Slashdot Mirror
Court Battle Over Internet Calls
koweja writes "The federal appeals court has is hearing a petition to overturn an FCC rule that extends current wire-tapping laws to cover VoIP calls. The petition comes from various privacy advocacy groups, including the Center for Democracy and Technology. Aside from the obvious privacy issues, the rule requires that providers use equipment that allows wiretaps, which would require many companies to "upgrade" in order to comply."
...should those using VOIP be exempt from the abuses of governmental powers that the rest of us must endure?
Jerry
http://www.cyvin.org/
With a system like Skype, which uses P2P for calls, how would this work?
I'm kind of ok with wiretapping, just as long as there ISN'T A BACKDOOR. I don't care what they say, a backdoor into anything is a bad idea.
The federal appeals court has is hearing
one more point for the editors
Viable Slashdot alternatives: https://pipedot.org/ and http://soylentnews.org/
After all, I could easily write an encrypted P2P voice chat program.
I'm sure they already exist...
http://www.ctv.ca/servlet/ArticleNews/story/CTVNew s/20051011/wiretapping_051011/20051011?hub=TopStor ies
It will be interesting to see how it all plays out in the public debate forum over "our nation's safety and security," or privacy.
The world is once again safe for democracy.
Cheers.
The feds created the internet, and now they have to deal with the implications. They aren't happy about it. Sure, they could use wiretapping on known VOIP services, but what's to stop someone from programming their own, using strong encryption. Sending sound packets over a network isn't that hard, encrypting them is also easy. Maybe you wouldn't have a super robust network, but so long as the person on the other end is getting the message, then that should be OK. Why aren't more criminals using PGP encrypted email? It seems like at this point it would be pretty obvious to them that they get caught when stuff isn't encrypted.
Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
I have finished this thread for you:
>I hate the man. (Score: 5, Insightful)
>>Yea but America always does this, and I don't like America. (Score:4, Interesting)
>The Government is controlling too much stuff (Score: 4, Interesting)
>>We can just have some private industry do it for us, then. (Score: 5, Insightful)
>>>Why should we put up with this? (Score: 4, Interesting)
>>>>I like to use my voip (Score 5, Interesting)
>>>>>I can't wait to pay more taxes (Score: 4, Funny)
>>>>>>I hate GEORGE BUSH (Score: -1, Troll)
>>>>>>>Tehy will never stop me from making free calls. (Score: 1, Redundant)
>I hate microsoft (Score: 1, Off-Topic)
>I am a bad person (Score: 3, Interesting)
_29 replies_ below your current threshold
(\(\
(^.^)
(")")
Saving sig aborted.
Reason: Your subject looks too much like ascii art
Im the senior architect for a major VoIP provider. Supporting Lawful intercept is just like e911, its trivial to do. Its how well you do it that makes it hard. Good networks (in terms of business logic, closely comparable with pstn networks etc) will accept calls at an edge device, and then proxy them through their network. This however has a cost as transporting sip+rtp == bandwidth. In this scenario, wiretapping is really really easy, but it has a cost associated with it. Skype on the other hand basically steals, by comparison, its bandwidth and does end-to-end connections. In essence its a fancy directory service with interconnects to the pstn. This has a lot of other implications from 911 to privacy. Some are good. Eg on skype no one working at skype can tap your calls (unless they include it in their soft client, and havnt done so yet to my knowledge). However, every isp inbetween can, with varying degrees of difficulty (encryption et all). The question comes down to, who do you trust to do fair and balanced intercept, because its going to happen somewhere. Is it your isp under supeona, or is it the voip carrier who does it all day long. /. 'rs often complain about cease and decist letters, next thing it'll be wiretap letters and they'll comply just as fast. So be careful what you wish for. This society will not give up the ability to combat crime through selective, targeted, electronic monitoring. In fact in the last few years with commander kuku bananas in charge theyve made it even more prevailent. The fact of the matter is skype got kicked outta china, because their tech doesnt support lawful intercept, while others are getting licensed. Something for nothing just isnt gonna happen for the masses in telecom, theres too many special interest groups. You'll see gun control first; mark my words. If the VoIP community fights lawful intercept, E-911, privacy laws et all, and the internet community supports them. The special interests will do in the us as they have done in china, and just firewall the whole freakin country. Dont think it can't/wont happen here.
i'm thinking about the upgrades you would need to do to enable your VoIP phone to be wiretapped. wouldn't that require you to basically set up a wiretap yourself?
i'm glad that the appeal is being pushed through, because when new communications standards are made, new rules for them need to be made. you can't recycle postage rules for email, just like you can't recycle telephone rules for broadband phones. you have to make new ones. there shouldn't be a rule that governs a new standard until our politicians figure out what the standard actually does.
http://www.wired.com/news/technology/0,1282,68306, 00.html
;)
wired has a good article on an open source project for an encrypted voip application.
let's see them wiretap that
Censorship is obscene. Patriotism is bigotry. Faith is a vice. Slashdot 2.0 sucks.
