Slashdot Mirror
FBI Considers CALEA II: Mandatory Wiretapping On Every Device
Techmeology writes "In response to declining utility of CALEA mandated wiretapping backdoors due to more widespread use of cryptography, the FBI is considering a revamped version that would mandate wiretapping facilities in end users' computers and software. Critics have argued that this would be bad for security (PDF), as such systems must be more complex and thus harder to secure. CALEA has also enabled criminals to wiretap conversations by hacking the infrastructure used by the authorities. I wonder how this could ever be implemented in FOSS."
Given how well the intelligence agencies have 'protected' us these last two decades...
Isn't it time to get rid of these assholes? Or at least save some money on our fake no help agencies?
You could cut half of the people at the FBI, CIA, NSA, DHS, FEMA, TSA, DOD, And several others i can't think of...
And we wouldn't notice any difference at all. None..
This is where a true police state begins. An ear and eye in every device. Wake up before it's too late.
Never allow laziness of police forces to erode your civil liberties and freedoms.
I wonder how this could ever be implemented in FOSS.
The same way anything is implemented in FOSS. It'll be written into the source. Lots of people will modify the code to disable the backdoors. People will post versions of the software with the backdoors missing, many of which actually still have them or have different backdoors installed. Governments may lead an automated search for software without the backdoors, or may simply ignore it uniless they have a reason to target the individual using it.
In other words, what a fucking mess.
Why is the FBI considering anything? Isn't something like this in the realm of the elected politician?
We had this argument years ago when they were talking about putting encryption engines in everybody's phones, but they'd have back door keys and NOBODY WANTED ONE. They still won't. All this will do if passed is prevent anybody from buying a new phone until they have a method in hand to turn off or change the back-door codes so nobody can hack them.
Why do critics need to argue anything? A simple no, get lost, should suffice. You don't need reasons to refuse law enforcement access to your communications, they need reasons to access them in the first place.
This is such a wildly inappropriate idea that if it gets any legs at all the reasonable powers that be will jump on it and squash it good.
I cannot allow myself to believe we as a country are willing to seriously consider implementation of anything like this.
Otherwise I have to oppose the idea entirely.
now we need to go OSS in diesel cars
I think having these wiretap backdoors is a worth the tradeoff of my liberty in favor of a better and safer world.
And Thomas Jefferson continues to spin aces in his grave.
Python: 'And then suddenly you have a language which says "we're all stuck with whatever the whiniest coder wants".'
If this passes, do people think the US will get special "US chipped" networked devices made in China and then cheaper units for the rest of the world?
The US will lobby the world to ensue a level export market for its expensive compliant hardware.
Domestic spying is now "Benign Information Gathering"
And what about the scammers that will be using this back door to control you phone and run up your bills. Is this the cost you are willing to pay, literally? How about just having the evildoers put in jail with less strict requirements on what the evidence needs to be ... like maybe catching them in the act.
now we need to go OSS in diesel cars
What problem do you see with open source software? If there is a legal requirement that software behaves in certain ways, then that is independent of whether it is open source or not. The only difference is that with open source, you might be able to veryify that the mandated behaviour is there.
Of course, open source software that behaves according to some law can be modified by anyone with the source code and the necessary expertise to break that law. If creating such software is illegal, then the person doing it would do something illegal. But that has nothing to do really with open source.
I'm really saddened and angered by the continuous erosion of our civil liberties. I've seen this decline for a while 9/11, but it keeps getting worse & worse. And sadly, it really seems to be independent of the party in power. Total government overreach.
Or quite the troll.
Nice back door on your device there, shame if someone put something on there that would incriminate you for something you didn't do. Oh but you feel safer right?
~~ Behold the flying cow with a rail gun! ~~
The problem is once you start mapping drug dealers, terrorists, pedophile and assorted evildoers some strange stuff starts happening.
The real evil people go dark understanding they have to change methods quickly, tipped of by tame experts and corrupt officers.
Support for 'freedom fighters' by the CIA becomes tricky.
Local courts are flooded with telco intercept cases and slowly most people of interest work out a phone, VoIP, computer, nav system is not so healthy to have around.
Thats why the GCHQ and NSA hate press like this. Now the FBI sees good PR, fame, new budgets and all the new hardware to roll out.
Easy cases at first with tracking, recoding via a remote turned on phone, key loggers in any consumer OS.
Domestic spying is now "Benign Information Gathering"
Why is the parent comment rated -1? You might not agree with it but that is not a valid reason for moderating it down. It is on topic opinion, not flamebait or troll.
This is censorship, plain and simple. I see how how moderation is used to enforce the groupthink here. Shame, for shame.
