Slashdot Mirror
Big Brother Wants Into VoIP At Any Cost
wallaby fly-half writes "An amendment to the CALEA law would make it easier for the government to monitor calls made over VoIP and even temporarily store some packet traffic. Ars Technica reports that the 'bill will put the technology in place to buffer packet streams, and places the job of filtering those streams under government control. We know from the NSA warrantless wiretapping program that the government is not limiting itself to access to under court orders, and the CALEA bill must be considered in light of the capacity it generates.'"
Raise your hand if you thought VoIP was a really neat idea when it first came out.
Now raise your hand if you still think it is.
Granted it's not really too different from recording Voice, but now you could expect yourself to be extraordinarily rendered if you choose to encrypt your converstations because you have the gall to actually believe the government has no right to recording and storing your conversations, Dub's dirty tricks or not.
Hell, they'll probably outlaw encrypting your own phone calls, next, because (the flag waving) it's (an eagle poses rampant) in (strains of The Star Bangled Banner) the (In God We Trust) best(the blue angels fly overhead) interests (cascading images of Washington, Jefferson, Lincoln, etc.) of (Betsy Ross adds another star to her handicraft) America (fanfare of fife and drum) and everybody knows the real patriots don't question any of this.
"sir, you served potential enemies of uh-merika with strong encryption" and we can't be having that.
Ebay constantly in hot water would probably love to score some points with Washington, they're probably already serving tea and crumpets with the NSA right now, along with a side order of Skype backdoors.
dangerous times call for dangerous laws
A feeling of having made the same mistake before: Deja Foobar
Haven't we learned any lessons from the hideous Bolsheviks?*
____________________
* Peter Holquist, "'Information Is the Alpha and Omega of Our Work': Bolshevik Surveillance in Its Pan-European Context," Journal of Modern History, 69: 3 (September 1997), pp. 415-450.
From the FCC Mandate: From Phil's site: The stupid part of this is that we shouldn't have to do this
You are innocent. You have done nothing to give the government the right to investigate you or collect your phone records with the intent to prosecute you. If you're an American, take a few hours to protect what so many people have fought and died for: your rights to privacy and being innocent until proven guilty.
What next? Is the King of England going to be able to listen in on my VoIP calls?
My work here is dung.
I assume VOIP can be encrypted just like anything else. So once again this will do nothing towards preventing terrorism, but everything to alienate The People.
Argh.
I realize you only posted this comment 4 seconds ago, but I find it strange on Slashdot that you're not modded to +9 SuperGenius yet.
You don't get witty anti-Dubya sarcasm like this just anywhere:
Hell, they'll probably outlaw encrypting your own phone calls, next, because (the flag waving) it's (an eagle poses rampant) in (strains of The Star Bangled Banner) the (In God We Trust) best(the blue angels fly overhead) interests (cascading images of Washington, Jefferson, Lincoln, etc.) of (Betsy Ross adds another star to her handicraft) America (fanfare of fife and drum) and everybody knows the real patriots don't question any of this.
That's quality stuff! And your clever use of condescending nicknames for George Bush...
Dub's dirty tricks or not
Magnificient! Yes, I'm sure it's only a matter of picoseconds before you'll be at +9 or greater. Congratulations.
The biggest downside is that in just two short years, George Bush will no longer be president and we won't get to hear such cerebral commentaries any longer.
I'm a big tall mofo.
It's a lot more likely that millions of people will encrypt our VoIP streams than that we will all scramble our POTS conversations.
Where's our Java applet with SIP over SSL?
--
make install -not war
Remember Clipper chip? Yeah ole Sammy wanted in then too but they changed their tactics by using patent law when that initiative failed.
/. geeks, create a solution.
For those who don't know, the DES patent is owned by N.S.A. so when you see that Verizon's latest gadget that is triple DES encrypted don't be impressed, Uncle Sammy can get right in.
Seems like what we need at this point is OSS encryption that can't be so easily cracked by N.S.A. It's just a matter of time before Skype/Vonage, etc are required to change their encryption to DES or something that the government can read.
It used to be that the government had better technology always, not so true anymore. So
Big brother is already into my credit card records, phone call records, credit and purchase history and library records. Why would anyone think VOIP would get a break?
Weaselmancer
rediculous.
More punishment for Americans who obey the law. As if a criminal would be stupid enough to not use private encryption or alternate communication channels that the government didn't have a listening ear to. Why don't they go all the way and pass an amendment to the constitution that prevents citizens from protecting themselves from government monitoring? Isn't that what they really want?
This is not just the Republicans but the Democrats are interested in the exact same thing. They are not really different in issues such as these. Washington (George) warned us away from Political Parties in his farewell address as President.
The people who have most interest in circumventing the Constition are inevitably the people who think they are the least affected by said circumventions, i.e. career Politicians and career powerful bureacrats (FBI's Hoover comes to mind). We prevented future Hoovers by limiting the FBI's Directors allowed term (10 years I think). We would do well to limit the terms of Senators and Representatives.
