Slashdot Mirror

← Back to Stories (view on slashdot.org)

Canadian ISP Shoulder Surfing

Posted by ryuzaki0 on from the wishing-for-the-good-old-days-of-1984 dept.

1nfamous writes "Canada's Largest ISP, Bell Sympatico, has informed its customers that it intends to 'monitor or investigate content or your use of your service provider's networks and to disclose any information necessary to satisfy any laws, regulations or other governmental request.' The new customer service agreement is effective June 15, 2006."

36 of 411 comments (clear)

  1. Welcome to America Junior. by TripMaster+Monkey · · Score: 4, Interesting


    The chief difference between Canada and America? At least the Canadians get fair warning.

    Clearly, the Canadian government is going to have to work on that...after all, we can't tip our hand to the terrorists, right? These things must be kept secret, because unless they're explicitly informed, the terrorists will have no reason to believe their internet access is being tracked, just as they had no reason to believe that their phone calls may have been bugged and their financial records traced, that is, until the meddling fourth estate decided to educate them, much to the peril of all freedom-lovers.

    (Sorry....my sarcasm button was stuck there for a while...)

    I've said it before, and I'll say it again: it's time to start encrypting everything. Just one question...anyone out there familiar with the current legality of crypto in Canada?

    --
    ____

    ~ |rip/\/\aster /\/\onkey

    1. Re:Welcome to America Junior. by Triv · · Score: 5, Insightful

      The chief difference between Canada and America? At least the Canadians get fair warning.

      June 15th, the date this went into effect, was two weeks ago, and the Globe and Mail article was posted yesterday. So either Bell Sympatico told people with little to no warning, or the Globe and Mail didn't bother to run this until everything was said and done. Either way, this sucks.

    2. Re:Welcome to America Junior. by ablair · · Score: 5, Informative

      There are virtually no restrictions on the use of cryptography or encryption technology in Canada. Famously, this is the reason that the OpenBSD project is based in Canada and not the US - the extensive use of encryption in OpenSBD would mean that, amongst other things, if it were US-based its development and distribution would be severely curtailed. People distributing the software may technically even be arrested, depending on how stringently their laws were interpreted.

      This proposed "warrantless" internet surveillance bill will encounter a great deal of resistance in Canada, and with a minority government it's passage is by no means guaranteed. In the event that it does become law, at least people can encrypt anything & everything they send over the internet. A law such as this, however, would be challenged in the courts almost immediately here.

    3. Re:Welcome to America Junior. by dugjohnson · · Score: 4, Funny

      I'm thinking of having the computer generate random keys for everything I do. That way even I won't know the key, so I will be safe from myself, all of my data will be locked down, safe, and inaccessible to anyone, even me. Let them try to get THAT data.....

      --
      My brain is overly lubricated
    4. Re:Welcome to America Junior. by CreatureComfort · · Score: 5, Interesting


      You sir, seem to be under the mistaken assumption that this, or any other, "War on Terror" program is actually aimed at terrorists. As you point out, any real terrorists/hackers/bad guys can find a multitude of ways around all of these systems. In fact, if you are actually doing anything deliberately illegal, you must assume that you are being evesdropped on at all times, and so make all of your contacts as innocuous as possible. That's basic subversion 101.

      All of these "programs" are to make sure that those in power have something on everybody. That way when you actually do something that interferes with their agenda or makes someone with power mad at you, they can nail you on several unrelated charges and keep their actual agenda somewhat obscured.

      As to your point, this very post could, at some point, come back to haunt me. But everytime I state these very obvious facts in a public forum, it would be terribly inconvenient for me to have to "format my shit" to avoid prosecution. The problem with the GP's idea of rotating encryption, is that only works where both ends of the conversation are trusted entities. If I were in Canada, and searching the web for information on something of dubious legality, like growing strains of South American botanicals north of the 48th parallel (hey, I like orchids), this would raise a flag somewhere in a database with my name on it. If later I searched for and made posts in support of opposition candidates and positions (whoever the "opposition" of the day was), that would also go into the file. If I was later surfing "fine art" sites and a link farm popped a window with underage models up, bang. You guessed it, a note into the file. When I did something annoying enough to the monitors, they would select the most convictable of possible offenses, get a warrant for a "secret search" and "discover" illegal content on my PC. Evidence clearly substantiated by the logs provided by my ISP.