Here is news for you: "evildoers" will basically not be affected, as they will just work around these devices. It is ordinary citizens that are the target, as they do not have this opportunity. "Evildoers" will just experience a slight increase in the effort needed to do business. ON the other hand, this will create a nice set of possibilities to extort said normal citizens (sheep as yourself).
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Microsoft, Yahoo, and Apple ALREADY have open doors for FBI. About the only clean system will be the OSS, and even then, it is NOT guaranteed unless you have the OSS bios.
I prefer the "u" in honour as it seems to be missing these days.
I like how you think an opinion that you don't agree with is a troll. You must be quite the debater.
As non-American I am also very much in favour - this should be huge boost for IT sector everywhere outside US.
How many phones have a completely FOSS operating system????
None
“He’s not deformed, he’s just drunk!”
Have gnu, will travel.
Once upon the brans it froloked og pilogonof funky jamjam pills. To you, I salort!
Wants pawn term, dare worsted ladle gull hoe lift wetter murder inner ladle cordage...
“He’s not deformed, he’s just drunk!”
dear FBI,
a certain portion of your managament are stupid douchebags.
while there are agents risking their lives to stop criminals, you are sitting around jerking off on a whiteboard about pie in the sky bullshit that nobody with two nickels worth of brains would find useful or even interesting
fuck you, fuck your mother, and fuck everything you stand for.
and only one of them is under the jurisdiction of the FBI.
meanwhiel, most FOSS is developed cross border by people in various locations
you mean the CIA and the Catholic Church?
Technically true. But there is at least one that is open enough that end-to-end network apps cannot be spied on beyond the IP header needed to deliver its traffic somewhere. Encrypted talk apps already exist. These are end points the proposal would also "require" be backdoored (not just the blob that runs the "telephone" part). These are the apps the evildoers WILL use (after a few of them do get caught).
now we need to go OSS in diesel cars
they will pry my info out of my cold dead slackware box and my firewall. Rosta Ruck. have atter. please. this is unreal
I think having these wiretap backdoors is a worth the tradeoff of my liberty in favor of a better and safer world
I think that most of us would also gladly trade your liberty for a better and safer world, since that would kill two birds with one stome. :-)
Ezekiel 23:20
The most you can hope for is a civil suit. The process and any penalties will be paid by tax dollars to the reporters.
Its over. The entire justification for when we STOLE the states from the king of England was that we were going to live system where the people govern themselves.
But thats over now:
1. The ratio of citizen to congress critter has risen steadily so that they can walk or run away from their constituents
2. The function of the Senate has drastically changed and more decisions are made there, further eroding the power of popular vote. 2 per state/6yr terms
3. The things we used to laugh at the Russian people for: Corrupt press, Corrupt travel restrictions, Reading Mail, Wiretapping, corrupt law enforcement are all S.O.P for our government now.
4. We used to laugh at the Russians for electing their leaders. Both candidates came from the same party and there was no real choice. Which is what we have here now.
5., We used to laugh at the Russians for infiltrating and subverting democracy groups. Thats what we do here now.
6. We used to laugh at the fact that no one there "owned" anything. With the value of everything here based on an arbitrary currency, it essentially the same thing.
7 There is a defacto get-out-of jail free card for every president in office or after term.
I have worked with the people who "watch over us". They are relentlessly dishonest and always convinced they are right. And they have only one lens to view anything: us vs them. And once you are 'them", they have no morality at all.
Try to enjoy your life. Try not to have kids.
I don't think this is a good thing where drug dealers, terrorists, pedophile and assorted evildoers can commit their nefarious activities without impunity.
Would you prefer that they commit their nefarious activities with impunity?
It is disgusting. Yes indeed, however the US of A have been doing it to other nations for quite a while. Karma...
"I wonder how this could ever be implemented in FOSS"
Ask the W3C how they are going to pull of DRM in FOSS. Different problems but they have a lot of issues in common and neither will solve enough of them.
Democracy Now! - uncensored, anti-establishment news
I think he's just a bit too optimistic. Surely no one is idiotic and naive enough to trust the government with so much power? Sadly, such people do exist.
Filthy, filthy copyrapists!
..mandate wiretapping facilities in end users' computers and software
And "FUCK YOU" are those two words. I'd also like to add "Eat shit and die", and furthermore "Die in a fire". This shit has got to stop, now!
Are YOU using the TOOL, or is the TOOL using YOU? Think about it!
Technically, unless you are doing something illegal, it wouldn't matter at this point if your software apps were reporting your activities.
"Technically"? No. Even if you're not doing anything illegal (or if you are but the laws in question are ridiculous), you have everything to fear.
Filthy, filthy copyrapists!
