Slashdot Mirror
More on Cisco Building Surveillance into Routers
An anonymous reader writes "The company recently published a proposal that describes how it plans to embed 'lawful interception' capability into its products. Among the highlights: Eavesdropping 'must be undetectable,' and multiple police agencies conducting simultaneous wiretaps must not learn of one another. If an Internet provider uses encryption to preserve its customers' privacy and has access to the encryption keys, it must turn over the intercepted communications to police in a descrambled form." See our earlier story and the RFC for background.
will they implement the evil bit?
Looks like just another opportunity to have our rights violated. I'm sure the Department of Homeland Insecurity is thrilled about this. Is this what Cisco means by "Empowering the Internet Generation"?
If you encrypt everything yourself, there's not much they can do about it, now is there?
If you can't beat them, arrange to have them beaten. -George Carlin
As it says though, don't blame Cisco. If they didn't do it, sure as shootin' someone else would. Blame Ashcroft. Hopefully Cisco will find a way to build auditing tools into this to help promote responsible use.
Happiness is like peeing yourself. Everybody can see it but only you can feel its warmth.
Is it just me, or is this another great reason to buy cheaper, better network equipment from someone else? If I were running Cisco, I would be a little more concerned with the market share being sucked up by newer companies than with adding the cost of undetectable snooping to the product line.
Now I certainly feel justified in moving my company off of Cisco's overpriced products.
So what happens when a black hat gets in?
Answer: a completely open router that acts like none of his packets have the "evil bit" set.
Really, this is starting to worry me. If it's all undetectable, and is built in, how is this different from the telescreens in 1984? Big Brother is reading your packets!
Any sufficiently simple magic can be passed off as mere advanced technology.
This doesn't seem to be that big a deal to me. If you're passing large amounts of data around that would attract the attention of people who could get a lawful intercept warrant, then I would assume you are smart enough to use SSH, IPSec, or some other similar secure communications technology that renders the capability of this system useless. I smell an attempt to get a law mandating that ISPs upgrade to this equipment, meaning they'll have to replace all their existing non-conforming equipment by some date. I imagine the post-dot-com networking market is taking a hurting now.
"They" can already get IP logs and such that reveal a lot even without access to the information contained in the packets. Traffic analysis is a very powerful tool. The only people who would really stand a lot to lose from this would be the music and/or warez traders. Warez isn't that big a deal, and music copying isn't a big criminal deal here in Canada.
*shrug* Another cash grab. Hope someone 0wns the system good and makes Cisco look stupid. Oh, wait, DMCA. Nevermind.
..don't panic
or the very stupid evildo-er.
/dev/random to all my comrades they will never EVER figure it out.
If I simply send everything encrypted AND send lots of fake packets... I.E. random sized files that consist of the contents of
It's called hiding in a sea of garbage. Now write a nice small program that is a P2P sharing app (or a plug-in for one) that sends around some of those random files to other users (small ones 1-100K in size then keep your files in that size range)
Screw with them as they screw with you.
so a freenet node will completely hose this "eavesdropping system"
Do not look at laser with remaining good eye.
"multiple police agencies conducting simultaneous wiretaps must not learn of one another" -- If the police cannot determine if a wiretap is running on the router, then what is to stop a malicious party from running one there without administrative knowledge?
"Sed Quis Custodiet Ipsos Custodes?" -Juvenal
What is the point of encryption if you have to give up the keys. I say its up the the spooks to have the capabilities to crack my encryption rather than force me to hand over the keys. Even then, I'd only hand over the keys in encrypted form, still forcing them to use their supper computers. Serriously, encryption is a black and white area... some grey, but mostly either a situation where you use it, or don't...
It isn't a lie if you belive it.
McCullagh makes an excellent point that US government agencies have a history of illegal surveillance. If protecting the public justifies building in eavesdropping capability, then it equally justifies building in accountability. Terrorists and civilian criminals aren't the only menaces to the public. Surveillance activity should be logged and sent to secure storage which can be accessed through well-defined legal channels.
You should absolutely Blame Cisco!
sulli
RTFJ.
Since eavesdropping on quantum encrypted transmissions is always detectable.
File under 'M' for 'Manic ranting'
Just wait until some petite functionaire in the Federal Government thinks that, for some reason, you're a terrorist (I mean the generic "you", not you in particular). Do you really want to make it any easier for them to tear your life apart?