Considering the amount of overhead that would be required to encrypt and decrypt a constant data stream such as VoIP, it seems to me that you'd have pretty bad performance problems.
habib_freedom_hater01> aziz, are you ready lol ;) @}-'-`---
sxy_bch_1955> hi
habib_freedom_hater01> AZIZ!!! stop goofin we must destroy teh invidels
sxy_bch_1955> ROFLMAO! OMG habib, d00d, this is so l33ts
habib_freedom_hater01> tahts it aziz im goin to call u
sxy_bch_1955> LOL u cant tehy tapped r phone! we only use chat now
habib_freedom_hater01> roxors!
sxy_bch_1955> u set us up teh bomb
habib_freedom_hater01> move zig!
sxy_bch_1955> LOL
hi mom!
once again the gov. interferes with the ever growing technology race.
DVD's, MP3's now phone calls.
Maybe if they start looking at problems as a whole rather than putting old
laws onto new ideas....
makes me angry i tells ya!
route all data through skype servers
Not true. The secret services can already tap your internet packets. What they need is Skype providing the key to your P2P encryption.
Here's the major problem I see here. For the FBI to wiretap, they must have probable cause and a warrant. With such probable cause/warrant, they can do any number of things, from subpoenaing the suspect's ISP to placing surveillance devices right in the suspect's house. They've already got ways to eavesdrop if they follow the procedures they're required to follow.
Now, if the FBI had this wiretap authority, they could in effect tap any call, anytime. They would still in theory be required to get a warrant in order to use the stuff in court, but they'd have the switch to flip on. And there's been a push in recent years by you-know-who to allow secret evidence in court proceedings that the suspect gets no opportunity to even view, let alone challenge.
So, either law enforcement wants to be lazy, or they want an easier way to do an end-run around the rules. Neither way is a comforting thought to me.
To fight the war on terror, stop being afraid.
In other news...
George Bush received notice today from a GM that his World of Warcraft nickname violates Blizzard policy. We have been unable to reach the GM for comment.
In possibly related news, black helicopters were seen hovering near a Blizzard facility, and later a private Gulfstream jet registered to Premier Executive Transport Services was seen departing for for Egypt.
Wrong.
They really only need to wave the banner of "national security" and cry terrorist and they have open unchecked season declared on somebody in a special court created soley to evade protections of privacy and liberty. Even then, they can still do what they want when they want despite things being expired, pending, or non-existent. Welcome to the new America, you voted and asked for it!
...
"It's designed for a Mac, but will be adapted for PCs before Zimmermann makes it available for download. He's looking for investors to back a startup company that will support the product and oversee its distribution."
Tell me where it says that the program will be open source. (No ... seriously ... if it actually is in the article, I'd really like to know). Passages like that make me think that it won't be open sourced.
In soviet russia, You ask not what country do for you, but what you do for country!
Oh wait...
The federal government has always failed to prevent things like this for two reasons: bureaucratic bullshit like fiefdoms in the middle of the CIA and FBI that don't like each other and petty politics. For the last 15 years the CIA lost most of its overseas operational assets, especially in its special operations commando units. These were the people who quietly "got the job done" behind a building with a silencer-equipped pistol or high-powered rifle. You never heard of it happening, except when it was abused like in Latin America.
Here's a dirty little fact for the neoconservatives and the Bushitler wants to annihilate all non-born again Christians lunies. You cannot combine anti-terrorism units with law enforcement and you cannot expect things to be clean regardless of the solution. Yes, if we let the CIA quietly murder these terrorists without judicial oversight it could be abused. But it's a lesser evil than relying on the bumbling law enforcement apparatus in this country to do its job. The FBI spends as much time doing PR and lobbying as it does on enforcing the law; we really need to get a high barrier between a group like the CIA and everybody else and let that agency do its job in secrecy.
Yes, let people outside the chain of command know what is happening, but don't let the spooks work with law enforcement unless the police are operating in a purely, unequivocably subordinate position so that they cannot lean on the spooks for more power and resources. What concerns me is precisely this beefing up of John Q. Cop's police powers, not the CIA and others being able to discretely beat up and kill people who want to rape, pillage and murder civilians of ANY nationality. I'd have no problem with the CIA torturing the hell out of, then executing some scumbag terrorist in Afghanistan or Iraq like Zarqawi who vascillates between blowing up our soldiers and innocent women and children.
