Slashdot Mirror


More on Cisco Building Surveillance into Routers

An anonymous reader writes "The company recently published a proposal that describes how it plans to embed 'lawful interception' capability into its products. Among the highlights: Eavesdropping 'must be undetectable,' and multiple police agencies conducting simultaneous wiretaps must not learn of one another. If an Internet provider uses encryption to preserve its customers' privacy and has access to the encryption keys, it must turn over the intercepted communications to police in a descrambled form." See our earlier story and the RFC for background.

17 of 419 comments (clear)

  1. Thank you slashdot! by Joshuah · · Score: 3, Interesting

    If this is true, and Cisco does go forward with this, I will be sure not to buy anything Cisco. I will have to look for other devices to preform what is needed. Yeah, Cisco wont hurt by me not buying them, but if the word spreads, and people boycott Cisco for doing this, im sure they will change their mind unless Big Brother is giving them funds/tax breaks/whatever to get them to do this.

  2. what about != U.S.A. ? by phrawzty · · Score: 3, Interesting

    I guess i can understand why Cisco is opting to build these types of technologies into their equipment, given the current U.S. political climate. But what about all the other nations of the planet that aren't reverting to McCarthy'ism? Will Cisco still be exporting non-backdoor-compliant hardware as well?

  3. it only bothers the unknowing honest. by Lumpy · · Score: 5, Interesting

    or the very stupid evildo-er.

    If I simply send everything encrypted AND send lots of fake packets... I.E. random sized files that consist of the contents of /dev/random to all my comrades they will never EVER figure it out.

    It's called hiding in a sea of garbage. Now write a nice small program that is a P2P sharing app (or a plug-in for one) that sends around some of those random files to other users (small ones 1-100K in size then keep your files in that size range)

    Screw with them as they screw with you.

    so a freenet node will completely hose this "eavesdropping system"

    --
    Do not look at laser with remaining good eye.
  4. multiple hidden wiretaps... by frenztech · · Score: 5, Interesting

    "multiple police agencies conducting simultaneous wiretaps must not learn of one another" -- If the police cannot determine if a wiretap is running on the router, then what is to stop a malicious party from running one there without administrative knowledge?

    --
    "Sed Quis Custodiet Ipsos Custodes?" -Juvenal
  5. encryption by JDizzy · · Score: 4, Interesting

    What is the point of encryption if you have to give up the keys. I say its up the the spooks to have the capabilities to crack my encryption rather than force me to hand over the keys. Even then, I'd only hand over the keys in encrypted form, still forcing them to use their supper computers. Serriously, encryption is a black and white area... some grey, but mostly either a situation where you use it, or don't...

    --
    It isn't a lie if you belive it.
  6. It's a 2-Sided Coin by serutan · · Score: 5, Interesting

    McCullagh makes an excellent point that US government agencies have a history of illegal surveillance. If protecting the public justifies building in eavesdropping capability, then it equally justifies building in accountability. Terrorists and civilian criminals aren't the only menaces to the public. Surveillance activity should be logged and sent to secure storage which can be accessed through well-defined legal channels.

  7. Luckily, we have alternatives by bigberk · · Score: 4, Interesting

    If they do start to implement such eavesdropping facilities, I imagine that a lot of people might switch to routers powered by open source (such as Linux, BSD) so they can really know what's under the hood. Remember that a low end Pentium running Linux can easily route 10/100 Mbps.

    That being said, Cisco knows that companies that used to buy from them will still probably buy from them. So this can't be a huge risk to their company. But the 'new features' would firmly embed government eavesdropping facilities in major ISPs, banks, large companies, schools, universities, etc.

  8. Re:I don't see what the big deal is. by jay-be-em · · Score: 5, Interesting

    The real problem I see here is that we are creating a methods by which a government member can know absolutely anything about anyone at any particular point. Now what if we (meaning the US) mistakenly elect government officials with very bad intentions? It HAS happened before in democratic countries, and I will neglect specific examples in order to avoid Godwin's Law. I don't necessarily fear what our current government will do with these technologies. I DO fear the prospect of a group of rogues using an infrastructure that we implemented for evil. I really believe that it is necessary in a free society to maintain some methods of secret communication. All revolutions which resulted in a better society required channels of secret communication that were unheard by 'Big Brother' as some may say.

    --
    "Orthodoxy means not thinking--not needing to think. Orthodoxy is unconsciousness." --Eric Blair
  9. Re:Sigh. by fobbman · · Score: 4, Interesting

    I don't believe that the "if I didn't steal your car, someone else surely would have" statement would make me stealing your car acceptable.

