Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI: We Need Wiretap-Ready Web Sites — Now

Posted by Soulskill on from the go-climb-a-tree dept.

TheGift73 writes with news that the FBI is pushing a proposal to update old wiretap legislation so that modern web firms would be forced to build in backdoors to facilitate government surveillance. Quoting CNET: "In meetings with industry representatives, the White House, and U.S. senators, senior FBI officials argue the dramatic shift in communication from the telephone system to the Internet has made it far more difficult for agents to wiretap Americans suspected of illegal activities, CNET has learned. The FBI general counsel's office has drafted a proposed law that the bureau claims is the best solution: requiring that social-networking Web sites and providers of VoIP, instant messaging, and Web e-mail alter their code to ensure their products are wiretap-friendly. ... The FBI's proposal would amend a 1994 law, called the Communications Assistance for Law Enforcement Act, or CALEA, that currently applies only to telecommunications providers, not Web companies. The Federal Communications Commission extended CALEA in 2004 to apply to broadband networks."

39 of 377 comments (clear)

  1. Time to move. by characterZer0 · · Score: 5, Insightful

    Time to move my mail/chat server out of the US.

    --
    Go green: turn off your refrigerator.
    1. Re:Time to move. by Anonymous Coward · · Score: 5, Insightful

      Time to move my mail/chat server out of the US.

      No, if this passes, it's time to move out of the US.

      When posession of a Linux distro with smptd becomes a crime, it's not time to move your mail server out of the US, it's time to move yourself out of the US.

    2. Re:Time to move. by CodeHxr · · Score: 5, Funny

      Are you implying that you don't want to be snooped on because you have something to hide?

    3. Re:Time to move. by Anonymous Coward · · Score: 4, Insightful

      To where? There isn't a country out there that isn't corrupt to the whims of the US that isn't ruled by someone just as bad.

    4. Re:Time to move. by characterZer0 · · Score: 4, Insightful

      I have lots to hide. Just because it is not illegal, unethical, or immoral does not mean I do not want to hide it.

        I am also do not want to spend my time complying with this kind of regulation.

      --
      Go green: turn off your refrigerator.
    5. Re:Time to move. by CharlyFoxtrot · · Score: 4, Insightful

      To where? There isn't a country out there that isn't corrupt to the whims of the US that isn't ruled by someone just as bad.

      Sure, but we do have a better health plan ;-)

      --
      If all else fails, immortality can always be assured by spectacular error.
    6. Re:Time to move. by Anonymous Coward · · Score: 5, Interesting

      I worked on CALEA and even for that, smaller telecoms were able to get exempted from this in-theory. I say in theory because even in areas of Alaska that only served 4000 people we submitted estimates for over $400K to update them and the FBI paid for it (shhh - don't tell any one - I did sign a NDA)...that aside, smaller sites can't possible be forced to pay for this and if you do, take a note from the CALEA play book - estimate very high and make a lot of proift.

    7. Re:Time to move. by morcego · · Score: 3, Funny

      I have lots to hide. Just because it is not illegal, unethical, or immoral does not mean I do not want to hide it.

        I am also do not want to spend my time complying with this kind of regulation.

      I'm not sure about illegal or unethical, but man do I have immoral things to hide ...

      --
      morcego
    8. Re:Time to move. by Anonymous Coward · · Score: 3, Informative

      FreedomBox (which has been mentioned on Slashdot before) is working on it. Particularly, building a usable system with the vision that an average user could buy a cheap plug computer with FreedomBox's software installed, plug it in, and use it instead of the various centralized cloud and social services in use today. The software is based on Debian and combining existing tools along with new software and protocols to make it usable.

    9. Re:Time to move. by Anonymous Coward · · Score: 5, Interesting

      Coward! Stay and fight!

      Ive had reasons to dislike this government since I started thiking for myself. You think I am going to let them threaten me away from my familial homeland? Fuck them....stay here and be the resistance!

    10. Re:Time to move. by Orga · · Score: 3, Funny

      </sarcasm> is not valid html.

    11. Re:Time to move. by dgatwood · · Score: 3, Interesting

      There is a third choice. When they ask immediately shut down the servers and replace them with a static page that tells your users why, along with contact information for the agents who gave the order. Then, tell them to fuck off and die. They can't jail you for refusing to provide back-door access to a service that no longer exists.

