Slashdot Mirror

← Back to Stories (view on slashdot.org)

Groups Slam FCC on Internet Phone Tap Rule

Posted by CowboyNeal on from the big-brother-is-listening dept.

kamikaze-Tech writes "An Associated Press report posted in the Vonage VoIP Forums discusses the new CALEA regulations that will make it easier for law enforcement to tap Internet phone calls. The article claims that the new law will also make computer systems more vulnerable to hackers, according to some digital privacy and civil liberties groups. While the groups don't want the Internet to be a safe haven for terrorists and criminals, they complain that expanding wiretapping laws to cover Internet calls -- or Voice over Internet Protocol (VoIP) -- will create additional points of attack and security holes that hackers can exploit. VoIP service providers such as Vonage, Skype and Packet 8 have eighteen months to comply with the new law."

12 of 164 comments (clear)

  1. Is Skype accountable to the FCC? by Anonymous Coward · · Score: 5, Insightful

    Given that Skype's corporate entity isn't located in the States, it would seem that the FCC doesn't have any control over it.

    1. Re:Is Skype accountable to the FCC? by KitesWorld · · Score: 4, Informative

      The problem is that if they don't comply, the FCC can issue punitive measures on skype's operations within the U.S.

    2. Re:Is Skype accountable to the FCC? by Xformer · · Score: 4, Informative

      From the text of the proposal:

      58. We also seek comment on our tentative conclusion that providers of non-managed, or
      disintermediated, communications should not be subject to CALEA.166 Non-managed VoIP services, such as peer-to-peer communications and voice enabled Instant Messaging, as currently provided, do not appear to be subject to CALEA for two reasons. First, because they are confined to a limited universe of users solely within the Internet or a private IP-network, they may be more akin to private networks, which Congress expressly excluded from section 103's capability requirements. Therefore, they do not appear to replace a substantial portion of local exchange service; as such they do not appear to fall within the Substantial Replacement Provision. Second, they may be excluded information services under section 103(b)(2)(A) (as discussed above). We seek comment on this issue. Are there other characteristics or distinguishing features that may be used to determine whether a particular class of VoIP service providers is covered under CALEA? One example may be that VoIP service providers are covered under CALEA where their service interconnects to the PSTN.

      The bolded portion reflects where Skype themselves say that they are not intended as a replacement for local phone service. Trying to use them for that is silly in most cases, anyway, because in the US you can normally talk to someone a few houses down the street without per-minute charges. Using Skype to connect to your local PSTN in that case would cost $0.02/minute.

      If it's found that Skype may fall under the new rules, it's only where it connects to phone networks in the US for incoming and outgoing calls. Wiretap provisions could be done at that point if required, probably by the phone companies providing that connection.

      --
      All I want is a kind word, a warm bed and unlimited power.
  2. It's so much worse.. by Ckwop · · Score: 4, Insightful

    The article claims that the new law will also make computer systems more vulnerable to hackers, according to some digital privacy and civil liberties groups.

    Oh it's a whole metric-fuckton worse than that. The problem the FCC, FBI (insert your favourite alphabet agency here) is that they make the assumption that the criminals that will be using VOIP will COMPLY with FCC.

    Voice/IP isn't like traditional the traditional telephone system at all. I can't install my own private telephone network with encrypted lines but with V/IP this is fairly easy to achieve. What's worse, what criminal is really going to open up their private P2P telephone so the government can tap them?

    So the measure has absolutely no effect on our ability to catch criminals. Instead we subject the communication of ordinary law abiding citizens to the possibility of them having their perfectly legitimate conversations compromised, be it by a l33t|st or corupt police officers alike.

    Simon.

    1. Re:It's so much worse.. by MattWhitworth · · Score: 5, Insightful

      Agreed. If you've got something big to plan, you don't use an unsecured public medium (criminals and terrrorists have learnt that it's possible to track down your position from a mobile phone call. A Chechen leader was assasinated in this way, and it's how the Madrid bombers were traced).

      How does the FCC think it will be able to tap an 128-bit RSA-encrypted private protocol? It can't, and the overwhelming majority of phone taps will be of law-abiding citizens. But that's the way the world works. Just look at DRM

      In short, terrorists/criminals/enemies of the state aren't stupid.

    2. Re:It's so much worse.. by Motherfucking+Shit · · Score: 4, Insightful
      Oh it's a whole metric-fuckton worse than that. The problem the FCC, FBI (insert your favourite alphabet agency here) is that they make the assumption that the criminals that will be using VOIP will COMPLY with FCC.
      And it gets worse yet. Essentially, all "anti-terrorism," "anti-drug," etc. laws are useless for the purpose for which they're supposedly enacted. Terrorists, drug dealers, and other criminals are, by their very nature, breaking the law. Making their tangential activities (like communicating, meeting, transferring funds...) illegal isn't going to stop them!

