Slashdot Mirror
Carnegie Mellon Resists FBI Tapping Requirement
roach2002 writes "Carnegie Mellon University is fighting back against a requirement that taps on campus internet access must be quickly obtainable. The technology that would allow the FBI to monitor internet access, after a court order, "at the flip of a switch" would cost at least $450 per student. MIT is also covering the story." From the article: "'The Department of Justice wants 24/7 access, whenever they need it, and they want remote access. We find that too extremely burdensome in terms of money, staff, and technology,' said Maureen McFalls, Director of Government Relations for Carnegie Mellon and the coordinator of Carnegie Mellon's response to this issue. According to an ACE press release, the cost to universities could be upwards of $7 billion, or at least $450 extra on each student's tuition bill."
The technology that would allow the FBI to monitor internet access, after a court order, "at the flip of a switch" would cost at least $450 per student.
I think I speak for all of us when I say...
"Flip THIS."
Can I have wire tap access to the Department of Justice's systems, 24/7 with remote access? You know, I just want to make sure that they're not doing anything that they shouldn't be.
hello dear sirs my name is jamesh i are india (bihar) can u guide me install red had linux 9?
Washington University in St. Louis isn't either. It made the front page of our school's newspaper - though, admittedly, that's not entirely hard... "Student gets hit by pie" was a front page headline too.
The claim is that it will cost 450 dollars per student to implement this scheme.
So what? If the government subsidizes this expenditure, are they willing to put it in? If not, then why the emphasis on cost?
Either they are defending the rights of the students or they would be in full compliance with the government *if only* they could scrape together the cash to do so. They can't be both.
Jesus saved me from my past. He can save you as well.
So what's the price for non-compliance? Never seen any mention of that.
I don't even have that kind of remote access to the boxes I administer (and I work in the wireless communications industry)! The best I have is SSLdump, and If I want to run TCPdump on a server (from home), I have to dump to a local disk, then tar zcf it, then scp/rcync back to my home PC (servers are gigE, and I'm 3Mbit cable).
Why can't the universities say, "Sure, just tell us when you're going to buy us the equipment"?
BBH
Somehow I don't think they're looking for general internet access. It seems more likely they want complete access to every student/faculty/department/etc's machine, you know - just in case.
I only need the Preview button when I haven't used the Preview button.
Terrorism seems to be any act against the U.S. Government, half the population already disagrees with the policy of that government.
Why should they be allowed to tap into the intellectual centres of their country?
Universities are the places where revolution has historically started, curtailing student influence merely stops one of the free checks and balances on the system.
What happens to the FBI request for fast access when the students begin using encryption?
CMU's student body president, Flip, has been quoted that "as an incentive, the FBI has offered all participating students infinite beer at the flip of a switch. However, the University is against that." Associate student body secretary, Josie, could not be reached for comment. She was last seen saying jibberish while holding a Heineken.
Wow, for $450 a students you could buy each student a computer for that.
You think they want access to ensure national security?
-or-
some other reason. hmmm... Feds want to snoop into students computers/data traffic. To find budding terrorists? or perhaps p2p traffic?
Hmmm... didn't Attorney General just a few weeks ago state one of their significant goals is enforcement of intellectual property law?
seems feds are a bit lost from the path.
450$ per student? Is the DOD still using 5000$ hammers as well? This is just as simple as putting in a DSL line for the FBI and a VPN box.
You're dreamin' pal. There is no way it would be that simple to enable the FBI to monitor the activity of any user on schools network. Maybe that's all you need to VNC into YOUR home machine, but they're talking about a fairly complex system, because they must be 100% positive they are monitoring the right people and the system would also need to be very flexible in order for it to be widely deployed into the diverse permutations of networking environments found in institutions of higher learning throughout the united states.
nuff' said'
.
Censorship is obscene. Patriotism is bigotry. Faith is a vice. Slashdot 2.0 sucks.
what? So you're going to let some outside unknown party go into your network, examine logs, mirror ports, capture data and export it??