      See how easy it is. If I were actually doing anything deliberately illegal, I would go to great lengths to protect myself. It's the poor buggers that think they are within the law that will get hammered unsuspectingly.

      /paging Harry Tuttle

      --
      "Unheard of means only it's undreamed of yet,
      Impossible means not yet done." ~~ Julia Ecklar
  2. Welcome, Big Brother by cp.tar · · Score: 5, Interesting

    I wonder how long before people start being bothered by this kind of behaviour?

    And I don't mean us, but the majority of sheeple...

    Will it be too late then?

    --
    Ignore this signature. By order.
    1. Re:Welcome, Big Brother by alshithead · · Score: 5, Interesting

      Unfortunately, I think a lot of people will look at this as the ISP participating in a neighborhood watch type program to protect everyone from the "bad" people on the internet. That's how I would certainly try to market it if I worked for an ISP that was instituting this kind of invasion of privacy. "Will it be too late then?" My cynical side says it's too late now. My hopeful side says...nothing.

      --
      I reserve the right to think for myself. Others' opinions are optional. Puppy on lap = typos...not illiteracy.
    2. Re:Welcome, Big Brother by dwandy · · Score: 4, Insightful
      Having had a conversation over the past couple of weeks with some non-techie friends, but whom I regard [nontheless! :) ] as educated and intelligent it's apparent to me that as with many topics, there is the /. view, and then there is the rest of the population. And they are no where near the same.
      In general terms, they feel that mass monitoring, arresting people on security certificates and all the other things that I feel are an invasion of my privacy and liberty were perfectly acceptable.

      It's "think of the children" applied to "think of our security".
      I suppose it's human to fear the unknown. And the terror age we live in is filled with uncertainty.

      After much discussion, I think they see my point of view, though they still maintain that "something" must be done. And if that "something" infringes on liberty that's still a cost they are willing to bear.

      So, sadly, in my limited experience, the sheeple are not going to be bothered any time soon...

      --
      If you think imaginary property and real property are the same, when does your house become public domain?
    3. Re:Welcome, Big Brother by voice_of_all_reason · · Score: 4, Insightful

      Why can't more people see this clumsy manipulation for what it is?

      Because it works every time. Century after century.

    4. Re:Welcome, Big Brother by cp.tar · · Score: 4, Interesting
      I think it's safe to say if you've been reading Slashdot for any fair period, plenty of people are bothered by it, however that's not as important as what those of us bothered by it intend to do about it. I vote for sending in ninjas... or maybe pirates... but seriously, if people in the tech community are worried about this, then a few of us need to get elected. The Slashdot Party anyone?

      If I were American, I for one, would welcome our new Slashdot Party Overlords.

      At least the memes used here would be refreshing after the centuries-old slogans.

      On the more serious side, I think you're wrong in saying that plenty of people are bothered by it - just because we're the majority on Slashdot, it doesn't mean we have a significant mindshare in general population.
      We are few.
      And even though lots of us would like to do something, I know that no-one normal would trust me if I went into politics.
      They'd just think of me as everyone else who goes into politics.

      I have a life to live.

      --
      Ignore this signature. By order.
    5. Re:Welcome, Big Brother by Beryllium+Sphere(tm) · · Score: 5, Interesting

      >it's hard to argue that a vague notion of "privacy" is more important then staying alive and safe.

      There are two ways to explain this to people.

      One is that mass eavesdropping hurts real security. If the FBI is checking out Domino's Pizza then they're not checking flight schools or infiltrating violent groups. http://www.computerworld.com/action/article.do?com mand=viewArticleBasic&articleId=9000515

      The reason privacy is important is that government agencies with impossible missions tend to start hassling easy targets to make up for not being able to reach the important ones. How many of those average people have uploaded or downloaded music? How many of them realize that copyright infringers have been accused of funding terrorism?

      Without privacy and due process protections, the guy in the high rise will be in more danger of becoming a terrorist suspect than of beomcing a terrorist victim.

    6. Re:Welcome, Big Brother by jridley · · Score: 5, Insightful

      I suppose it's human to fear the unknown. And the terror age we live in is filled with uncertainty.