  10. Re:Big brother by MORTAR_COMBAT! · · Score: 5, Interesting

    not to mention second amendment rights [...] Be afraid... and for God's sake, don't vote Republican.

    The Democrats want to take away the second amendment rights. The Republicans want to take away the 1st, 4th, abortion, etc.

    Wisen up and rise up. Revolution is the only way. Those in power will fight very hard to stay in power. You end up having to ask yourself one question: How much do you value the rights for which millions have fought and died for?

    As for me, I'm going to just use a bit of double-think and forget that I had that thought, so I can go on being a happy little sheep in my comfy white-collar suburban world.

    --
    MORTAR COMBAT!
  11. Re:Undetectable built-in backdoor by TarPitt · · Score: 5, Interesting
    Black hats do get in...

    A story (I believe) in "California Lawyer" from maybe 3 years ago noted that Kevin Poulsen, while phreaking, had managed to discover phone taps planted by the US Government in various foreign embassies, including South Africa. A condition of his release was that he was forbidden to discuss the details.

    --
    If your children ever found out how lame you are, they'd murder you in your sleep
  12. Re:Time to break out your own encryption by dr_dank · · Score: 4, Interesting

    I wouldn't be so sure.

    That is a post to a Cypherpunks mailing list concerning a hypothetical device to crack the 1024 bit keys that are so widely used in ssh and the like. The "machine" would cost between several hundred million to a billion dollars and require a megawatt or so of power, but would make cracking those types of keys childs play.

    Considering that spy agencies could spend up to 2 billion USD on satellites, they would be crazy to pass something like this up.

    Food for thought...

    --
    Where does the school board find them and why do they keep sending them to ME?
  13. This is not as bad as it sounds by goombah99 · · Score: 5, Interesting
    We've lived for centuries with unencrypted postal mail, and over a century with unencrypted phone messages, and a century with unencrypted radio communication.

    Thus its not like itsa new form of intrusion or the ersoion of a sacred right. Moreover we have an extensive legal system that already know how to walk an acceptable line between preserving public order and unlawful searches and seizures. yes there are flagrant abuses of course, but the basic level of public expectaion and legal machinery is inplace to deal with this

    Thus the real question is if the ascroft era people will try to use this as an end-run around the existing legal machinery. I paraphrase a former missouri senator who said (about carnavor-like intrusion) "I dont put a phone jack on the outside of my house so the feds can listen in when they please, so I dont want a jack on my internet connection for the same purpose". Ironically that senator was the John ascroft before he lost hisz relection bid to a dead man and became the worst attourney general ever including edwin meese. Now he chafes at these restrictions and does indeed want such a jack and the pre-emptive authority to use it without a court order, probable cause, or a defined list of evidence to be gathered.

    Thus I welcome the cisco method since it formalizes what is now a covert and thus unmonitored process. thus this may bring the light of public scrutiniy and invite the invocation of past legal precedent.

    --
    Some drink at the fountain of knowledge. Others just gargle.
  14. Re:I don't see what the big deal is. by Fastolfe · · Score: 3, Interesting

    Physical limitations that provide what we today call "privacy" are already on the way out the door. In a hundred years, technology will be at the point where every private citizen will be able to see and hear just about anything anywhere.

    Whether this is good or bad for society is another matter, but it's been suggested that we'll simply need to adapt. Arguably, using information obtained through "privacy-invading" means is just childish immaturity, when you look at the big picture. Maybe our society just needs to grow out of that?

    Fighting change in this area of technology only delays the inevitable and keeps the abilities in the hands of the surreptitious and those who *would* use it solely for their own benefit.

    Something to think about...

  15. Since Open Source projects can't be bought by Deagol · · Score: 3, Interesting
    or muscled into compliance by special interests, what's the current status of various VPN and/or IPSEC open source implementations for Linux/UNIX?

    I'd love to create some crypto traffic between my home box and work machine (besides the normal SSH, of course). The more white noise packets floating around out there, the better. TCP/IP spook fodder, if you will.

    Better yet, is there an encrypted, routed "internet" I can plug into at will when I'm online, just to obfuscate my traffic a bit? Or is that what Freenet is about?

  16. Re:Big brother by bnenning · · Score: 3, Interesting
    for God's sake, don't vote Republican


    Remember the Clipper Chip and encryption export controls? Supported by Clinton and Gore, opposed by Bush and Ashcroft. Republicans aren't great on civil liberties, but I strongly dispute the implication that Democrats are any better.

    --
    How to solve most of our problems: 1.Lots of nuclear plants. 2.Cure aging.
  17. Re:Big brother by The_K4 · · Score: 4, Interesting

    Um, not to say that I have great love for the Republicans, but remember who it was that signed the DMCA?