      It only takes one big service the size of GMail doing that before riots break out.

      --

      Check out my sci-fi/humor trilogy at PatriotsBooks.

    12. Re:Time to move. by Anonymous Coward · · Score: 3, Insightful

      Ive had reasons to dislike this government since I started thiking for myself. You think I am going to let them threaten me away from my familial homeland? Fuck them....stay here and be the resistance!

      Fuck that. If the populace keeps electing people who pass these laws, then representative democracy is working as it should. You don't withdraw your support from a government by "resisting". You lawfully withdraw your support from a government by expatriating (paying any required exit taxes on your way out the door), and denying it the revenue stream from your future taxes.

    13. Re:Time to move. by SomePgmr · · Score: 4, Interesting

      I know this is going to sound over-the-top, but there's a scary notion in there.

      In a world where warrants are an arcane idea from the distant past, and snatch-and-grab detention of US citizens without justification or trial is entirely legal, words like "resisting" or "taking-a-stand" could have some pretty serious consequences.

      I'm not saying you shouldn't, or that you'll necessarily get black-bagged, but do appreciate what you're risking.

    14. Re:Time to move. by betterunixthanunix · · Score: 3, Insightful

      Let us be clear about the distinction between telephone wiretaps and the provisions of CALEA. Traditionally, to wiretap a telephone line you literally connected equipment to the line, which involves sending an officer into the field and can potentially tip off the target of the tap. CALEA requires phone companies to make automated tapping of some fraction of their lines possible, so that a line can be tapped invisibly and without anyone having to leave their desk.

      No, I have no problem with traditional wiretapping; you can bet that I have a problem with CALEA. What the FBI is complaining about is that traditional wiretapping techniques are difficult to apply to the Internet, and thus they want CALEA-style tapping to be available. No thank you -- we do not need to expand the already vast surveillance infrastructure in this country, nor do we need to turn the Internet into a clone of Cable TV (i.e. a network where only large organizations can run servers legally).

      --
      Palm trees and 8
    15. Re:Time to move. by Anthony+Mouse · · Score: 5, Insightful

      The problem is not who is getting wiretapped, the problem is who and what is being obligated to support it. The original CALEA applied to AT&T. AT&T can figure out how to navigate a federal statute.

      But now they're wanting to impose it on software. The last thing this country needs is laws that end up throwing J. Random Hacker at some university graduate program or tech startup in federal prison for publishing a new VOIP protocol without consulting a team of attorneys.

      On top of that, the traditional phone network has crap for security. Any jackass with a lineman's handset can stand in front of your building and listen to your POTS telephone calls. Implementing wiretaps for that is easy because the phone company already has the cleartext, and it doesn't really make the security any worse than its current level of non-existence. By contrast, the way VOIP should be implemented is with end-to-end encryption -- but then the VOIP provider can't wiretap you, because they don't (by design) have access to the cleartext. Which is the only way to make it so that if the VOIP provider gets hacked, the infiltrators can't intercept your phone conversations.

      Enshrining insecure designs into the law that allow foreign governments to conduct industrial espionage against U.S. companies is a bad idea.

    16. Re:Time to move. by Githaron · · Score: 4, Insightful

      There are plenty of good reason to treat them different. For one, back in the day, most criminals could not start their own telephone network. It would have been pretty much impossible to run a telephone system for any real distance without getting caught. The internet; however, has lowered the barrier significantly. It is fairly easy to run your own services. It would not even take that much capital. If you start wiretapping websites, emails, VOIP, etc., you will have a system that only has the ability to wiretap innocents and criminals that would probably been caught anyway through other means since they are idiots. The smart criminals would have no trouble at all avoiding such a system. Since almost nothing is gained, why risk the abuse of such a system? The internet is designed to be open and resilient not tappable. The only way to keep the criminals from starting their own services is to complete change the structure of the internet. Such a thought I am completely against.

    17. Re:Time to move. by causality · · Score: 5, Insightful

      If only we had a representative democracy, I bet this wouldn't be a problem.

      Actually I believe we do. What we are experiencing is the emotionally governed (mostly fear-based) decision-making by a majority of people who have become too fat, intellectually lazy*, naive, complacent, and unable to look beyond the immediate moment. If not for that, most of our politicians would be fearful for their careers. If not for that, we'd probably see third parties and/or write-in candidates win major federal elections at least once in a while.

