Slashdot Mirror
Monday is Wiretap the Internet Day
Alien54 wrote with a link to a Wired blog entry noting that May 14th is the official deadline for internet service providers to modify their networks, and meet the FBI and FCC's new regulations. The Communications Assistance for Law Enforcement Act requires that everyone from cable services to Universities give them access, within certain parameters, to the usage habits of customers. "So, if you're a broadband provider (separately, some VOIP companies are covered too) ... Hurry! The deadline has already passed to file an FCC form 445, certifying that you're on schedule, or explaining why you're not. You can also find the 68-page official industry spec for internet surveillance here. It'll cost you $164.00 to download, but then you'll know exactly what format to use when delivering customer packets to federal or local law enforcement, including 'e-mail, instant messaging records, web-browsing information and other information sent or received through a user's broadband connection, including on-line banking activity.'"
I want to create a bot will do nothing but search for, and then go to, 'illegal' sites. I figure if it hits a few porn sites, maybe an offshore gambling site, and *any* site in Arabic that should be enough. If we get enough of these bot going it should create so much white noise that the g-men couldn't tell the real stuff from the botted stuff. Or maybe I won't. y'know, whatever...
I judt got a nre Kinesis keybiartf so please excusr ant egregiou typos.
The central part of the US Constitution pretty much describes what the Federal government can do and gives authority to do so. It is the Bill of Rights and subsequent amendments that puts the limits on government powers - and the Bill of Rights was passed because of concerns with the powers granted in the Constitution. The Constitution was created and ratified because the central government under the Articles of Confederation was too weak to be effective.A Shadeless room is a brighter room.
This law actually makes a special exception for encrypted data:
Full text here.
Liberty in your lifetime
Pity. This could be a social engineers dream. Walk into an ISP, look official, and get all the packets to and from addresses assigned to the US government. Something about a counterspy program or something ought to get you in. Now, start posting things on random forums that us regular citizens aren't supposed to know about. It'd be a bitch to try and catch all of it.
I see your informative link, and raise you a pithy comment.
I've done little research on this, but I read that the original CALEA created in 1994 was extended
in May 2006 to cover broadband and VoIP providers. How suddenly have all these
businesses popped
up to fill this niche? I wonder how many ordinary people considered starting one of
these businesses themselves?
It's call nickling-and-diming the public. Unless Joe Blow Public have a financial stake in this process, he'll probably won't fork out the cash to see what it is or hire a lobbyist. The law may have enough legal jargon that it doesn't make sense without having a lawyer explaining it. Joe Blow can't start a grassroot movement when the price of learning enough to do something about it is too high.
"Public and private communications" is not within that Ammendment, you might notice.
Scanning Internet packets also does not constitute either a search nor a seizure. You are already passing the information through the ISP. All the new law requires is that the ISP willingly pass over any of that information to the FBI upon issuance of a warrant.
It's not that uncommon. Here in SC you have to pay to have access to the law. It is copyrighted and the state vigorously protects that copyright. In 1998 I was threatened by the state AG's office for having a copy of a .doc file on my web site that quoted a section of the state's vehicle laws. Us peons aren't allowed access to the laws. Knowledge of the law is only for the protected lawyer class.
I still find it amusing that a friend of mine at the time disagreed with the thuggish tactics they used but is now OK w/ denying commoners access to the law. The difference is that he recently graduated from Duke law school. He is now very anti-Constitution, anti-EFF (despite having donated money to them several years ago!), and very pro-Democrat.
The text from the SC law:
"The State of South Carolina owns the copyright to the Code of Laws of South Carolina, 1976, as contained herein. Any use of the text, section headings, or catchlines of the 1976 Code is subject to the terms of federal copyright and other applicable laws and such text, section headings, or catchlines may not be reproduced in whole or in part in any form or for inclusion in any material which is offered for sale or lease without the express written permission of the Chairman of the South Carolina Legislative Council or the Code Commissioner of South Carolina."
