Slashdot Mirror
VOIP Progress To Be Hobbled By Wiretap Costs?
vaporland writes "This article @ nytimes.com talks about the reasons that development of commercial VOIP may be stifled by the costs required to allow the federal government to listen in on conversations. It is the intention of the FBI, et al, to provide a truly unfunded mandate to force VOIP service providers to develop and provide this wiretap access to them at no cost to the U.S. government, which is to say, the consumer of VOIP will foot the bill for allowing the government to listen in on our phone calls. Perhaps they should just hire some script kiddies to show them how to do it on the cheap?"
Perhaps we should just all (i mean everyone) start using encryption everywhere and make the whole thing pointless just so they give up..
This comment does not represent the views or opinions of the user.
If I don't pay for the wiretapping costs, don't wiretap me.
Users of VOIP are taxpayers. At least this can be considered a use tax. If a citizen never uses VOIP should they pay for your wiretap? Just a thought.
The PGP Phone Project is dead now but it would be great of GPGP would revive it. The script kiddes would have a much tougher time cracking this and this is why the goverment is wanting a little help.
Yeah. Why don't they just use their own money instead of making us pay for it?
KFG
When did it become the duty of a government to spy on its own citizens and force them to pay for the privelege of being spied on?
This sig has been stolen. Return it to its original user for a reward.
While none of us would like to incur more fees, the simple fact that my Vonage bill is currently about $60.00 less per month then my Bell South bill, a small additional fee to cover this wouldn't be so bad. You can debate the pros and cons of whether or not VoIP wiretapping should even be done, but if it does, a small added fee to an already inexpensive service shouldn't be a problem.
My mom always said, "Jim, you're 1 in a million." Given the current population, there are 7000 of me. God help us all!
Drop the landline connection altogether. Its nice being able to call anyone in the world using your internet connection, but it seems a cooler solution would be some easy to use program that hooks your phone up to some chat utility. I realize that it would have to be a internet to internet call. Add your favorite encryption to the mix and voila no more fee's etc.
Sig it.
Public/private keys are great and all, but for organized crime it would work just as well to use a symmetric cipher and just share the keys. If the criminals are all working together, it shouldn't matter if they all know the key.
Anyway, it always rubs me the wrong way when the feds demand to have backdoor access to spy on us. It's bad enough they have the right to tap a phone at all, but now they're trying to make sure that ability is built into the software? No thanks--I'll use an offshore VOIP provider who doesn't have those nasty requirements.
Si la vida me da palo, yo la voy a soportar Si la vida me da palo, yo la voy a espabilar
I havent used the phone in a LONG time, everyone i need to talk to is connected to an IRC network, or at the very least AIM (which i suspect logs the conversations anyways).
That said most people say "why should i have to pay for the government to bug the phone lines?" Well, they have a reason to bug the phonelines, it's called security. They use it to catch criminals, and the US even got a hold of the terrorist messages before 9/11, too bad GB was too stupid to put it to use.
Oh how interesting things would be if the likes of Vonage added "Federal Wiretap Fee" as a lineitem on the bill.
I bet some federal officials would get an earfull. If the general population will have to pay for this feature, they should at least know.
Soccer Goal Plans
What prevents me from writing my own VOIP software and using that? Will it need to be wiretap-emabled as well? What if I use SSH or PGP to secure and authenticate the connections?
Does the government really think that the terrorists are going to sign up for Vonage and not use Skype or their own small app?
I've never understood how the VOIP cos. expect to survive long-term. VOIP is just another TCP/IP protocol like ftp or smtp. The only reason a VOIP connection requires a third party provider is because most of the phone network is still POTS and so VOIP cos are essentially brokers between the POTS and the internet. But eventually, most calls will be peer-to-peer across the internet just like most other IP protocols and there will be no need for VOIP cos.
This makes the whole wiretap thing moot. The VOIP cos. won't survive anyway, so who cares if they die a little earlier because of some silly wiretap requirements?