I don't believe the ordinary citizens are the actual target. I believe that law enforcement is more or less interested in "the evildoers" and not Aunt Mable's recipe chat. But the unintended consequences are exactly what you detail. The really bad guys work around the barrier, and more lesser crimes gum up the works. We as a society want the worst criminals to be the ones that are most likely to be stopped and/or punished. But people aren't perfect, and what seems good on paper has unintended consequences. I agree with you on what the effect will be, just not the motivation.
Do you see widespread use of cellphones and tablets running on FOSS? I don't so no worries there, the feds won't have much problem.
But Android is FOSS!. Hear you buddy, dream on. Even if you have the skills to compile Android from scratch, don't need any closed drivers and can manage to install it on your cellphone... even then you're just a few in a billion users market. For all practical purposes there is no FOSS getting in between the feds/govt and your privacy.
none
There are polls that have asked in several ways questions about privacy and rights versus giving up some more of that for what is claimed to be more security and safety. The results from the past few show that an increasing number of U.S. citizens want less intrusion into their lives. That is, they do not accept blanket promises if it means less privacy and even more erosion of the basic rights spelled out in their constitution, most especially in the Bill of Rights.
That's to the good.
However, in reality, as we've seen in the past twenty or thirty years, what has happened is that the majority of Americans, whatever their responses to the polls, have almost always elected to office those who are of the totalitarian persuasion who invariably operate under the guise of law and order.
Years back there was a survey done of a large number of scientists from various disciplines asking them for suggestions for use of current and future tech. A (to me) shocking number proposed things along the lines of implanting everyone from an early age with a chip that would include everything from medical records to criminal records, and postulating the eventual inclusion of sensors for brain-wave, endocrine, and other physiological monitoring. The latter could of course alert medicos to strokes and other life-threatening or serious problems; it would also, as we learned better how, lead to what would amount to thought monitoring à la an "intent-o-meter" to detect lawless thinking so's the cops could arrest people before they committed a crime.
We live in interesting times. Some here have stated that CALEA II will never be taken seriously. Given recent events, actions, and laws, I am not so sanguine about that. Some apparently think we are at a cusp, that we have a chance to stop something before it gets out of hand. I tend to think we are already behind the eight-ball. I also tend to think that trying to undo what's already done is akin to a verloren hoop. I hope to be wrong.
The rest of us will be stuck with insecure backdoor platforms that criminals can easily exploit.
I find it fascinating how many people think that this is inappropriate and not feasible, while at the same time supporting gun control and the war on drugs.
It will not work against specifically bad people, that with a bit of research could avoid that kind of snooping. Will go against the "normal" people, just in case the kool-aid effect diminishes in big numbers in front of massive evidence of systematic government wrongdoing.,
That you are in another country make you feel safer? What if they force your country to have laws that follow their interests?
I wouldn't put too much trust in Congress for any accountability.
Remember the TARP bailout? The one that gave the Federal Reserve unlimited power in giving out money to banks foreign and domestic?
That bill was only a few pages long, and some congress members didn't even read it before they signed it
To have the possiblity of secure communications, I suggest buying a recently manufactured PC with VTx and VTd/IOMMU capabilities and get used to running a minimally exploitable OS on it.
For portable devices, I recommend something that can have all the firmware flashed to something like Android or Firefox OS, has a removable battery, and no cellular radio. Also, re-flash on a regular basis.
You can install CyanogenMod in most android phones and restrict yourself to use only open source apps too. Or try Mer based ones (i.e. Sailfish), Tizen, Ubuntu Touch, or Firefox OS
How about a "Privacy-Reqiurement In Principle Act", mandating that all devices should be secured to protect the user's privacy so that EVEN Law enforcement cannot ever get access. Backdooring should be a criminal offense, as should excess logging, and facilitating wiretapping. Product safety laws should be updated to treat software vulnerabilities the same way as toxic components.
Then instead of going around with the fantasy that law enforcement can fix problems, politicians might devote some more energy to fixing the underlying causes (such as foreign policies that cause "blowback" and the war on drugs). It will also make the country much safer against "cyber war".
Completely agree. Evil doers like Aaron Swartz and Cody Wilson are the only ones that they will be motivated to use this on.
I agree. At this time. Maybe. But surveillance possibilities are always extended once the infrastructure is in place. Juts look at the DDR where they has a significant percentage of the population under observation. Or at China, where the local Skype client scans for keywords. However, even proposing something like that is either utterly evil (if the ones proposing this know history) or utterly stupid (if the ones proposing this have not even considered the risks). Both are severe dangers to free societies and people that propose things like this are unfit to have power of any kind.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Watergate whistleblower Daniel Ellsberg:
“Richard Nixon, if he were alive today, might take bittersweet satisfaction to know that he was not the last smart president to prolong unjustifiably a senseless, unwinnable war, at great cost in human life. (And his aide Henry Kissinger was not the last American official to win an undeserved Nobel Peace Prize.)