They consider distribution for free on a web site a sale for $0 so that makes it illegal without written permission. I tried to obtain permission and after making around four dozen phone calls and two trips to Columbia, SC, I finally gave-up.
for the Reich is to have PATRIOT III include language to require logging and storage of unencrypted copies of all data that has an endpoint on said ISP's server. All your POPS belong to us..... For the guy a few posts earlier who asked the obvious question about when we're going to get riots in the street, watering Jefferson's "tree of liberty": the two obvious answers are that 1) thanks to the efforts of those who really run the country, consumers (formerly known as "the people" or, in even more archaic terms, "voters") have been relieved of the burdens of "critical thinking" and "political dynamism" since about 1974, and 2) just in case, the Best Congress Money Can Buy has been funding military semi-lethal weapons and domestic deployments (Posse Comitatus? The Decider says it's "just a scrap of paper") since shortly after the events in Item 1. Short version: The United States of America was a Constitutional republic from 4 March 1789 to sometime around November 1974; a hybrid state from 1974 to 12 December 2000, and a fascist kleptocracy since that time. This is just another warhead tossed onto the pile to see how high the rubble of freedom can be bounced.
SSL private keys and SSH private keys can and have been stolen from remotely deployed systems and used for man-in-the-middle monitoring. And a penetrated router or smart switch on the *internal* side of the OpenVPN is a common approach for really sophisticated crackers to tap all your traffic *after* it's been decrypted by the VPN system.
Weven where communications are more secure at the application layer, most people simply click on the "do you accept this key" buttons when making an encrypted connection, which makes such monitoring even easier because the user in the field winds up using the man-in-the-middle's public keys, instead of the target destination's public keys. I saw this about six years ago in a rather clever router reconfiguration to minotor all SSH traffic to a victim's internal network administration servers. We only noticed it when I got brought in to see why there were such large latencies on incoming traffic, and dumped the configuration to plain text and actually *read* it, along with noticing that the previous admin had never bothered to install and enable the SSH tools. Then I found out he had been programming it, via telnet, from his laptop on the road.
We had a long, private talk before I went to the company president with the analysis. He hadn't been allowed the time or resources to do things more securely, and his manager had been saying "we have a firewall, we can trust people inside the network" and had denied this engineer's attempts to do things more securely. It would have been a lot cheaper to do it right than to have me try to clean up the mess later, but it's often difficult to get people to do things right.
If you think a colo service is robust protection, then go ahead and check how many of your colo setups have encrypted file systems, password protected boot loaders, and password protected BIOS's, just to start with. Then compare what you could do with the same money and resources to secure your systems against rootkits, implement proper password management, etc.
But even if you colocate outside USA, your protections will actually be much worse than at home. Not so long ago FBI cracked servers in Russia to get evidence. Never mind breaking their laws. FBI/CIA doesn't need any warrants to go after foreign targets. No privacy laws cover foreigners from americans' intrusion. Even crimes are ok, it seems. SWIFT, Airport, banking, health data, google data, all is OK to have and to spread and to sell if it's a US company and the target is a foreigner.
Ever had a stranger mock you about your health issues to fuck up your social life?
That's what it means to be a target abroad.
I'm sorry, but you are sadly mistaken. Go actually read the unclassified parts of the Patriot Act. Then take a look at the existence of the secret NSA wiretap rooms in on the core internat backbone providers such as AT&T, rooms whose existence was revealed by a company whistleblower and for which AT&T is being suied now by the EFF and other civil liberties groups. The NSA certainly can and does monitor international traffic legally, with no authorization required. It's their *job*. Unfortunately, so do other countries. And the NSA trades with them to get domestic materials.
The three branches are *not* involved in this. The handling of the monitoring does not require warrants, and is thus executive policy, without court involvement or even notification of what is beiing monitored. And even if the three branches are involved, the people being monitored are *not* being notified of the monitoring!!! There is no warrant served: even libraries are prohibited by the Patriot Act from telling book borrowers that they've been forced to turn over records, without warrants, under the Patriot Act.
Yes, it's been going on for years. It's going to happen again and again, and it needs to get slapped down each time it occurs to prevent it becoming ubiquitous and a means of interfering with public policy or personal lives of the innocent. Given the documented monitoring of Martin Luther King by the FBI, the McCarthy era files of who was a communist and forced confessions of other potential "communist" americans, and stupidities of federal raids with warrants such as the "Operation Sundevil" raids on Steve Jackson games, there is just no reason to trust federal investigations or monitoring without public exposure and review.
There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order.
-- Ed Howdershelt
So when will slashdot enable https://slashdot.org?
I'm gonna need a spec.