FreeSpeech.org
Ummm, the consumer is going to have to foot the bill one way or another. If the Federal government chips in to pay for it, it's going to come from some form of tax, otherwise it's just going to be a higer bill from your VoIP provider.
-- Is it a right to remain ignorant? -- Calvin
nytimes.com talks about the reasons that development of commercial VOIP *in the US* may be stifled by the costs required to allow the federal government to listen in on conversations.
839*929
Hey, I'm voting Badnarik in '04. ;)
Does it ever occur to anyone to wonder what the reaction of the founding fathers would have been to all this crap?
"Hey, how about we
(1) make sure the government can listen to folks' private conversations, and make 'em pay for the privelige?
(2) restrict political protest to 'free speech zones' where no-one can hear it?
(3) have armed government agents at all ports?
(4) make everyone carry ID documents if they want to travel, and arrange it so we can secretly scan them without the citizen even knowing?
(5) refuse to let someone travel if their name resembles the name of someone we have declared an enemy?
(6) etc etc etc"
Bottom line: do you think the framers would have
(a) enshrined the government's right to do this crap in the constitution, or
(b) enshrined the People's right not to suffer this crap in the constitution?
It baffles me why Americans are not rioting in the streets.
How are they going to force non-US VoIP companies to comply with this requirement? It isn't like there aren't already a variety of ways to communicate in a manner that thwarts government snooping, the fact that the old phone system made this relatively easy is no reason to cripple modern communication mechanisms.
With allies like Congress, who needs competition?
Put in idiotic, technically dubious and extremely expensive regulations, and watch as start-ups flounder. Meanwhile, watch foreign corporations refine their (simpler) systems and develop low-cost ways to deliver their service.
The US now has a choice to make: paranoia or progress.
Information: "I want to be anthropomorphized"
This is really non-news. This is already standard procedure for all phone systems, and has been for decades. The same situation exists with both wireline and wireless phone systems. From practically the very beginning, phone companies were required to provided wiretap services to the authorities. As a former Nortel employee, this was something that we had to include in every single wireless switch that is sold. And no, the government doesn't pay for it. The phone companies (that is to say, the customers) eat the cost, and always have.
The writeup makes it sound like this is some unfair, new thing being lobbed at VoIP. It's not. It's just applying the exact same rules that exist for current system to the new system.
What next? "Government attempts to scuttle VoIP by requiring them to abide by 5 9's reliability and provide 911 service?"
Like woodworking? Build your own picture frames.
Which people? You mean the CIA/FBI? Did you vote to give them this power? Did you vote to elect the people who have access to this power? Did you even vote for the person that hired those people?
The beuracracy is thick. Who is in control? I certainly don't feel like I am.
in the case of SIP, (Vonage, etc), the media travels as a seperate stream and you need to have access to the SIP packets to figure out what media packets to capture... However, the media packets could be anything, like voice data, and/or video data, and/or text messages, like Messenger for example, which also uses SIP. So not only does the gubment get to snoop on voice conversations, they get to snoop on video, and they get to snoop on your text messages. And as far as encryption goes, the encryption keys get sent in the SIP so a MITM can just as easily decrypt your media. Unless you do your own point to point with encryption, then you lose.
Instead of trying to detect attacks, how about eliminating the reasons the terrorists have for attacking us in the first place? Everybody has a reason for doing something... find out what their reason is and eliminate it. I imagine their reason has nothing to do with being really evil and wanting to eliminate freedom, so don't even throw that one in the ring. Nobody is really evil, just greedy and motivated by their own self-interests.
Oh my no, its much more expensive than you think.
Firstly, theres all the hackers using something called "Linux", the young Feds were trained on MS Windows, and then they have to rebuild their FBI hard coded network monitor to operate on a port other than 80.
Most of all, the retraining fees are needed because they are no longer using mice with balls, they have upgraded and now have mice with frikkin lazer beams attached to their underbelly.
