Slashdot Mirror
FCC To Require Backdoor Network Access for Feds
humankind writes "The EFF is reporting that the Federal Communications Commission issued a release [pdf] announcing its new rule expanding the reach of the Communications Assistance to Law Enforcement Act (CALEA)." From the article: "Practically, what this means is that the government will be asking broadband providers - as well as companies that manufacture devices used for broadband communications - to build insecure backdoors into their networks, imperiling the privacy and security of citizens on the Internet. It also hobbles technical innovation by forcing companies involved in broadband to redesign their products to meet government requirements."
We can't sit back and let the terrorists win.. err wait, wtf am I talking about? Somehow this is a good thing.. yes.. maybe I should give the feds access to my webcams, this will make america safer :)
Wasn't there a ruling just a few weeks back that the FCC didn't have the authority to regulate the Internet, which would include things like VoIP? Did that get overturned at some point?
Time to pull out that ethernet cord, I'm going back to PCBoard...
sike!
Fortunatelly there is a cure - cold shower.
More regulations to drive up costs and actually lower security. That's our government. I can't wait for the first time that a feds-access method is discovered and published. Of course I'm sure they'll label that discovery person a terrorist.
That just makes life easier for everyone, dosen't it? ::Cough, Cough, Gag, ... Falls Over::
In a world without walls and fences, who needs Windows and Gates?
Think of the children! It's for fighting terrorists and will never be used otherwise!
Cisco, for example, has complied with this new rule before it even existed.
If you have a backdoor - how long before somebody malicious has access? 30 minutes? If you can get into any box anywhere (because apparently everything will have to have this) then couldn't one little malicious script bring down everything connected to the internet?
NEWS
Federal Communications Commission 445 12th Street, S. W.
Washington, D. C. 20554
News Media Information 2021418-0500
Internet: http://www.fcc.gov/
TTY: 1-888-835-5322
this Is an unofficial announcement of Commission action. Release of the full text of a Commission order constitutes official action.
See MCI Y. FCC. 515 F 2d 385 (D.C. Clrc 1974).
FOR IMMEDIATE RELEASE: August 5, 2005
NEWS MEDIA CONTACT: Mark Wigfield, 202-418-0253 Email; mark.wigfield@fcc.gov
FCC Requires Certain Broadband and VoIP Providers to Accommodate Wiretaps
Order Strikes Balance Between Law Enforcement, Innovation
Washington, D.C. - Responding to a petition from the Department of Justice, the Federal
Bureau of Investigation, and the Drug Enforcement Agency, the Commission determined that
providers of certain broadband and interconnected voice over Internet Protocol (VoIP) services
must be prepared to accommodate law enforcement wiretaps, the Federal Communications
Commission ruled today.
The Commission found that these services can essentially replace conventional
telecommunications services currently subject to wiretap rules, including circuit-switched voice
service and dial-up Internet access. As replacements, the new services are covered by the
Communications Assistance for Law Enforcement Act, or CALEA, which requires the
Commission to preserve the ability of law enforcement agencies to conduct court-ordered
wiretaps in the face of technological change.
The Order is limited to facilities-based broadband Internet access service providers and
VoIP providers that offer services permitting users to receive calls from, and place calls to, the
public switched telephone network. These VoIP providers are called interconnected VoIP
providers.
The Commission found that the definition of "telecommunications carrier" in CALEA is
broader than the definition of that term in the Communications Act and can encompass providers
of services that are not classified as telecommunications services under the Communications Act.
CALEA contains a provision that authorizes the Commission to deem an entity a
telecommunications carrier if the Commission "finds that such service is a replacement for a
substantial portion of the local telephone exchange."
Because broadband Internet and interconnected VoIP providers need a reasonable amount
of time to come into compliance with all relevant CALEA requirements, the Commission
established a deadline of 18 months from the effective date of this Order, by which time newly
covered entities and providers of newly covered services must be in full compliance. The
Commission also adopted a Further Notice of Proposed Rulemaking that will seek more
information about whether certain classes
So what's stopping someone from taking say a Linksys and rewriting the OS?
--
The "are you a script" word for today is engulf.
That's about as braindead a decision as you can get from a government. They think you can simply wave some magic wand and things just "happen". They must also think that no one else would use that new, government mandated back door for anything nefarious. Gosh no, we're all just law-abiding slav... citizens out here in the real world.
In reality, they just wanted quicker acces to the playboy mansion, I guess.
I spend too much time on the internet and using my computer anyway. It's about time someone put their foot down so I will go outside and get some sun.
...for Americas 'freedom'.
Freedom will prevail!
It's funny how you never hear the phrase 'right to privacy' nowadays. Is privacy no longer a concern to people now that we have terrorists to worry about? The things I think about and read and what I do in my personal space (yes, my computer is MY space) is frankly not the business of anybody except me. Get a warrant, then search me - I'll live with the fear of a terrorist attack, I can handle the responsibility.
What kind of access to the feds want? They want the ability to sniff trafic directly from my ADSL router ?
When will this end ?
I can think of no better reason to start looking for off-shore hosting providers.
As long as they promise that these backdoors will be secret, totally uncrackable, and nobody with knowlege about them will ever be disgruntled...
Aren't there already enough unintended back doors into most products as it is?
They already tap the phonelines, freely scan IM messages and email, what's a little more taking it up the ass from the man going to do...
Hail thee, land of the Free(access for the government for complete omnipresent survailence)!
I was going to reply to this with, "Well, I can tunnel my connections via SSH to add instant magic security powder," but then I realized - the server I'd be doing the tunneling *to* is on a cable modem, and it'll have all the same backdoors.
I wonder if I can trust my university's networks; maybe I should SSH tunnel to my computer science department account.
Huh.
|/usr/games/fortune
".. to build insecure backdoors into their networks, ..."
What if it means that the equipment will accept connections if it passes a rigerous sshv2-dsa key handshake, with a really, really big key size? I don't see that being insecure, setting aside concerns about the stupid feds being bitches in power games leaking the key. Technically, there's nothing stopping them from making it secure (as secure as you or I have our home systems, that is).
--
Internet Explorer (n): Another bug -- that is, a feature that can't be turned off -- in Windows.
Guess I will have to start using as much encryption as possible, not because I have anything to hide, but because I like to waste millions of tax dollars.
How does this hobble technical innovation? It is a logical extension of CALEA.
I see problems with it, like Skype is not a US company and implementing CALEA functions for monitoring on Skype servers would not be legal in other countries?
I don't think that the government has a clear grip on what the Internet is yet, but by allowing VoIP to replace traditional switched circuit voice networks, they lose monitoring functions for legal wiretap operations. This just gives it back to them, though I'm not sure how they will implement it worldwide, nor do I think it can be done simply within the borders of one country since it is run over the Internet in many cases. Sure, if Comcast offers VoIP, then CALEA would apply, but I see trouble with Skype and Gizmo services.
Also makes me wonder how far the reach of CALEA will go, given the current state of anti-terrorism and related activities.
I just don't see how this hobbles innovation.
Support NYCountryLawyer RIAA vs People
"At the same time, the Department of Justice (DOJ) is asking airlines to build similar backdoors into the phone and data networks on airplanes."
Are they nuts? What happens when data networks improve on airplanes in the next few years and people are using wireless connections on a plane? It's going to be a security nightmare.
I don't even want to think of what could happen if a plane had its network connected to the cocpit...
"Lead my skeptic sight."
How many people have a service like that? It looks like they want to retain their wiretap capability for voice communication as we move into VoIP, not monitor everything you do.
Sheesh.
Try not. Do or do not, there is no try.
-- Dr. Spock, stardate 2822-3.
Many of them run Microsoft.
I prefer the "u" in honour as it seems to be missing these days.
Unplugging my net connection and going back to writing letters by hand.
Networks that have rear entry just sound gay to me ...
Just watch. Soon they'll be blocking access to "terrorist-related" web sites.
Fight the terrorists!
Stop electing them.
Oh, I'm sure the economist weenies will start crying, "The trade deficit is too high already!" Claptrap. You want a trade deficit you can really sink your teeth into? America is barely even working at raising the trade deficit. But this sort of move is a great step in the right direction. Focus the entire country on eliminating exports. The whole world will be safer.
It seems the ruling only applies to interconnected VOIP carriers and Internet providers which offer voice services. It doesn't seem to apply to Internet providers which only provide IP connectivity.
One way around this with Asterisk is to terminate all your calls with a random (say 10-20) different out-of country VOIP providers. It would be harder for them to track the call as it is routed back into the states.
When they require CALEA access IP=IP connections then that's where it will get interesting.
Till then, I'll just make IP-IP connections to my friends with Asterisk. I can always turn on IAX encryption if I feel paranoid.
Well since companies like Linksys use linux in their devices, they still have to comply with the gpl. meaning if they keep using Linux they will be revealing all the back door code, or they'll have to stop using it or get sued.
Of course knowing our govt, the spec will be sooo poor and it'll get out and the internet will have huge security holes and hackers and spammers will get a hold if it.. and *foom* govt facilities zombies!
mebbe its time to switch to a bsd router.
Until then the FCC and FBI can piss up a rope.