It would probably be a good step at reclaiming our democracy as well. Perhaps it will also cut down on porkbarrel spending, as a lot of Porkbarrel spending right now is directed at those who've been in the longest (Robert Byrd) because they've built up the most influence and chairmanships, etcetera.
As always, vote independent.
So wouldn't the logical thing to do be encrypt everything? If they had to try and decrypt every packet in the "buffer" I think the point of even trying to unencrypt anything would be worthless. If I had a VoIP system I would want it setup in such a way that I control how the conversation is encrypted so I could use whatever algorithm and passcodes I damn well want. I am sure the government will try to make this type of setup illegal or demand a backdoor though.
Hey, there is only one Return and it's not of the King, it's of the Jedi.
I could be wrong, but I am not aware of any vulnerabilities in SpeakFreely - http://www.speakfreely.org./ So, if you are worried about people intercepting your calls .. there are solutions. And, yes, it does run on Linux, or, if not, the source is there ...
"Consistency is contrary to nature, contrary to life. The only completely consistent people are the dead." A. Huxley
then I will be setting up a script to make VOIP calls into Saudi Arabia and Iraq at 4am every morning, and have a text-to-speech program start reading off an Arabic or Farsi translation of Dr. Seuss. Let the NSA have fun with that one, 'cause I know I will.
There is no mod option "-1: Disagree" for a reason. "Overrated" is not an acceptable substitute. Post something instead.
First off, the patent is owned by the NSA because they developed it.
They developed it because they're the most qualified to come up with encryption and guarantee its security for government use.
Despite a decade plus of DES being in wide use, brute-force attacks remain the most practical means of "breaking" DES encryption. This is despite FOUR DECADES of close inspection of the algorithm (DES was published in 1976.)
If enough calls, emails, and IMs are encrypted with even moderately sophisticated encryption, the NSA doesn't have a prayer no matter how much hardware they have. It's been known for years they're swamped with unencrypted stuff...
Please help metamoderate.
You got modded flamebait, and I think rightly so, but I think you deserved a real reply anyway.
First, dumping Israel will not protect us from terrorists. You must remember that al-Qaeda attacked Saudi Arabia, even though Saudi Arabis is the guardian of the Islamic holy cities. But they weren't idealogically pure enough, they crossed one of al-Qaeda's lines, and they got hit anyway. So if we were to totally stop supporting Israel, would that buy us protection from terrorist attacks? No. There would be some other issue - we were still selling products to Israel, or buying from them, or something. Are you prepared to write a blank check of concessions to every set of idiots that are willing to use violence to accomplish their goals?
Second: Israeli terrorism??? Hello?
Imagine that the Mexicans, instead of just flooding across our borders in insane numbers, were firing homemade rockets into downtown San Diego and El Paso. Imagine that this had been going on for two years. And imagine that the people doing this (the Zapatistas, say) won the next Mexican presidential election. Now they're the Mexican government. Then they fire some more rockets. Since they're the government, that's now an act of war.
So we go after them. After all, enough is enough. And, though we try to avoid it, there are inevitably civilian casualties. Does that make us terrorists? Or are the terrorists the people who were firing rockets into our cities for two years, deliberately targeting civilians?
Third: Enabling Israel to keep going after the people who are targeting their civilians is a good thing. There cannot be peace while Hezbollah and Hamas continue firing missiles into Israel, and neither of them seem willing to stop, ever. So they have to be stopped. That means that Israel is doing the right thing. But sometimes doing the right thing - or helping someone else to do the right thing - upsets people who are doing the wrong thing. We should help them do the right thing anyway.
Tell me how this amendment, proposed by Republican Congressmembers, produced by the Bush FBI and DoJ to govern Bush's FCC, tells us anything about Democrats? You know, the minority party that has little power under the Republican lockstep government?
Your term limits are decent interventions, but of course they're obviously needed now that Republicans, not Democrats, have forced the issue. As it was Nixon's Republican Executive which forced the Hoover issue in the FBI, and how Senator Ted Stevens (R-AK) is forcing the incumbent pork with his bridge to nowhere.
As always vote independently. But until Party rackets no longer game the system, voting "independent" is nearly impossible. In the meantime, vote for politicians who will govern a sustainable system, not ransack it until it drowns in a bathtub.
--
make install -not war
Do you think I'm suddenly going to freak out on VOIP because the US government might start listening in on my calls? I'm actually suprised that they're not already (they seem twitchy about that stuff right now), though this may be a political version of "it's easier to ask forgiveness than permission". Fundamentally, I don't care how my voice gets from point A to point B, but I'm in favor of doing it as cheap as possible. I like the idea of a world where they run one cable (or no cables, woohoo) to my house and all the information flows over it. The tinfoil hat wearers can roll their own VOIP for talking to whomever they want to talk to and encrypt it out the wazoo. If they're paranoid enough, they can get multiple wired and wireless connections, split up the packets across them all, and have a grand time of it. As best I can tell, VOIP was never about avoiding the government, it was about talking on the cheap using resources already available.