      These are the people who fear dying in a terrorist attack more than an ever-growing government that is hell-bent on reducing freedom. They do this even though they are more likely to die from being struck by lightning. They do this even though every or nearly every other out-of-control government in all of history has deteriorated into a hellishly oppressive state.

      These are the people who buy into the "for the children" rhetoric without taking one moment to consider the kind of nation those children will grow up to inherit. If you care so much about children, then you also want them to know and love prosperity and freedom, not fear and restriction.

      These are the people who will vote for the candidate with the best marketing campaign and the most catchy sound bites, rather than the candidate who expouses principles they know to be sound.

      These are the people who actually admire petty, infantile figures like Kim Kardashian and care more about American Idol and professional athletes than they do about the future of their nation.

      These are the people who can use something like a computer for five years or more without ever knowing more about how it works and how to maintain it than when they started out. If it's not strictly necessary in order to make money, they generally don't care to learn it.

      The minority of us who have sense, principles, personal responsibility, love learning new things, celebrate wisdom, truly love freedom without confusing it with license, think critically, and have undone the damage that government schooling did (or tried to do) to their natural curiosity and joy of discovery, do not deserve the kind of government the majority wants.

      I seriously do not blame anyone for wanting to expatriate. They are simply refusing to deny the direction in which things are moving. Many of them, like myself, have tried to provide a different message, tried to promote awareness, and found that it's generally not valued. If the majority wants to be fat, stupid, and emotionally immature, at some point you have to respect their wishes. What you don't necessarily have to do is reap what they have sown for themselves.


      * "Stupid" if you like, because they do not love to learn new things though they are capable of it and have more access to knowledge now than ever before in all of history.

      --
      It is a miracle that curiosity survives formal education. - Einstein
    18. Re:Time to move. by pedrop357 · · Score: 4, Interesting

      Not resisting and/or taking a stand also have serious consequences in a world where people who resist can be 'black-bagged'. When no one fights back, the oppressor just gets bolder and the oppression more universal.

      If the government will black back you for fighting back, then you had every right and perhaps even a patriotic duty to fight.

      If a person believes that their spouse will kill them if they leave, that's all the justification they need to leave. They have to take that chance, they have to leave and they have to fight back. Relenting or rolling over only guarantees you get hurt. Even if you die fighting back may at least stop them from hurting anyone else.

      The same goes for the government. We're guaranteed to be oppressed if we stay quiet and do nothing. We may force them to reconsider if we fight back, if nothing every one of them we kill (yes, we're talking about killing them) is one more that can't hurt your neighbors, friends, family, enemies, people you have no connection to whatsoever, etc.

    19. Re:Time to move. by EdIII · · Score: 4, Interesting

      Ohh, I fully appreciate what I may be risking.

      FUCK THEM. If we leave the US, another country will just start up with the same bullshit under the pretense they are providing security.

      I will not code back doors into my system just so the FBI can watch me, and my clients, and their customers. If anything, it is forcing me and others to consider how we can become a "common carrier" for media. Plenty of data backup and data retention companies are embracing the paradigm of data being encrypted on the customer's premise and then stored redundantly in data centers. FBI demands a copy of my data from them? Go ahead. When you want the keys to decrypt it go to the customer and ask them.

      It is an absolute violation of our privacy. I don't care if historically it had been easy to eavesdrop on citizens and alleged criminals because there was no security. Put bugs in their houses and actually do some footwork.

      That is the problem. They have demonstrated beyond any doubt that they cannot be trusted with the power we have given them. Any doubt whatsoever.

      They want backdoors? Fine. I'll give them a fucking front door and make it abundantly clear that I don't control the means of encryption. Customers do.

      ZRTP, or endpoint-to-endpoint encryption will be the future of communications. Only in very specific applications do you need servers in the media path, and even then, you don't necessarily need plain audio. You can access functions and features available with out-of-band signalling that does not rely on the more traditional in-band signalling of touch tones in the past.

      Those bitches in the FBI can bring it on.

      Of course the logical conclusion is that the FBI will say that key escrow is required to provide safety and security to Americans. At that point I say let the bloody revolution begin.

    20. Re:Time to move. by EdIII · · Score: 5, Insightful

      The problem with expatriation is there is almost literally no place to go that is not following in the foot steps of the progressively "hellishly oppressive states".