Sorry, no. Besides the obvious security and privacy issues, a network as large as this is far too complex to hand off a network diagram and list of passwords and expect anyone to reasonably gather any info.
clearly itemize the "FBI Surveilance Surcharge" on the tuition, and see how quickly the outrage happens.
I've said this before and probably on slashdot. Privacy is dead. People are just now starting to smell the rotting corpse. This is further proof of that statement.
The trick with the $450 per student is the cost to design, implement, deploy and maintain a system that will allow the FBI to have what it wants without Joe Hacker having the same access. It's not as easy as it sounds until you deal with a highly mobile and high-turnover student population. I work for a major university. We have approximately 18,000 students. At any given semester (Spring, Summer, or Fall), 4000-5000 of them are leaving and being replaced with 4000-5000 new ones. That doesn't even count the ones that change dorms, move off campus, etc. Now, in addition to a campus ID, network accounts, dorm internet access, email accounts, etc., we're supposed to manage the FBI's wiretaps?????
ROFL. Item one, we don't have enough staff to really manage what we have. Now you want to throw an additional burden at us. Let's not forget that we're also subject to federal legisation that controls to who as well as how information on students can be released.
Wait until the subpoena for that comes across my desk. I can hear that conversation now..."Well, Your Honor, we don't have the equipment. We were told that it's not in the budget. We had to choose between having internet access or complying with the legisation." "No, Your Honor, we haven't deployed that. Perhaps if we let the entire email system for the campus die, we might have time for that." "Yes, Your Honor, we think that if the FBI wants the information, they should be willing to pay for it."
2 cents,
Queen B
HDGary secures my bank
Of ineffective and incompetent law enforcement getting legislation passed that allows them to function in today's world.
Perhaps the public should ask why the FBI thinks it is entitled to everything it asks for delivered on a silver platter instead of getting off its bureaucratic ass and actually doing something for itself.
Seriously folks, throwing a packet sniffer on a lan line isn't a feat of superhuman geekdom. I'm betting that 50% of you are sitting within 50 feet of the components necessary to create a system that you could use to throw a tap on a cat 5 line right now (although, to be fair, you might need to download some stuff) and that most of you could throw such a system together in less than an hour.
I'm not even going to go into the whole "government agency that has been utterly corrupted several times in the last century by people who used its resources pursue a personal agenda" thing.
Fuck you, your switch and the technically illiterate politicians who said you could have it.
1q2w3e4r5t6y7u8i9o0pqawsedrftgthyjukilo;p'azsxdcf
The FBI has a whole Web site about CALEA, including details about cost recovery. It looks like they set aside $500M to cover the cost; I guess the money has all been spent by now, so the universities are left with an unfunded mandate.
It seems reasonable for law enforcement to expect "cooperation" with investigations, I can get with that.
But it seems at this point they want everyone to cater to them, to make their jobs as easy as possible. "At the press of a button" - who do they think they are, George Jetson? Who's going to make MY job easier? And why do I have to pay to make THEIR job easier?
I seem to recall something in Britain a few hundred years ago, the Quartering Act I believe it was called. It said something to the effect that if asked, any citizen had to provide free room and board to soldiers of the British Army. Why? To keep the peace of course. What's different today? People being forced to spend time and money to make the police's jobs easier. It's just not a good enogh reason. The police have an important job, but it's not one that should have any special elevation above the rest and receive all this assistance and soforth.
I work for the Department of Redundancy Department.
Ah don't you the love freedom.
1) It's not that easy.
2) If you can think of a cheap, easy way to do it - KEEP IT TO YOURSELF. kthxbye
3) See #1.
Ce n'est pas un vrai mouvement de robot!
Some of those computers are laptops that roam from wired connection to AP 1 to another AP in a different city, but still on the institution's network. Our example roaming gnome with laptop also has access to 47 different UNIX systems and a couple of Windows terminal servers, where his communications could originate (and there are 5000 other people who have access to the same systems.