Now, if they come for my encryption, they'll have to pry it from my cold, dead connection
- Tash
Vrrooommm...
Yes, I think they can't break AES256. But I also think they can break the PK that is used to transfer the AES session key. Why? Because Skype is not intended to be secure for the users. Skype uses Skype as the trusted introducer for the PK negotiation. If the FBI tells Skype to implement a MitM attack, then Skype can do it.
The proper way to implement VoIP or any other internet communcation, is to let people be their own PK introducers/certifiers. And let them use OTPs in situations where it is feasible, which just happens to be pretty common (e.g. your phone and your wife's phone probably spend several hours in the same room together, every night).
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Pretty much everybody without his/her head up his/her ass knows that "fighting terrorism" has very little to do with this.
But then, spying on and harrassing political opponents a la Nixon may not be the main motivation behind it, either.
The BIG concern within the Bush Administration is the threat from people inside of it. They need their own people to know that if they divulge any embarrassing or incriminating information, even anonymously, that they will be tracked down and punished. The war is against potential whistleblowers.
Ever wonder why you never hear interviews with anybody who knew Dubya back in his wild days before he became governor of Texas? Every college friend of every other president had stories to tell, some positive and some not, but not so with George II. Why is this? Well, pretty much everybody with an embarrassing story to tell about cocaine or girls or his desertion from the National Guard now has a cushy high-level job in the government or the energy industry. Better jobs with more power than they'd ever dreamed they'd have, and jobs they're not going to jeopardize by telling stories.
That's how you go from being a horse show official to being head of the Federal Emergency Management Agency with zero experience. Anybody who works in Washington knows there's hundreds - maybe thousands - of 'em.
Without the extensive eavesdropping powers Bush claims, these people would be free to contact reporters or blog information anonymously. By advertising these "powers" via carefully planned "leaks", Karl Rove is letting insiders know that they're taking a big risk if they spill any beans.
And you can bet they'll know who I am as soon as I hit the "Submit" button...
The reason our phones are vulnerable to these kinds of attacks, is that we view phone service as .. um .. well, I just used the word: service. You use a "service provider's" network. I'm not talking about your ISP.
But with IP, you don't need to use a "phone service provider" except to interface with POTS. Have your phone contact my jabber server to start a conversation, and we'll use PGP on top of that. Now there isn't any "provider" to regulate and force to implement MitM attacks. They would have no choice but to regulate the users themselves, and we've seen how great that works with the War on Drugs. I guess it'll be another excuse to throw people in jail, and another way to make good people live in fear of their government, but one thing you can be sure of: it won't work for anything else. It won't prevent the behavior that they're trying to suppress.
Death to "service providers." We just need open phone hardware (that we can install our own application on) and a network connection.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
The trouble is that Israel doesn't actually try to avoid civillian casualties. Observe their deliberate targeting of civillian infrastructure and housing districts (not to mention UN outposts). An even clearer example is their longstanding policy of collective punishment in Palestine. That can legitimately be labelled government-sponsored terrorism.
http://www.pbs.org/cringely/pulpit/pulpit20030710
You are clearly buying all that's being sold to you by the mainstream media. I won't get into arguments with you, but rather urge you to read the following piece: http://www.globalresearch.ca/index.php?context=vie wArticle&code=COO20060720&articleId=2767
If this does not mitigate your feelings, then you're as blind as the Israeli consul general in New York who said last week that "most Lebanese appreciate what we are doing".
Res publica non dominetur
As the Network Administrator for an ISP that has customers who use VoIP, I have had to read, understand and plan for CALEA. I can tell you: if the men in black show up without a warrant, they will not get access to customer data. If they come bearing a warrant, I will tap a single stream of data from a single customer, so no other customer data will be included. There is no need to fear conspiracy from responsible ISPs. There's no 'Carnivore' sitting in our data centers, you simply record all the in-out data for that specific site. It's very easy to do and very easy to ensure cleanliness of the output. As long as the 'onus' isn't on us, the ISP, to 'decode' VoIP or VPN data, I don't mind at all. But a warrant will be required.
its a sad day when your average citazens biggest threat is its own government
Really?
Israel believes their enemy has taken base in civilian locations. Perhaps Israel should just toss in the towel? "We'd like to bomb our enemies but, crap, they're living in grandma's basement. Guess we concede." Instead, they seem to be making an effort to tell civilians to get the hell out of dodge because the bombs will soon be dropping.
Yeah, it sure sucks for the families in Lebanon who likely don't really have anywhere else to go. Innocents are dying on both sides of the border and it's terrible. But it's pretty bold -- and, from what I've seen at least, wrong -- to say that Israel "doesn't actually try to avoid civilian casualties."