      It's a like a friend of mine who is much older and believes we have a few years left till a worldwide collapse that will affect even the most basic functions of society. He says he will be going to a tropical island paradise....

      Ummmm kay. What about the other 2 million old perverts who follow you? Me? I'll be going to middle of the most hostile parts of the planet that I can find with the most technology and resources that I can bring. Middle of Alaska, or the Four Corners. Someplace that is so ridiculously difficult to get to, that once you get there and can be self sufficient it practically guarantees that 2 million old perverts will not be following you, but maybe, maybe, less than a thousand die hard survivalists. I think the Four Corners has enough room for that.

      So while expatriation sounds good, bloody, bloody revolution where you drag all the politicians and the senior FBI members out into the street, along with the 1% and Wall Street, and behead them French Revolution style will be more practical.

      If anything, history demonstrates that is a repeating pattern. Like forest fires cleaning out the built up underbrush. Once in awhile, those that have attained power get fat, lazy, and forget about the "line" that can't be crossed. One day they look around and find themselves surrounded by pitchforks and torches and go, "Oh shit. We went too far dammit."

  2. Re:Oh... yeah... by doston · · Score: 4, Funny

    Because we don't have enough problems with crackers already!

    This just adds a little salt to that cracker.

  3. What an age we live in! by Vancorps · · Score: 4, Insightful

    Security has gotten so good these days that all the holes in security we used to defend against are now be mandated by government to be put back in! In all the genius lets put all our data at risk again. Provide a backdoor for one party on the Internet and you provide a backdoor for everybody. We need more attack vectors!

    I get wanting to be able to monitor data, there is zero reason this should be easy however.

  4. FBI: We Need more Hack-Ready Web Sites by DeWinterZero · · Score: 4, Insightful

    What could possibly go wrong...?

  5. warrant by Triv · · Score: 3, Insightful

    I don't care if websites are "wiretap-ready." Phones already are.

    What I care about is if data can be collected (not used; COLLECTED) from these sites wiretap-ready sites without a warrant.

  6. Shameless by Compaqt · · Score: 5, Insightful

    And this, of course, is all "to protect our democratic way of life".

    Coming up soon: Government-mandated Java and PHP methods that your website code will have to call.

    If Syria or China were doing this, it would be called tyranny or dictatorship.

    --
    I'm not a lawyer, but I play one on the Internet. Blog
  7. FBI Mad Their Job is Harder by preaction · · Score: 4, Insightful

    So the FBI is now mimicking the *AA's: Their job is harder with the Internet, so they make laws to stop the Internet from ruining their old ways of doing things.

  8. Coming soon... by netwarerip · · Score: 5, Funny

    The Wired Elemental Routine Executable Federal Unlawful Collection Kernel Encryption Datagram

  9. Unintended side effects by smooth+wombat · · Score: 3, Insightful

    If this goes through, does this mean that providers such as Comcast, Verizon, et al, who both provide the physical means of communications and who also offer the services described in the article, will now be treated as telecommunication companies, subject to all the rules and regulations therein?

    If so, does that mean we can finally get competition for broadband without those companies wanting to charge exorbitant rates to competitors for line usage?

    --
    We will bankrupt ourselves in the vain search for absolute security. -- Dwight D. Eisenhower
  10. Re:Skype? by Hatta · · Score: 4, Insightful

    What makes you think there isn't already a back door in Skype? It's not like we can check out the code and verify that it's clean.

    --
    Give me Classic Slashdot or give me death!
  11. Sorry but..... by Grayhand · · Score: 5, Interesting

    There's nothing in the Constitution that says we have to make invading our privacy easier on them. Already we are facing all our car's movements being trackable and now they want to make sure every form of communication is easily accessible. At what point does unreasonable search and seizure kick in? This almost ties into the TSA story. The Supreme Court needs to define "Unreasonable search and seizure" since the government seems to think ALL search and seizure is reasonable. Need I bring up drug forfeiture? You can take a tourist on a day fishing trip and if he has a brick of cocaine with him they seize your boat and the government feels that's reasonable even when you had no way to know without illegally searching your customer.