      In short, attempts to legislate terrorism out of existance are doomed from the start and should be suspect. You can damned well bet that lawmakers are smart enough to know that these laws aren't going to do anything to stop the Bogeyman of the day. They're being passed as "feel good" measures at best, and as attempts to control the law-abiding population at worse.

      Making it illegal to carry cigarette lighters onto airplanes doesn't stop a terrorist; a terrorist would find a way to bring an incendiary onboard anyway. Making it illegal to have an untappable VoIP connection doesn't stop a terrorist, either; a terrorist would just setup stunnel or pgpFone end-to-end and chat away.

      Sigh. Someday, the United States Congress will be comprised of people who grew up understanding technology...
      --
      "BSD: Free as in speech. Linux: Free as in beer. Windows 10: Free as in herpes." --Man On Pink Corner in #52607549.
  3. Why should the Feds get their own backdoor? by mikeophile · · Score: 4, Funny

    If they want to tap VoIP, they should have to hack it like everyone else.

    1. Re:Why should the Feds get their own backdoor? by Bimo_Dude · · Score: 4, Insightful
      I have nothing to hide, but what I do is NONE OF THEIR FUCKING BUSINESS.

      Period.

      --
      "Teleporting Rodents with D-Cell Battery Displacement" theory -- IgnoramusMaximus (692000)
  4. Cyberstalkers... by Travoltus · · Score: 4, Interesting

    Isn't that the same CALEA law that also forces router/NIC makers to install FBI backdoors (which can also be compromised by hackers)?

    I see a big market soon for do-it-yourself NICs and PC routers...

    --
    --- Grow a pair, liberals... stop letting the Republicans bully you!
  5. Or what? by el_womble · · Score: 4, Insightful

    Dear Skype, We, the FCC, require you, a British company, to comply with American laws. If you don't we'll... say Ni! in your general direction. Your Friends The FCC Seriously, they're already giving away free phone calls, and free software from a foriegn country, using foreign servers. The best the FCC can hope for is that they put a line on their download page: Dear American, please don't download our software cause it will upset the FCC and the Feds. Failure to comply will mean that those in charge will think you are a terrorist. You don't want people to think your a terrosit do you? Vonage... well they're pretending to be a phone company, so they might have some luck.

    --
    Scared of flying, pointy things snce 1979!
  6. Rephrased for proper effect by Anonymous Coward · · Score: 4, Insightful

    "If you've got nothing to hide then you shouldn't have any objection to select government agencies/individuals listening to your conversations."

    If you're making fun of that line, you've got to go a little further; the way you state it is exactly the way the serious supporters of surveillance state it.

    E.g.:

    If you've got nothing to hide then you shouldn't have any objection to select government agencies/individuals listening to what you whisper in your lover's ear. On the other hand, if you're a member of Al Queda, I could see why you might have a problem with this idea.

    If you've got nothing to hide then you shouldn't have any objection to select government agencies/individuals placing cameras in your shower. On the other hand, if you're a member of Al Queda, I could see why you might have a problem with this idea.

    If you've got nothing to hide then you shouldn't have any objection to select government agencies/individuals reading your thoughts. On the other hand, if you're a member of Al Queda, I could see why you might have a problem with this idea.

  7. Idiots by pavera · · Score: 4, Informative

    Sometimes I'm happy that the ACLU et al are looking out for me, sometimes they pick the wrong fight. This is exactly one of them. Oh, packet 8 and vonage have 18 months to allow wire tapping? Guess what guys, they already have it. Vonage uses Silantro, its had calea support for at least the last 3 years. Broadworks (the Broadsoft softswitch) has calea as well. The large softswitch vendors all already support it, I think Asterisk even might (although I'm not sure). These things aren't going to make the "Internet more vulnerable to hackers".

    Has the ACLU setup CALEA on these systems? I highly doubt it, but I have. At least with broadsoft it is a trivial matter to keep the softswitch entirely firewalled off the internet that unless someone finds a buffer overflow in the sip protocol or rtp protocol that the system is using there is no opportunity for a hacker to get in.

    Furthermore, the system supporting CALEA doesn't increase the risk.. IE if someone hacks the SIP protocol stack on a softswitch and takes control of it, well who cares if the box supports CALEA they just got access to all the phonecalls going through that box.

    Do you really thing that up til now the FBI et al has had no power to wire tap a VoIP phone? That more than 5 million people in the US are totally able to break whatever law they want (wire fraud, telemarketing scams, plan bank robberies, etc) notice I didn't mention terrorism, just because they have Vonage? Right.