Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI and Next-Gen P2P Monitoring

Posted by CmdrTaco on from the big-brother-wants-to-give-you-a-hug dept.

AHuxley writes "Can the FBI get funding to create a next-generation network monitoring and database system for P2P networks, web sites, and chat rooms? Could the FBI's Regional Information Sharing Systems (RISS) network be opened to more law enforcement agents across the USA? Will the tracking of p2p users via 'unique serial numbers' generated from a person's computer be expanded from its first use in late 2005? Is your p2p application or plug-in sending back your MAC address, firmware revision, manufacture date, GUID or other details?" Could this story submitter pose any more questions in his submission? Won't someone please think of the ... oh, never mind.

27 of 122 comments (clear)

  1. They're not slow... by seramar · · Score: 5, Funny

    It's not the people who are slow. Their comments are just tied up in the RISS awaiting gov approval.

    --
    australian project gutenberg is better than the original.
  2. Dupe? by mrvan · · Score: 5, Informative
    Senator Proposes to Monitor All P2P Traffic for Illegal Files, it talks about the same plan by the same senator, and I don't see any new developments.

    Seriously though, how difficult is it to use the slashdot search engine with the capitalized words in the title? third hit...

  3. And whoever is doing the monitoring by hansraj · · Score: 2, Funny

    will wonder why all the files have Joe Biden in the filename.

    1. Re:And whoever is doing the monitoring by johndmann · · Score: 2, Interesting

      No one will be doing the monitoring, it will all be filtered using keywords, byte patterns, and so on - much like Echelon.

  4. Who cares? by RiotingPacifist · · Score: 3, Informative

    Is your p2p application or plug in sending back your MAC address, firmware revision, manufacture date, GUID or other details?

    apt-get install macchanger
    sudo macchanger -r

    I'm no computer scientist but isn't it fairly trivial for them to get your mac (or at least that of your router) from your network traffic anyway?
    --
    IranAir Flight 655 never forget!
    1. Re:Who cares? by mrvan · · Score: 2, Informative

      I'm no computer scientist but isn't it fairly trivial for them to get your mac (or at least that of your router) from your network traffic anyway? If I'm not mistaken, MAC never leaves the immediate network, ie your router gets your mac, the next hop that of the router, and so on, but the final destination only gets the mac of the last router in between
    2. Re:Who cares? by Anonymous Coward · · Score: 3, Informative

      I'm no computer scientist but isn't it fairly trivial for them to get your mac (or at least that of your router) from your network traffic anyway? If I'm not mistaken, MAC never leaves the immediate network, ie your router gets your mac, the next hop that of the router, and so on, but the final destination only gets the mac of the last router in between You would be correct. A MAC (Media Access Control) address is a local identifier only. In fact it only really applies to switching, not routing. Unless a piece of software on your computer is sending it "home" then it would be rather difficult to obtain your MAC address. Also, it is by no means a unique identifier. It's a well known fact that manufacturers of network devices regularly cycle MAC addresses. It's uncommon, but not unheard of to end up with two devices on a network with the same MAC.
  5. Manufactured Evidence by conureman · · Score: 3, Insightful

    In the olden days, when I was a kid, we happened into dealing with the F.B.I. Subsequently, I know to engage a large supply of salt anytime I read about any investigation that has been tainted by their crime lab. Think of the children and send more money. Yeah. Knowing their proclivity to abuse/disregard the law, I don't really see the upside to this.

    --
    The cost of that cleanup, of course, will be borne by taxpayers, not industry.
  6. All Fear, No Facts by houstonbofh · · Score: 3, Informative

    Heavy on fear, but light on facts... And with so many popular torrent programs open source, all of the sneakiness is no longer possible. No magic serial, or mac address in my torrent program. Oh, and it is encrypted.

    1. Re:All Fear, No Facts by Anonymous Coward · · Score: 3, Informative

      The encryption on torrent transfers doesn't do shit as far as protection goes. Anyone connected to the same torrent will be connected to you and know what you're doing.

      All the encryption really does is keep ISP's from throttling you unless they throttle all encrypted traffic (which some do).

    2. Re:All Fear, No Facts by I(rispee_I(reme · · Score: 2, Insightful

      "It only takes one to raise a stink about it.", goes the popular reasoning.