This stuff isn't going to get the job done, unless the job is to create a more effective police state. The real section to fear isn't a strong intelligence apparatus, but a law enforcement one whose resources and powers are almost instinguishable from the spooks. The spooks have, when allowed to do their job, much more to worry about than domestic issues. Be very afraid of this and increased efforts to force them to work together, especially when the FBI are jockying for the CIA's foreign intelligence role and the CIA wants to keep its turf. Nothing good can come out of it, and the most probable motive for making the police so powerful is precisely to squash domestic trouble and not of the terrorist variety.
Think RICO and Operation Rescue if you need a starting point on how these special police powers tend to show their true, ugly purpose once they're firmly established in the law so that no lawyer can imagine living without them to "protect us."
Click here or a puppy gets stomped!
Justice Department spokesman Paul Bresson says court-authorized electronic surveillance is a critical law enforcement tool. "As communications technologies develop, we must ensure that such progress does not come at the expense of our nation's safety and security," he said.
You know, I hate to use such a corny mantra that if we allow this then the terrrorists have won. But really, this is exactly what's going on here. Look at the last words in the quote: safety and security
I can't help but think it's not really about that at all. The Feds, having been unable to connect the dots of 911 now want to make up for lost time with the ability to monitor every Internet conversation and what they don't realize is this will have no effect on organizations like al Qeada.
I used to work for a subsidary of Comverse (Nasdaq:CMVT) which was wholly built around providing the wiretapping boxes to law enforcement agencies around the world (complete with automatic speaker recognition, automatic voice to text, data analysis (i.e. extracting that HTML page out of anything from radio modems to ATM VC's and beyond), voice enhancements, and lots of other neat stuff).
The point I'm trying to pass is that all approved telephone exchanges in the world already have provisions to allow law enforement agencies connect wiretapping devices to them already, and this ruling, as far as I follow (which I admit isn't much) just extend this state of affairs to a new technology.
I still don't see how Skype and its ilks can comply to this (I don't know if they will be requires, that's a parallel thread), given that the voice bits may travel directly between the two talking parties or through random intermediates.
I have Vonage so I guess I can continue my marijuana growing operation. Just kidding.
Maybe I'm wrong, but since VoIP is tranmitted like data is, if they get authority to tap what's being transferred via VoIP what's going to stop them from, say, tapping what I may be downloading/uploading at the time. If they're limited to just the junctions where VoIP meets the regular phone systems, like someone mentioned above, then I guess that's ok. But I see this as being a way for them to start peering in on what people are donwloading otherwise. I don't do secret service work but at the same time I don't want Deputy Doughnut to be able to see everything I'm doing, even if I were to be under suspicion that would allow a phone tap but not, say, search warrant (since I think that would be analagous).
my $.02
I reject your reality and substitute my own.
"They that can give up essential liberty to obtain temporary safety deserve neither liberty nor safety" Ben Franklin... Oh, to be worthy of our forefathers.
Correct. The ruling also covers any broadband over 200Kbps separately - i.e. they can force your ISP to tap your connection. The act really is about forcing the ISPs to install equipment to make it EASY to tap by flipping a switch electronically - they already had the power to order a tap; it's just that it might be hard/slow/impossible for the ISP to comply. And yes, this means there's a HUGE gaping hole waiting for someone to exploit. Knowing the capability is there is 1/2 the battle of accessing it, and CALEA spells out a lot of specifics about the interface.
.
This lawsuit is about the part of the ruling that states that in addition to the ISP, any VoIP supplier who has any connection (even through a 3rd party!) to a PSTN gateway must provide the same ease-of-tapping under CALEA for ALL calls. Not just calls going to/from the PSTN, ALL calls.
Colleges are suing as well (separately), over the up to 7 or more BILLION dollars to re-architect and rebuild their campus networks to support this. The original CALEA was aimed at telephone companies; gave them years to comply; and reimbursed them for their expenses. None of that here.
This means Skype (unless they drop SkypeOut/SkypeIn). Ditto Vonage, sipphone, etc. I think FWD might be ok since it's IP-2-IP only.
