Slashdot Mirror
ISPs in Argentina Must Log Everything
hjf writes "According to a new presidential decree, and effective July 31, 2005, telecom carriers in Argentina will have to log every activity, including Internet chats, website visits, e-mails, phone calls, etc, made in Argentina. The data must be stored for 10 years, and must be available to the police and intelligence agencies within one hour, 24 hours a day. The telecom companies must pay for 'everything': software, hardware, and human resources, and will be required to use state-of-the-art technology as soon as it is available. This news was known already in specialized circles, but only yesterday it was published in major media. This is causing outrage among legislators and businessmen. Lawyers claim that it violates privacy laws and Constitutional rights (article 14), and the 'presumptive innocence principle' (innocent until proven guilty)." (The Fish comes in handy yet again.)
That's absolutly rediculous! who funds that project of data storage? Sure, storage is cheap, but what about a whole country on an ongoing 10 year window?
"I cannot think of any need in childhood as strong as the need for a father's protection." -- Sigmund Freud
tunnel everything through SSL or SSH.
in other news every argentinan isp got fucked in the a**.
and downgraded every connection to 0.2kbyte/s in order to be able to comply.
world was created 5 seconds before this post as it is.
This may well be different under Argentine law, but I don't see how it violates presumption of innocence as that concept exists in US practice.
That the US isn't that bad after all.
I certainly don't agree with new "security" laws like the Patriot Act, but the Patriot Act beats the hell out of this.
...is suddenly in need of IT people. Too bad it will last only as long as there's capital around to support it - money out of the pockets of the customers.
There's something to be said about the usefulness (to law enforcement) of user activities to websites and such. So you can prove... what, exactly? That a person at a location visited a particular website, at a particular time.
Informatus Technologicus
Here's a log for ya:
....
11 April 2005: (Email Traffic: Detected. Web Traffic: Detected. Chat Traffic: Detected.)
12 April 2005: (Email Traffic: Detected. Web Traffic: Detected. Chat Traffic: Detected.)
13 April 2005: (Email Traffic: Detected. Web Traffic: Detected. Chat Traffic: Detected.)
I am no longer wasting my time with slashdot
The price for a dial-up account in Argentina just jumped to $3.99 for the first minute, and $1.99 for each additional minute.
`We see about 20-30% of our total world-wide production of hard drives being sent to Argentina in the immediate future to fullfill the needs of this decree. After all, a slow cable modem at 1 Mbps can download 10 GB of data per day. Multiply this by ten years and by the many many people in Argentina who have broadband access, and it's a lot of disks' --Some guy at Maxtor.
Instead of e-mailing text, print to an image file in a a font OCR apps don't understand, encoded as uncompressed geo-tiff of course, and send it as an attachment.
It is unencrypted and in the clear for all to see.
Better yet use a M$ dialect and invest in M$.
Does the ISP drive a truckload of mag tapes around to the Ministry of Information and say "Off you go chaps, analyse this!"
how is this different than in north america? I thought we already logged everything and kept it for longer than ten years? except for being in the form of a "law", this is nothing new. the same stuff is being done "legally" here anyhow. big deal.
The Cryptography Forum is new and needs help
As I recall, the British proposed some similarly silly rule requiring ISPs to "log everything" about 5 years ago.
I haven't heard of it since, so I presume the proposal died a whimpering quiet death unclaimed by anyone.
Free from any requirement to compromise, the Argentine president looks to one-up their old nemesis (of Falklands/Malvinas dispute) by actually trying to revive this rotting corpse of an idea.
What's next for Argentina? A clipper chip?
Of course, none of this compares with the tragedy of decades under juntas and the legacy of los desaparecidos.
Not to mention the economic collapse from naively expecting that IMF policies and democracy can co-exist.
"Provided by the management for your protection."
1. client gets list of potential nodes
2. client connects to random node, using ssl encryption.
3. client surfs/does whatever
4. cops come say you were looking at blah.
5. your lawyer shows it could have been *anyone*
RandomAndInteresting.comdefending the world from stupidity since 1979
My i2p node is up and if I could so would freenet.
Perhaps mod offtopic if you feel the plug isn't worthy.
Not that either of these technologies can do much against 10 years though...