Remember that law enforcement agencies are significantly motivated by *politics* -- which may or may not be what's in the best interests of national security, personal liberty, or justice. Today it's Arab terrorists they're targeting. But, perhaps if the recording industry pumps some more money into congress, they'll start locking up college kids for duping Metallica songs.
Locking up real, bone-fide terrorists is fine by me -- indeed, I encourage and support it. But giving some beaurocrat with a hair up his ass more power to invade my privacy is not the way to do it.
If they do start to implement such eavesdropping facilities, I imagine that a lot of people might switch to routers powered by open source (such as Linux, BSD) so they can really know what's under the hood. Remember that a low end Pentium running Linux can easily route 10/100 Mbps.
That being said, Cisco knows that companies that used to buy from them will still probably buy from them. So this can't be a huge risk to their company. But the 'new features' would firmly embed government eavesdropping facilities in major ISPs, banks, large companies, schools, universities, etc.
I get what you are saying, but this is not a new concept. I used to work for a big cell-phone maker, in the cellular software division. I saw preliminary information about a wiretap project that would allow the carrier to intercept, log, and reroute calls if told to do so by some authorized government agency. I have no doubts this is possible, because we were working on real-time systems. To do it would take a second or two at most. I don't know what ever happened to that project, it kind of faded away and our department didn't actually work on it. But this was back in '94, so I am sure something similar has been implemented somewhere.
This isn't new, we are just able to find out about things like this now because of the internet. As much as we don't want "our" technology mucked with by the government, I think it is going to be tough to prevent.
My beliefs do not require that you agree with them.
...because the loss of privacy leads to victimisation.
Sure, you're not doing anything illegal. But Inspector Plod is watching you anyway, and hey, he sees you downloading an interesting piece of porn.
Oh! It turns out you like watching [insert odd sex act here]. He guesses that might mean you are a member of [potentially embarrassing minority group]. He then uses this evidence to make your life hell.
Political groups can use these increased surveillance powers to spy on their opponents. Everyone ends up feeling "watched" and suddenly no-one trusts anyone anymore.
Protect your privacy while you still can.
-- Even if a god did exist, why the fsck should I worship it?
The real problem I see here is that we are creating a methods by which a government member can know absolutely anything about anyone at any particular point. Now what if we (meaning the US) mistakenly elect government officials with very bad intentions? It HAS happened before in democratic countries, and I will neglect specific examples in order to avoid Godwin's Law. I don't necessarily fear what our current government will do with these technologies. I DO fear the prospect of a group of rogues using an infrastructure that we implemented for evil. I really believe that it is necessary in a free society to maintain some methods of secret communication. All revolutions which resulted in a better society required channels of secret communication that were unheard by 'Big Brother' as some may say.
"Orthodoxy means not thinking--not needing to think. Orthodoxy is unconsciousness." --Eric Blair
Yay, another ignorant, there are certainly an abundance of people on slashdot who have the "I have nothing to hide" mentality.
You say pirate software, sure it's illegal. But what I visited web sites or downloaded materials related to religions? or sexuality? completly legal materials. And imagine an agent, who has his own moral views and decide he dosen't agree with what you are doing, even tho is completly legal, he can make your life a living hell, this goes for most everything, our privacy is the most important part of our freedom, because other people don't always share our views. Especially on very controversial issues.
I'll go ahead and assume you're just a youngin, because any adult in his/her right mind knows this, and knows that the ability to believe in what you want is the real freedom, without having people in power being able to discriminate.
Posting useless rant since 2003.
The only thing that surprises me is that they have been so slow to implement it. The government already has the equivalent of this for phone tapping:
Virtually all phone calls (cellular and land line) in America run through certain switches controlled by Verint and they are always used by law enforcement for wiretapping (and are constantly accused of abusing their authority). (Google for Comverse, the company's name before the recent change to Verint.)
Why do I h8 apple?
'and multiple police agencies conducting simultaneous wiretaps must not learn of one another'
Because if they did then all they would do all day is send data to each other through the router about what doughnut, gun, and police force is best...
The funny thing is... I'm an army reserve and Auxiliary Police Officer which means I can make fun of myself!
Business \Busi"ness\, n.;
A scam in which all people involved perceive as beneficial...