      People like to say "everything changed on 9/11". Well, as far as I'm concerned, the only thing that changed on 9/11 is that a lot of people with a naieve and incorrect notion of security got a rude wake-up call. I've wondered since I was a teenager (back in the 70s) why such an obviously soft and much-hated target as the US had not had a significant terror attack in many decades. OK City got us started, and was more along the lines of what I was originally thinking; absolutely anyone could have done that.

      People want their warm fuzzy fake security back. They can't have it of course, because it never really existed, but there are no end of people (in government and elsewhere) willing to exploit their desire to their own ends.

    7. Re:Welcome, Big Brother by Maxo-Texas · · Score: 4, Insightful

      Exhibit B: The non-liberal candidates to choose from were selected by and, where it matters, will work for the elite.

      "Conservative" Sock Puppet replaces "Liberal" Sock Puppet.

      One of the easiest ways is to set things up so the candidates must spend large amounts of money on advertising to win an election. The second that happens, only corporate stooges will be among your choices.

      --
      She was like chocolate when she drank... semi-sweet at first and then increasingly bitter.
  3. Ladies and gentlemen... by Spy+der+Mann · · Score: 5, Funny

    start your encryptors.

  4. Universal Encryption by Doc+Ruby · · Score: 4, Interesting

    In a sane world, the Internet's HTTPS:HTTP ratio would be skyrocketing. Does anyone have trend graphs?

    --

    --
    make install -not war

    1. Re:Universal Encryption by goldenratiophi · · Score: 5, Funny
      Yes I do. Better yet, I can post them text-only!

      HTTP:
      /

      HTTPS:
      __

    2. Re:Universal Encryption by Doc+Ruby · · Score: 5, Informative

      No, HTTPS is just the HTTP application protocol transacted across an encrypted (SSL or TLS) TCP transport protocol. The only data passed in the clear is the IP#s of the remote endpoints. Once connected, the client requests the server send the identified object (eg. "GET /home_explosives.html HTTP/1.1") during the encrypted transaction.

      Of course HTTPS is vulnerable to traffic analysis and attacks on HTTPS itself, but proxies and tunnelling protect HTTPS even more.

      The increase in HTTPS would come from the public perception of HTTPS as more private, hindered only slightly by imperfections in the protection.

      --

      --
      make install -not war

  5. competitive advantage by mrheckman · · Score: 5, Insightful

    If you are a capitalist and believe in "the magic of the marketplace", you have to believe that this trend will eventually result in ISPs who advertise the opposite: that they don't snoop, that they dump any logs within hours or minutes, and so forth. That is, if they are allowed to do so by law.

  6. company should change their name too by MoFoQ · · Score: 4, Funny

    So much for "sympathy"....they need to change their name from "Bell Sympatico" to "Bell Antipatico"

    But then again...it is a Bell company....after the AT&T thing, I expect nothing less.

  7. Re:So... by tomhudson · · Score: 5, Interesting
    Well, it can't be Canadian, because of Personal Information Protection and Electronic Documents Act (PIPEDA) (in force for all businesses since January 1st of this year):
    http://www.privcom.gc.ca/legislation/02_06_01_01_e .asp
    "record" includes any correspondence, memorandum, book, plan, map, drawing, diagram, pictorial or graphic work, photograph, film, microform, sound recording, videotape, machine-readable record and any other documentary material, regardless of physical form or characteristics, and any copy of any of those things.

    They're simply NOT allowed to do this without a warrant if you refuse to consent to it. Simply send them an email stating that you do not consent to their unlawful search, and cc the privacy commissioner.

    If they say "these are our TOS, don't like it, leave" - that's not good enough. Their contract is a contract of adhesion, and as such, unconscionable and onerous clauses can be struck from it. Certainly claiming a right to violate PIPEDA is one such clause.

  8. No, no, you got the fascism all wrong! by glindsey · · Score: 5, Funny

    See, there's the difference between America and Canada.

    We make sure that the customer's don't know when we're spying on them.

  9. Not such a huge concern? by plasmacutter · · Score: 4, Interesting

    doesn't canada have very strict internet privacy laws.

    if they snoop and give it away to anyone in violation of those laws class action suits will follow.