If the goal of terrorists was to destroy our freedoms and way-of-life, it is starting to look like they are winning -- and while I sure terrorism is the excuse for this law, I'm really not sure I trust the intentions or our current government.
In addition to the immediate 'what kind of country are we becoming?' blood-curdling privacy implications of this law: what is this going to do the competitiveness of American manufacturers? Other countries are not going to accept back-doors for the US government in their network products.
I hear the password is gonna be PENCIL... SHHH dont tell anyone.....
"From the article: "Practically, what this means is that the government will be asking broadband providers - as well as companies that manufacture devices used for broadband communications - to build insecure backdoors into their networks,"
First there was Intel's "Intel Inside" with a matching sticker. Now look for the FCC's new "Goatse.cx Inside" sticker on all your networking products. So you'll know you're getting the genuine experience.
America is dead.
then it would be more detectable
this is a totalitarian police state being assembled.
With already over 2/3 of computers running the spyware CoolWebSearch, this could be implemented tomorrow by buying that spyware company, and requiring Microsoft to preinstall it, and thus any hack to take it off the computer would be a violation of the DMCA.
Saskboy's blog is good. 9 out of 10 dentists agree.
for more contraband. "Hey, buddy. Wanna buy a modem? Guaranteed secure. Only a thousand bucks. Buy two for eighteen hundred." This will turn our economy into a pure black market(I wish). Everything will be illegal. A pirate's paradise this will be. The hardware hackers have their work cut out for them. I hope they can handle it. Our new machines will be giant breadboards and wire wrap. All electronic engineers will be required to register. There will be a three day waiting period to buy soldering irons while they do a background check. God! what a bunch of freaks! And I'm not talking about the good kind...that hung out at the original Woodstock. You poor pitiful souls. Why do want to turn the earth into a prison planet? Never mind. I already know.
What?
hey all,
yes the fbi have the ability to monitor calls on a class V voice switch for years due to this law.
it is normal. we take it for granted.
just like i have the ability to take my t1/ds3 test set and listen to any ds0 channel i want. Anywhere along the line i have easy access too.
well, now they want easy access to other methods of making calls. the problem they will run into is that the tech is constantly changing. Voip calls are going through cheap x86 boxes. It will have to be a software hack that allows it.
or they could just setup a transparent bridge with whatever interfaces they want. Sniffing the line in that fashion...
all i can say is good luck to them. they seem to have forgetton the paridigm shift in power with PCs hitting the mass consumer market. They can no longer eavesdrop the way they want.
just my 2 cents
Big deal. So anyone with a little bit of knowledge and desire can cripple the entire internet in one blow.
We can't let the terrorists win! We must comply with this obivously good idea.
Oh wait...
I believe that our Government wants to pullout of the courts, and let them decide on everything at the time it happens. The measures they will have to goto includes being able to get to places they shouldn't be at in the first place.
For instance, you goto a crime scene.. the fastest way in is the dirtiest and hardest way in. They would have to work to get inside the house without furtheringly destroy evidence/tamper it.
So what do they have to do? Put a hole in the cieling, with a deadlock and a vault. They can drop from the sky and get in, without authority, and without any hassle of the people involved from saying "no". This is really much of a redudant annoyance, than a problem itself. Sure people could infiltrate, but at what cost? It would be just as hard to go from the top, as it would from the front door.
For those who say "invasion of privacy", that's what FTP and system logs are for my friends.
"To be is to do." -Socrates
"To do is to be." -Jean-Paul Sartre
"Do-be-do-be-do." -Frank Sinatra
Do NOT buy American, your national and economic security is at risk if you do
I certainly wont be reccomending ANY American equipment to our clients
This was a pretty cool article. Even though the routers built out of computers are pretty common.
http://www.langamereviews.com/content/view/144/2/
So, the really question is: will my FreeBSD router have to have a backdoor? And the better question is: how would you regulate open source software?
Besides this "backdoor" might be a good thing. Hackers would divise ways to use it maliciously as well as develop fixes to close the backdoors. I wouldn't worry too much, the Feds rarly have it together when it comes to technology such as this.
If you use open source router software, and tunnel or SSL or SSH to everything, this should not be a problem.
The question is, why aren't people assuming that plaintext is a bad thing already?
AFAICS, all the linked press release says is that VOIP should be subject to the existing laws on telephone tapping....
Or am I missing something?
As printer manufacturers have shown, you don't actually need regulatory power in order to regulate. It appears at least some companies will silently and secretly sell out their customers if the government so much as asks nicely.
Irritable, left-wing and possibly humorous bumper stickers and t-shirts
How many people have a service like that? It looks like they want to retain their wiretap capability for voice communication as we move into VoIP, not monitor everything you do.
He must have read the EFF site to say something so obviously inflametory and stupid.
The FCC's new proposal to expand CALEA to airline broadband illustrates the fallacy of law enforcement's rationale for its CALEA request. The DOJ takes the position that broadband has "substantially replaced" the local telephone exchange, but this claim is reduced to the point of absurdity aboard an airplane and opens the door for CALEA to cover just about anything.
Combine that with National Security Letters, NSL, and you have something everyone should be concerned with. Also from the EFF, one story down:
NSLs are secret subpoenas for communications logs, issued directly by the FBI without any judicial oversight. These secret subpoenas allow the FBI to demand that online service providers produce records of where their customers go on the Web, as well as what they read and with whom they exchange email. The FBI can even issue NSLs for information about people who haven't committed any crimes.
Your government is looking for dirt on innocent people. The Bush administration has used domestic spying to harass political opposition and we should imagine the same will be applied here. That's something no one should be able to do.
Thanks for the useless commentary, Sheetrock.
Friends don't help friends install M$ junk.
feds could learn a lot on how to use spyware
----------- destroy evil immediately!
And that stops man-in-the-middle attacks when some other moron decides to comply with the law how, exactly?
Help us build a better map!
that make me give thanks for living in a 3rd world country... I think.
fedds to require backdoors with the same default passwords so as to make hackers lives easier by finding said password
I think it's a great idea. As you point out, within 30 minutes someone will have malicious access. Within a month every script kiddie on the net will have access to every PC in America.
At which point, I welcome the government's attempt to successfully prosecute me for anything whatsoever: "No, that file of Dubbya, the underage pretzel salesgirl and the goat wasn't mine. You idiots left the backdoor to my system wide open. Literally anyone on the net could have used my PC to host it and you guys are responsible for that one. And may I just say thank you for establishing 'reasonable doubt.'"
The legal definition of guilt in a criminal case is beyond all reasonable doubt (as opposed to balance of evidence for civil cases). If they're absolutely determined to ensure it's completely impossible to achieve 'beyond all reasonable doubt', and thus any successful prosecutions, I'm all for it.
This is one where, legitimately, they can claim it's only for catching terrorists - because they've destroyed any legal standing for a successful prosecution (suspected terrorists not getting prosecutions, just export to a country that uses torture).
that WIFI (and all it's many variations)are so easily crackable ... because it was designed with something like this in mind?
i just find it hard to believe that after so many tries, the standards body couldn't find a way to make wifi even remotely secure. a war driver or a script kiddie can crack it in a matter of minutes at most.
also it isn't the populace's responsibility to make it easier for law enforcement agencies to eavesdrop/do their job.
Science : Proprietary , Knowledge : Open Source
They won't get how bad this idea is until it's used to completely (and publicly) botch some top-secret investigation.
Sometimes boldness is in fashion. Sometimes only the brave will be bold.
Invading Iraq was Bush's genius stroke in the G-WOT? Now we're fighting them "over there", so we won't have to fight them over here, because terrorists can't hijack planes and slam them into buildings. Everyone agrees that these Patriotic efforts are making us safer. Don't you feel safer, knowing that the FBI will outsource to China the grunt work of monitoring these backdoors? Then they'll swing into action, and save us all.
--
make install -not war
Lemme get this straight -- they'll require a backdoor on those little boxes you can buy with commercial service, but not from random software you can download and use with a microphone and speakers?
Criminals and terrorists can get said software if they want to. Heck, they can probably get it for free, legally. They can use that to talk to each other over the internet; granted, it won't be as convenient as phone-like service with standard phone numbers, but it'll work. Meanwhile, the government retains the ability to wiretap citizens who are up to no evil, or are, but were too stupid to find a way not to get wiretapped.
This helps us how? And is anyone x-raying all USPS mail, OCR'ing it, and then analyzing the text content to discover hidden messages being sent by mail? Do they wiretap your mailbox?
... Under the new ruling from the FCC, this tappability now extends to Internet broadband providers as well...
The terrorist just have to collect free AOL CDs and use dial-up then!
VoIP is also going to have to provide suitable 911 support, that's going to be an IP to physical location mapping, how do you feel about that?
All the vonages and their competitors out there have been riding a wave but there are some basic services that they are going to end up providing that will raise their prices. People expect 911 to get routed to the correct police when they dial it. You draw enough attention to yourself for them to think you're talking about breaking the law on the phone and they are going to tap your phone calls. They might actually plant bugs and examine things within your house too. Nothing new about any of this. Guess what else? You better ISPs are already prepared for this too, they've already been doing it!