A blog I run for the wealth
Easier way to drive them nuts. Create an application that creates a file containing completely random information. (I've done this before, it's easy and doesn't compress well). Set up a program to automatically send these files to a friend who then creates a new one and sends it back. Automate and repeat 24 hours a day on a broadband connection. Should rack up the TB real quick.
Fly me to the moon Let me sing among those stars Let me see what spring is like On jupiter and mars
That wouldn't stop traffic analysis.
Hail Eris, full of mischief...
E pluribus sanguinem
Say I make a post on a message board hosted by argentina with my american ISP. If the FBI wants info about me can they legally gain the information the Argentinian ISPs logged without a warrant? (with permission from argentinia of course)
There are 11 types of people, those who know unary and those who don't.
if the Argentinian ISPs were strong enough against the law, they could cut the legislators' phone and internet services. if that doesn't work, they could just stop providing services... that might be what happens anyway, given the enormous task set before them.
Ignorant legislators making a poor country poorer.
Fifteen years ago I moved to Argentina and lived there for 10 years. The government and police are extremely corrupt, almost mafia-like.
It's every [extended] family for themselves... they have clubs where you go barter for stuff with credit chips because the Argentine peso is worthless.
Ironically, I moved out right as the dollar became uber strong when the peso was devalued...
But I don't think this decree will amount to much do to the sheer impracticalities and economic costs of implementing such a massive log system. ISPs will either do their utmost to avoid following this to the letter, or go out of business.
P.S. People in Argentina don't care much about privacy in general. For instance, they literally have no concept of personal space and will stand like 1 cm from your face while talking to you.
The unofficial
I haven't heard of it since, so I presume the proposal died a whimpering quiet death unclaimed by anyone.
Unfortunatly The Resolution of Invesigatory Powers Act 2000 was actually passed. I hate this country sometimes. As far as I know the "log everything" part has never been implemented. For "technical reasons", i.e. it's fucking ridiculous. I can't find any mention of it more recent than this article
sig
Silly Argentina. You can't just start out logging everything. Start off slow by relaxing the laws a little to combat something, lets say child porn. Wait a few years, add a couple laws for terrorism and walla, you can do whatever you want.
Hacker Media
[they] will be required to use state-of-the-art technology as soon as it is available.
In Argentina right now, that could be a while.
State-of-the-art technology doesn't usually become available in Argentina until cousin Mariano comes back from Miami with a suitcase full of laptops and electric toothbrushes.
Still, it sounds like there is a lot of room for abuse in this. I'd love to see an Argentine ISP send over data on a holographic cube, formatted for BeOS. Or even better, as a DRM encumbered WMV 9 file. Or a DVD movie with 60 minutes of unskippable commercials.
"Can you e-mail me the file?"
"Sorry, we've moved on to more state-of-the-art networking technologies. You can get a torrent of the file over a freenet network on an IPv6 Internet 2 network, or we can podcast you the file from a PSP on the subway to work."
"Can you skype it to me?"
"Sorry, Skype is so last week. But you can get a copy of this conversation through a skypecasting network."
Heck, maybe they can provide the "cutting edge" hardware and software that the government needs so that they can understand the transmissions. For a small fee, of course.
The ______ Agenda
Simple Math proves how this is impossible with humans working, and nearly impossible with computers.
Lets say 1 person uses the internet, and this person spends 2 hours a day on the internet (email, browsing, whatevering)
It would require the police >2 manhours to understand what was going on and itemize those 2 hours of internet usage. In addition if branches were found(other suspects of interest), it would require another >2 manhours of work.
Multiplying this by the number of days in a year, and it can been seen as quite the impossible task.
Even programming a computer to automagikally scoure the entire 10 year database would pop up 10000's of hits on a name, and the policec have to investigate the likely ones. Again even if 1% of all the traffic was deemed "interesting" you are still talking greater complexity than can be handled by traditional methods.
Forced by econmies of scale, in this case, the more cases, the more expensive it becomes to processes.
Won't last, Already when people talk about terabyte drives, they are capapable of storing (YEARS?) of audio, which no person could listen too. Ever. Just like all the books in the NY public library, too many books. Too many books.
Too much content to read folks
Check journal for info on Anti-TextBook, an idea by me.
Maybe Argentina has reformed. Their history is such that I wouldn't count on it though.