    --
    VLC FOR MAC IS DYING! IF YOU DEVELOP, PLEASE SAVE IT!!
    1. Re:Not such a huge concern? by Sven+The+Space+Monke · · Score: 4, Informative

      Yes, we have VERY strict privacy laws. One of those laws requires that companies disclose WHAT information they're gathering, WHY they're gathering it, and WHO they're gathering it for. That same law requires that unless there is a court order, that company is not allowed to disclose that information to a 3rd party for any reason unless they have your express, written permission. IE, them saying "well, we added in to our contract a clause that lets us sell or give away your information to anyone we want" is not allowed. I worked for a bank that tried that and got slapped hard.

      Basically, Bell is doing this to comlpy with the privacy laws. They're keeping your http logs (like every ISP out there), and now they're just following through on their obligation to tell their customers why they're doing it and who could possibly see it. Should they ever actually release your information, they still have to have a court order, OR your signature on a contract that specifically says who you're authorizing the release of information to, and what that third party intends to do with your information.

      --
      A man who can't pronouce "nuclear arsenal" shouldn't have one -sig ends here.
  10. Someone correct me... by thebdj · · Score: 4, Interesting

    if I screw this up...but I remember something from a few years back where a court ruled that logging IMs was equal to recording a phone conversation and could be help under the same notification laws. This is typically not a problem in the states since most, all but 12, require single party notification, so since I know I am recording the conversation it is legal.

    Now, if courts did uphold that monitoring and logging IMs, and presumably other means of electronic communication, is covered under the call recording notification laws, would this not create a dilemma for the ISP that is monitoring (and presumably logging) network traffic of users, which would include IMs and e-mai, when their users begin to communicate with individuals from the states who live in one of those 12 states that require both parties to consent?

    I am fairly certain on the court ruling I mentioned, I even jokingly added a warning to people in my status message, but I am not sure if this ruling was ever contested or of my full interpretation of the law that follows.

    --
    "Some days you just can't get rid of a bomb."
    1. Re:Someone correct me... by MudButt · · Score: 4, Funny

      Someone correct me if I screw this up...

      On Slashdot, I can pretty much guarantee this... =)

  11. Re:Free Market by NaleagDeco · · Score: 5, Insightful

    The question is: if this ends up carving a huge dent in Bell's market (which it probably won't), will the lesson be "People don't like being monitored" or "People don't like knowing they are being monitored?"

    --
    "Shoot for the moon, even if you miss, you may hit a tree"
  12. Re:Free Market by HRbnjR · · Score: 4, Insightful

    Choose another ISP?

    Yeah, so...here in Western Canada, I have my choice of 2 broadband ISP's (the two major players bought up all smaller competitors)... the cable company (Shaw) or the phone company (Telus).

    I had a cable modem, but they overloaded the segment in my apt building and my FPS ping times went to hell (120+ms min, unplayable at all peak hours).

    So, I switched to using DSL from the phone company.

    So, in a case like this, if my ISP does such a think, and where I really don't like being monitored, my choice is to ?

    The barrier to entry into such markets is *far* too high for any smaller competitors to get established.

  13. Re:Welcome... by Tackhead · · Score: 4, Funny
    > ... Big Brother

    Bob: Hi, I'm Bob Mackenzie, this is my Big Brother Doug.
    Doug: How's it going eh?
    Bob: Not good, eh. Cuz, we still haven't gotten our two-four for findin' that mouse in the beer bottle yet, have we?
    Doug: No, eh. It was like, the thing that is in Bottle 101 is the worst thing in the world.
    Bob: But didn't we make Strange Brew in 1983, not 1984, which was like, one year later eh?
    Doug: Oh, take off!

  14. Canada here, quick.. by eieken · · Score: 5, Informative

    To help you surf the web without being spyed on I recommend installing Tor then installing FoxyProxy.
    Tor takes care of the proxy encryption, and FoxyProxy lets you use all those proxies while you surf.
    Invaluable for the privacy conscious, or rather anyone living in the 21st century.

    --
    Meet new people, and kill them.
  15. Why? by MobyDisk · · Score: 4, Insightful
    Why would an ISP do this?
    ...to disclose any information necessary to satisfy any laws, regulations or other governmental request...
    Stating that you will disclose information that is required by law is obvious. But disclosing information that you are not allowed to disclose and do not have to disclose, makes no sense. I can see no benefit to the company. What gives?
  16. Apathy rules the masses by krusadr · · Score: 5, Insightful

    Unfortunately 99.99% of internet users have no clue about encryption, they have never heard of PGP, probably don't know when they are even viewing an https page. The mass bumbles along in ignorance and any attempt to educate them is blocked by an enourmous inertia of apathy.