  12. If you don't support the war on drugs, piracy... by elucido · · Score: 4, Insightful

    In meetings with industry representatives, the White House, and U.S. senators, senior FBI officials argue the dramatic shift in communication from the telephone system to the Internet has made it far more difficult for agents to wiretap Americans suspected of illegal activities, CNET has learned.

    Do not accept any bill which contains overly broad or vague language. Be watchful of FBI objectives which claim to focus on "illegal activities" and "crime". Also be careful of emotional keywords like "kiddie porn" and "pedophiles".

    When it comes to fighting terrorism I'm for the FBI. When it comes to fighting pedophiles I'm for the FBI. When it comes to fighting "illegal activities" and "crime" I'm not for the FBI because that isn't specific enough to give them broad powers. Since everyone is a criminal, if we empower them to fight "illegal activities" we are giving them the power to abuse entire communities in the name of combating "illegal activities" and "crime". The purpose of the FBI should be to protect communities, and we universally agree that terrorists and pedophiles are the bad guys regardless of our political stance on other issues.

    We need bills which remove the political issues such as piracy, "illegal activities" and crime and focus more on terrorism and violence. If someone is a serial killer the FBI should be able to do a wiretap, but don't want to see the day when the FBI sees everything we do online and starts arresting people on piracy and other trivial offenses. Yes some people are going to say these offenses are economic crimes, but these offenses aren't good enough to put backdoors in every website.

  13. Dear FBI by Sarten-X · · Score: 4, Funny

    Dearest agents of the FBI,

    It should please you to know that all of my websites are already amenable to wiretapping, and my networks are all designed to allow you to insert your sniffer wherever you want. Please do note, however, that most of my internal support services communicate via the pDonkey protocol, where all data is encoded as a series of pictures of donkeys copulating.

    It will be left to you to decode messages transmitted in this manner, as the protocol is intended to send a clear message to any eavesdro[ppers on our secure systems. The message is "Fuck you, jackass".

    Sincerely,

    Sarten X

    --
    You do not have a moral or legal right to do absolutely anything you want.
  14. Luxembourg by EnergyScholar · · Score: 4, Interesting

    We wanted our VOIP services to be free of CALEA backdoors, so we based ourselves in Luxembourg, where they do not have such regulations, and are not likely to have them anytime soon.

  15. Re:If you don't support the war on drugs, piracy.. by Hatta · · Score: 3, Insightful

    I'm not afraid of terrorists. The chances of me being hurt by a terrorist are infinitesimal compared to any other cause of death. The right thing to do is ignore them.

    --
    Give me Classic Slashdot or give me death!
  16. You might be a criminal.. by SuperTechnoNerd · · Score: 3, Insightful

    Said it before and I will say it again, the list keeps growing:

    You might be a criminal if:
    you use the internet.

    You might be a criminal if:
    you want to get on a plane

    You might be a criminal if:
    you post bird songs on you tube.

    You might be a criminal if:
    You build a better widget than a big corp and try to sell it.

    You might be a criminal if:
    You run an SMTPD server

    You might be a criminal if:
    You run Linux

    You might be a criminal if:
    you take photos of police officers.


    Feel free to add your own.

  17. Re:Skype? by hpa · · Score: 3, Informative

    Given that Skype operates in countries (like India) where VoIP is illegal unless there is a back door, and Skype is said to be "in compliance", you *know* there is a back door.

  18. The US Financial Berlin Wall Won't Allow That by FreeUser · · Score: 3, Interesting

    Fuck that. If the populace keeps electing people who pass these laws, then representative democracy is working as it should. You don't withdraw your support from a government by "resisting". You lawfully withdraw your support from a government by expatriating (paying any required exit taxes on your way out the door), and denying it the revenue stream from your future taxes.

    The US has a very effective financial Berlin wall built around the country. American Citizens and Permanent Residents (Green Card holders) are taxed on the basis of their citizenship/residency, irrespective of where they live. Want to renounce your citizenship? Fine. You'll still be taxed for an additional 10 years.

    Good luck "sticking it to the man" through emigration.

    --
    The Future of Human Evolution: Autonomy
    1. Re:The US Financial Berlin Wall Won't Allow That by praxis · · Score: 3, Informative

      Unless things have changed very recently, the US government allowed you to file a form informing them of the taxes you paid to your resident country and deduct that amount from your US taxes. If you lived in most of the civilised world, that meant you paid more than the US rate anyhow and had a US tax liability of $0.