Check out http://pulver.com/ and Pulver's blog on this http://pulverblog.pulver.com/archives/003241.html
I really don't understand how in a country where you claim you have freedom of speech, not just in public but anywhere. Someone can for WHATEVER reason listen in, record and then use that against you. That seriously sounds pretty extreme to me. Criticizing and or using your private conversations goes way against freedom and freedom of speech. I could never allow for such a thing whatever the reason. What happened to privacy? I don't care if you claim its for "my security", I am actually more secure when my line is;) But I am generally saying, ALLOWING for this to happen will also allow for it to be abused. And LEGALLY abused, that almost sounds ironic.
I am really surprised not to see computer users using encryption more actively than they do.
It is very easy to foil wire-tapping and listening by encrypting everything that goes over the wire, like an SSH session. PGP is also good. For instance, would've it work to use VoIP through some kind of SSH tunnel in order to scramble/encrypt the whole conversation? The message could be decoded at the other end using some kind of key issued by certificate.
I think people should be given their private and public keys with their driver's license or voter registration.
But, hey, I guess this would truly empower people rather than keeping them at the mercy of whoever wants to listen in on their communications.
If they really want to listen in on me, I think the most they will get is a conversation with myself and my three year old son, sometimes it goes: Him: What you doing (all hevey accent like hes italian) Me: Nuffin, just listening to you be silly Him: Weeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee He also adds the random 'PUNKHEAD', so Im sure thats fitting here haha If they really want to waste their time and my money, then go for it, I have no issues with the goverment thats been shitty since I learned what it was, how crude they do their bidding and two faced all the politicians that keep fucking up more and more (as well as the rest), to become deaf from my son just like I soon shall be.
Of course, IRC isn't actually encrypted (you can SSL connect to the server, but no end-end encryption), nor are any other of the big chat networks like yahoo, msn etc. There are solutions/plug-ins running on top to make it encrypted though, plus various minor services. Overall, not a problem to use for someone that wants to.
Live today, because you never know what tomorrow brings
I live in the United States yet my VOIP service is through an European company. I wonder how the FCC can regulate VOIP providers that are in another country. It's kind of like me using British Telecom for my local telephone calls to call my friends down the street.
It's going to be interesting.
The secure real time protocol, with MIKEY key exchange, can use Diffie-Hellman key generation. This standard is already available on some hardware sip phones, and the government can't stop you from using it with software, like Minisip. Sorry Big Brother. You're fucked. And good thing too.
and there's not a damned thing anyone can do about it, except either have a major cryptanalysis breakthrough, or KILL ME. But even killing me will only stop me. There are others.
And as for cryptanalysis breakthroughs, not only will it destroy uncounted billions of dollars in commerce (thus undermining whatever government agency wants to fuck with its citizens), but if I'm talking to someone I've physically met, I can always use a One Time Pad. If I use OTP, the probability of intercept success, assuming Moore's law holds and you have computer technology available in the year 3001 AD, is approximately 0.00000%. Give or take a few zeros.
Intercepts have absolutely no future as a Law Enforcement tool. Innocent people have incentive enough to destroy it, and the criminals are going to be even worse.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Skype will either adopt standards, or they will be a faint memory in ten years. Ok, maybe they'll get really, really lucky and be remembered as pioneers. But they'll still be obsolete junk. Anything less than openpgp is unacceptable.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Here's a dirty little fact for the neoconservatives and the Bushitler wants to annihilate all non-born again Christians lunies.
Please don't equate them like that. Compared to Bush, Hitler was smarter, braver, cleaner, more honest, and especially a far more effective public speaker and leader. No secret mastermind controlled Hitler from the shadows- it was all him. There are 100s of guys who could've done Bush's job, and 10s that could be Karl Rove.
I guess this os Offtopic, but I assume (and haven't seen it mentioned) that the whole 911 voip problem may be less of a hand holding issue and more due to the fact that you /can/ call 911... and there's nothing they can really do about it, "Hey, 911? Just wondering how you guys are 'doin. Sounds busy, I hear a lot of phones ringing.... so how 'bout this weather?" ...I wouldn't be concerned about them making a fuss over the ability to wiretap our voip and toasters, etc. except for the Patriot Act BS. It's one thing if they are at least pretending to be fair, but now that they've shown their true colors, it's creepy about the push to tap new tech.
I noticed on newscientist that the US Air Force Research Lab is filing a patent "to bury secret messages in ordinary, unprotected communications by adding tones that can be deciphered at the other end of the line."
Info here. (Well, the second entry anyway)
I wonder how they plan on getting around ideas like this, even if they do get to monitor all VOIP traffic?
Warning, comments may not have been passed by the sanity department of my brain.
