Slashdot Mirror

← Back to Stories (view on slashdot.org)

FCC Asks For Comments On Internet Wiretapping

Posted by timothy on from the or-you-can-just-whisper dept.

SECURITY GURU writes "Security Focus has posted a story about The Federal Communications Commission (FCC) launching a public comment period on its plan to compel Internet broadband and VoIP providers to open their networks up to easy surveillance by law enforcement agencies. The 1994 Communications Assistance for Law Enforcement Act (CALEA), a federal law that mandates surveillance backdoors in U.S. telephone networks, is what would allow the FBI to start listening in on Internet communications. The EFF, ACLU, and the Electronic Privacy Information Center all opposed the plan, and an ACLU letter-drive generated hundreds of mailings from citizens against what the group called 'the New Ashcroft Internet Snooping Request.' If you have a comment on why you don't want the governemnt reading your email please post it here. All comments are due by November 8th."

17 of 254 comments (clear)

  1. No reason for alarm by MasterOfMagic · · Score: 5, Interesting

    If you ever thought your unencrypted traffic was safe from snooping over the Internet, you get what you deserve. If you don't like the idea of a company divulging your secrets, don't use that company, or add another layer of encryption on top of it. PGPPhone over VoIP anyone?

    1. Re:No reason for alarm by kfg · · Score: 3, Interesting

      I'm just saying that if you think this gives them any new powers, you're wrong.

      And I'm just saying that if you think this would not give them new powers under law you are wrong. There is a difference between capability and legal powers.

      There are technical defenses against technical snooping. There is no defense against law without becoming a criminal. The fact that they can interecept my email is something to consider when sending email and that's all, like sending a postcard. The fact that they are seeking the right to have my email provided to them by a private sector company is an entirely different legal kettle of fish.

      They can aim a listening device at the windows of your home, but they don't have the legal right. It's an important distinction.

      KFG

    2. Re:No reason for alarm by Coppit · · Score: 4, Interesting
      Governments (regardless of party affiliation) love to have power.
      Here's my current .sig: "Government big enough to supply everything you need is big enough to take everything you have ... The course of history shows that as a government grows, liberty decreases." -- Thomas Jefferson
  2. Wiretapping has Limited Utility on the Internet. by reporter · · Score: 3, Interesting
    Unlike the telephone, wiretapping has only limited utility on the Internet. A culprit with a sinister motive could communicate with his accomplice by using encryption (e.g. PrettyGoodPrivacy) to send and receive e-mail. The culprit would not be submitting articles to bulletin boards on Slashdot. Further, the culprit would not be engaged in conversations on real-time chat rooms. The culprit would confine herself to only those forms of electronic communication that can be encrypted.

  3. They're welcome to try. by NoMoreNicksLeft · · Score: 5, Interesting

    We're already implementing https and ssl irc over our network... not that they'll see even that far, they'll likely never see past the exterior VPN tunnels.

  4. *looks over his shoulder* by Kumorigoe · · Score: 3, Interesting

    For all of those thinking that this is a step in the direction of government regulation of the internet... Wake up. There is no way possible to regualte, of even monitor all internet-based communication. Anyone here who has heard of ECHELON and CARNIVORE knows how unreliable and backlogged those two systems are. One created to monitor VoIP would be similarly handicapped.

    --
    "What I cary in this box is your utter subjugation."
  5. durisdiction by Anonymous Coward · · Score: 2, Interesting

    what happens to the rights of the other party in the conversation if the conversation happens to be international?

  6. Re:Wiretapping has Limited Utility on the Internet by Oddly_Drac · · Score: 2, Interesting

    "The culprit would confine herself to only those forms of electronic communication that can be encrypted."

    Not necessarily...this would tend to hold true where the 'culprit' had knowledge of decent levels of security or any technical expertise. There are more spammers out there that know about the technologies concerned than 'terrorists', who've been getting unwarranted 'bigging up' by Hollywood.

    The main problem with all of this is that people don't trust their government to take a dump without handy instructions, and are very suspicious of motive, as some revelations regarding the 'trade' uses of Echelon have shown.

    Add to this the problem of quasi-governmental individuals having a go themselves, and essentially we're heading for a time of outrageous suspicion connected with every human endevour.

    Scary times ahead.

