Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI Complains About Wiretapping Difficulties Due To Web Services

Posted by Soulskill on from the wait-wait-let-me-find-my-tiny-violin dept.

c0lo writes with news that the Federal Bureau of Investigation is lamenting the difficulty in executing wiretaps because of "web-based e-mail, social-networking and peer-to-peer services." "President Barack Obama's administration is debating ways to deal with Web-based services not covered by traditional wiretap laws, including incentives for companies to build in surveillance capabilities, said Valerie Caproni, general counsel at the FBI. Many Internet services are not covered by the Communications Assistance for Law Enforcement Act (CALEA), which requires traditional telecom carriers to allow law enforcement agencies real-time access to communications after a court has issued a wiretap order, she told members of a subcommittee of the US House of Representatives Judiciary Committee. But Caproni told lawmakers she was not asking for expanded CALEA powers. And she stopped short of calling for rules requiring Web-based communication providers to build in so-called back doors allowing law enforcement access to their software, although she said she's optimistic the US government can find incentives for companies to 'have intercept solutions engineered into their systems.'"

8 of 228 comments (clear)

  1. Police work is not SUPPOSED to be easy by Man+On+Pink+Corner · · Score: 5, Insightful
    If police work is easy, it means you're living in a police state.

    They're here to serve us, not the other way around. History shows that when you give the FBI increased investigative powers, those powers are used not to prevent the next 9/11 or OKC bombing, but to spy on dangerous subversives as Martin Luther King and John Lennon.

    With power should come responsibility, or at least accountability. The FBI has shown neither.

  2. Re:What about encrypted communications? by Isaac+Remuant · · Score: 5, Funny

    Would peer to peer services which offer end to end encryption like Skype be required to re-engineer their software to allow government wiretaps? This could be the end of personal use encryption as we know it.

    Only criminals use encryption. If you're not doing anything wrong, what is there to hide?

    Nothing, of course. Unless you're part of the goverment. In that case, you're hiding information to protect your citizens.

    --
    "Science can amuse and fascinate us all, but it is engineering that changes the world. " - Asimov.
  3. Re:Bohoo by ColdWetDog · · Score: 5, Funny

    Oh cry me a river!

    You'll need an Environmental Impact Statement before you can do that, citizen.

    --
    Faster! Faster! Faster would be better!
  4. Re:Bohoo by vvaduva · · Score: 5, Funny

    That's worth several lolz but then you'd have to deal with OSHAs noise level regulations... :)

  5. The Irony Gets Thicker by Phoenix666 · · Score: 5, Insightful

    And here we are seeing a wave of democracy sweeping the Arab world, facilitated in part by these very technologies. At the same time, the U.S. government is positioning itself to prevent those very tools being used against it.

    There are still those here who will say that it's hyperbole, but the same tipping point is approaching here. Our real rulers (hint: neither political party, but those behind both) are getting nervous and moving to keep their grip on our society. They have perpetrated the most massive theft in the history of mankind, absconding with trillions of dollars of our money, selling our children into a lifetime of debt servitude while theirs party on; they know it, and we know it, and they're starting to realize that we know it too.

    --
    Do what you can, with what you have, where you are.
  6. The Backdoor Exists Already. by VortexCortex · · Score: 5, Insightful

    Here's how it works:

    1. Identify the individual you want to spy on.
    2. Identify the web services you want to spy via.
    3. Obtain the SSL certificates of the web services.
    3. Gag & Order the certificate authorities named in the SSL certs to create the FBI/NSA a new fake trusted cert.
    4. Use the unwarranted wire-tap systems already in place to "Man in the Middle" any connections the individual makes to the web services you wish t spy on.
    5. Return the fake cert to the individual, and re-encrypt the data to the web service using the real cert.
    6. Spy on the individual as much as you like.
    7. ...
    8. Oppress!

    Note: If the CA is not a US company, then simply use Verisign or other US company to creat the fake certs -- No one checks to see if the cert is actually the one that the domain normally uses...

    CAs can make certificates without the domain owner's permissions -- As long as the certificate authorities don't need the domain owner's permission to generate certificates the SECURITY THEATER of SSL will remain intact.

    Also Note: FF > Preferences > Advanced > Security Tab > View Certificates > CNNIC ROOT
    This is the root certificate that China will use in these types of MITM attacks.

    P.S. Remember when a large portion of the Internet was "accidentally" routed through China?

  7. Re:A few reasons by mabhatter654 · · Score: 5, Informative

    referring to last week's news:

    the DoJ pushed for a few dozen domain seizures just last week for some lame IP offense... and took out 84,000 honest folks along with them redirecting the sites to scary "under investigations" pages. Sorry we scarred your customers for life... move along.

  8. Re:What about encrypted communications? by KlomDark · · Score: 5, Insightful

    >If you're not doing anything wrong, what is there to hide?

    Wrong answer: If I'm not doing anything wrong, then are you doing looking?

    Everybody's got something to hide, but most do not have anything illegal to hide. Every person should have the right to at least some data that's completely private to all others. Seems like it is a basic human right. At least until they develop direct brain-reading, which probably isn't too far from now.