    3. Re:All Fear, No Facts by Robocoastie · · Score: 5, Insightful

      It's just the typical Democratic party cry wolf "we gotta do something!!!!" syndrome again. In this case it's also putting Sen. Biden back in the spotlight after his poor performance in the Iowa caucus. Political moves aside though let's think about what they are really asking. What is child porn? The government even lacks a definition of "porn" much less child. I have a serious problem believing that "child porn" is an epidemic requireing the black helecoptors so to speak. What likely is popular though is teen-fascination which psychiatry has an entirely different definition for. Our society in fact is geared toward that even between cheerleaders and dancers being just short of being nude, Disney channel turning tweens into glamored up pop stars, and shows like Dawson's Creek, Gossip Girls and the like having more adult themes than Desperate Housewives. This is nothing new though; in fact society used to marry their women off between 14 and 17 anyway. My point is I really wonder if real child porn actually is as bad as the fear mongers claim or if people's collective conscious is simply equating teen-fascination with it when they hear of those cases (which has increasingly been from female teacher - male student lately). The result of which is the "we gotta do something!!!" panic which then grants the government sweeping powers to do all kinds of spying with a fictional and ultimately false pretense.

    4. Re:All Fear, No Facts by dgatwood · · Score: 2, Insightful

      All it takes is indirection to make it so that it does, though. Make the P2P client randomly choose whether to look locally or ask its neighbors. Make it lie randomly and say "I don't have it" at all times to mask the ability to use probability to determine whether you are serving locally-stored data or just passing on the request even with knowledge of how many peers your node has and generating hundreds of requests using a modified client. If nobody is doing that already, color me surprised....

      --

      Check out my sci-fi/humor trilogy at PatriotsBooks.

    5. Re:All Fear, No Facts by archeopterix · · Score: 2, Informative

      If nobody is doing that already, color me surprised....
      Paint yourself half-unsurprised then. MUTE filesharing does something similar. A client communicates directly with a small number of peers and nobody can tell whether a request (or response) comes directly from their neighbor or is merely relayed, so you get plausible deniability. Uh, and it uses an interesting algorithm for routing, similar to one used by ants in real life.
    6. Re:All Fear, No Facts by hairyfeet · · Score: 3, Interesting
      Let's face it, we all need to publicize this as what it is: a witch hunt and a power grab. Folks see the words "child porn" and automatically think of the sick bastard that rapes an 8 year old. What they don't realize and what we need to be telling our friends, relatives, and coworkers at every opportunity is they are using these laws in truly insane ways. Like who in their right mind would have thought they would charge a 15 year old and 16 year old for taking pics of THEIR OWN BODIES and sending it to each other? That is truly f*cking insane.


      And IMHO we need to go back to the way it was when I was a kid when we had two distinct groups-Jailbait and sick bastards. Jailbait was anyone consenting between the ages of 14-17 and sick bastards was an adult having sex with anyone under 14. But sticking an 18 year old as a child molester for having sex with a 16 year old is just too insane for words.


      And of course the more important thing for the FBI is the power to "monitor" everything going across the net. How long do you think it will be after this that the feds are kicking down doors for those "illegal terrorist pirates"? The way they are trying to link copyright infringement with terrorism makes me think it will be a year or two at the most. This is a damn scary time to be an American, and sad to say I don't see anything coming that will change the path we are on. The corruption is just too deep for something like voting or reforms to fix. But that is my 02c,YMMV.


      P.S. As someone who was hit on VERY hard by a cop pretending to be a 14 year old in a WINDOWS REPAIR chat room I used to run, I can tell you they WILL use entrapment and will do WHATEVER it takes to make an arrest, legal or not. I finally had to say "leave me the hell alone I don't mess with jailbait. Stop or I will ban your I.P." Before "she" came clean and told me who he was and what he was doing there. So of course I banned the I.P. range for his police department. ;-)

      --
      ACs don't waste your time replying, your posts are never seen by me.
  7. I beg your pardon... by r_jensen11 · · Score: 3, Funny

    Can the FBI get funding to create a next-generation network monitoring and database system for P2P networks, web sites, and chat rooms? I beg your pardon, but chat rooms? People still use those? I thought those phased out about 10 years ago....
    1. Re:I beg your pardon... by jollyreaper · · Score: 4, Funny

      I beg your pardon, but chat rooms? People still use those? I thought those phased out about 10 years ago.... At this point I bet it's nothing but feds posing as kids trying to catch other feds posing as peds. Not a single person in the room isn't drawing a federal paycheck.
      --
      Kwisatz Haderach
      Sell the spice to CHOAM
      This Mahdi took Shaddam's Throne
    2. Re:I beg your pardon... by UnrealisticWhample · · Score: 2, Funny

      I beg your pardon, but chat rooms? People still use those? I thought those phased out about 10 years ago.... At this point I bet it's nothing but feds posing as kids trying to catch other feds posing as peds. Not a single person in the room isn't drawing a federal paycheck. In the interest of accuracy I submit that there are also bots pitching webcam sex shows.So: Feds posing as kids, Feds posing as peds and Bots posing as hotties pitching sex shows. Sound about right?
  8. Let's hope so by 77Punker · · Score: 2, Insightful

    Maybe if they do start monitoring all that traffic, people will get a clue and start using Tor for all their internet traffic. Especially their plaintext passwords. Dangerous business, letting the FBI know where those plaintext passwords are going. Better encrypt them with Tor!