    --
    Oddly Draconis
    Too cynical to live, too stubborn to die.
  7. They'll only catch what the bad guys give 'em by mnemotronic · · Score: 4, Interesting
    If I were a bad guy, intent on committing something evil, here's what I'ld do:

    1. Setup several email accounts. Most are reserved for sending bogus traffic (trolling for ye olde jack-booted thugs). One or two will be reserved for actual correspondence.
    2. When zero-hour approaches, send messages indicating "something will happen in (some place) on (some date)" using the trolling accounts. The message is intended to draw attention and resources away from the actual target and attack methodology. These would be encoded using a method with known problems. The encoding method used should be crackable, but not easily - We can't appear to be too st00pid.
    3. Send all "real" correspondence via high security encryption. To make it more interesting, I would pre-arrange with my cohorts that only messages sent at certain times of day, even using the "real" accounts, would be considered valid. All other messages would be "bait".
    I'm sure I'm not the first to come up with something like this. I'm pretty sure the Allies sent many bogus messages prior to the Normandy invasion.
    --
    The Russians have won. They have made the world a cesspool of distrust, greed, fear and hate.
  8. straining an already over-strained system? by inmate · · Score: 3, Interesting
    the BBC just ran a story on how the FBI are already drowning under a huge backlog of telephonic recordings.
    http://news.bbc.co.uk/1/hi/world/americas/3696344. stm

    any more 'surveilance' just doesn't seem very practicle to me.

    --
    --- blackironprison, where ignorance is bliss....
  9. Re:Great idea, honest! by dirk · · Score: 2, Interesting

    Most criminals are idiots. Most criminals are not computer experts, so they don't know anything about encryption, much less how to use it to secure their communications. The readers of /. understand encryption because we deal with technology issues every day. Most criminals don't do this, so they don't understand that encryption could save their ass. There are some who understand this I'm sure, but they are in the minority.

    As far as wiretapping havin the potential for abuse, you are correct. So do guns, cars, presciption drugs, P2P, and anything else in the world. Having a potential to be abused doesn't mean we should ban something. We should deal with the abuses and abusers.

    --

    "Information wants to be expensive" - Stewart Brand, the same guy who said "Information wants to be free"
  10. Re:Please don't start... by The+Queen · · Score: 3, Interesting

    How about this one: lack of privacy leads to mass conformity, which leads to a loss of individuality, loss of creativity, and loss of PROGRESS. Artists, scientists, philosophers and dreamers are a NECESSARY part of society. Without privacy, there is no freedom - freedom to say, think, do and create.

    If that doesn't work, send her to my house. ;-P

    --

    The House Between - Original Sci-Fi Series
  11. Re:But the EFF *wants* to tap when it come to p2p by sxtxixtxcxh · · Score: 3, Interesting

    p2p over the internet is essentially public space. there is no privacy in public.

    i mean, sure, the internet *could* be considered public space... but that'd be wrong.

    popular p2p networks could be policed while smaller "black market" p2p networks would pop up (oh hey! sounds familiar!) that circumvent the overseeing organization... i dont know

    /brain fart.

    --
    for a minute there, i lost myself...
  12. Re:Well I'm Writing in by Anonymous Coward · · Score: 1, Interesting
    Well thought-out. The only problem is that you're almost 100 years too late.

    Our Constitution became bird-cage liner in the period 1910-1935. Privacy? WHAT privacy? There is no explicit reference in the Constitution or its amendments to any right to privacy. It has only been Supreme Court decisions of the last 30 years that have even mentioned it ... interesting (but necessary) invention of the Judicial & Legislative Branches; just that it's a few decades too late. We needed these laws and precedents in the period 1909-1919, when the foundation for today's police state was lain.

    The second, fourth, eighth, and ninth Amendments have been so twisted by those same Supreme Court decisions as to render them -- in many cases -- the exact opposite in effect as they were intended.

    A lot of people are dumping responsibility on Bush and Ashcroft ... I guess a lot of these people weren't around for FDR, LBJ, Nixon, or others who really bear the blame for what's happened; good intentions or no.

    The fact is that it won't matter who's in charge: the US Government is a self-sustaining, power-mad group of professional bureaucrats who are not held accountable in any way ... not even the President of the US can discharge tenured civil servants (Anybody remember Jimmy Carter? Guess not ... how about Ronald Reagan and PATCO?) It's been this way since the early 20th Century, and I don't see any way to stop this snowball from continuing its downhill roll. It's gotten so large with so much inertia behind it and power so entrenched in bureaucracy that whoever does try to stop it will get squished. Don't believe it? Go ahead: fight the DEA. I dare ya.