Even regular consumer devices like Linksys routers are running Linux, so that makes me wonder if the changes have to be hardware or software changes. It's my impression that on a Linksys router, basically everything important is done in software, so I don't see how this could be implemented in hardware.
And obviously, if this means that Linksys routers need to have a patched kernel, will they have to be locked in some way to prevent changes to the kernel? What about the GPL? If the backdoor is implemented as a part of the kernel, and then that kernel is redistributed, then the backdoor code would need to be published, right?
Back in the days when everything was hardware, regulations like this would be cleanly enforceable, but now that the work is done almost entirely in software, it's a mess.
-----------------
mobile search
Backdoor Login to all American Homes. Terrorists will love this. Yes, they can finally sniff the Traffic from everyone.
I think, America is heading down to a big revolution. At some point, if this goverment doesn't change, it will get overthrown. Empires never lastet.
"Freiheit ist immer auch die Freiheit des Andersdenkenden" - Rosa Luxemburg, 1871 - 1919
I hate to use the whole fear of terrorists thing, but this will clearly aid terrorist activities on the net. Thanks to this backdoor and the inevitable public knowledge of how to exploit it, they have introduced plausible deniability to anyone doing anything questionable online. Worse, "terrorists" will be able to utilize this to realize great anonymity.
I've always thought it would have to get worse to the point the system begins a degree of implosion before it gets better and this seems a good first step.
Wasn't the FBI already convincing network equipment manufactures like Cisco to implement RFC 3924 - Cisco Architecture for Lawful Intercept in IP Networks into their production? I think they've been working on this for a while. Perhaps the FCC ruling is the next step in order to get the snoop-enhance boxes into the internet infrastructure.
Well, because the man-in-the-middle is only going to intercept encrypted garbage.
I would expect such blatant racism on Fark, but on Slashdot? Mods please ban this asshole.
Flip 'em the proverbial bird by getting a couple of 'old school' (pre-insecure) gigabit ethernet cards, and make a DIY linux router.
http://www.cisco.com/univercd/cc/td/doc/product/ca ble/cab_rout/cmtsfg/ufg_cmon.htm
Cisco Snooping
It takes just a moment and an action to destroy. It takes some time and thought to create.
Now hardware manufacturers need to not only to make this backhole for their us customers, but also create another version for the rest of the world. Someone I don't think European govts. will much like Uncle Sam being able to spy on them.
In the beginning the universe was created. This made a lot of people very angry and is widely considered as a bad move.
...as it was in Roe vs. Wade where a "right to privacy" which is ennumerated in no way, shape, or form in the constitution was found by the SCOTUS, and then used to imply further that under this right there was a right to abortion. If these invasions of privacy, erosions of private individual and group securit at the hands of the state continue without appropriate challenge, it will eventually come about through force of history and precedence that there is no right to privacy and with that goes any right to abortion.
If this were made clear to the pro-abortion liberals, they might finally "connect" and grasp how this affects them. Right now, those in congress as afraid to be seen as pro-terrorism and pro-weakness to speak up, except for the usual suspects of token opposition.
If my grammar and spelling are off, I am [distracted/tired/careless] (take your pick)
Would that be one of those new Yoda dolls with a built-in webcam and a TCP/IP stack? Did you RTFA?!?
Man in the middle attacks don't work if you pre-share keys in a secure way (in person, on a disk, etc.) or require keys to be signed by someone you trust.
Do they do anything productive for America? Maybe we should dismantle the organization and save hundreds of millions of dollars a year in tax money.
I wonder what this will mean to manufacturer's who sell their equipment internationally? Will this "feature" be available in all versions, or only in US revisions only?
If manufacturer's start having US version and Intl version of their firmware, I wonder which one I will be inclined to download.
When you go to war you need to
This show its very clearly again: It is time to protect ourselves and our privacy and anonymity against totalitarian governments by using encyption and software that anonymizes such as Freenet: http://freenetproject.org/
Here's a big Ef You to the US Fed Govt. I think a bunch of two year olds has more intelligence in their finger paintings then our entire govt combined..... This country is headed straight to the likes of China with this kind of misuse of power. Does anyone remember a time when the Govt worked for the people?
If a project does not bend over and comply ( like the OpenSSH team, or OpenVPN for 2 easy examples ) does that mean it will be illegal to use said products?
If so, thats one more step closer to 'authorized computers, operating systems and applications'...
---- Booth was a patriot ----
Non US companies will simply have to produce two versions - an in-secure one for the US (and any allies silly enough to agree to this) and a secure one for the rest of the world.
Open source projects will simply have to ensure the non-backdoor code is developed and mirrored in an appopriate country.
Thank you. The goal of terrorists is to destroy our freedoms and way of life.
They did it. It would have been so simple to not be afraid of terrorism and go on with our lives, but no, fellow Americans, you had to be stupid enough to go along with our stupid government and be afraid. Thanks a lot.
The terrorists won. Don't let anything our idiot president says make you think differently.
This is a sig. Deal with it.
So does this make the American Citizens the enemy of the government? That they have to know everything about us to retain their status quo?
I'd rather email you at YOUR address, as if I email your friend, YOU will not get it....
After reading the FCC release, it is evident that many people have not read it carefully.
First, the regulation requires changes to equipment in ISP datacenters, not your cablemodems. Second, it requires changes only to such equipment as connects directly to voice lines. These regulations refer to VOIP/Telcom interconnects, so it has nothing to do with your cable modem.
But let's yield the point for the sake of argument. Even if the government was essentially demanding that every cable modem had a backdoor, this would not in the least prevent untappable voice communication between two parties, provided both parties were using a computer.
Consider that terrorists are not stupid. They are just as able to create an encrypted Skype-like connection as the average Slashdotter. This is not rocket science. If they cannot do it themselves, they can certainly hire someone. The tools are already present, and in fact, are trivial to hook up. Just use SSH to tunnel voice communications between clients and servers. All voice data travelling over public channels is therefore encrypted with strong encryption. What is a wiretap going to accomplish then? Nothing.
Mir tut es leid, Menschen daß Einfältigfehlersuchenbaumfolgendenaffen sind.
It just seems to go against the principle of checks-and-balances when an executive agency can just make up new rules. Isn't it the job of Congress to come up with new laws? I can understand an agency coming up with new rules within a very narrow range of its jurisdiction[sp?] to fulfill it's narrowly defined responsibilities, but this seems really broad and entails more than just communications. It concerns our liberty and privacy, which I'm sure the FCC doesn't have the sole jurisdiction over or I hope not.
EvilCON - Made Famous by
The government buy alot of off the shell networking components. If there is a backdoor to all of those tools more than one governemnt will know about it. The ROI on this seems insane.
maybe someone will even write a worm/virus to exploit the backdoor, which will cause even more problem..
I seriously wonder who dream up the stupid idea...
Last time I tried requiring backdoor access, I got a slap to the face!
I would like to see charges brought up on people who use this designated backdoor under impersonating an officer. It would be the equivalent of social engineering with a fake policeman's uniform and arresting people. Everyone could do it, but they don't cause its bad and persecutable. The backdoor could be there for the same reason...the major loophole being *punchline* that foreigners overboarder will be able to do the exact same thing, making our entire networks much more vulnerable. Enabling vastly more espionage from "rogues". Shouldn't the FCC just contact Cysco? I hear they have builtin backdoors in their routers anyway.
The solution is quite simple: stop buying american products. There are plenty of alternatives designed and built in free, democratic countries (hell, even China is starting to look free compared to the US). I wouldn't use an american firewall / router made in the last 4 years even if they paid me.
Methinks you need to google the term, "lawful intercept". ssl ain't gonna protect you.
It's Clipper all over again.
Only this time, the Internet is too dilute to react and appropriately halt this.
Welcome to today, I guess.
I hate living in apartments that only have one way in and out. A back door would be a nice addition.
Advice for my fellow geeks: before seeking out that threesome you dream of, you might see what a TWOsome is like first.
Are terrorists sending emails saying that they're going to blow up a building?
Don't they use codephrases that would be indistinguishable from normal emails?
"My birthday went fine. Thanks for the camera. I'll bring pictures over when I'm back from vacationing in London"
The reason the so-called "carnivore" system was replaced so quickly was because that it was used too frequently -- just not by the US government. In fact, the very same systems that facilitate wiretaps and the like are far more often used illicitly by non-government entities than by the US government -- just ask the GAO.
That begs the question -- to what end, and for whom? The directive clearly doesn't serve the government (as we understand it) or the people. Who then, and how is it that the FCC has been caused to make such a peculiar request (beyond their mandate, no less)?
Conspiracy theories aside -- it's probably safe to say it's simply blatant stupidity.
For what it's worth, however, one should assume the Internet to be broadcast medium. It's only as secure as whatever encryption keys you use.
Oh those temporary laws. Interning Japanese. Taking over the property of folks with German last names. I'd like to take your militaristic ass and throw it in a detention camp for five years and then tell me how it all evens out in the end.
GPL is about making sure that anyone who uses GPLed code gives back. If Linksys publishes the code, that's giving back. To me it would be a change/extension of the philosophy if the GPL also had a clause that says, "shall not run on certain devices".