So then Inspector Plod duly notes this. Later, when you speak out on a public issue unpopular with Inspector Plod's superiors, your affection for [insert odd sex act] is mysteriously leaked to the media.
You might want to ask Scott Ritter about a misdemeanor "sealed" arrest record that strangely became public knowledge after he publicly criticized recent Iraq policies.
If your children ever found out how lame you are, they'd murder you in your sleep
Thus its not like itsa new form of intrusion or the ersoion of a sacred right. Moreover we have an extensive legal system that already know how to walk an acceptable line between preserving public order and unlawful searches and seizures. yes there are flagrant abuses of course, but the basic level of public expectaion and legal machinery is inplace to deal with this
Thus the real question is if the ascroft era people will try to use this as an end-run around the existing legal machinery. I paraphrase a former missouri senator who said (about carnavor-like intrusion) "I dont put a phone jack on the outside of my house so the feds can listen in when they please, so I dont want a jack on my internet connection for the same purpose". Ironically that senator was the John ascroft before he lost hisz relection bid to a dead man and became the worst attourney general ever including edwin meese. Now he chafes at these restrictions and does indeed want such a jack and the pre-emptive authority to use it without a court order, probable cause, or a defined list of evidence to be gathered.
Thus I welcome the cisco method since it formalizes what is now a covert and thus unmonitored process. thus this may bring the light of public scrutiniy and invite the invocation of past legal precedent.
Some drink at the fountain of knowledge. Others just gargle.
This government of ours is acquiring ridiculous amounts of power and the freedom to do anything they want with it. This is simply unacceptable.
Real people, who sometimes commit very real crimes, use it, too
Fine. If that is the case, the cops can go get a fucking warrant and actually perform some effort finding evidence. Forcing people to help the feds hoover up potentially incriminating data about _everyone_ is insane. Absolutely nobody would think it a good idea to put master-key capability into locks or bank vaults that only our Beloved Leaders could use. This sort of all-pervasive surveillance combined with the sheer stupidity of current tech laws is a very, very bad combination. The laws cannot be accurately or totally enforced, so they'll be used only for political or corporate pissing matches like the DMCA has been.
Dyolf Knip
Actually, according to the article, Ritter is alleged to have "had a sexual discussion." This is not at all the same as propositioning.
Was he tried? Was he found guilty? The article doesn't say. What it does say is "The case was sealed, and Colonie officials declined to release the arrest records, explaining the matter was adjourned in local court in contemplation of dismissal."
In this country, a person is innocent until proven guilty. So accordng to the information provided, Ritter is currently innocent of the charges, and likely to remain that way.
There is no reason to release the arrest record, and in fact County officials refused to release the arrest record. In such cases its unethical and likely illegal to release the arrest record.
This leak sounds to me more like the tactics of a police state than a democracy that values freedom. Which is the greater crime; Ritter's alleged misdemeanor, or the leak? Do you think this leak will even be investigated? I'm not holding my breath.
--- Often in error; never in doubt!
Yeah, I saw the word "minor" So what? it doesn't change my opinion. Personally, I oppose the death penalty, but I don't think the death penalty has anything at all to do with democracy.
Sounds like you're trying to say your friend got pulled over for failing to pay a traffic ticket, and got caught driving with a suspended license. Well, bucko, driving without a license is a crime in the U.S. Sorry he forgot to renew his, but the duration of the license is clearly printed on it. And, no, failure to send someone a polite notice that license is expiring doesn't mean the U.S. is a police state. it simply means your friend is a bit irresponsible.
As for opposing the war, I know lots of people who oppose it, have been pretty vocal about it, and not one of them have been arrested. Now, people do get arrested for blocking traffic, defacing public property or commiting other crimes. Although they assert that they're doing that to protest the war, war protesters have been arrested for their crimes, not their opinions or their speech.
For the record, I've spent close to ten years living outside the U.S., in Europe, Africa, and the Arab Middle East. Apart from the Middle East -- where the media is almost all state controlled and saturated with government lies and propaganda -- I've found news eveywhere to concentrate on local issues. Why? Because that's their audience! And I've also found that most people are fundamentally ignorant of what the U.S. is really all about.
Again, try to come up with some facts to support your falsehoods.
-- Slashdot: When Public Access TV Says "No"