    Pre-9/11? Ha. Try more like pre-1911. Wasn't it Benjamin Franklin who said that there would always be those cowards around who would trade security for liberty? With the brief exception of the Second World War, we have our grandparents and great-grandparents to thank for what's happening today. Taxation, anti-drug laws, kneejerk reactions to crime ... you name it, they all got us here. Sorry: the FBI has been a de facto legislative entity since its formation ... you're way too late.

    Bottom line: the Preamble to the Constitution essentially says that if you don't like it, revolt. Oops ... the Second Amendment is bird-cage liner. Oh, well ... keep feeding those illegal weapons caches, folks -- that is, if you don't get arrested first.

  13. Re:Please don't start... by Sven+The+Space+Monke · · Score: 4, Interesting
    I answer it two ways. The first way is my favorite, and most agree with it. The second is a fallback that doesn't work often, but it's still worth a shot.

    1 - We all go to the bathroom. Everyone does. It's biological. Nothing wrong with it. At one point or another, we've all made embarrasing sounds in the bathroom. Again, nothing wrong. But who would welcome an intrusion in that private moment? I wouldn't. There are times where I am engaging in activities that aren't wrong, but I'd be really upset if someone was watching/listening in. The same goes for comunications of any kind. We all discuss things with people that we don't want others to know. Even if the person listening in is benevolent and has no interest in revealing our secrets (or honestly doesn't even care), we'd still rather have that unknown third party not know. For your wife, ask her if she'd have a problem with some government terrorist sniffer listening in on a conversation she had with her doctor about a yeast infection. The spook doesn't know her, doesn't care, and would likely rather not have been privy to the details - but I doubt that would comfort your wife. All she knows is that an intimate discussion with a medical professional has been monitored and possibly recorded in a massive databse, JUST IN CASE.

    2 - Sounds a little tin-foil-hattish, but here goes. Let's assume that we can trust the government of today not to abuse the power. We can pretend that everyone in power has the genuine intention of using this technology/law to stop suicide bombers (not a safe assumption to make, but hey - for the sake of argument, why not). What assurance do we have that the government of a year/5 years/10 years from now are just as trustworthy? We don't know that, we can't know that. But the law/technology will still be there, but the honest people it was meant for may be gone and replaced with a government you cannot trust. These things happen, even in American history (see: McCarthy, Hoover). Even if we can trust the leaders of today, it won't be the leaders who actually use the laws/technology. It will be hundreds or maybe thousands of government employees -- and anyone who has ever had experience with a civil servant can tell you that not all of them can be trusted. Maybe someone tries to get a job as a 'line sniffer' just so that they can listen in to private calls and jack off later to them (not likely, but hey - sick people exist). I know I'd feel violated because if that happened. Or maybe one of them hears something like a call between someone (such as a respected member of a conservative community) and asubstance abuse councelor about their secret addiction? Well, lookie-lookie. All of a sudden, this line sniffer has blackmail info. Or a more likely scenario - a call to a shop-by-phone company. With that one call, a crooked sniffer would have your name, address and credit card number. What's to say that government employees aren't subject to the same temptations as the rest of us? All it will take is time before you get the right combination of a morally-loose sniffer and the big promise of enough cash.

    Hope that helps!

    --
    A man who can't pronouce "nuclear arsenal" shouldn't have one -sig ends here.
  14. Re:Nobody wiretaps my Asterisk box by salimfadhley · · Score: 2, Interesting

    Yes, and with a precedent like that, it will not be long before every server has to have a wiretap for any kind of communication (not just spoken or audio).

    Imagine, when you buy a new server or firewall, the company that pre-installed it has to give a root password to the government so that you cannot possibly run any kind of unauthorised communications service.

  15. What's a "provider"? by Gorimek · · Score: 3, Interesting

    The interesting question here is what they'll do about homegrown/open source systems. If I write VoIP software and talk to my friends through it, will I/it be considered a provider and forced to supply this tapping service?

    If no, it is so easily circumvented that it will only catch stupid and careless criminals. Note that this may well be a large portion of the target population and ebough to make this worthwhile.

    If yes, it seems extremely intrusive, and since I would be my own provider in this case, also fairly useless. When they order me to implement the tap on my self, it will probably make me more careful what I talk about.