I fail to see really how this can be implimented without actually allowing tapping the rest of the data stream, otherwise anybody could simply sign up to an offshore service using encryption and another port.
liqbase
If the tax payer wants to be protected from 'criminals' who may send information via a phone system, should they pay to check up on those criminals even though they don't use a phone themselfs.
thank God the internet isn't a human right.
But since your post contained:
Then you should approve of nuking France -- which do make encryption illegal? (At least they did?)Strange, that would make you a voter for Bush -- which is contradicted by your signature?
Or you are just a left leaning guy with the normal contradictions and double-think that's normal among you members of religious groups?
Karma: Excellent (My Karma? I wish...:-( )
Is it just me or does this entire concept scare the bejesus out of you?
The fbi etal want, as a default option, the ability to listen in to ANY call made by VOIP. This means that, as standard, any/all calls can be monitored, any/everyone (even non-American people[1]) whenever they want or indefinatly.
Now people can say "yes but they wont", but as soon as the Intelligent Agencies[2] have this nice new toy how long before they start a) using it, b) exploiting it, and c) turn it off.
The more I see of the current democratic setup (not just american, but worldwide) and the security "advancements" (post 9/11), the more features of the old Russian Communists start appearing. It's as if the current terrorist threat is being used as justification for the crack-down on personal liberties. I'd protest, but I think that may be banned.
Jaj
[1] Yes we do exist
[2] One of the best oxymorons around
a little plugin that detects the wiretap and pops up a little notification dialog.
"The drugs are hidden in the... "
[Ding Dong - You've Got Feds!]
"..medicine cabinet, just take two asprin and call me in the morning"
But I, for one, prefer the terrorists.
Art Schools Dietzilla
Their "reason" is religious fantacism
Bull. None of them would give a stuff about America, if America removed its presence from their country. They don't hate America because of its religion; they hate America because of its politics. Religious differences are just handy rallying points for attracting people willing to sacrifice themselves.
In fact, the same thing can be said of the early Catholic church. What people don't understand when talking about the Catholic church in this period is that it was just as much a political power as a religious one. How many of the "kill the unbeliever" fazes where motivated by religion, and how many by politics, with religion used to deliver inflamatory rhetoric from the pulpit?
Just because you're paranoid doesn't mean there isn't an invisible demon about to eat your face
Okay, the current system is called CALEA. I believe it consists of a Sun board in a generic box racked out at every landline, wireless and many large hotel (Vegas) switches. If you google for it there were some Phrack articles and other hack scene publications on them. I believe each one has a t1 interface, so that is 24 voice channels it can listen to. Maybe it can only redirect 12, as 12 other channels are required for redirection.
So now Vonage and Packet8 would have to drop these on their switches, assuming they properly support the standards that the CALEA boxes use. They should have the advantage of easily providing this ability from a single point, I'd imagine their servers are all in a few locations.
The funny thing is, you could just get a VOIP endpoint from a provider in a different country and wala, no CALEA. No fuss. Alot of long distance fees, though.
The last job I worked at, supposidly our employer or a related agency listened in on the home telephone conversations of an employee. The rumor I heard was that an employee was under the scope for downloading hacker utilities (a utility that determines if a host is up by pinging it?). Supervisor heard, called employee at home from his cell phone, both got nabbed, the supervisor for tipping off the employee. This was at the Navy's NMCI project. This was the rumor going around, and I don't know who the people were.
When we were younger we found what we guess were illegal phone tapes while xxx-99xx scanning. Too funny.
There are also rumors that CALEA boxes are insecure, have been owned, are connected to the internet and are using public IPs. Another conspiracy theory says they were implemented by companies that are foreign owned and were being unknowingly used to listen in on the president and led to premature release of the Monica Lewinsky audio to reporters. That is all conspiracy theory, search around. You never know, the gov't does some pretty dumb things sometime.
There is a good article in Business 2.0 about drug cartels using the data from phone switches to track federal agents and their people, by cross referencing phone numbers. They used an AS/400.
And in case you didn't know, you can listen to a Popeye's chicken drive thru in Southeastern Virginia live... open http://audio12.hrconnect.com:8000/popeyes.m3u in any mp3 player that supports internet streams/m3u playlists. Enjoy! Don't forget, EST time.