When you talk about the U.S. government, please don't say "your". I have no control whatsoever over the U.S. government, and neither does any other normal citizen. Most of what you don't like is decided and/or done in secret.
Also, Argentina's government is amazingly unable to take care of itself. It is very self-defeating, in my opinion.
Even telephone wires in the major city, Buenos Aires, are a problem. The telephone company is so disfunctional that it cannot install new phones. Citizens must do that themselves!
Could you explain these telephone wires running from building to building in Buenos Aires?
Also, the U.S. government is much worse than you are saying: Unprecedented Corruption: A guide to conflict of interest in the U.S. government.
How many Iraqis has the Argentine government killed? None, right? How many Vietnamese has the Argentine government killed? None, right? The U.S. government killed 2,000,000. Guess how many Vietnamese directly threatened the U.S. at the time? None.
Bravo, Argentina. From what I gathered without reading TFA, this is one of the most useful laws a government could come up with. Since, as everyone agrees, the task of logging every Internet transaction cannot be possibly accomplished, it will effectively make every ISP/TELCO guilty, which, in turn, will give the government a legal power to shut down any of these organization at will, or, more realistically, tell them what to do and hear a cheerful "Yes, boss" in reply. It is largely irrelevant what Joe Schmoe will say in his ICQ chat; what matters is control over the infrastructure. We at US of A have something to learn from these guys about a vertical government.
The trouble is with the RIP Act it makes you a potential criminal for using SSH. All a law enforcement officer would have to do is demand your keys - which you don't know because SSH is automatically keyed - and you are liable for a long prison sentence merely because you don't know them.
Fortunately, just across a few miles of the Irish Sea we don't have this madness.
Oolite: Elite-like game. For Mac, Linux and Windows
The president ordered the law to be suspended, following national and international reactions to it:
x Se ccion=100438
http://infobae.com/notas/nota.php?Idx=177281&Id
(fish obviously needed)
The ENIAC Demo Competition
Verisign, better known for its domain registration business, has a dark side. Verisign operates the nation's wiretapping control center. From its offices in Northern Virginia, not far from CIA headquarters, and in Mountain View, CA, Verisign's staff has a back door into the nation's telephone system. Law enforcement and the intelligence community send their wiretapping requests to Verisign, which then remotely reroutes calls for the selected telephones to Verisign's wiretapping center.
Verisign became the central point for wiretapping by acquiring Illuminet in 2001. Illuminet operated the "signalling system 7", or "SS7" network created decades ago by AT&T to control routing and billing throughout the telephone system. Ordinary phone functions like call forwarding work through SS7. Whomever controls SS7 can wiretap any phone, landline or cellular, within the area they control.
Verisign offers wiretapping as a commercial service, under the NetDiscovery name. As their advertising puts it, "Net Discovery is the premier turnkey service for provisioning, access, delivery, and collection of call information from operators to law enforcement agencies (LEAs)."
Verisign is expanding their NetDiscovery service to cover Internet access and voice-over-IP. Their goal is to provide a single point of contact for all wiretapping requests in the United States. "NetDiscovery makes it easy to fulfill lawful interception mandates and takes the burden and expense of compliance out of a service provider's hands. By outsourcing the service to VeriSign, service providers maintain continuous, hassle-free compliance."
NetDiscovery is the wiretapping solution chosen by Vonage, Cox Cable, First Cellular, Arrival Communications, Cellular Mobile, Rural Cellular, and many others. Wireline, cellular, and VoIP carriers are already on line and being intercepted. In the UK, NetDiscovery is the wiretapping solution for GSM mobiles.
That's how Big Brother really works.
I just gave the Presidential Decree a quick read, wondering if this was much ado about nothing and it only required logging of connections, not all the data. Actually, it is even worse. Not only does it require logging all data and making it available on demand to the government, it forbids service providers to use any technology that interferes with interception and decryption and imposes on them the burden of making whatever information is demanded available in the clear. If I understand it correctly, it is the ISP's responsibility to decrypt enciphered communications or to prevent encryption from being used in the first place.
But it is even worse than that. It forbids anonymous communications. Furthermore, it requires that everything having to do with this be kept secret, both what the ISPs do to carry out the decree and the fact that the government has intercepted communications.
and the project was refused for the congress.