to it) may be exactly what is needed to put a legitimate legal framework around this topic. The more we can make the technical process of LI (lawfull intercept... you did RTA right?) more like the technical process of wire tapping, the easier it will be to approximate the two in the minds of the people who make, judge and execute the law.
___ I don't respond to Anonymous Cowards, and I Never Mod them UP.