Well, in the rest of the 'free' world we do it through something called an 'election'. We actually get to choose our government and thereby exercise a fair amount of control. If we want something really bad we can even involve our self directly by joining a political party or even start our own. The entire process is commonly known as 'democracy'.
You Americans should try it once... it's pretty cool actually.
We've actually been trying it for a centuries - so long that the powers that be have learned to game the flaws in the system. That's why you could find Republicans donating to a Green party opponent of Rick Santorum, for instance, because unlike in your naive "we could start our own political party" fantasy, in the real world plurality voting causes third parties to siphon votes away from the major party that more closely expresses their views. Perhaps I'm wrong, and your democracy uses Condorcet voting? No? Didn't think so. I hope you've at least got Proportional Representation, or you can expect your oligarchies to figure out how to abuse the system even faster than ours did.
Amazingly, although they didn't understand the tradeoffs in different multi-party vote counting systems, the American founding fathers did understand an even deeper flaw with representative democracy: sometimes, 51% of the voters pick a dickhead. Their solution, a constitution which limits the authority that even popularly-elected leaders have, would work here if any of our opposing leaders had the balls to help enforce it. The Ninth and Fourth Amendments in the Bill of Rights would both apply here, if only the Democrats hadn't long ago agreed to ignore the Ninth to fight the "War on Poverty" and ignore the Fourth to fight the "War on Drugs". The "War on Terrorism" is just another step in the same direction, not an unprecidented disaster.
Unfortunately, they're mostly eliminated:
Soapbox - the real "soap box" is the TV, only big media moguls and rich corporations get to play. Blogs don't have nearly the same impact, but I guess this one is fairly alive. Too bad there's so little left people can do that matter.
Ballot box - two parties, both on a power trip. Even if a third party started to gain traction, they'd shift politics a little and it'd disappear into nothingness again. Not to mention that going to a third party makes your side weaker - if 20% voted 3rd party, 35% the "favored" of the big parties and 45% the "unfavored" big party, the unfavored big party would win even though the other parties have 55% of the votes.
Jury box - the only place I've ever heard the words "jury nullification" is on slashdot. I can't think of a single article I've ever read where this was used in modern time, which should have generated some press. Most of the time it seems you should be happy if they pass judgement on the evidence and the law, and not on their personal hatred for the crime they're accused of.
Ammo box - any armed revolution would involve a lot of civil unrest and loss of security. Given the reaction after 9/11, I'd say most people would want those terr-uh-rists shot for trying to away take their dem-uh-cracy, regardless of whether it's just or not. People want security, and the easiest way is to let the government crush the opposition.
People tend to think this will only be used in the "big" and "important" things, things that don't involve them. They fail to see that there's plenty people that want to meddle in the lives of other people, right down to whether they stick their dick up another man's ass in their own home. People that love to dig up dirt on somone and pass moral judgement on them. People with plenty prejudice out on a mission to prove themselves right. Latent bullys just waiting for that government power over other people, to be a pest and a bother. Corrupt people who trades in favors and obedience. When the Soviet Union and the East Bloc fell, it wasn't because of a few "enemies of the state". It was because millions of people were sick and tired of having their lives interfered with and controlled by a government that wanted to know every detail of their life. They should call this "The STASI archive act", maybe that'd raise a few eyebrows. Then again, how many Americans would recognize history if it was staring them right in the face...
Live today, because you never know what tomorrow brings
Don't say that I didn't warn ya.
http://www.askcalea.net/docs/calea.pdf
Parity: What to do when the weekend comes.
The really sick part is, once we do realize it it will be way to late to change it. It pretty much already is. War, REAL war, not these stupid "occupational skirmishes", has become something very few in our society have any stomach for. Armed resistance against the US military is pretty much pointless since any weapons of merit have been outlawed. The whole point of the 2nd Amendment was to make sure the people could go toe-to-toe with the government, and the government has made nice and sure that will never happen.
Alas, all is not lost. All we'd need is a couple of intelligent military commanders to switch loyalties and rebels would have several divisions on their side. I suppose it's supposed to be that hard by design - armed resistance is a last ditch effort when all else has failed.
Incidentally, the wrongs visited upon the American people by our current government FAR outstrip anything George III ever did to the American colonists.
We are the fire that lights our world.. and we are the fire that consumes it.
It's not a "tin-foil hat" thing if you've been reading the news at all over the past year or so.
Please stand clear of the doors, por favor mantenganse alejado de las puertas