Slashdot Mirror
Precedent for Warrantless Net Monitoring Set
highcon writes "According to this editorial from SecurityFocus, a recent case of a drug dog which pushed the limits of "reasonable search" may have implications for Internet communications in the U.S. This Supreme Court case establishes a precendent whereby "intelligent" packet filters may be deployed which, while scanning the contents of network traffic indiscriminently, only "bark" at communication indicative of illegal activity."
The current rules on Internet snooping are based on the metaphor of an envelope... anybody can look at the addressing data on the outside of an envelope, but the contents within are private. This is a pretty nice metaphor, considering the possible options...
- Dog search metaphor: This is what the article is suggesting, a binary test can be used to see if the packet needs more inspecting. If the binary test comes back positive, it represents probible cause to break the seal.
- Postcard metaphor: An IP packet is really closer to a postcard, in that the datagram portion isn't really secured inside anything, it's out there for plain view.
- Shopping mall metaphor: The Internet is like a shopping mall. The government doesn't own the mall, but the owners might invite the police to establish a checkpoint at the door because any possible crime is bad for their business. Anything they see/hear from their perch there is fair game, especially if everybody sees that there are officers there.
This is precisely what an IDS tends to do. Unfortunately, not only is it trivial to do, it's also something that's essentially COTS (commercial off-the-shelf).
Yet another reason encryption needs to be widespread not only in availability, but in practice.
500GB of disk, 5TB of transfer, $5.95/mo
I like this
Everyone who visited blackboxvoting.org before a year ago was supposedly put onto an FBI watchlist. There are more details on the website.
I say this because I know that this includes most slashdotters, and because it is on topic to the article. I'm not sure if is true, but I do know that recently I am 7/7 for getting frisked at airports. Perhaps it is possible that everyone who visited this website is now in the airline shit list database.
I don't mean to sound paranoid, but the issues here are very real whether people realize them or not.
The article is not even persuasive authority to a court. It's an amateur interpretation of a court decision that attempts to make an analogy. As you point out, the analogy is very weak. Since it is not even in a law review journal, nobody in the legal field is going to pay an iota of attention to it, and no court will care about it.
Now, if the courts did extend the analogy as the article makes it sound has already been done, it would be a real blow to the Constitution, notwithstanding the Anonymous Coward sibling to this comment. What that sibling fails to recognize is that deciding that Internet traffic is not among the "persons, houses, papers, and effects" made safe from "unreasonable searches and seizures" by the Fourth Amendment is itself a blow to the Constitution, because it's the equivalent of saying that the Constitution is of little to no effect in the 21st century.
Personally, I don't see the Supreme Court making the leap that the article thinks it already has. The Rehnquist Court has gone back to the text of the Constitution more than any Court since 1937, when FDR scared the Court into acceding to his wishes and giving Congress and the Presidency more power than the Constitution allows (and then giving the Presidency much of Congress's power for good measure). They have been working their way backwards and, as Justice Scalia put it, have to tear the house that was built apart, piece by piece.
If the government were to try and sniff a large number of packets in the manner described they would be impossible to collect ones that are only illegal. They would have the same sort of situation I experienced when I installed snort and turned on everything. Spade was freaking out at me about once every 5 seconds, I was getting warnings about unicast ARP attacks and port-scans all over the place. How can you tell what constitutes a packet containing illicit transmissions? There would be so many false alarms that they wouldn't be able to do anything with that data. What if it was an encrypted communication? They can't just flag all encrypted stuff because legitimate transactions are encrypted all the time. A lot of people doing nothing wrong would be put under suspicion no matter what algorithm they were using. Therefore doing what is described is next to impossible.
411 Y0UR 8453 4R3 8310NG 70 U5!! -NSA
You know that the article writer is a hack because he's trying to write legal analysis and doing it outside of law review journals. And you know he's really bad because not only does not not cite any authority whatsoever in his article, but he doesn't even give the actual name of the case. He just says that a case about Caballes was decided by the Supreme Court last month. Lawyers are precise. Good lawyers are precise and correct. This guy is neither.