Sounds Vaguely familiar to this:
http://www.epic.org/crypto/clipper/
I'd love to blame this on the paranoid Republican control-freak administrations of the 80's, but the clipper lasted into the Clinton years.
Is this new FCC initiative similar?
https://www.accountkiller.com/removal-requested
What I fear is that the left in this country is going to succeed in undermining our resolve to pursue and defeat our enemies, resulting in an ongoing conflict with no end in sight.
I hate to break it to you, but we already have an ongoing conflict with no end in sight, and it has NOTHING to do with the left.
puff, puff, give dude
JWall: GUI client for IPTables
...about a brothel sale with the difference to the regular price being paid by the French Television. A new one could be: buy router on sale, make $10 after MIRs, guess who's paying for it?!? :)
"One of the symptoms of an approaching nervous breakdown is the belief that ones work is terribly important." -BRussell
If they can hack into my cable modem, they still have to get past a monowall box, then ipchains on my laptop. Then they can have access to... to... what? My work files, I do bankruptcy law, its all public info after filing, my mp3's... If they like old school hard core punk they are in luck... much ado about nothing
No one here gets out alive
How soon after rollout will these secret backdoors to be compromised?
[ ] less than a month
[ ] less than a year
[ ] 5 years
[ ] I already sold that information
Who will use these backdoors the most?
[ ] FBI
[ ] CIA
[ ] Department of Homeland Security
[ ] Osama & Co.
[ ] script kiddies
maybe I sounded a little distracted and this deserved more attention. The nations is swinging hard toward the right and it's not in a good way. 911 changed nothing, proved nothing and these lies make me ill. Good in government is hard to find, and it's been gone completely for the last five years.
Sorry about the writing. Robot fingers, you know? Cliff Steele in DOOM PATROL #23
That's right, kids! I've been waiting for this for a LONG TIME.
Now I control everything. I have access to all of the weapons. I have all of the money. I have nothing to fear. It is all mine. Your network is insecure. I didn't even HAVE to try to hack a thing. All I had to do was find the backdoor in my isolated little lab, and now, I've got all the marbles.
Look out world!! Nitsuj needs a new island dictatorship!
They can put a backdoor on my OpenBSD box after they beat me to death with a cold, dead Model M keyboard. (Come to think of it... that would be easy to do.)
My other car is first.
With CAFTA, Central American countries were enticed into adopting excessive, US-style restrictions concering the ownership and exchange of intellectual property. Don't kid yourself into thinking that the US will limit its influence for wiretapping to the water's edge.
- Assume that a manufacturer implements a backdoor securely, more so than the trivial backboor (login/passwd=fbi/fbi).
- This would require more funding to develop than a trivial backdoor.
- The manufacturer endorsed this extra funding because...
a contradiction-- I was raised on the command line, bitch
This doesn't seem like a big deal, this doesn't even seem like a sort of big deal. From the way it is written, I believe we are talking about the same "tap style" as the phone company uses. I highly doubt that the home router will ever come into play. This is like serial number protection, phone tapping, and photo ids. Very basic blanket security that keeps people from breaking the law with out a solid plan. Which deters many, allows the stupid ones to get caught, and forces the smart ones to find work arounds that many times leave clues. It also does not stop you from designing your own software if need be, to protect the privacy of your transmissions. I fully support the idea, law enforcement needs to be able to do it's job and right to privacy is an urban legend. Read the constitution if you don't believe me. These things only become an issue if they become unreasonable to a large group of people. I don't even foresee this affecting the lives of anybody other then the criminal.
what are the goverment's real motives? Dont they take enough of our right to privacy with the patriot act? Could these "backdoors" give the RIAA the right to get the names of file sharers from ISPs?
... rather than just taking everything I hear from the internet (interpreted thanks to eff.org). Kudos to people like sheetrock, teilo, and others for doing the same. Im not going to bother reiterating some of their previous points regarding "backdooring our routers!". If you're confused ... lookup "backdoor" and "wiretap" on some jargon files or something.
/ DOC-260434A1.pdf
Heres a link to the fcc announcement (NOT eff.org's) http://hraunfoss.fcc.gov/edocs_public/attachmatch
Ooooh theres some big telco words in there that I had to look up.
facilities-based isp: isp owns the switches and access servers.
Many isps are non-facilities based or hybrid based, meaning that they buy some access from other facilities-based isps, and have some equipment of their own. It only makes sense that the fcc would want access to the equipment through the people that actually own them.
More specifically the announcement mentioned that they would target the facilities based isps / voIP carriers that allow connection to pstn (public switched telephone network).
You guys have all seen those cop movies where they sneak into the bad guy's house and tap his phone. Well, if a bad guy is using voIP, you can hardly do that. (Well you can, because voIP's standard is not encrypted, although some like skype claim to). So rather than try to tap at the source, which could possibly be encrypted (as teilo said), they just tap it at the point at which it is just pstn traffic again. (Remember they were focusing on services that allowed communication to pstn from voip). So if bad guy A tries to do voIP to bad guy B whos just on pstn, then fbi can listen in, without knowing the location of bad guy B.
This leaves the idea of the bad guys just talking voIP to voIP with encryption. People say that the government can already sniff our traffic and see everything we do, so whats the point of this new legislation? Where are they sniffing from? As of now, I don't think its via these ISPs who are commercially owned with little to no regulation. So maybe this is the government just moving their pieces in to better position on the board.
Just my 2 cents.
Folks, lets put this in perspective. What they're proposing to do is to backdoor the internet. But today, we have good crypto protocols which were designed specfically to defeat exactly this threat - of man in the middle and active packet capture. So why should the knowledge that the feds wish to engage in this behavior on an active, routine basis, cause anyone any alarm? The bad guys (and I admit, it's damm hard these days to tell the "good guys" and "bad guys" apart...) are already doing this. Right now. They're just doing more work and trying to be inconspicious about it. The feds simply want to say open-sesame and be let in.
The tools exist for many people to effectively secure their communications against exactly this threat. The question is however, how do we convince more people to begin protecting themselves?
for a little order will lose both, and deserve neither."
-Thomas Jefferson
Or
"Those who are willing to trade freedom for security deserve neither freedom nor security."
-Benjamin Franklin
(Goes to change /. profile location and actual location to somewhere in Canada, Finland, or some other peaceful, happy, content country that no one would even want to attack)
Didn't your momma ever tell you not to feed trolls?
You're all upset and annoyed right now, which is EXACTLY WHAT THIS GUY WANTS. His post was designed to piss people off. The sentiments expressed were carefully chosen so as to create the greatest degree of anger and resentment. Right now he's probably sitting someplace laughing at you because of how obvious it is that he got to you with what he wrote. He's probably some Rush Limbaugh dittohead idiot racist redneck with a confederate flag pinned up on his wall and a KKK costume hanging in his closet, not someone worth dignifying with a response.
Heh, perhaps this is being done so that the Government can cause a catastrophic security event so big it'll make Cisco's looming problem look trivial.
After all (and I do government security work), Uncle Sam usually does mediocre to terrible infosec...
Seriously, this idea is terminally stupid to the point where I doubt it'll succeed. Even if we dodge the risk (hah!), and the letter of the rule is implemented, grunts like me will just be required to implement secure tunnels to hide stuff that is too important to risk (they add a key, so we add another lock).
I would laugh. Seriously. I don't condone the idea, but if the whole damn Internet got shut down for a few days, it would serve them right for pushing through something so monumentally idiotic.
New rules mandating($200 Mr. Bush) that all transmissions over TCP/IP(the now mandated internet protocol) be made in plain text. Any indecypherable info will be traced back to the source and the sender will be...umm...detained. In other news, the post office has now prohibited the use of envelopes, and all letters are to be written in English only. Any spelling and grammitical errors are subject to further investigation and may result in detention.
What?
Ok, so the for profit router manufacturers may be required to create back doors for the feds (which, of course, will be discovered & exploited by others). This will not stop, & in fact should encourage, the use of linux routers & firewalls without these holes. If I make it & don't sell it, I don't see how the feds can say shit about it.
Finding a dead Model M is _NOT_ an easy task.
The American public needs to put aside their petty differences, and force through a constitutional amendment that garuntees the right of privacy. There will be discussion on how to word it, but it needs to be worded strongly, or else we will fall into totalitarian facsist bureacractic rule, from which we might not soon recover.
A cold, dead Model M? I suppose if you put it in a freezer and hit it with sledgehammer, you'd end up with.... well, a cold keyboard and broken hammer, probably.
Does this meen if I am using a obsd router that I can sue the FBI under DMCA regulations for attempting to reverse enginere my security script? If so I seriously can't wait for this to pass.
Try EBay, brought my last 3 Model M's from there. $5 to $10 each...
Oh yeaaaaaAAaah , I'mmmm yourrrr back door man !
All lyrics Doors ( copyright ) except my version has mispelled words. Want a backdoor ? Ask Mr. Mojo Risen about eating Chicken.
