Slashdot Mirror

← Back to Stories (view on slashdot.org)

FCC To Require Backdoor Network Access for Feds

Posted by Zonk on from the come-on-in-boys dept.

humankind writes "The EFF is reporting that the Federal Communications Commission issued a release [pdf] announcing its new rule expanding the reach of the Communications Assistance to Law Enforcement Act (CALEA)." From the article: "Practically, what this means is that the government will be asking broadband providers - as well as companies that manufacture devices used for broadband communications - to build insecure backdoors into their networks, imperiling the privacy and security of citizens on the Internet. It also hobbles technical innovation by forcing companies involved in broadband to redesign their products to meet government requirements."

13 of 492 comments (clear)

  1. OCRed version of FCC pdf by Anonymous Coward · · Score: 1, Informative

    NEWS
    Federal Communications Commission 445 12th Street, S. W.
    Washington, D. C. 20554

    News Media Information 2021418-0500
    Internet: http://www.fcc.gov/
    TTY: 1-888-835-5322

    this Is an unofficial announcement of Commission action. Release of the full text of a Commission order constitutes official action.
    See MCI Y. FCC. 515 F 2d 385 (D.C. Clrc 1974).

    FOR IMMEDIATE RELEASE: August 5, 2005

    NEWS MEDIA CONTACT: Mark Wigfield, 202-418-0253 Email; mark.wigfield@fcc.gov

    FCC Requires Certain Broadband and VoIP Providers to Accommodate Wiretaps

    Order Strikes Balance Between Law Enforcement, Innovation

    Washington, D.C. - Responding to a petition from the Department of Justice, the Federal
    Bureau of Investigation, and the Drug Enforcement Agency, the Commission determined that
    providers of certain broadband and interconnected voice over Internet Protocol (VoIP) services
    must be prepared to accommodate law enforcement wiretaps, the Federal Communications
    Commission ruled today.

    The Commission found that these services can essentially replace conventional
    telecommunications services currently subject to wiretap rules, including circuit-switched voice
    service and dial-up Internet access. As replacements, the new services are covered by the
    Communications Assistance for Law Enforcement Act, or CALEA, which requires the
    Commission to preserve the ability of law enforcement agencies to conduct court-ordered
    wiretaps in the face of technological change.

    The Order is limited to facilities-based broadband Internet access service providers and
    VoIP providers that offer services permitting users to receive calls from, and place calls to, the
    public switched telephone network. These VoIP providers are called interconnected VoIP
    providers.

    The Commission found that the definition of "telecommunications carrier" in CALEA is
    broader than the definition of that term in the Communications Act and can encompass providers
    of services that are not classified as telecommunications services under the Communications Act.
    CALEA contains a provision that authorizes the Commission to deem an entity a
    telecommunications carrier if the Commission "finds that such service is a replacement for a
    substantial portion of the local telephone exchange."

    Because broadband Internet and interconnected VoIP providers need a reasonable amount
    of time to come into compliance with all relevant CALEA requirements, the Commission
    established a deadline of 18 months from the effective date of this Order, by which time newly
    covered entities and providers of newly covered services must be in full compliance. The
    Commission also adopted a Further Notice of Proposed Rulemaking that will seek more
    information about whether certain classes

  2. IP to IP Voip not regulated [yet] by Anonymous Coward · · Score: 1, Informative

    It seems the ruling only applies to interconnected VOIP carriers and Internet providers which offer voice services. It doesn't seem to apply to Internet providers which only provide IP connectivity.

    One way around this with Asterisk is to terminate all your calls with a random (say 10-20) different out-of country VOIP providers. It would be harder for them to track the call as it is routed back into the states.

    When they require CALEA access IP=IP connections then that's where it will get interesting.

    Till then, I'll just make IP-IP connections to my friends with Asterisk. I can always turn on IAX encryption if I feel paranoid.

  3. Re:Why do they always have to be insecure? by ArbitraryConstant · · Score: 3, Informative

    "What if it means that the equipment will accept connections if it passes a rigerous sshv2-dsa key handshake, with a really, really big key size? I don't see that being insecure, setting aside concerns about the stupid feds being bitches in power games leaking the key. Technically, there's nothing stopping them from making it secure (as secure as you or I have our home systems, that is)."

    The dominant SSH implementation (OpenSSH) isn't even based in the US, so the FCC doesn't have the power to mandate backdoors in it.

    --
    I rarely criticize things I don't care about.
  4. So what? by MacFury · · Score: 2, Informative
    then couldn't one little malicious script bring down everything connected to the internet?

    Big deal. So anyone with a little bit of knowledge and desire can cripple the entire internet in one blow.

    We can't let the terrorists win! We must comply with this obivously good idea.

    Oh wait...

  5. Re:so go with a router you can run Linux or BSD on by Anonymous Coward · · Score: 1, Informative

    Man in the middle attacks don't work if you pre-share keys in a secure way (in person, on a disk, etc.) or require keys to be signed by someone you trust.