In case anyone is wondering, the actual case is Illinois v. Caballes, 73 U.S.L.W. 4111. It's not in the US Reports yet, apparently. The Lexis cite is 2005 U.S. LEXIS 769.
Lexis' short synopsis of the case and the Supreme Court's holding is: The U.S. Supreme Court granted certiorari on the question of whether the Fourth Amendment required reasonable, articulable suspicion to justify using a drug-detection dog to sniff a vehicle during a legitimate traffic stop. The state trial court concluded that the duration of the stop was entirely justified by the traffic offense and the ordinary inquiries incident to such a stop. The state supreme court concluded that because the canine sniff was performed without any specific and articulable facts to suggest drug activity, the use of the dog unjustifiably enlarged the scope of a routine traffic stop into a drug investigation. The U.S. Supreme Court held that the use of a well-trained narcotics-detection dog--one that did not expose noncontraband items that otherwise would have remained hidden from public view--during a lawful traffic stop, generally did not implicate legitimate privacy interests. The dog sniff was performed on the exterior of respondent's car while he was lawfully seized for a traffic violation. Any intrusion on respondent's privacy expectations did not rise to the level of a constitutionally cognizable infringement.
My personal and immediate thought on this is that the closest analogy to the Internet acceptable to the Court would be if you can tell from an IP packet header ("performed on the exterior") that its contents are suspect, then you can open it up for inspection. However, my opinion is exactly as binding on anyone's behavior as is the article - specifically, it isn't at all.
Between the US Patriot (??) Act and John Ashcroft's computer program (I have forgotten the name), this is a very real possiblity. Here is the real problem. Everyone 'sins' - If they want to attack you they can do so with impunity now. It seems to me that this is how the Roman Republic and then Empire fell. Abuse of power by those at the top.. 1984 is not far away.
This message was brought to you by "Lack of Sleep."
No they don't - they spend about a 'million' on 5 or 6 Sun enterprise level servers, switches, patch panels, ATM stuff, a few other cool things, tap into any network stream that may or may not be of interest.
Let the thing run for a few days.
The analysts take 10 minutes to decide there is nothing of interest, the managers come and spend 4 days looking at 'free porn' - And I kid you not!
You use a cell phone, your IMSI will eventually be logged, along with any other relevant info (sancs, locations, who you've called, who the people you've called have called etc) This doesn't make you a target unless you are within trigger thresholds of a known entity.
I don't wear tinfoil by the way.
None of this is rocket science, all of it is available from google - once you weed out the UFO crap.
Governments monitor their people, governments also monitor other countries - been going on since naked tribal chicks threw sticks at each other.
Its not like the word "drug" floats from the a digital message into "cyber space" and is sniffed. ha!
A Good Troll is better than a Bad Human.
I had this friend who was a pothead.
:)
Not the bad kind - during school she'd keep it down, maybe only get high a few times a month. During break though? Oh man. One break - two weeks long - she flew back home to be with her boyfriend, and, apparently, spent the entire two weeks in her boyfriend's apartment getting high.
Windows and doors closed, of course. About half a step away from a smokebox.
She was clever enough to do laundry before getting on the plane back. What she's forgotten about was her jacket - hanging up against the wall the entire time. And, predictably, the drug dogs went absolutely fucking wild. Seriously, a *human* could smell it.
But she didn't have any pot on her at the time, so what could they do?
We got a good laugh out of that once she got back, though. Can only wonder what kind of internal security lists she's on now.
Now, if everyone in the world were to do the same thing, the airport security would just have to give up . . . if we can only get everyone in the world to do the equivalent online, we're set
Breaking Into the Industry - A development log about starting a game studio.
Let's see. Illegal drug use is reported among 11% of Americans, so at worst, 1 in 9. However, if your sense of right and wrong permits you to make "minor infraactions" like speeding, there's a higher than average probability that you also would see drug use in the same way. There are studies to support this.
My guess... probably better than 1 in 3.
Check out my sci-fi/humor trilogy at PatriotsBooks.