You men eat your dinner
Eat your pork and beans
I eat more chicken
Than any man ever seen, yeah, yeah
I'm a back door man,
1: RIAA/MPAA sniffs out a pirate on a P2P network, they send an automatically generated electronic form to the Department of Homeland Security, which has an Intellectual Property enforcement team, complete with IP address. In moments, the DHS automatically fills out another form, which is stored on a computer, then sends the hack signals to the cable box in question to begin sniffing network packets. This system then automatically checks the data of the packets to see if the data is similar to any files the RIAA/MPAA doesn't want provided.
...Is there any good use for this?... ... ... ... ...
Or anything else the government doesn't happen to like.
The DHS then begins seizing computers out of homes with search warrents obtained with said data, at gunpoint.
Depending on the dissident or resident, they then go in unnannounced and when they raise their hand above to block the light from going into their eyes during a night raid, they get shot for making a wrong move...
2: A political dissident radio network, TV network, website, ect is broadcasting all over the world wide web. The ADL, APAIC, Oil corporation, wood corporation, ect doesn't like this. DHS gets a sniffer on the line going from their place, then sniffs IP address and begins sending hack signals to the IP's requesting services to the box they are sniffing. They then systematically send signals to each box in line to shut it off or ban it from getting onto said website, radio network, ect.
3: Is there such a thing as secure transmissions on that kind of a line if they can intercept the encryption key going over it?
4: You are now on a "Internet Terrorist Red List" where if you don't do what we will just keep sending disconnect packets to your cable modem every 10 seconds so you can't get on.
The ISP's already have to oblige by federal regulations regarding searches and seizures. So if they've got the evidence they go over the CO, hook a tap on the DSL or tap the phone line itself.....a phone tap works for any residential or other internet service if you've got access to the other end.
Ok, maybe i'm silly in the head here or something. But if they put these backdoors into home modems and routers, does this not constitute as illegal search and seizure or something along those lines. I mean they are practically bugging your home. They may not actively use it but it is a bug, sitting ready to be activated by a few simple commands. Its like having a TV in your living room that has a camera in it that is accessable by the feds, of course it will only be used against the "bad people" *hahaahaahaaaaaa.....ahhh thats funny*.
Just my little opinion.
Don't you remember the good old LRP?! It was an open source implementation of a firewall router that fitted onto a floppy, ran on an old 486 with 2 network cards, no cooling fan, no monitor. Most importantly, NO BACKDOORS.
Barring that there would always the option of circumventing the commercial "spook" internet with a homespun wireless routing or "pringles can" internet.
There is no way that the spooks can bypass determined ingenuity for freedom.
"Forgive us our trespasses, as we forgive those who trespass against us." -Jesus Christ The Lord's Prayer
In Russia the FSB (ex-KGB) apparently has (or at least had, the article is quite old) been forcing this on ISP's for years, but some are trying to fight it. I guess KGB is now considered as a good role-model...
http://www.libertarium.ru/libertarium/14424
I consider the port out of my home office to be inherently insecure.
None of my machines on my network get to send to/from that port without first going thru my NATting and rule-driven Linux firewall machine.
They can hack the DSL modem thru its "insecure backdoor" all they like, but they'll meet only my silent firewall -- just like everyone else.
Correct me if I'm wrong but isn't this just mandating that wiretapping for federal agencies be supported by the broadband voice networks? How is this any different from wiretapping a typical phone line. I'm not sure what the big deal is here... I can see that no one really just wants the government to have the ability to easily start a wiretap but this type of thing has already been in place for 10+ years on the old phone lines.
Times have changed now in the last 5-6 years... the administrations can use fighting terrorism as a major catalyst to get all this legislation passed. The Clinton administration didn't quite have that leverage.
Before someone accuses him of godwinning
Germans didn't care either as long as it was only they Jews that were being persecuted because they weren't Jewish.
Is not a godwin - because it's a valid analogy
If you cannot keep politics out of your moderation remove yourself from the Mod Lottery.. NOW!
CALEA doesn't work that way, and won't for VoIP.
:-(
There's a reason they say "interconnected" VoIP providers - those are ones that interconnect to the PSTN. Pure IP-to-IP isn't covered, at least by that portion of the ruling. Interconnected providers have all the data going through PSTN lines on the destination end, so you can make an argument that those calls are subject to tapping and CALEA anyways.
Now, the way they phrased things about "facilities-based broadband internet access service suppliers and VoIP providers that offer services permitting users to receive calls from, and place calls to, the public switched telephone network" is open to interpretation - it depends on how the 'and' is parsed, and of course this isn't the actual rule, but the press release about the rule. If it only applies to calls to and from PSTN gateways, and then only on the companies offering such gateway service, it has far less impact on general internet access. Of course, that's a big 'if'.
VoIP gateway providers like Level 3 (used extensively by Vonage) provide CALEA processing, and have always expected to be included under CALEA (aka "lawful intercept"). Typically it would only occur at the same point where PSTN interface occurs (since the traffic is there anyways). There are I believe two types of intercept - "trap and trace" (aka who called who, but not the traffic), and a full capture of any calls. Also, since this is going through a voice gateway, it's effectively a MITM attack as far as any encryption is concerned - if there is encryption to the gateway (and I don't think any support it currently anyways), they can record after decryption for conversion to PSTN/SS7.
This is also why they're not expanding it to IP to IP calls - yet. The VoIP providers have no easy way to intercept those calls without giving away that it's being monitored (i.e. the IP address of the destination would be different). The exception for IP to IP calls would be calls that go through a TURN server, border controller, or other provider-controlled RTP relay.
My assumption is that once IP to IP calls start to increase in number, and additional technical solutions are available, they would expand it to those as best they can. It's very tough to do if no provider/service is involved, though - direct SIP calls with no server, for example. (Of course, allowing direct SIP opens you up to SPIM (SIP spam calls) in theory). That would provide the justification to allow trapping all traffic to/from an internet user - which they can do now with things like carnivore, but not as easily as if the internet provider would provide the packet-record mechanism under CALEA. And the next step to note is that trapping the packets of an IP to IP call won't help if they're encrypted, so they'd want back-doors to devices with encryption capabilities, and/or get the ISP to help them provide a MITM attack. Or outlaw encrypted calls ("when encryption is outlawed, only outlaws will have encryption" - from a button I've owned for 20 years). Or make it a crime not to provide keys on request (ala proposals in britain).
Fun.
OK, the feds say we have to have a backdoor in our cable modems and such. Fine. But what kind of back door? Who can get in? What can they do? What prevents other people (ie, not the FBI, say, an evil script kiddie) from using the same back door, once it's been exploited?
Ok, so we have to secure the back door. How? Who decides what is secure enough? It obviously can't be completely secure, cuz the Feds have to be able to get in. Yet it must be secure from everyone BUT the Feds.
This assumes overwhelming arrogance on the basis of the regulators. They are basically saying no one is better at securing than they are. I hope this passes, and when it is cracked, and worms are flying everywhere, my home network (well before the firewall *I* built) gets compromised along with everyone else's network, we can all blame it on the Feds and say we told you so.
Sigh. I understand how Willy Wonka must have felt when he said (very quietly) "No, don't do that."
Stasis is death. Embrace change.
Hanging I want to shake your hand bro. It is rare to meet a real republican anymore these days - between your comments and your sig I'm convinced you are one.
/I vote democrat, but all politicians are wankers
Kudos to you
If you cannot keep politics out of your moderation remove yourself from the Mod Lottery.. NOW!
I'm excited to learn what any of these back doors are. Surely one person who knows how it works will spill the beans and then I'll be able to freely access machines around the Internet. The only thing that scares me is that people may put a free operating system on a device with a back door and put an end to my plot. Thanks, you communist jerks!
They are doing this to disturb your nice way of lving by terror. They want you to feel their reach by influencing decision making processes and changing the every day existence. By the looks of it it is working in the US where the term police state seems to become more apropriate every day.
[1] The only thing I see about mail in Article I is:
If the public doesnt feel like the feds are backdooring them then the feds feel like they are not doing thier job.
Its all part of being an american, getting screwed by the goverment. Now they are just trying to make it a law.
It is doubtful that Clinton would have received all that was given in the Patriot Bill. His attack using cruise missles upon a camp in Afghanistan, when he had intelligence that bin Laden was there was often referred to as "wagging the dog". Ashcroft, as a Senator, helped to shoot down lawful roving wiretaps being inserted into crime omnibus bills, voting no to amendments on multiple ocassions. It is also doubful that the Clinton Administration would have had the audacity to claim they needed these extreme methods right after they had miserbly failed to perform their duty of defending America.
And even if my analysis is wrong, there is still no justifiable reason for the government enabling themselves with these extra powers.
It would be a shame if our elected politicians had to actually honor their oaths to protect and uphold the Constitution, wouldn't it? It seems that anyone who reads the Fourth Amendment to the US Constitution would have a difficult time justifying the legitimacy of this action by the FCC:
Our Congresspersons are, after all, a class of known liars who haven't even a small amount of honor within them; politicians.
