Slashdot Mirror
Big Brother Wants Into VoIP At Any Cost
wallaby fly-half writes "An amendment to the CALEA law would make it easier for the government to monitor calls made over VoIP and even temporarily store some packet traffic. Ars Technica reports that the 'bill will put the technology in place to buffer packet streams, and places the job of filtering those streams under government control. We know from the NSA warrantless wiretapping program that the government is not limiting itself to access to under court orders, and the CALEA bill must be considered in light of the capacity it generates.'"
Remember Clipper chip? Yeah ole Sammy wanted in then too but they changed their tactics by using patent law when that initiative failed.
/. geeks, create a solution.
For those who don't know, the DES patent is owned by N.S.A. so when you see that Verizon's latest gadget that is triple DES encrypted don't be impressed, Uncle Sammy can get right in.
Seems like what we need at this point is OSS encryption that can't be so easily cracked by N.S.A. It's just a matter of time before Skype/Vonage, etc are required to change their encryption to DES or something that the government can read.
It used to be that the government had better technology always, not so true anymore. So
I could be wrong, but I am not aware of any vulnerabilities in SpeakFreely - http://www.speakfreely.org./ So, if you are worried about people intercepting your calls .. there are solutions. And, yes, it does run on Linux, or, if not, the source is there ...
"Consistency is contrary to nature, contrary to life. The only completely consistent people are the dead." A. Huxley
First off, the patent is owned by the NSA because they developed it.
They developed it because they're the most qualified to come up with encryption and guarantee its security for government use.
Despite a decade plus of DES being in wide use, brute-force attacks remain the most practical means of "breaking" DES encryption. This is despite FOUR DECADES of close inspection of the algorithm (DES was published in 1976.)
If enough calls, emails, and IMs are encrypted with even moderately sophisticated encryption, the NSA doesn't have a prayer no matter how much hardware they have. It's been known for years they're swamped with unencrypted stuff...
Please help metamoderate.
Here are the steps to defeating unwanted surveillance.
1. Use a modem to connect your computer to the Internet.
2. Install a microphone on your computer.
3. Install software to encrypt your digitized voice with a 128-bit key.
4. Arrange for the other party in the telephone conversation to do what you are doing.
Even if the government stores your packets, no one would know what you are saying unless he has the 128-bit key, which only the parties in the telephone conversation have.
These surveillance laws are really intended to intrude on privacy of middle-class Americans. These laws have no effect whatsoever on hardened criminals or terrorists. Hardened criminals or terrorists already know what to do to evade most forms of surveillance.
Yes, I think they can't break AES256. But I also think they can break the PK that is used to transfer the AES session key. Why? Because Skype is not intended to be secure for the users. Skype uses Skype as the trusted introducer for the PK negotiation. If the FBI tells Skype to implement a MitM attack, then Skype can do it.
The proper way to implement VoIP or any other internet communcation, is to let people be their own PK introducers/certifiers. And let them use OTPs in situations where it is feasible, which just happens to be pretty common (e.g. your phone and your wife's phone probably spend several hours in the same room together, every night).
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
The reason our phones are vulnerable to these kinds of attacks, is that we view phone service as .. um .. well, I just used the word: service. You use a "service provider's" network. I'm not talking about your ISP.
But with IP, you don't need to use a "phone service provider" except to interface with POTS. Have your phone contact my jabber server to start a conversation, and we'll use PGP on top of that. Now there isn't any "provider" to regulate and force to implement MitM attacks. They would have no choice but to regulate the users themselves, and we've seen how great that works with the War on Drugs. I guess it'll be another excuse to throw people in jail, and another way to make good people live in fear of their government, but one thing you can be sure of: it won't work for anything else. It won't prevent the behavior that they're trying to suppress.
Death to "service providers." We just need open phone hardware (that we can install our own application on) and a network connection.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
http://www.pbs.org/cringely/pulpit/pulpit20030710
You are clearly buying all that's being sold to you by the mainstream media. I won't get into arguments with you, but rather urge you to read the following piece: http://www.globalresearch.ca/index.php?context=vie wArticle&code=COO20060720&articleId=2767
If this does not mitigate your feelings, then you're as blind as the Israeli consul general in New York who said last week that "most Lebanese appreciate what we are doing".
Res publica non dominetur
The Saudi govt just says that to keep the public happy. 'al-qaeda' attacked the Saudi govt because they are complicit with the US administration. al-qaeda or any other islamic group would protect the holy cities to the end.
So if we were to totally stop supporting Israel, would that buy us protection from terrorist attacks?
There are dozens of other non-muslim countries. Why do you think only the US was attacked?
Israeli terrorism??? Hello?
You've got to be kidding, or I can't believe your ignorance. Do you have any idea how the Israelis treat arabs or even Indians for that matter?
And occupiers and settlers by definition are not civilians. You make the israelis sound like innocents in all this. Don't forget they didn't hesitate to destroy the USS Liberty
You can have your own machine gun or other NFA Class III weapon, but you'd have to buy a $200 federal tax stamp for it, it can't have been made after May 19, 1986, and you'll have to deal with whatever other restrictions your state imposes. The ridiculous limit on the date of manufacture is why you now will end up paying $15,000 for the privilege of plinking at the range with a full-auto MP5 when the gun should really cost about a tenth of that.
/not a lawyer
//not legal advice
Plenty of Class III permits are still issued, and it's really not that difficult to get one if you don't have a criminal history and are willing to deal with the extra government involvement in your life that it entails. It's the cost of the weapons themselves that keep them from being more common, and that you can pin on the Firearm Owners Protection Act of 1986. FOPA rescinded a lot of the onerous provisions of the Gun Control Act of 1968, but introduced a few of its own. IIRC, a bazooka would also fall under NFA, and not only would you need a permit for the bazooka, but also a permit for every rocket at $200/pop, subject to your local laws regarding "destructive devices".
Please stand clear of the doors, por favor mantenganse alejado de las puertas