Southeastern Virginia REPRESENT!
I was a software engineer on Nortel Network's VoIP "succession" line of products, and I can attest that wiretapping ability is something that was required for us to add.
The issue is with conversations now being transmitted in packets as opposed to analog signals, its impossible to tap the wire conventionally. The only place you could do that is from where the signal is converted back to POTS (plain old telephone service) to the house. Which, in a perfect VoIP world, isn't going to even be an option as people are using things like cable modems as their VoIP gateways (so its digital all the way from the house).
However, I don't think this "feature" hobbled our progress. It was just another feature in an extremely long list of features that were necessary. I don't think it took the engineer more than a week to implement, but possibly its more difficult in different architectures? (A key to Nortels architecture was being able to seemlessly integrate with POTS service, so digital->analog conversion was basically a built-in).
Now, whether I agree with the "feature" or not is a different story, but I won't go into that....
on that day i'll take the terrorists' side and suggest they go target the white-house instead of innocent people who are helpless to do anything.
Your comment and profile as been added to the database thanks for helping us make this country more secure. From now on please call in advance your lawyer and prepare yourself for a full orifice search if you plan to take the plane, the bus or ride a bicycle on the street cause it will be hell to you.
--Your government agencies
Yahh, hiii haaaaa! -Major Kong, from Dr. Strangelove
... just like Kazaa, VOIP could put their NOC's in countries that do not support these laws.
VOIP data can go encrypted from the US to the NOC's and from thereon routed to wherever it should go (again, encrypted).
The only place where it is unencrypted is either at the endusers or maybe at the endusers and at the NOC.
But even in the latter case, the NOC being in a country with no FBI jurisdiction, there should be no problem - privacy is thus protected.
Or maybe, thinking out loud here, a Bittorrent like network of unassociated nodes can be laid out to secure communication. Most likely there are already some realworld examples of these.
Slashdot: stuff for news, nerds that matter, matter for news, stuff that nerd
So basically what I'm saying is that VoIP wiretapping regulations seem to be pointless. They can't prevent individuals from encrypting their own traffic when making direct connections to eachother anymore than they can prevent people from using SSH or HTTPS. And the only time 3rd party VoIP providers (who can be regulated) are even needed is when gatewaying to the PSTN, which can be tapped anyway.
http://blog.nexusuk.org
like DC++ or Kazaa.
Provide services around the VOIP like a voicemailbox or a phonebook. charge for those services, not for the VOIP.
Since you're not into VOIP, let the FBI go elsewhere with their demands.
for free VOIP: http://www.speakfreely.org/
Privacy is terrorism.
...quit trying to force the use of technological solutions. I'd rather require them to physically place a bug in my cell phone (or PC mic) than require all of this accursed intrusion and cost.
Tiller's Rule: Never use a word in written form that you've only heard and never read. You will end up looking foolish.
The only reason we don't have mini-PBXs built into our home wireless routers already to handle this with ultra-paranoid encryption and key control is that we need backwards compatibility with POTS, or so we believe. The best way to solve this seems to be by usage creep. It's taken a long time, but for many people email has just about entirely supplanted postal mail, and the only exceptions to this are generally financial documents whose physical delivery is mandated by law. It's done so more by convenience benefits than cost benefits. When people realize that they can have conference calls and the like using VoIP, they'll really pick up on it. What we really need are VoIP services that are capable of handling either internet addresses or POTS exchanges as endpoints. If user@host rises to equal status in people's minds as (###)###-#### then we'll start seeing people dropping off the POTS network completely, and then we can really have decentralized phone service. When that happens, they can wiretap my phone calls when they pry my soldering iron from my cold, dead hands.