The "terrorism" rationale just does not hold muster here. It is nothing more that a tool being used by politicians in a quest for power not rightfully theirs. The Rights of Humans are being eroded away, a byte at a time. The wellspring from which all legitimacy for the actions of our government flows is the Constitution. To act in a manner contrary to it, is to engage in tyranny. Each time our politicians make an exception to the Constitution, for any reason whatsoever, they have weakened all, and have made it easier for the future's politicians by giving them precedents to cite when they too tear away at the limitations rationally placed upon power, one thread at a time.
The Dreamtime America is fading away.
Rush Limbaugh is a perfect real world example of an oxycontinmoron
Even if the feds can't tell what you're saying, they can still tell who you're saying it to. That guy in the coffeeshop that was sharing his itunes over an encrypted connection* -- better hope he's not accused of a crime?
(*ok, I'm reaching, but imagine a shttp to blog.joeschmoe.com)
HIV Crosses Species Barrier... into Muppets
they made it a crime not to tell you passwords, etc,
if the gov' need it.
In the US, they can't do anything right it seems.
Evolution of Language Through The Ages: 6000 BC : ungh, grrf, booga 2000 AD : grep, awk, sed
As others have mentioned here, assuming that the Internet is confidential is dangerous and naive. With the rise of cable modem networks and Wifi networks, the zone of trust is even smaller.
I don't have a problem with the general idea of governments being able to tap the Internet in the same way as they tap phones, if and only if the system is secure and regulated at least as rigorously as phone taps. In fact, given the choice I'd rather they tap the Internet than phones (where things like encryption are expensive/difficult to employ).
While the general idea of a net tap isn't so bad, the implications are more distressing. Once they get their mitts on the first few layers of the network stack, they'll naturally work their way up. The next logical step is key escrow for encryption. For an old yet relevant paper on this, see:
http://www.cdt.org/crypto/risks98/ [html]
Among the risks and problems cited in that paper are things that will also be relevant in any sort of network tap, including higher costs pushed onto end users, inherent insecurity in having extra access vectors, and difficulty in preventing abuse of the system.
In the end the idea of a network tap isn't so bad. What bothers me is the difficulty (impossibility?) of doing it right, and the other things that this will set a precedent for.
--
"Extra Anus Kills Four-Legged Chick" -- Headline
The consequence is simple: don't buy American security products any more. If the Symantecs, NAIs etc. are forced to add insecure back doors in their products, buy something else. Man this is going to boost the US computer and telecomms industry.
open (SIG, "</dev/zero"); $sig = <SIG>; close SIG;
Methinks you misspelled "Pete Townshend".
I see even classic Slashdot is now pretty much unusable on dial up anymore.
It's pretty obvious that SSH/PGP makes this null for open source and offshore software at least. I suspect though that what they're aiming at is the sort of hardware VOIP that's quite likely to supplant landline phones anytime inside the next half decade. The economic lure of "once you have connectivity, calls are free" is too large to be kept down. The FCC are basically shit scared that everyone is going to be using hard crypto by default, and phone tapping will go the way of the dinosaur.
They know they can't do much about pure software phone systems like Skype, but they're aiming strategically at the plugs-straight-into-ethernet hardware VOIP industry. They probably hope to force insecurity as a defacto standard, since you won't be able to get headsets for anything secure.
Most network hardware is made in Taiwan correct? China is now manufacturing and increasing their share of hardware manufacturing monthly.
So our US products like "Linksys" etc all are made in taiwan. Our Laptops are all made in taiwan... Our entire computers are all made in taiwan....
Getting the point yet? If the hardware is MADE OUTSIDE of our country, how can we possibly expect to secure this mandatory backdoor?
Granted, the hardware could already have backdoors... but thats rather unlikely when you compare that against having mandatory backdoors by the US government.
All it takes is for one taiwan engineer to say "look world, here's the backdoor, now enjoy"
I'm not saying taiwan in the enemy, nor am i saying we should be affraid of taiwan, or other countries. However this mandatory backdoor completely fucks up the entire idea of security itself.
How can something be secure when you're including a backdoor? Does the FCC even understand computer hacking/cracking (*Whatever you want to call it kids)? Frankly the world would do itself a favor and RELEASE the code and secret backdoor passwords and how to access it, simply to just show these ASSHOLES at the FCC just how fucking stupid this is...
AND GUESS WHAT... That is EXACTLY what will happen.
Why not simply buy foregin routers and nics? (most are anyways) The backdoor would probably be a simple firmware flag because the chip makers arent going to manufacture a special US chip version.
This is so stupid its sickening. Even if the routers didnt have a backdoor, the FCC will still want to tap you at the ISP level.
And at that point... frankly those on the net that care about privacy will be encrypting their data and THAT is how it should be anyways.
Email should be encrypted, VOIP should be encrypted, it should all be encrypted. If not for fear of theft, than to take a stand against a ruling class government that insists on ripping to shreds the entire concept of security and privacy.
Will lockheed have backdoors in their routers? Will the chinese simply look at the "shitsco" routers they manufacture, and take the code to steel data from lockheed?
What the fuck are they even thinking? This is dumb.
Lets face it. If the government demands secret access to our computers, than I demand secret access to THEIR COMPUTERS.
THEY WORK FOR US. They spy on us? We should have the power to spy on them. GOD KNOWS they do plenty in secrecy.
A government that does not trust its people, deserves to be untrusted by its people.
Fuck this is stupid.
I hope the hackers of the world rip this security backdoor wide open and expose it the moment it makes it into hardware.
I hope the hackers of the world unite for freedom and a greater good because hacking is a form of protest. Perhaps one of the last that has any effect.
So whatever. Let the FCC tighten its grip, and we'll see an even more determined effort to create open sourced technologies that encrypt data.
Bring teh challenge on. I cant wait to see what the digital freedom fighters of the world create. It's going to get interesting.
And no, i'm not a coder or IT expert, but i am in full support of any effort made in protest against movements such as these. Go get em.
"Darn, he's talking to TOR."
Speaking of which, I wonder how this affects TOR, Freenet, all those other mystical/mythical networks.
If we need to surrender our personal privacy, let's go the whole hog. Starting from tomorrow, we shall wear wireless mics that transmit our every word to a database. This database will also receive every call ever made and a copy of every email ever sent. This database will then be scanned for 'flagged' words and comments. I think we should also have all walls in buildings replaced with glass or other transparent materials. After all, if you aren't doing anything wrong, what do you have to hide?
I always thought that it was innocent until proven guilty, not terrorist until proven innocent.
And so it did, if only in the minds of everyone inclined to feel that everything changed. But wasn't the term "internet security" just as much an oxymoron before 9/11 as after? With Windows still dominating the installed OS base and it's security holes as gaping as ever, does this really make any difference? So the Feds have a backdoor in. Given the security consciousness of most folks, ports of call have always been open, and anyone who knows what they're doing can work around it. As for the terrorists winning, of course they are. Their agents in the USA, AKA Federal law enforcement and the US Congress, are busily stipping Americans of the basic rights that make Americans American. What terrorist could ask for more? In the mean time, the NSA can already peek in at will. The smart guys they're after already know this and don't put much of anything on an HD, if anything at all.
...keep your crap inside the USA guys, I don't want an ADSL or cablemodem that is infested with this feature.
Where's the "Boycot USA manufactured broadband products"-website, so I can sign a petition there ?
So Basically all layer 1/2 broadband devices affected by this, will now have all the extra processing overhead and cost the same as a layer 4 broadband device...as all the extra stuff will have to go in just for the the FEDs to have their precious backdoor...
you can kiss your cheap, low latency broadband connection goodbye!
"I reject your reality, and substitute my own" - Adam Savage
Ben Franklin and another former president (in a war time), FDR or Esinhower, both said in there own words something to the effect of "A country willing to sacrifice freedom in exchnge for security, will neither have either nor diserve either."
Do we really need to learn that lesson again?
Or is it that the Bush adminastration has something to hide from the public?
When you do others wrong, wouldn't you become fearful of their possible revenge?
9/11 happened because of the apparent politically controlled military force defending the trillion dollar bet
Even if those you do wrong don't take revenge, it doesn't mean another won't use it as an excuse to do so.
By removing such wrongs against others and working the genuine goal or honestly solving real world problems, it'll be damn hard for any real effort to build a terrorist following, group or army. Simply because they won't have any verifiable excuse to promote themselves. and though religion typically isn't verifiable, common principles found expressed in religion are. Thou shall not kill (Do you hear that Mr. Bush? or are you just another psuedo christian?)
Such a real world problem solving direction has already been researched, explored, put into education.... and the cost of implimenting such solutions is a fraction of current military spending.
So why is this NOT happening?
There are those who have things to hide from the public and the way they assure themselves is to compromise your freedoms so they can spy on you and try and plug any leaks of their dishoneties to the public.
Either that of Ben Franlin of a former war time president didn't know what the fuck they were talking about.
No matter, sees technology and corrupt government are going to run the test that will prove Ben and that former president are correct.
But what good is history, if you are a government and people with alzhimers excuses?
haha, anon poster word to prove I'm not a script "dopers"
Ok, so its not forgetfullness, but some sort of power trippin drugs.... wrongful world stock manipulation, oil and increased prices for gas...?? Or somethng simpler "power over others for which you can only verify by doing something against them".....