Now, you are a central net admin. You now receive a subpoena requiring all traffic generated by user A on the network. Anywhere on the network.
Complying with that order sure as hell isn't as simple as "a linux box with two NICs could do this transparently." It requires a huge amount of infrastructure, especially since CALEA requires them to do this without notice to the user, so there's no running to his office and dropping another box in front of his, not to mention that you don't want to give the FBI all the traffic from those multiple-user UNIX systems and Windows terminal servers -- only the traffic this "person of interest" is generating.
All of these numbers are reasonably close to actual for my employer, the University of Minnesota, who I sure as hell do *not* speak for in this or any other post to /. It's not a joke, and it's not an exaggeration. The problem is that big, and that expensive.
-30-
...we thought it was funny when the FSB (former KGB) demanded ISPs install equipment
1 25102.asp
specifically to allow this kind of monitoring (in 1998)- I guess its not so funny now.
For background, check out
http://www.rferl.org/features/1998/08/f.ru.980820
or just search on "SORM-2".
The US is heading rapidly towards becoming a police state. It's as simple as that.
Other countries are no better --- for example the UK is a nanny state gone mad, and is rapidly turning into a police state too. New mandatory IDs, new CCTV everywhere, new 3-month detention without process, etc etc.
How we've allowed our politicians to do this to us I don't know. But something is going to have to change, or things will get very ugly.
"The question of whether machines can think is no more interesting than [] whether submarines can swim" - Dijkstra
That's interesting, The Third Amendment (To the US Constitution, Bill of Rights) was specifically added to prevent the Quartering Act from recurring:
I wonder to what extent some of the modern attempts at increasing police powers can be likened to an affront on the third ammendment. By requiring built-in-surveillance everywhere, they are essentially making each citizen walk around with a monkey on their back and foot the bill for the government to spy on them in the same way the British made the colonists house and feed their own oppressors. I do not want soldiers or police or cameras or anything of the sort in my home, work place or educational institution. I want to live in peace and be left alone.
Personally, I would rather take my chances with someone trying to drop a plane on my head (relatively rare) than empower further government corruption (relatively common) and being forced to be host to it is just salt in the wounds.
no,no, no. the technology that would allow the FBI to monitor internet access, after a court order, "at the flip of a switch" is nerve gas that flows out of a specified ethernet port - the DOD then comes into the room, pushes the user aside and scrolls through their browser history. That kind of plumbing ain't cheap.
ôó
The right to revolution is guaranteed in the constitution it's the amendment that Americans never seem to be able to understand "The Right to Keep and Bear Arms"... that's not for personal protection (Which would be stupid) it's not for a feeling of power it's so citizens have the ability to overthrow an oppressive regime.
Something they don't have these days. Once again all the power is with the government and new forms of tyranny have the possibility of springing up.
Lets be reasonable, are terrorists likely conduct their business in plain text? This is not what it is for.
For the enormous cost to us, it will only be useful in spying on the average citizen. I expect it will be used to take peoples words or joking statements out of context in order to label them terrorists, in which case they can be dealt with outside of the law. I expect a lot more people will start to disappear if this process can be automated.
The people that need worrying about are going to be using heavy encryption, if not one time pads; to effectively combat such measures, someone will need to leave their desk and do some real work. Instead, they will sit back, content to spy on citizens, and simply claim that they are actually doing something.
General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
"at least $450 extra on each student's tuition bill."
Bullshit.
The equipment doesn't have to be purchased and installed every semester.
They had 10 years to do this, didn't say anything while the law has been on the books for that long and ocntinued to take moeny from the federal government. "It's inconvenient" won't fly. "Right to privacy" above that of any citizen who is in a home or office won't fly.
