Slashdot Mirror
U.S. Pressures ISPs on Data Retention
packetmon writes "According to Wired's Declan McCullagh 'In a private meeting with industry representatives, Gonzales, Mueller and other senior members of the Justice Department said Internet service providers should retain subscriber information and network data for two years ... A more extensive mandate would require companies to keep track of e-mail messages sent, Web pages visited and perhaps even instant-messaging correspondents.'"
that's a lot of data... I wonder how many hard drives it would take to keep that much. besides, it would be so much data that it would be really had to sort through it all in order to try and prevent any crimes (I'm assuming this is an anti-terrorist thing - as most crazy freedom reducing laws these days are)... all this would do is after someone had blown themselves up and you knew who they were you could say "so in this instance "flower" meant bomb... but because of the cellular nature of these groups we're no closer to stopping any other attack"
*''I can't believe it's not a hyperlink.''
Rather than put all of the onus on spying on the population on third parties, such as telcos, credit card companies, ISPs and airlines, why not just implement the solution in 1984. You just install two-way TVs in everyone's homes and offices. That way you can efficiently monitor what everyone is doing in a centralised fashion. The data would be recorded for later playback if needed. As a safeguard, officials would only be able to examine the recordings if they obtained a court order (unless, of course, the President decided it was necessary to the fight against terror to waive the requirement for a court order). After all, if you are not doing anything wrong, why object to such a system?
Not to mention that all that extra has to be pored through. The FBI had gotten information on a case from homeland security, unfortunately they did not parse it down and the FBI agents lamented that they spent a majority of time chasing down pizza deliverys instead of spending more time on the actual case.
Image the uproar when (not if) a cracker gets into the database and abuses all that information.
The information gathered from users can also be used(abused) for blackmailing.
You might be asked to testify against someone, if not then well your employer and spouse might accidently find out about your surfing habits.
All in all, this sounds like a lose-lose situation for almost all involved.
"I will reach out personally to the CEOs of the leading service providers and to other industry leaders," Gonzales said. "Record retention by Internet service providers consistent with the legitimate privacy rights of Americans is an issue that must be addressed."
Privacy rights and citizen-snooping mix worse than water and oil.
Is this not exactly the sort of problem public key cryptography is well-suited to combatting?
Sadly I'm not American, but this seems like the sort of thing that would be pretty early on in the list of rights you guys have - freedom of speech, not incriminate yourselfs in court etc - so is there any possibility that you could have a new amendment - the right to have private communication with people without having to tell - or without the carrier having to tell - the government? It sounds a bit much to me.
Also, from a technical point of view, why isn't Linux and other Open Source software using encryption by default? If emails are hard to encrypt as a matter of course, perhaps it's time for another system which handles messages strongly encrypted. I've heard about TOR from the EFF, and I remember the short-lived Triangle Boy system - it really sounds like this sort of thing needs to be made up and running sooner rather than later.
Personally I don't see little that can be really achieved with this approach to actually prevent terrorist, since there are dozens of ways that can be used to circumvent this data mining approach.. and even a 12-year old can think of them.
I think one might only be able to do something with when something has actually happened, parsing these amounts of data in real-time andextracting something you didn't know from it is extremly hard.
Note number 1: The famous Dutch ISP xs4all has started a counter in the beginning of september 2005, giving an indication of how much cd's one would need to store only their traffic (~6% market share AFAIK). As I write this, the counter approaches 62 million cd's.
Note number 2: I once saw someone make a small calculation on the back of an envelope about how much physical space would be needed to store all this information using hard disks.. and how many disks would fail every day given their MTBF of such a large 'warehouse filled with disks'. IIRC, one would need about 10 FTE only to replace the failing disks..
Note number 3: It's obvious that these ideas are not made up by people with technical expertise
Note number 4: perhaps it's not a bad idea to start buying shares of companies that provide storage solutions ;O
Note number 5: I'm really wondering how this whole non-sense would hold up against the 'innocent until proven guilty' idea. If I'm innocent, why am I being tracked?!?