But are we paying the war on iraq via increases in gas prices???
Shouldn't freeing a country rich in oil increase availability of oil and a better market competition?
Somebodies is lying, that's pervasively obvious!!!
Who is this group of people that seem to think they can just change things that affect our freedom and security from within that freedom?
Who gave them such power?
You've got to be fucking kidding me. If this doesn't create as much outrage as the patriot act, I have no clue why not. Talking about big brother. Hey theres like 150 other countries on the planet. Here in America you are so free that you are living in the only country that requires fucking phone taps into every internet line so they can trace everything you do online. Come on hippies, let's unite. Cunt Bush isn't going to do anything about this, he probably can't even spell "INTARWEB". FUCKING NIGGERS WHO VOTED FOR FUCKING BUSH. FUCK YOU FUCKING RETARDS.
It is doubtful that Clinton would have received all that was given in the Patriot Bill.
Why? The republicans controlled part of the congress then and would have voted for it for the same reasons the dems did this time: politics. They get to look like they did something. Nevermind that they didn't get to read what they were doing.
His attack using cruise missles upon a camp in Afghanistan, when he had intelligence that bin Laden was there was often referred to as "wagging the dog".
Irrelevant. We are talking about a clear, unmistakable attack on American soil event. No Republican congress critter would have made such a claims post-9/11. Extremists outside of congress, sure, just as they have done regarding Bush (the government did it types). But to claim that any congress critter would have made that assertion after that event is ludicrous. It would be political suicide.
Ashcroft, as a Senator, helped to shoot down lawful roving wiretaps being inserted into crime omnibus bills, voting no to amendments on multiple ocassions.
And what did ole Ashy do after 9/11? Changed his tune, that's what. What logical basis do we have to beleive he'd have done differently had it been a couple years prior? None.
It is also doubful that the Clinton Administration would have had the audacity to claim they needed these extreme methods right after they had miserbly failed to perform their duty of defending America.
Surely you jest. Clinton was *trying* to get these things. The Antiterrorism and Effective Death Penalty Act of 1996 was passed by republicans and signed by Clinton. Much of what is in the USAPATRIOT Act was voted down when part of the ARDPA. It allowed the INS to deport immigrants based on secret evidence, made it a crime to support the lawful activities of any group the state department labeled a "terrorist organization," and eliminated federal constitutional review of state death penalty cases. it is considered by most to be the precursor to the USAPATRIOT Act.
Clinton and the Democrats, assuming there was any resistance, would have painted the Repubs as against the protection of the US by opposing it. Heck they used that same tactic in the nineties. To beleive they would have done differently post-9/11 on their watch is ludicrous.
there is still no justifiable reason for the government enabling themselves with these extra powers.
Agreed.
Though the 4th is hardly alone in violations here. the existence of the FCC and its mission violates the constitution. The constitution gives the fedgov no authority for such a department.
My Suburban burns less gasoline than your Prius.
So end-to-end encrypt anything going from one secure box to another, seeing as how you won't even be able to trust your own network gear. On your own boxes, set up honeynets to mimic the backdoors - anyone trying to get in will get *something*, sure - just not anything helpful.
As to how to detect them? Inline transparent traffic analysers running freeware OSes, looking for any packets going between the net and a certain piece of comms gear, but no further. Unless you're saying that even NICs will be compromised, or that the backdoor will involve nonstandard protocols.
fbiguy> traceroute pinko.commie.hippies.com | activate-sekrit-protocol-on-these-hosts && open-backdoor pinko.commie.hippies.com
"imperiling"?
Edna: Embiggens? I never heard that word before I moved to Springfield
Ms.Hoover: I don't know why. It's a perfectly cromulent word.
There, you went and said the magic word. What make you think they'd actually prosecute you?? Don't we regularly talk here about both foreign nationals and citizens being detained for "terrorist" activities?? With the FBI now being able to approve their own, technically illegal, wiretaps with no judicial oversight, and being able to detain people with no charges actually being made, neither lawyers, nor judges nor juries get involved, so there's no prosecution. Just years of being locked up, with nobody even knowing where you are..
Most Republicans would tell you that they are for less government. In fact the latest Republican administration has vastly expanded the fed. Plunged deep into debt with Big Brother right around the corner, so many blind party followers and CNN junkies just don't see it. If it isn't on the major news agenda, it isn't something to be considered (ref: Manufacturing Consent, Noam Chomsky).
I think it evinces that president prefference is more often selected by in-born predilections and tv posturing instead of policy.
It seems to me this sort of thing basically just changes the attitudes of those who care. Rather than not using encryption for every little thing, they will begin to use it for everything. Now, we'll see if the Feds successfully force backdoors into encryption schemes, but that's a stupid hobbit of an idea, as it would not do a damn bit of good.
time to stock-up on routers that we use now before the others come into play.......
then again, next generations of WiFi can get into unsecure networks miles away...
Actually, the rest of the world feels that the US foreign involvement has little to do with terrorism. I should know, i'm part of them :)
Actually I'd say it who you ask and how you ask, how the questions are phrased. The US has supported terrorists, bin Laden for instance. He is a terrorist the US supported along with the Taliban when they were fighting against the Soviet Union. President Bush gave the Taliban millions of taxpayer dollars shortly after entering office. In Kosovo, Serbia, the US supported the KLA terrorists again Serbia. In East Timor, former president Ford and Henry Kissinger, armed and supported Indonesia's Soharto invasion of East Timor in 1975-6 after Portugal who colonized East Timor granted then their independence. From the invasion to after the 1999 vote when East Timorese voted for independence 200,000 East Timorese were massacred, one third of the population. Ford and Kissinger again supported Chile's Gen Penochet's overthrow of a democratically elected government and started a dictatorship. Thousands in Chile simply disappeared, many were murdered and thousands more tortured.
There are many examples where the administrations of the US supported military dictatorships and the overthrow of democratic governments, Iran and Iraq amoung them. The only qualification for said support was the be anticommunist. And that's not even bringing up what was done to the Native Amnerican Indians with all the signed treaties the US broke.
Sure the US has done good and helped some in need but it has also supported those who violated human rights and committed atrocities.
FalconShould there be a Law?
If you are so concerned about your privacy, why are you revealing to everybody the state of your ass vis a vis hair density?
Those who sacrifice security to condemn liberty deserve to repeat history or something. - Benjamin Santayana
Fear is created amongst the public, not by terrorists but by governments.
Yeap, here's what NAZI Hermann Goering said on this:
"Why of course the people don't want war. Why should some poor slob on a farm want to risk his life in a war when the best he can get out of it is to come back to his farm in one piece? Naturally the common people don't want war neither in Russia, nor in England, nor for that matter in Germany. That is understood. But, after all, it is the leaders of the country who determine the policy and it is always a simple matter to drag the people along, whether it is a democracy, or a fascist dictatorship, or a parliament, or a communist dictatorship. Voice or no voice, the people can always be brought to the bidding of the leaders. That is easy. All you have to do is tell them they are being attacked, and denounce the peacemakers for lack of patriotism and exposing the country to danger. It works the same in any country."
FalconShould there be a Law?
If you don't like something go out and VOTE (how many of you did that?)
I tried to change things, I specifically supported Michael Badnarik for president who was excluded by republicans and democrats from participating in the presidential debates. Not only was he barred from them when he actually went to one he was arrested, all for trying to attend a public debate.
FalconShould there be a Law?
Though the 4th is hardly alone in violations here. the existence of the FCC and its mission violates the constitution. The constitution gives the fedgov no authority for such a department.
Bravo!!!
Most federal government agencies, authorities, departments, and offices don't have a basis in the USA Constitution.
FalconShould there be a Law?
It's not like the mouth to microphone connection is encrypted and invulnerable to bugging. Or the microphone to sound card link, if you're using a PC.
Physical access to the home allows all sorts of sneaky tapping. And if the mic is in the ocmputer, and uses the internet connection to phone home, you can't even detect it by a radio sweep.
If "they" get into a house (and they usually can), you can assume that it's not secure any more.
Paul "Say no to feeping creaturism"
All you do is assign each product a unique ID and key, the feds just look up the key for the individual device from a database that's off the net.
And then some employee can copy it and sale to the highest bidder, or give to a friend. If an IRS employee can sale ssn's and financial information and FBI agents can protect mafia hitmen while allowing an innocent person to be convicted of murder, how can such a database as described be protected?
FalconShould there be a Law?
Ah, Tompaine.com. Love that site, it makes so much com.mon sense. Another good Paine website is Thomas Paine Network.
FalconShould there be a Law?
28 FBI agents in the Boston office indicted for ties with the Mafia
Oh, it was James Bulger who fled in 1995 after being tipped off by FBI agnets. Did they also say that the FBI agents protected a mafia hitman and allowed an innocent person to be convicted of a murder the hitman committed?
FalconShould there be a Law?
"They that can give up liberty to obtain a little temporary safety, deserve neither liberty nor safety."
Though I've seen it phrased different ways this is my fav. Well except for the "can".
FalconShould there be a Law?
