Slashdot Mirror

← Back to Stories (view on slashdot.org)

FCC Affirms VoIP Must Allow Snooping

Posted by ryuzaki0 on from the big-brother-is-listening dept.

MarsGov writes "The FCC released an order yesterday that requires all broadband providers and all "interconnected" VoIP providers to implement CALEA — in other words, law enforcement can snoop on your online conversations, both voice and text. While this is no surprise, it makes encryption for VoIP even more urgent."

13 of 301 comments (clear)

  1. Encryption? by Anonymous Coward · · Score: 5, Interesting

    If they are this forceful in there attempts to spy on citizens, than how long do you think we can use encryption before they ban it (or at least mandate a government backdoor)?

  2. User encryption raises even more flags by BadassJesus · · Score: 5, Interesting

    it makes encryption for VoIP even more urgent

    Big players like Skype or Google Talk will have to implement weak (gov breakable) cypher. And if you opt to use it you will automatically be in focus.

  3. DDOS by ZachPruckowski · · Score: 4, Interesting

    VOIP works via packets with data describing the voice traffic, right? Suppose someone made a program to say "watchlist-words" constantly, and send them everywhere. How hard would it be for a terrorist to DDOS the FBI/NSA? I mean, if you randomize it, you can change pitch, volume, etc, as well as words. I have no idea how to do that exactly, but it doesn't seem infeasible.

    1. Re:DDOS by ZachPruckowski · · Score: 2, Interesting

      As I understand the phone tapping situation, they listen in if you drop X amount of "flagged" words, like "terror" or "bomb" or "kill Bush" or whatever. Assuming the plan is the same with VOIP, if a trojan/rootkit/zombie/whatever starts flooding the pipes with packet streams with those words in different synthesized voices, it'd get picked up. And if they did it right, only the government would know, because they could aim the packet stream anywhere, including computers without VOIP, so most of the packets would bounce off some hardware firewall after getting picked up.

  4. There's encryption ...... by i_want_you_to_throw_ · · Score: 3, Interesting

    and there's encryption. When you do find encryption make sure it isn't DES, NSA actually owns the patent on that one.

  5. Hard to do encryption commercial services by EmbeddedJanitor · · Score: 4, Interesting
    For encryption to be secure, you'll need to have end-to-end encryption. That is achievable for an organisation that is running its own VoIP system, but not really so for anything that is based on a commercial offering like Skype.

    If Skype bows to FCC pressure (which they will) then they will not provide encryption in their service which means that the people using Skype won't be able to encrypt their calls.

    Most people don't really care about encryption or wire tapping, but for those that do you can be sure some offshore service will pop up to fill the void.

    --
    Engineering is the art of compromise.
  6. Action Time! by autocracy · · Score: 5, Interesting
    I've read so many things about our government as a whole's actions this year, and I'm really distraught. I walked into my Senator's office today, and discussed meeting with her. Usually, she only takes groups. I assume the same applies for most other Senators and Reps. Letters get ignored, e-mails are only seen by staff... who knows what happens to faxes?

    My answer? A call to the /. community to organize in each Congressional district. Anybody who wants to assist in putting together these groups, please e-mail me. techroots@storyinmemo.com. If 15 of us in Southern Maine get together, we'll get a meeting. If we, as an organization, speak, we'll be much louder. Anybody, and particularly anybody in Southern Maine, I really want to hear from you. In a world that organizes online, if we can speak in real life too, we as geeks may be the most efficient people to form together.

    Let's see if we can't stand a chance in hell of not being oppressed by the government we as a country vote for.

    --
    SIG: HUP
  7. CLAEA for VOIP isn't "trivial" by T_O_M · · Score: 2, Interesting

    Believe me when I say that implementing CALEA in VOIP isn't trivial since the data must be intercepted somewhere.

    The questions to be answered are where and how the interception is accomplished - especially in a manner that isn't trivially detectable by the user or client software?

    I'll leave the details on detection methods as an exercise for the overly paranoid but, having studied the issue (potential need for CALEA) several years ago and having the client pooh-pooh the need to even plan for it (read management and the almighty budget dollarette) it isn't necessarily simple or cheap or (especially) practical given some poorly-designed networks.