If I had to guess where this trend was going to start, I'd say college campuses. Large companies have their own internal phone networks anyway, but they need to be reachable to the outside world. I ditched land telephones altogether as a result of college living, and I'm hoping to never go back, unless maybe for VoIP. College students are already using Xbox games for free long distance to their high school friends who have gone off to other institutions. They get to share all the gossip they normally would over their high-bandwidth, low-latency connection, except it's free, and if your buddy confesses that he hooked up with your old flame, you can shove a rocket down his throat.
WARNING: there is a trojan on your
Republicans have taken over the government so completely that they're inevitably confronting some of its "contradictions". Senator John Sununu Jr (R-NH) wants to keep VoIP free of taxes. The rest of the Republicans want *every* business to be free of taxes. But they want their government to perform expensive operations, like tap those VoIP calls. Since they have no accountability, they propose broken solutions that would get any programmer fired that afternoon, if suggested in a system that actually has to work. This should all come as no surprise in a country running a $.5 trillion war budget, and billions in tax cuts for the rich, on top of billions in corporate welfare.
--
make install -not war
In sports a good coach will develop his game plans around his team's strengths. The best coaches are able to adapt to changes in the roster due to injuries, player moves, etc. The most successful coaches have always been able to adapt their methods and strategies accordingly.
Law enforcement, on the other hand, wants everyone to adapt to their way of doing things. They've always been able, from a technological point of view, to listen in on telephone conversations. It was convenient and more or less easy for them to have that capability. Now technology is changing. Instead of learning to adapt they want to force new technologies to adapt to their methods. This is just dumb. Eventually there's going to be technology that is immune to eavesdropping and no law is going to change that. What are they going to do then, outlaw it? They should be using their resources to develop other ways to obtain infromation on the activities of criminals. And in my mind, using one particular form of technology should not be a crime in and of itself, regardless of the restrictions it may impose on law enforcement vis-a-vis what they've been able to do in the past.
Nope, it was not the same government. The OKC bombing was during the Clinton Administration, the Afghan and Iraq wars took place under Bush.
As for the OKC bombing, the debris field looked exactly the way you would expect it to when you place a very, very large truck full of explosives in front of a building. There was a large roughly circular hole in the building with the plack McVeigh's truck was parked at dead center. The far wall stood up to the blast so you would expect the shock wave to bounce off the wall and push debris back out again.
Bush lied about the weather balloons sure, or to be strictly accurate he got Powell to lie for him, just like he has these swift boat perjurers to lie for him. We know what sort of character the man has, he smeared McCain, he smeared McClellan, he is smearing Kerry. But the truth of one conspiracy theory does not make all conspiracy theories true.
As to the phone taps, I have always assumed the government taps, opens mail, plants evidence, hides real evidence, etc, as much as they want to, and warrants and laws be damned.
Which is why procedures to make cryptographic assurance of data integrity are so important. Why do you think that PKI companies are involved in placing the taps? It is so that there a cast iron chain of evidence is possible.
Its bad when O.J. gets away with murdering his wife and a waiter. It is worse when people go to jail for the rest of their life or are executed for crimes they never committed. Having assurance that the evidence is sound is a good thing.
As far as terrorism goes, that is not the main area where wiretaps are useful, never has been. Several terrorist groups have come to grief when they used faulty codes. But even the best transport encryption does not conceal the most useful information - traffic analysis. Knowing who Mohamed Atta called in the six months prior to 9/11 was very useful.
What Al Qaeda are doing today is using pay as you go chips in cheap mobile phones. They discard these regularly, but not regularly enough. The whole 9/11 plot was done using a bizare mixture of sophistication and sloppiness. If as Clarke had urged W had put the country on full terrorism alert instead of going on vacation to cut brush there was a good chance of being lucky.
That is why Al Qaeda have been so quiet of late. They never did have many people and they lost a significant number in the 9/11 attack. They have also had defections after Bin Laden was heard joking about how some of the hijackers did not know it was a suicide mission.
Looking for an Information Security student project suggestion?
Try http://dotcrimeManifesto.com/
Are you trying to say the government should never be allowed to eavesdrop on criminal communications even with a warrant?! I can't distinguish between that and anarchy. Can somebody please help me?