    It would take several years of media coverage about invasion of privacy and some high profile cases before the masses would rise from their slumber and do something about Bell Sympatico. It's the same as what the US government (and the UK government) are doing to strip away freedom in the name of security.

    It's sad but true, if you understand the issues you are in a tiny minority. Don't expect and change anytime soon.

    --
    while sco {
    wget -O /dev/null http://www.sco.com?sco=litigious%20bastards
    }
    1. Re:Apathy rules the masses by CastrTroy · · Score: 4, Insightful

      Which means that anybody who really has anything to hide, will still be able to hide what they are doing, while the people who aren't really doing anything wrong, or not wrong enough to bother learning how to hide what they are doing are the ones being watched. Seems kind of backwards to me. Anybody who wants to get around it can, but those who don't need to get around it won't. It's like DVD copy protection. Stops regular joes from copying dvds from their friends, but the real pirates who copy millions of DVDs have an easy way to get around it.

      --

      Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
    2. Re:Apathy rules the masses by sepharious · · Score: 4, Insightful

      Amen, its the argument I've made for years now. You can't stop the pirates, they are just as smart/smarter than the people designing the DRM. Time and time again DRM schemes have been cracked. Every new console is supposed to be "unhackable" and you'll never be able to play copied games. [BUZZ!]WRONG! All it takes is time and patience. I wrote my congressman about the broadcast flag informing him that it would do nothing to stop piracy but everything to harm the regular consumer. Greater control breeds less consumer confidence in both the manufacturer and the government that's supposed to protect them.

      --
      Did you know that you can be apathetic to apathy? Not that I give a shit...
  17. Re:Canada is swinging much harder to the right by Geoff+St.+Germaine · · Score: 4, Insightful

    On a side-note - Stockwell Day is a bit of a dingleberry - a creationist who believes the earth was created 5000 years ago....the sharp swing to the right has begun in Canada....looks like the terrorists are winning when our freedoms start to get whittled away, bit by bit....

    This legislation was first introduced by the liberals last year, so it isn't just because of the more right wing conservatives.

  18. Damn Straight by Greyfox · · Score: 4, Interesting
    9/11 was nothing but a "Welcome to MY world." I grew up on military bases that were among the first targets that were going to be hit in the case of a nuclear war. I grew up at what was going to be ground 0 if politics took a turn for the worse. While I was being incinerated at ground 0, dad would have been helping the US government destroy humanity. My world was a world of security fences and guards carrying AK47s. They weren't just for show either. Every so often some crazy would try to crash the gates and get himself shot.

    The way you look at the world changes when you grow up like that. I could see the truth that most Americans never think of. I knew who the next likely enemy was after the cold war ended. I knew our intelligence agencies were ill equipped to fight the new threat (And still aren't.) I knew that just about the entire world likes to hate America. I knew it was only a matter of time before there was a major terrorist attack in the USA. I know that it's only a matter of time before there'll be another one.

    Most Americans seem to have become complacent again. They'd rather live in ignorance, and they like to think that the government is proetecting them. They keep telling themselves that. "Oh it'll be all right, the government is protecting us." Ask someone who knows what the government's been up to, though, and you'll find that it's more by luck than by skill than we haven't had a big successful attack since 9/11. I don't care what your politics are, the level of incompetence displayed at all levels and on all sides should disgust you.

    --

    I'm trying to teach myself to set people on fire with my mind... Is it hot in here?

  19. Re:How do you trust proxies? by Wyzard · · Score: 5, Informative

    If you use Tor, you're actually going through a sequence of several proxies, using different encryption keys for each hop along the route. The first proxy in the chain knows who you are, but can't see where you're going; it can only see the next proxy in the chain. The last proxy in the chain can see where you're going, but it doesn't know who you are, because all it can see is the previous proxy in the chain. Those in the middle can't see either the origin or the destination.

    Unless an attacker manages to compromise all the nodes along your route (which changes every few minutes), the Tor network can't figure out who was going where.