    And no - can't tell you who, when or why,
    T_O_M

  8. AHA! by Mr.+Freeman · · Score: 3, Interesting

    So this is what that Microsoft patent is really for.
    http://yro.slashdot.org/article.pl?sid=06/05/04/22 38213

    In all seriousness though, how many people will actually use VOIP to discuss illegal activity. If they know they're being monitored wouldn't they be more likely to use some more secure form of communication? Although, this brings up the question what do people sue to discuss illegal activity NOW if they know that they phones are probably monitored?

    --
    -1 disagree is not a modifier for a reason. -1 troll, flaimbait, redundant, overrated are NOT acceptable substitutes.
  9. Staff are more important than the Congressmen by Anonymous Coward · · Score: 2, Interesting

    e-mails are only seen by staff.
    Who do you think makes the real decisions?

    It is called delegation.
    "Jim do a position paper on topic X"
    Jim does the research, talks to groups, talks to lobbyists, writes the paper. The Congressmen reads the executive summary of Jim's paper and votes that way. If it is important he has Jim brief him on the finer points of topic X.

    You want to get smoke blown up your ass? Talk to the Congressman.
    You want to get something accomplished? Talk to the correct staff member.

  10. Use IP to IP Dialing To Bypass VOIP Backdoors by Junior+Samples · · Score: 5, Interesting

    I regularly use VOIP via Free World Dialup (FWD). This system uses the SIP protocol. FWD servers seem to have frequent outages. To get around this problem, I've found that I can use direct IP to IP dialing and bypass FWD's servers completely. IP dialing is cumbersome, but you can put the dialed addresses in a speed call list and use 2-digit dialing. This works very well. There's a side benefit of no call logging since the provider's server is being bypassed. In theory I can call any SIP phone that's connected to the internet whether they're on Vonage, Packet Eight, or any other network, if I know their IP address.

    Right now there are about a half dozen members of our private network. We're all registered with dyndns.org to solve the problem of dynamic addressing. We're all using Sipura Network adapters to connect a regular telephone to the Internet. The Sipura adapters accommodate dialing by hostname or IP address. The latency is lower with direct IP dialing because the voice packets are not routed through FWD's STUN or NAT servers.

    This method is more secure since you're not dependent on any VOIP provider. The back doors that they provide for government spying can be bypassed. Encryption would be difficult but not impossible because it would have to be implemented in the Sipura firmware. SIP software phones will also work with direct IP dialing.

  11. Not scrambled, copy protected! by RareButSeriousSideEf · · Score: 2, Interesting
    If Barbara Boxer's bill passes prohibiting open & clear protocols for "internet streaming broadcasts," well then you wouldn't be scrambling voice, you'd be DRM'ing the stream.

    Bill Would Outlaw Digital Receiver Recorders:
    http://slashdot.org/article.pl?sid=06/05/02/185320 8

    Interested parties, government or otherwise, would be more than welcome to the raw stream; all they would need is to apply for a license to your proprietary Copyright Protection technology (which of course requires that they submit plans & blueprints for each device they wish to license, along with proof of its robustness in thwarting those who would attempt to defeat it and record or otherwise redistribute the content). Then, provided they received the mandatory certification for a licensed device, it'd be a clear voice call like any other. Well, so long as their device key hadn't potentially been compromised by some teenage hacker in Algiers, in which case it would have to be subject to key revocation to preserve the DRM system's integrity.

    But they could still license a new device - and that would probably pay off in the long run anyway; older devices that worked with the obsolete DRM release level wouldn't be supported in the then-current revision anyways...

    Just followin' the law as it's written, sirs...

    --
    Pi Ran Out
  12. Re:traffic analysis by Altima(BoB) · · Score: 4, Interesting

    That ethos is actually something that's been in use for quite some time by seemingly many groups, somewhat under our collective noses, Numbers Stations, shortwave radio transmissions with origin unknown that transmit codes of numbers or letters, repeat a few times, then disappear. Most likely they are for undercover operatives with a codebook.

    The idea is that it's tough to track their origin (apart from perhaps the language of some of the short messages that accompany them, but even that could be a red herring) and it's impossible to track down who's recieving it. Also, if it's using a one-use key decoding system, it's impossible to decrypt a meaning from it. Finally, most of these stations reappear at regular intervals, there's no real way to tell if one day's message is "all clear" or if it's "commence with the plan tomorrow."

    I find them fascinating, and for some reason, chilling to listen to.

    --
    Yup...