Wiretaps are necessary for lots of reasons...and with a properly balanced judiciary we can avoid abuses. The idea that noone should be able to monitor anything, you do, ever, is just so much fantasy. There are bad people in the world, and there are legitimate reasons for law enforcement to monitor such things. In the end text messaging and other such things are just as important...and even though I am not a supporter of law enforcement at all costs, I realize, as should the poster, that it's only evil if it is abused.
As a wedge: to break and finally remove the existing wiretapping laws. They should not exist, but voting is FAR too blunt an instrument to remove them. The best way to make a bad law go away is to break it.
As an example, VOIP is a pointer to a wider fact: communication is fungible, because bits are fungible. The only way to wiretap every conversation, is to wiretap every packet and datum on the inernet. Further, there are no longer any "marginal" loopholes. A loophole which can be automated, can be adopted wholesale and worldwide. Therefore, it becomes a binary choice: total Big Brother, or no Big Brother. Wiretapping was always a trade-off, and I would argue that technical progress has made it unacceptable.
Just because voice is sent over IP doesn't mean wire tapping laws should be used as an excuse/reason to change the technology. Internet traffic as a whole needs to be addressed, not just VOIP since that is just one application. How is VOIP any different that two people using a private chat? If the Man wants to tap IP, they should do it without making the providers suffer costs and inconvenience. The technology to tap an IP line is available and I am sure the techies employed by the Man could figure out how to tap someones broadband connection given a proper warrant to do so. Having a button to tap a line just makes it easier to abuse people rights and allows easy targeting, thanks to our wonderful patriot act.
Even though the information could not be used in court, the FBI and other police agencies continued to wire tap suspects. Again, they couldn't use the evidence in court, but if the police just happen to know where the mob was going to preform a hit or bank robbery and the police just happened to be ready to catch them in the act....
FDR was the one that allowed the FBI & the Police to go before a judge get a warrent to tap a phone. Why? To stop Nazi Spies in WWII. How many Nazi spies and sabatures did the FBI actually nab during WWII? Actually I don't know the answer to that one.
There is an old book called Ease Droppers that gives some interesting insights into the early world wiretapping. Governments have been using ease dropping technology starting with the Romans. They will continue to demand and use it in to the future.
"The problem with socialism is eventually you run out of other people's money" - Thatcher.
"Hi mom. I have this great new way for you to call me. First, you find me through a Jabber server. What's Jabber? It's a services-based messaging hub that can locate me wherever I happen to be. No, I'm not running from the law, I just don't sit around in the same place all day. Yes, I still have my cellphone, but ... well.. you'll see why I want you to use this new way in a moment. Then you download my openpgp key. Open my front door? No, not that kind of key. An openpgp key! Openpgp? It's a crypographically secure way for us to identify each other and can each be sure that the other is who he claims to be. Recognize each other's voices? C'mon, mom. That's so 2005. Besides, it also will encrypt our conversation so no one can intercept it. No, mom. I already told you I'm not running from the law. I'm not in trouble. Really. You raised me fine. Anyhow, once you have my openpgp key, you use a web of trust to make sure that it's really my key, because anybody could have put a key out there with my name on it and claim to be me. Would their voice sound like mine? Well, how should I know, mom? You're missing the point. If you sign someone's key who has signed someone else's key who somewhere down the chain has signed mine, you'll have some level of assurance that you're really speaking to me. Anyhow, now that you have some confidence it's me, you'll encrypt a session key with ElGamal/RSA, and before you ask, no you can't get into my house with that key either. Lastly, we open up a secure AES256 channel and then we can talk and nobody can intercept our communication. No, mom, this isn't me hinting that I don't want you to call me anymore. I always want to hear from you. That's why I set up this fancy way for use to communicate securely. No, it's not a pain in the ass once you get used to it. It's only 6 orders of magnitude more of a pain in the ass than just calling me. Yes, I am aware that the telephone was invented over 100 years ago and works fine, but there is this thing called CALEA that allows the feds to listen in on our conversations. No, I am not in trouble with the FBI. Seriously! Look, forget I even suggested it. If you want to talk, just fucking call me."
"Avoid employing unlucky people - throw half of the pile of CVs in the bin without reading them." -- David Brent
eBay.
If there's a law that all voip must be wire tappable, how are you going to use a program that isn't wire tappable legally? Why would it matter if it was open source?
And, have you ever, ever, actually read through the source code of a program you were using to verify that it was secure enough for you? Are you up on every recent encryption technique? An open source program could be verified by an advanced programmer with a lot of domain knowledge of encryption. Not by 'the user'. That's a total fallacy.