  6. Re:9/11 changed everything.. by Polska12 · · Score: 2, Informative

    Hey guys this isn't new news, my father works for a telecom company where they produce cable modem termination systems. One of the requirements mandated by federal law was that in order to sell their product they had to write a backdoor for the FBI. This is nothing new and unfortunately is just another example of creating alot of noise by not doing that much under the guise of protecting citizens.

  7. Re:right to privacy by n6mod · · Score: 3, Informative

    It's been ruled as implicit in the US Constitution (the basis of Roe v. Wade) and is explicit in the California Constitution. This, by virtue of the 10th Amendment, should trump the Feds. I say "should", because like much of the rest of the document, the Supremes seem to be unable to read or comprehend the 10th amendment.

    --
    You have violated Robot's Rules of Order and will be asked to leave the future immediately.
  8. Re:right to privacy by hazem · · Score: 4, Informative

    The 4th Ammendment covers it pretty well:

    The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

    Now, maybe I'm just a crazy left-wing wacko, but I think one should be able to reasonably extraplotate "papers and effects" to include their own computer networks and files.

  9. Re:9/11 changed everything.. by Lisandro · · Score: 3, Informative

    Not to rain on your parade, but check the definition of terrorist: it's well accepted that a terrorist is someone who employs terror as a political weapon.

        The more the US resorts to giving up freedoms in order to "combat" terrorism, the more terrorists win. It's simple, sadly enough.

  10. Re:right to privacy by FroBugg · · Score: 2, Informative
    In the US Constitution? Not explicitly. Many states do have privacy rights outlined. Here's the relevant text from the Florida state constitution:

    SECTION 23. Right of privacy.--Every natural person has the right to be let alone and free from governmental intrusion into the person's private life except as otherwise provided herein. This section shall not be construed to limit the public's right of access to public records and meetings as provided by law.
  11. Re:9/11 changed everything.. by EvilAlien · · Score: 3, Informative
    They don't want us infidels to convert. This isn't about spreading or enforcing a religion. That is a christian tactic.

    This is about engineering the creation of a hardline Islamic theocractic regime (i.e., the return of the caliphate), and the best way to do that is to terrorize the enemy that works to westernize (read "support freedom") predominantly muslim nations. There is a long history of terror and assassination used as a tactic against western incursion:

    As early as the last years of the eleventh century the Assassins had succeeded in setting firm foot in Syria and winning as convert the Saljug prince of Aleppo, Ridwan ibn-Tutush (died in 1113). By 1140 they had captured the hill fortress of Masyad and many others in northern Syria, including al-Kahf, al-Qadmus and al-'Ullayqah. Even Shayzar (modern Sayjar) on the Orontes was temporarily occupied by the Assassins, whom Usamah calls Isma'ilites. One of their most famous masters in Syria was Rachid-al-Din Sinan (died in 1192), who resided at Masyad and bore the title shakkh al-jabal', translated by the Crusades' chroniclers as "the old man of the mountain". It was Rashid's henchmen who struck awe and terror into the hearts of the Crusaders.

    - from HITTI: THE ASSASSINS

    We are seeing the modern version of a conflict that is hundreds of years old, and it has nothing to do with Usama bin Laden wanting George W. Bush to convert to Islam.
    --
    perl -e 'print $i=pack(c5, (41*2), sqrt(7056), (unpack(c,H)-2), oct(115), 10)'
  12. In Russia they are trying to forbid this by Martti · · Score: 2, Informative

    In Russia the FSB (ex-KGB) apparently has (or at least had, the article is quite old) been forcing this on ISP's for years, but some are trying to fight it. I guess KGB is now considered as a good role-model...
    http://www.libertarium.ru/libertarium/14424

  13. US support of terrorism by falconwolf · · Score: 2, Informative

    Actually, the rest of the world feels that the US foreign involvement has little to do with terrorism. I should know, i'm part of them :)

    Actually I'd say it who you ask and how you ask, how the questions are phrased. The US has supported terrorists, bin Laden for instance. He is a terrorist the US supported along with the Taliban when they were fighting against the Soviet Union. President Bush gave the Taliban millions of taxpayer dollars shortly after entering office. In Kosovo, Serbia, the US supported the KLA terrorists again Serbia. In East Timor, former president Ford and Henry Kissinger, armed and supported Indonesia's Soharto invasion of East Timor in 1975-6 after Portugal who colonized East Timor granted then their independence. From the invasion to after the 1999 vote when East Timorese voted for independence 200,000 East Timorese were massacred, one third of the population. Ford and Kissinger again supported Chile's Gen Penochet's overthrow of a democratically elected government and started a dictatorship. Thousands in Chile simply disappeared, many were murdered and thousands more tortured.

    There are many examples where the administrations of the US supported military dictatorships and the overthrow of democratic governments, Iran and Iraq amoung them. The only qualification for said support was the be anticommunist. And that's not even bringing up what was done to the Native Amnerican Indians with all the signed treaties the US broke.

    Sure the US has done good and helped some in need but it has also supported those who violated human rights and committed atrocities.

    Falcon
    --
    Should there be a Law?