    Anyone wonder how many exit nodes the NSA already runs? That'd be a far better(easier?) approach than monitoring "normal" traffic since I suppose the interesting stuff is already going through Tor, though in a typical hour-long scan I can't find any really "interesting" unencrypted web traffic at my exit node.

    Folks surfing porn? Plenty. Plenty of Chinese blogs with plaintext passwords, too. But even those Chinese blogs are benign and not something that would be censored by their gov't (I think). Based on the pictures and my basic proficiency with Chinese, it's either folks just fooling around with Tor or it's steganographic.

  9. Answers by gEvil+(beta) · · Score: 3, Informative

    AHuxley:
    Yes
    Yes
    Yes
    Yes

    CmdrTaco:
    Yes

    Hope that helps everyone.

    --
    This guy's the limit!
  10. Re:Does F/OSS help? by 26199 · · Score: 4, Insightful

    I think any of those would be quite hard to inject into open source code.

    After all, in a p2p app the traffic is the most important thing ... and is going to be watched very closely. Patches that modify what go over the wire will be under considerable scrutiny.

    And how are you going to collect those details once they're transmitted? By their nature p2p apps are hard to keep track of.

    Not to say it couldn't happen. But I don't think it's much of a risk compared to the simple fact that your IP address is very visible when using a p2p app...

  11. This is why OSS is important! by mich.linux.guy · · Score: 3, Insightful

    Is your p2p application or plug in sending back your MAC address, firmware revision, manufacture date, GUID or other details?" This is exactly why Open Source Software is so important. Even though the average user may not have the skill to examine the code for breaches of trust, there are many in the community that can and do. These breaches are fixed or made public and public opinion will decide whether or not the P2P application is trustworthy.
    Closed source applications from companies like M$ can't be trusted in this way.
  12. FBI Sofware Projects are Notorious for Failures by CodeBuster · · Score: 4, Insightful

    The last time the FBI tried to build a large piece of custom software, a case-file management system, they ended up spending 170 MILLION dollars over 3+ years for software which basically did nothing useful (a complete failure). The only way that this will work is if the FBI contracts someone else to build it for them and even then the chances of failure are high unless they are willing to deal with criminals (i.e. Russian hackers who write the software for worms and spammers) to get it done which will happen about the same time that hell freezes over. The one good thing about governments when it comes to controlling the populace is that they are inefficient. If the government spent our tax money efficiently and effectively on surveillence and authoritarian enforcement actions then we would already be living in 1984.

    1. Re:FBI Sofware Projects are Notorious for Failures by iminplaya · · Score: 2, Insightful

      ...unless they are willing to deal with criminals...

      The authorities use criminals all the time to catch other criminals. Most snitches are criminals themselves looking for a way to stay out of prison. It shouldn't surprise you at all if they employ Russian/Chinese hackers. And I consider their surveillance and authoritarian enforcement actions to be pretty efficient. If you want to break them down, you need to get the authoritarians to go after each other. Use the same methods that work so well on us.

      --
      What?
    2. Re:FBI Sofware Projects are Notorious for Failures by CastrTroy · · Score: 2, Informative

      You think that's bad? The Canadian gun registry cost $2 BILLION. All for a database to track who owns a gun. You could probably put together a similar application in a matter of weeks.

      --

      Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
  13. Re:Are MAC addresses globally unique? by mrvan · · Score: 3, Insightful

    I think they are globally unique, and since they are 6 bytes long the supply is practically infinite (256^6 = 216x10^12, ie every person can have something like 30,000 mac addresses)

    Come to think of it, it's a bit silly that they used 4 bytes for the address that has to be globally unique and 6 bytes for the one that only has to be locally unique...

  14. Another 60 million per year. by Animats · · Score: 3, Informative

    Here's the actual bill. $60 million per year. 15 cosponsors.

    This is another piece of Bush Administration "security theater". Write to your representatives in Congress and your Senators to get them to put this money into fighting spam and computer crime.