The law is the law and nothing was said for 10 years. Complaining about the cost won't change the law. What will their response be when questioned as to why they did nothing while taking Federal funding (ahem, money taken from my wallet and that of every other taxpayer)? They won't have anything to support their complaints. Personally, I went to the University of Illinois, home of the NCSA. What are they going to say, they can't figure out how to make this work efficiently? Pfff. The schools who are complaining about this don't comprehend they are telling the world their IT departments are worthless.
straight to the ways of the Eastern Europe Block back on the days of Cold War. I mean come on, not a single other western country would even dream of adopting something like this. Oh, of course they'll do that after you've done it first, because most of our politicians are just drones that take your ideas and implement it here. All for the sake of "interoperatibility in laws" or some such nonsense.
But then again, I might be wrong. Maybe every single western country is headed this way on it's own fucked up logic. 80-100 years in the future they'll say that these acts were the proof that the terrorist won. They certainly cannot take away our freedoms on their own, but they give our goverments the reason to do so, for the sake of security. Next step: Police States all around.
As a former PBX Administrator for a private university, I can say with some certanity that making sure that ensuring that they're getting the right information and monitoring the right person is not as easy as it seems. About five years ago, we had a situation where one of the janitors was downloading child pr0n onto campus computers. The Feebies brought their "Carnivore" system in, then we set up the proper configuration on the cisco gear. They asked us to change the disks daily, and they sent a courier to pick the Zip disks up every evening.
I have also had instances where drug task force officers have 'stormed in' to the switch room and demanded the information of someone who called a campus extension. These requests were met with resistance on my part (they never had a warrant), until they left -- university policy was if we were asked for something specific we were to look it up without their presence, then forward the information to the legal department who would turn it over if a search warrant or subponea was issued for the information. Law enforcement also attempted to pressure the university into letting them wiretap all of the public phones on campus (again, to try to curb drug-related activity), however, the university resisted and finally they gave up on trying to get such a broad scope of phones wiretapped (they did manage to get one phone wiretapped for a month; the interesting factoid of that was that the phone was only used 4 times that month, all dialing campus security to help them get back into their locked car -- the law enforcement types were quite livid at the end of their wiretap and they didn't have anything)
I can see where CMU has issues with this (isn't their campus network totally fiber-optic gigE? that will run the cost up), and I can also see where the professional side of me would want more university insight to make sure that the law enforcement types are doing this on the up-and-up.
I disable sigs...do you?
450$ per student? Is the DOD still using 5000$ hammers as well? This is just as simple as putting in a DSL line for the FBI and a VPN box.
You remind me of the folks who probably stay up all night wondering how come all those engineers at NASA never tought about installing wipers on the rovers' solar panels.
No sig
Since you seem to be such a "bold defender of the faith", let's see you take a job at the EFF or at a university. Try being the primary income for your family and think about risking that because someone else things you ought to defend them. Why can they not defend themselves? Where are the protesting students? Why must I be the one to stand up for you? Why is it that you cannot seem to do this for yourself? How did this become my personal mission? What's wrong with you, o critics, carrying the torch? "Do not seek to remove the mote from thy brother's eye when thou hast a beam in thine own eye."
Not a one of you has offered to come to work with me. Not a one of you has offered me alternative employment, should I be dismissed from my current job. All you have done is heap criticism on me, which confirms my initial impression. I must fend for myself and my family. I will not get any help. Since no help is forthcoming, I will deal with the situation as best I can.
It's all well and good for all of you sit back, point fingers, call names, and tell me that I should be the one to stand up. Other than flaming on slashdot, what do any of you do in the cause of freedom? Just because I don't particulary care to loose my job and go to jail for a bunch of flaming anonymous cowards, doesn't mean that I do my part to keep laws like this from getting passed in the first place.
As for me, I can assure that I am member of the EFF as well as several other groups that seek to work within the system for change. We fight legislation like this where it needs to be fought - either before it gets passed into law or in court. I also guarantee you that both of my state's senators, as well as the congress people for my state know me by name. I write them frequently about a variety of issues, most of which have to do with technology.
2 more cents,
Queen B
PS: When my plan for world domination succeeds, you're all in a LOT of trouble.....
HDGary secures my bank