I mean, everybody here knows that you only need about a softball-sized (6kg?) chunk of uranium to make a fission bomb, right?? I seem to remember actually calculating that in school
Reminds me of what a friend and I did in high school. When we were taking advanced chemistry after finishing the first year the chemistry teacher gave us permission to run some experiments in the lab outside of class. One day because we were courious we grabbed an encyclopedia in the library and looked up nitroglycerin. With the information it gave we were able to figure out how to make some ourselves. So after that we made some a few tyme filling empty modeler's paint bottles and pack them in an ice filled cooler. We'd take it out to this lake in the woods and throw the bottles around at rocks and such. The last tyme we went to the lake we got where we were bored so we took the cooler and emptied it into the lake. Several fish floated up so we put them in the cooler. Walking out we ran into someone fishing and asked him if he wanted the fish. We explained there might be glass in the fish but he took them anyway.
Falcon
Boy, is that the FBI goon squad knocking down my door?Should there be a Law?
It would have been so simple to not be afraid of terrorism and go on with our lives, but no, fellow Americans, you had to be stupid enough to go along with our stupid government and be afraid.
I am afraid but not of terrorists, I'm afraid of the government!!!
FalconShould there be a Law?
"Hey, buddy. Wanna buy a modem? Guaranteed secure. Only a thousand bucks. Buy two for eighteen hundred." This will turn our economy into a pure black market(I wish). Everything will be illegal. A pirate's paradise this will be. The hardware hackers have their work cut out for them. I hope they can handle it. Our new machines will be giant breadboards and wire wrap. All electronic engineers will be required to register. There will be a three day waiting period to buy soldering irons while they do a background check. God! what a bunch of freaks! And I'm not talking about the good kind...that hung out at the original Woodstock. You poor pitiful souls. Why do want to turn the earth into a prison planet? Never mind. I already know.
So long by then. As it is now in three or four years I'm hoping to go to Brazil. Only for a year as part of a study abroad program, but if the US gets to be much more of a police state I may become an expat there.
FalconShould there be a Law?
It is about civil rights. It is about keeping the government out of our lives.
It is about the republican conservatives who run under the guise of that very statement and yet infringe on civil rights at every oppurtunity.
If you mean that conservatives were the ones in support of rights, and small government, then you're wrong. It was liberals like the two Thomas's, Thomas Jefferson and Thomas Paine, that supported freedom, liberty ie liberal, and small government.
FalconShould there be a Law?
...as it was in Roe vs. Wade where a "right to privacy" which is ennumerated in no way, shape, or form in the constitution was found by the SCOTUS
Roe vs Wade wasn't the first USSC ruling that identified the right to privacy. In the Johnson v. United States, 333 U.S. 10, 17 n.8 case of 1948 the USSC ruled "The rights protected by the Fourth Amendment are ÃÂ"indispensable to the ÃÂ'full enjoyment of personal security, personal liberty, and private propertyÃÂ'; [and] they are to be regarded as of the very essence of constitutional liberty.ÃÂ" continuing "And these rights apply with particular force in the home, where the expectation of privacy is historically and legally entitled to the highest protection."
In NAACP, 357 U.S. at 462 "Privacy of association is especially vital where revelation of membership has exposed members to physical, social, or economic threats or hostility. See id; see also Shelton v. Tucker, 364 U.S. 479 (1960). In order to protect this privacy, the Court has held that compelled disclosure of oneÃÂ's membership in an organization engaged in advocacy of a particular belief interferes with the freedom of assembly. See NAACP, 357 U.S. at 462."
Also I find on this page Samuel Warren & Louis Brandeis, The Right to Privacy, 4 Harv. L. Rev. 193 (1890). I only looked at a few results when I searched www.findlaw.com but it returned 171 results when I searched for "right to privacy" "supreme court" so I'm pretty sure I can find other cases that are older than Roe vs Wade.
FalconShould there be a Law?
Similarly, the right to privacy can be limited (the police can photograph or observe me in public, the 7-11 can tape me on its security camera, my credit card company can study by buying habits).
One of the first things a photgrapher should learn is that though you should ask for permission to take a person photograph in public permission isn't needed as long as the photograph isn't used for a commercial purpose or if it is the person can't be identifiable. A case on this was tried in court when some women sued a photographer, they were photographed during Marti Gra (sic) while topless. The photographer published the topless photos on the net so they sued. The judge ruled that because the photos were taken in public and weren't used for commercial purposes the photographer couldn't be held legally liable.
This case came up when I was taking a photography class in college and it fit right in because we were talking about legal issues then.
FalconShould there be a Law?
It doesn't lie within the representatives, it lie within the people.
It is our fault.
That democrats would be in favor of a bigger government, should come as no surprise. Hasn't the republican party told us this for many decades?
It is the main reason why democrats should not be trusted.
The republicans have shown why they should not be trusted also. They placed themselves upon a pedestal of honest gvernment that strives to decrease its grasp upon the people, and then almost to a person, have defended one of theirs whose morality comes up wanting in comparison to a crack whore's, Tom Delay. The republican house whip, Roy Blunt, excuses Delay with "we all do it". Why is Blunt not under investigation? Isn't this an admission of his own criminal acts? They rally around the president's acts of creating big government that has its hands down our zippers.
They have sold their conservatism to the highest bidder. No real conservative would ever justify their acts with a reference to FDR.
It is the republicans whose promises have been shown to be machiavellian lies intended to secure power. It is the republicans who hold the reigns. Thanks to republicans, we know that democrats tax and spend. Thanks to recent republican acts, we know that republicans spend irresponsibly without end, as they reward their financial backers with tax cuts and foist the costs of their governing today upon the shoulders of the governments of the future.
This is self-reliance? This is self-responsibility? It is the republicans who need to be put into their place, and when the dems regain the top slot, it becomes their turn to feel the heat.
Still you make excuses for the acts of the lying morally relativistic republicans by saying the dems woulda if they coulda?
why?
Rush Limbaugh is a perfect real world example of an oxycontinmoron
There is nothing you or I can do to stop the pendulum of the bi-polar polity, other than convince enough people who will vote to actually change it. There was a chance at a third party with clout, but Buchanan, the Republican loyalist to the end, took the FEC money and trashed them in 2000. Demcorats still blame Nader, the fools, they should be blaming Buchanan, Perot and Ventura.
In the current circumstances, the best that can be achieved is an evenness of parties, and the abrasion that comes with it. I think that a large part of the economic boom in the 90's was due to the great friction between the parties. Neither side had enough power to suck their vigorish off of the top, and the free market that could, did. The equities traders screwed it up, but equity traders should be dealt with. If they didn't venture for capitalisation of the business, they are leeches, sucking from the valuation of the compensation provided to the producers of the product.
An Abridged Listing Why I Beat Upon Republicans Presently
The republicans have gained the upper hand in large part by betraying both their core ideology and the Dreamtime America. NeoConservatism's maturation can be traced from marxism to trotskyite CIA stooges to Scoop Jackson DemoHawks to Reagan to the Son of Bush. They have never given up the marxist trait of spewing rhetoric, the truth notwithstanding. The self-confessed American traitor, David Horrowitz calls Kerry and Fonda traitors, and is given stature within the Right. The putrescence of moral relevancy oozing from the partisan defense of a president who fixed the intelligence and the facts around his policy of familial vengence, and took America into an unrighteous conflict without contemplating the aftermath. a president who sings sweet songs of liberty and democracy, yet gives aid to dictatorial destroyers of democracy, has liasons with leaders loathsome of liberty, and goes out on ManDates with Saudi Princes who come to the USA laden with extra baggage.
When did conservatives begin to support due process of law applied inequally to humans? That is a high crime against America, yet they still repeatedly remind us that a stained blue dress is impeachable? Why not decry Blood-Stained Iraq Sands?
Bush's SCOTUS nomimee Roberts is a dangerous and activist judge who DOES NOT adjudicate using original intent, and all the country can think about is which way he'll decide on abortion cases. His assent in the Hamdi v Rumsfeld appeal is frightful. It posits that a president is above the very law that legitimises his power, stating this is a function of war power, in a war upon unstated enemies, of an indeterminate duration. Why hasn't anyone asked Roberts just what the hell he was doing during that ongoing criminal enterprise: The Reagan Administration? This is ano
Rush Limbaugh is a perfect real world example of an oxycontinmoron
["
...specific guarantees in the Bill of Rights have penumbras, formed by emanations from those guarantees that help give them life and substance. Various guarantees create zones of privacy. The right of association contained in the penumbra of the First Amendment is one, as we have seen. The Third Amendment, in its prohibition against the quartering of soldiers 'in any house' in time of peace without the consent of the owner, is another facet of that privacy. The Fourth Amendment explicitly affirms the 'right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures.' The Fifth Amendment, in its Self-Incrimination Clause, enables the citizen to create a zone of privacy which government may not force him to surrender to his detriment. The Ninth Amendment provides: 'The enumeration in the Constitution, of certain rights, shall not be construed to deny or disparage others retained by the people.'
"]
Rush Limbaugh is a perfect real world example of an oxycontinmoron
Were I a manufacturer of "broadband"/VOIP equipment I'd implement the ruling with an ethernet port on the device and a username/password pair for the FBI for that unit in my safe.