Slashdot Mirror
FBI Pushing For 2-Year Retention of Web Traffic Logs
suraj.sun writes to tell us that the FBI is pushing to have ISPs keep detailed records of what web sites customers have visited for up to two years. Claiming a desire to combat "child pornography and other serious crimes," the FBI and others are pressing for increased data retention, which they have been doing since as early as 2006. "If logs of Web sites visited began to be kept, they would be available only to local, state, and federal police with legal authorization such as a subpoena or search warrant. What remains unclear are the details of what the FBI is proposing. The possibilities include requiring an Internet provider to log the Internet protocol (IP) address of a Web site visited, or the domain name such as cnet.com, a host name such as news.cnet.com, or the actual URL such as http://reviews.cnet.com/Music/2001-6450_7-0.html. While the first three categories could be logged without doing deep packet inspection, the fourth category would require it. That could run up against opposition in Congress, which lambasted the concept in a series of hearings in 2008, causing the demise of a company, NebuAd, which pioneered it inside the United States."
Welcome to the world of politics...
Seriously though, what happens when you don't use the dns provider of the ISP (either running your own, or using a 3pd DNS provider)? Would that make anyone running their own DNS server (or an alternate third party) a suspicious person? They would only be able to log IP addresses then, and given the proliferation of mass shared hosts, how is this helpful? If a child porn site was on a godaddy server, and you go to another site on the same server, would you have to prove you went to the other site? More guilty until proven innocent...
If a man isn't willing to take some risk for his opinions, either his opinions are no good or he's no good
And what about https? Or would it be mandatory for ISP's to do man-in-the-middle attack so they can store the data?
It is much more rare that I see stories about the actual pornographers being caught and while the viewers are certainly depraved (and you can argue that by consuming the child porn, they encourage those who make it), aren't the pornographers the ones we would rather catch? It wouldn't surprise me if the amount of children actually being forced into child porn is VERY small since the already existing library of images probably contains enough to keep the perverts trading for a long time.
If that is true...then this definitely is an excuse to encroach on peoples rights and use the old "think of the children" excuse because if this much effort was really being put in to catching so few potential criminals...it would be a huge waste compared to what those officers could be doing elsewhere.
Bottles.
As someone that works in the Adult hosting industry, this is going to be poorly received. A lot of our clients are already hurting for money and as such have scaled back their server footprint. We're pushing servers (disk IO) a lot harder than before -- one easy solution we have is to just disable access logs. Writing 1GB+ of log data per hour swamps disks and just adds huge amounts of overhead. Since these logs are of clients browsing through porn ... it'll cost a decent amount of money to actually be able to start logging again AND to store raw log data for two years.
The people downloading "kitty porn" for free are doing nothing to encourage the creation of more of it. Go after the money trail instead -- the people that deserve to go to jail are the people that are paying for it, and I don't believe tracing the flow of funds requires monitoring every single internet connection. Also, laws are publicly recorded -- as soon as you announce you're going to start doing this, anybody that knows they are breaking a law is just going to start encrypting their connections and going through anonymous proxies, meaning that this technology is only effective against people who don't think they are doing anything wrong!
I've abandoned my search for truth; now I'm just looking for some useful delusions.
Deep packet inspection can be a very, very resource intensive thing. I seriously doubt that any such laws will be likely to require deep packet inspection. For one, it would put quite a few smaller ISPs out of business for good.
I have a feeling I know why the FBI wants this. It used to be that all the traffic passed through telco routers owned by Verizon and AT&T. Nowadays, most traffic is being handled by companies like Level3 or UUNet. They had it easy with the telcos, who always had a close relationship with government regulators. Businesses like Level 3, Google, etc., are far less likely to be cooperative.
My blog
meaning that this technology is only effective against people who don't think they are doing anything wrong!
Which perfectly suits the needs of 'law enforcement' - we've got a long history of them going after the defenseless and ignorant - like civil forfeiture laws where the property is charged with a crime (literally, lawsuits are titled like US vs One Jeep Wrangler I think being non-sentient qualifies as being 100% defenseless) or even the child porn laws where they go after kids for sexting pictures of themselves rather than hunt down the people who actually abuse kids in the manufacturing of child porn.
When information is power, privacy is freedom.
I'd expect the logs would require IP's and/or hostnames.
HTTP, it's trivial to sniff hostnames.
HTTPS, it's trivial to see the destination IP.
HTTPS only works one IP per host, so that gives a positive track to where they were going.
Of course, domains change ownership, and IP's change, so what an IP is today, could be anything else tomorrow.
I'm curious to if by "ISP", they mean the residential line providers, or both ends? At my old job, they'd end up with about 2Gb of log files per day per server. There were 15 redundant servers. That was just for one site. I don't even care to think about how much storage was required for all the logs across 150 servers. No, it didn't scale evenly. The web server logs were dumped every few hours, just so it didn't fill up the drives, but left enough for forensics, if we needed them.
(15 * 2) * 365 * 2 = 21,900Gb. I would love to still be there, and have them ask for 22Tb of logs. :) I was joking with someone about how to deliver those. I suggested burnt CD's. 14,500 CD's would be fun to offer up. We then thought a little harder, and though paper tape would be the way to go. :) I know there would be better methods, but we were looking for the entertainment value in it. :) I'd feel really sorry for the guy who had to feed 14,500 CD's into a machine to burn for the feds on demand. :)
Logistically, this would become a nightmare for almost any provider, except for mom & pop shops.
Serious? Seriousness is well above my pay grade.
Not only that, if they are not recording what the actual website looked like when you visited it what is to keep the IP address from changing to something naughty two years from now? After all IP addresses change all the time, and what was...say some stupid fan site a year ago...who knows what it will be two years from now?
And how would you "prove" your innocence? They show up with a list of IP addresses from a year and a half ago, how do I prove they are/aren't mine? How do I prove where I did/didn't go a year and a half ago? Hell I don't even have the same PC I did a year and a half ago as it finally gave up the ghost!
This smells a little too much to me like a "bust anyone you don't like for free" card as defending yourself against some list held in a cop's hand will prove damned near impossible. What's next? "Oh he used CCleaner to empty his temp files and Defraggler to defragment his hard drive, which just proves he was destroying evidence!". Give me a fricking break! How come we supposedly won the cold war and now I have the urge to do " In Soviet Amerika" jokes?
ACs don't waste your time replying, your posts are never seen by me.