Wikileaks Publishes FBI VoIP Surveillance Docs

An anonymous reader writes "The folks on wikileaks have published a new interesting and shocking report: FBI Electronic Surveillance Needs for Carrier-Grade Voice over Packet (CGVoP) Service. The 88 paged document, which is part of the CALEA Implementation Plan was published in January 2003 and describes in detail all needs for surveillance of phone calls made via data services like the internet. Wikileaks has not published any analysis yet, so maybe some of the techies hanging around this end of the internet are interested in taking that one on."

Why is this shocking?

[MyNameIsFred]

I'm trying to figure out why the summary calls this document "shocking." Interesting yes, shocking no. It is well known that the law requires VOIP providers to maintain a capability for law enforcement agencies to wiretap. This requirement has been around for years, and is completely consistent with older "Plain Old Telephone Service." Its not like CALEA is hidden. You can find its website with a quick google. The author of the summary seems to be conflating CALEA with the dustup with the Bush administration and unlawful wiretaps. They are separate issues. Conflating them helps no one.

Re:Why is this shocking?

I'm inclined to agree. I looked into CALEA a couple of years ago as part of an investigation to see what impacts it might have for universities. Much of the public criticism seemed to assume that it was a way for law enforcement to tap all communications. In fact, it is the exact equivalent of existing wiretaps: they don't get a full feed; they get data for specific authorized interceptions. I admit to some concern about apparent diversion of massive traffic flows. It may be a good idea, but I'd like to see some accountability, even classified accountability. But CALEA isn't designed to provide the kind of access that I find worrisome. I'd much rather see its approach than to see federal agencies sifting through all traffic.

I have no idea why this document is restricted. It is pretty obvious given the goals of CALEA.

Re:PGPfone, where are you?

[mikiN]

Twinkle?
It handles encryption using ZRTP/SRTP and can do point-to-point (IP2IP) calls like good'ole Speak Freely.

Old

[RockMFR]

This was leaked at least 4 years ago.

Re:paradigm shift

[dbolger]

You mean "Don't talk about what you have done or what you are going to do (at least over an unsecured medium)"? ;)

Re:PGPfone, where are you?

[CNeb96]

It was replaced by zphone http://www.zfoneproject.com/ alive and kicking and better.

Q: What is Zfone?

A: Zfone is my new secure VoIP phone software which lets you make secure encrypted phone calls over the Internet. The ZRTP protocol used by Zfone will soon be integrated into many standalone secure VoIP clients, but today we have a software product that lets you turn your existing VoIP client into a secure phone. The current Zfone software runs in the Internet protocol stack on any Windows XP, Mac OS X, or Linux PC, and intercepts and filters all the VoIP packets as they go in and out of the machine, and secures the call on the fly. You can use a variety of different software VoIP clients to make a VoIP call. The Zfone software detects when the call starts, and initiates a cryptographic key agreement between the two parties, and then proceeds to encrypt and decrypt the voice packets. It has its own little separate GUI, telling the user if the call is secure. It's as if Zfone were a "bump on the cord", sitting between the VoIP client and the Internet. Think of it as a bump in the protocol stack.

Public Standards

[chill]

Yawn. This is the FBI's implementation plan, not some super-secret details of the specs. This is derived from J-STD-025A, J-STD-025B, and EWA 3.0 AMTA docs. Feel free to Google for those. The first and last you should be able to find. The "B" one they want money for, so it is harder to find freely online.

Those detail exactly WHAT and HOW monitoring is going to occur, on a technical level.

And don't get your knickers in a twist about the FBI document. I've already seen one instance where the FBI told a carrier "we want it done this way" and the carrier's lawyers said "no, that isn't legal and we won't do it". Of course, it was probably a result of the software not being implemented in that manner and it would have cost the carrier mucho $$ to do it the FBI's way...

Nothing like a few $$ to prompt the legal dept. to see it your way.

http://www.google.com/search?q=j-std-025&ie=utf-8&oe=utf-8&aq=t

Re:paradigm shift

[scionite0]

Obama has done nothing to show that he would be any different then the others but you are willing to cut him a pass because you don't know.

Senator Obama's qualifications Include a J.D. in constitutional law from Harvard, He was a lecturer of constitutional law at the University of Chicago Law School, and he worked as a community organizer and later as a lawyer representing community organizers on voting rights and discrimination issues.

So yeah I think that there is some evidence that he might have a better understanding of and respect for the constitution of the United States of America.

this can be confirmed with a simple wikipedia search or set of google searches (or by reading his first book, Dreams from My Father).



Just because something is not yet proven does not mean that no evidence exists.

I call BS

[dreamchaser]

When used properly with *warrants*, wiretapping is an important law enforcement tool. Don't go confusing bad behavior by the Government with necessary law enforcement tools.

The capability is needed, but so is proper oversight and protection of Consitutional rights. Then again all you wanted was to squeeze in your Obama ad ;)

don't know what you're talking about

[sentientbrendan]

>It is said that Anarchy is the absence of rulers, not the absence of rule.
said by who? Let me guess, he was an "anarchist," by which I mean high school drop out living in his mom's basement, complaining that society would be "so much more awesome" if there weren't any rules, and he didn't have to keep his room clean.

Anarchy:
"Absence of government; a state of lawlessness due to the absence or inefficiency of the supreme power; political disorder."''

Any social endeavor has politics and power relationships and de facto governing processes by which collective decisions are made, they even exist within families and other tiny social units. Anarchy is just a society where those relationships are no longer functional and stable. You have groups competing for power without a mediator and chaos persists (e.g. Iraq and Afghanistan).

Humans can't survive in anarchy because we are social animals, and require cooperation and certain kinds of power relationships to survive. People naturally form social structures with leaders and followers, it's part of basic human psychology.

Even the free software movement has leaders with specific powers that they can enforce. That you think otherwise just goes to show that you've never contributed. Linus doesn't let any patches into mainline Linux that he doesn't want to, and that effectively kills those patches. Other organizations have even more stringent policies. To commit to FSF, Mono, and many other projects and organizations you must turn over your copyright to them, so that they can relicense it under whatever terms they want (presumably, the next version of the GPL, but who knows?).

Often a company is responsible for all of the high level design of a product, and controls the repository, and open source developers are either hired by said company to do the work, or are on the periphery.

Even if a specific company isn't responsible for high level design, some people are de facto designers. This isn't that different than in a company, and these relationships naturally form even if they aren't dictated, otherwise the project falls apart.

Open source isn't really a "governing model," it's just the same old human behavior and practices, but with a new software license.