Based on logs i've seen of similar information 2 years of logs would easilly be 26 gbs for a single person. That's just a conservitive number for the types that check their email a few times a week and look at the Lost forums every now and then.
Multiply that by 100s of thousands of users and you're looking at warehouses full of tapes and/or hard drives. That's if you're conservitive.
I wonder if they have some privacy issues about the content of their private meetings showing up on the internet?
are we sure this story isn't just to distract us from the AT&T + NSA snooping headlines? if they need to ask ISP's to retain all this data, then surely the NSA isn't doing what everything thinks they are doing.
Donald Ray Moore Jr. (mindrape)
Suspected Terrorist
Friends don't help friends install M$ junk.
The cost of freedom and rights is paid not just on the battlefields of the wars we fight, but in our everyday lives. When we become so weak that we cannot accept that cost, then we cannot have rights and freedoms.
In Massachusetts, USA, we now have State Police on television, threatening the citizens of the State over seatbelt use. In the mad desire to save the last life, our government and police oppress and threaten not murderers or rapists, not armed robbers or burglars, but citizens commuting to work, mothers doing shopping, and old people on the way to bingo.
You can be sure that the requirement to hold all ISP information on individuals will extend from 2 years to 5 to 10. Then there will be a lifetime requirement on all communication by an individual.
They justify these incroachments on rights and freedoms by saying they are fighting crime and saving lives. We have to be strong enough to accept the consequences of our freedom to chose in our lives and tell them we are not mere cells in the body of society. We must tell them that we are not all "uncaught criminals" who must be monitored and spied upon by the government for our own good. We must tell them to go to hell.
E Proelio Veritas.
How do you plea?
Autonomous Retard -- Is your camp safe? UnsafeCamp.com
I get 3 million trackback spams a month. They can have those if they want them.
If they want that data, each packet should be printed out and mailed to them!
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
If you don't believe me, just look at the technical specs of the device which AT&T is using for the NSA. Also look at packetmotion.com. And, from looking at the job openings at dice.com, there's at least another startup on it's way to do the same thing in this market.
Right now, they can't keep all of your packet data for two years. But they CAN keep all of your connection data, and tell not only what sites you are connecting to, but also what type of connections you have. It's pretty useful for identifying Kazaa (et. al.) types of connections.
If you don't believe me, just ask the IT staff at UC Berkeley. They actively pursue this type of snooping on both faculty and students. They, and other Universities, are a preferred testing ground, since they throw such a load at the devices.
Now, why Universities encourage outside spying on the faculty and students is beyond me. But yes, this stuff is happening right now.
The current goal for all of these companies is to preserve ALL data for at least two years. They aren't there yet, as the disk space required is extensive. But they CAN do it for shorter periods of time, if one spends the money on filers.
What's more, it will only be a matter of time before they can preserve this data for at least two years, and longer. There are companies which make use of cheap fast SATA storage for about 1/5 the cost of a NetApp filer. 50 Terabytes is affordable; in 5 years, you're looking at affordable Petabyte storage.
The point here is that the Government is ahead of the curve, as they know it's only a matter of time before the disk storage required to keep all data is afforable. So they want this snooping in there now, as it will be a lot easiler to mandate that ISP's keep ALL data once they have these hooks in place.
So please quit misleading people into thinking that there's too much data. Snooping, reporting and storing this stuff is possible now, and is only going to get easier and cheaper in the near future.
..Anonym.OS http://kaos.to/cms/content/view/14/32/
Until then, consider contributing to these kinds of projects, as they soon may be the only things standing between you and governments being able to track and parse every communication you make.
Does anyone else find it ironic that some of the most "free" countries are some of the former Soviet Unions' 'client' states?
Cheers!
Strat
Progressivism (aka US 'Liberalism'): Ideas so good they need a police/surveillance-state to enforce.