Slashdot Mirror

← Back to Stories (view on slashdot.org)

Groups Slam FCC on Internet Phone Tap Rule

Posted by CowboyNeal on from the big-brother-is-listening dept.

kamikaze-Tech writes "An Associated Press report posted in the Vonage VoIP Forums discusses the new CALEA regulations that will make it easier for law enforcement to tap Internet phone calls. The article claims that the new law will also make computer systems more vulnerable to hackers, according to some digital privacy and civil liberties groups. While the groups don't want the Internet to be a safe haven for terrorists and criminals, they complain that expanding wiretapping laws to cover Internet calls -- or Voice over Internet Protocol (VoIP) -- will create additional points of attack and security holes that hackers can exploit. VoIP service providers such as Vonage, Skype and Packet 8 have eighteen months to comply with the new law."

5 of 164 comments (clear)

  1. Re:Is Skype accountable to the FCC? by KitesWorld · · Score: 4, Informative

    The problem is that if they don't comply, the FCC can issue punitive measures on skype's operations within the U.S.

  2. Aren't There Commercial Products to Snoop This? by Evil+W1zard · · Score: 3, Informative

    Correct me if I'm wrong but aren't there simple commercial products like Niksun Netdetector that can simply reconstruct VOIP traffic from an Ethereal dump collected by simply by snooping the wire? Is this calling for new technology to collect the traffic or is this saying we want the magic black boxes at every provider to provide an instant tap anytime/anywhere...

    --
    News Reporters Make Tasty Polar Bear Treats!
  3. Idiots by pavera · · Score: 4, Informative

    Sometimes I'm happy that the ACLU et al are looking out for me, sometimes they pick the wrong fight. This is exactly one of them. Oh, packet 8 and vonage have 18 months to allow wire tapping? Guess what guys, they already have it. Vonage uses Silantro, its had calea support for at least the last 3 years. Broadworks (the Broadsoft softswitch) has calea as well. The large softswitch vendors all already support it, I think Asterisk even might (although I'm not sure). These things aren't going to make the "Internet more vulnerable to hackers".

    Has the ACLU setup CALEA on these systems? I highly doubt it, but I have. At least with broadsoft it is a trivial matter to keep the softswitch entirely firewalled off the internet that unless someone finds a buffer overflow in the sip protocol or rtp protocol that the system is using there is no opportunity for a hacker to get in.

    Furthermore, the system supporting CALEA doesn't increase the risk.. IE if someone hacks the SIP protocol stack on a softswitch and takes control of it, well who cares if the box supports CALEA they just got access to all the phonecalls going through that box.

    Do you really thing that up til now the FBI et al has had no power to wire tap a VoIP phone? That more than 5 million people in the US are totally able to break whatever law they want (wire fraud, telemarketing scams, plan bank robberies, etc) notice I didn't mention terrorism, just because they have Vonage? Right.

  4. Re:Is Skype accountable to the FCC? by Xformer · · Score: 4, Informative

    From the text of the proposal:

    58. We also seek comment on our tentative conclusion that providers of non-managed, or
    disintermediated, communications should not be subject to CALEA.166 Non-managed VoIP services, such as peer-to-peer communications and voice enabled Instant Messaging, as currently provided, do not appear to be subject to CALEA for two reasons. First, because they are confined to a limited universe of users solely within the Internet or a private IP-network, they may be more akin to private networks, which Congress expressly excluded from section 103's capability requirements. Therefore, they do not appear to replace a substantial portion of local exchange service; as such they do not appear to fall within the Substantial Replacement Provision. Second, they may be excluded information services under section 103(b)(2)(A) (as discussed above). We seek comment on this issue. Are there other characteristics or distinguishing features that may be used to determine whether a particular class of VoIP service providers is covered under CALEA? One example may be that VoIP service providers are covered under CALEA where their service interconnects to the PSTN.

    The bolded portion reflects where Skype themselves say that they are not intended as a replacement for local phone service. Trying to use them for that is silly in most cases, anyway, because in the US you can normally talk to someone a few houses down the street without per-minute charges. Using Skype to connect to your local PSTN in that case would cost $0.02/minute.

    If it's found that Skype may fall under the new rules, it's only where it connects to phone networks in the US for incoming and outgoing calls. Wiretap provisions could be done at that point if required, probably by the phone companies providing that connection.

    --
    All I want is a kind word, a warm bed and unlimited power.
  5. Re:Is Skype accountable to the FCC? by Phantasmo · · Score: 3, Informative

    Umm...

    From Skype's Terms of Service
    8.1
    Further, as stated in the Privacy Policy, Skype and/or its local partners may need to provide such data to designated competent authorities upon request, or may need to enter into further activities due to local regulations, for example with regard to the interception of communications, if requested by such authorities.
    So, if you're using Skype for the privacy features, dump it and switch to SpeakFreely. Skype CAN wiretap you and never said that it wouldn't.

    --

    The US Army: promoting democracy through unquestioned obedience