He would probably also feel vindicated (and envious) that ALL the crimes he committed against me–which forced his resignation facing impeachment–are now legal.
That includes burglarizing my former psychoanalyst’s office (for material to blackmail me into silence), warrantless wiretapping, using the CIA against an American citizen in the US, and authorizing a White House hit squad to “incapacitate me totally” (on the steps of the Capitol on May 3, 1971). All the above were to prevent me from exposing guilty secrets of his own administration that went beyond the Pentagon Papers. But under George W. Bush and Barack Obama,with the PATRIOT Act, the FISA Amendment Act, and (for the hit squad) President Obama’s executive orders. they have all become legal.
http://www.juancole.com/2011/06/ellsberg-all-nixons-crimes-against-me-now-legal.html
Mandating that you will have a backdoor in every computer and device will be a boom for security surely, as in nuking it, not security software will tell you that you have that backdoor opened. If you choose to leave part of your data to facebook ot twitter is your option (but better don't try to be funny with your friends, is risky). If someone uses that backdoor to read the password for your bank, or enter effectively to that bank, and steal your money, that isn't your option anymore (maybe stealing from your bank account is a bad example).
You do understand that lots of companies will distribute the same devices in other countries, perhaps with the wiretapping capability "disabled"?
The truth is that all men having power ought to be mistrusted. James Madison
There are two kinds of "evildoers". There are also those who do it illegally and sometimes go to prison, but then there are also those who do it legally. That class of evildoers usually works for the government or in some cases for big corporations such as Monsanto.
A sufficiently advanced simulation is indistinguishable from reality.
Indeed. And the latter kind always seeks to extend their powers and to transform "the law" into whatever benefits them. Seems they are succeeding.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
URP DURP One guy did this thing and he's American, so... URP DURP
Houston, we have a Genius...
--"You are your own God"--
That's the point. American companies losing every public contract abroad, because nobody believes their claims of disabled wiretapping.
The desire to know everything that can be possibly known goes back to the deception that was propagated way back in the Garden of Eden, "You shall be as God....". God alone knows all the thoughts and motivations of people and everything else that can be known. One reason that people get into government is that they can have power over other people. If governments, all governments, had their way and it was technically feasible, they would install a mandatory thought transmitting chip in everybody's head. Thousands of years before it was remotely possible, it was prophesied in the Bible that there would be a time when there would be a one world government under which no one would be allowed to buy or sell, without some sort of unique identifier, often referred to as the "mark of the beast". This FBI proposal is another step in that direction. Try and get a job without a Social Security number, rent a car without a credit card, or get a passport so you can even visit our neighbors in Canada. We are well on our way to have this and other prophecies of the end of days come to pass.
A sufficiently advanced simulation is indistinguishable from reality.
What about non-American companies that want to sell their products in the U.S.? Do you really think they will give up the U.S. market? And do you really think they will go to the effort of building one product for the U.S. market and another one for other markets? Oh some might build a model for none U.S. markets with the wiretapping features disabled (with instructions provided to the relevant governments about how to re-enable them when they desire) and a few might build a non-U.S. model without the feature. But most will build it with the feature "disabled" in software, also with instructions given to the relevant governments about how to turn it back on.
The biggest problem that the FBI is not thinking about is that THEIR equipment will also have this built in, meaning that the bad guys will be able to tap them.
The truth is that all men having power ought to be mistrusted. James Madison
The FBI now has to tap everyone because of Bitcoin.
I mean just because you don't like the idea it doesn't mean they can't do it in a classified fashion and then make it legal years later.
I could tell you stories about them but you would not believe me
Do they involve Bill Murray?
White House Petition
Requiring software vendors to build intercept functionality into their products is unwise and will be ineffective, with the result being serious consequences for the economic well being and national security of the United States. See https://www.cdt.org/files/pdfs/CALEAII-techreport.pdf for more details. http://wh.gov/Skyk Please go to link and sign,
Mod parent up.
-=Lothsahn=-
yeah, they would build two products. not to mention there's plenty of telecoms& computers companies which do next to nothing business in the usa. just complying with the wiretapping capabilities would be a huge hassle.
also, I don't think the fbi thought it quite through how their backdoor would work even in theory and how they would handle the infrastructure for it so that not just anyone could tap into the backdoor.
world was created 5 seconds before this post as it is.
Why would they build two products when most governments would be happy to have a backdoor into people's electronics (especially when they thought they could claim they thought it was disabled if people found out about it)?
The truth is that all men having power ought to be mistrusted. James Madison
My petition as well
How many PC's ya got at home? 2 will do.
* Keep one offline at all limes; no ethernet cable or wifi or whatever
* Encrypt/decrypt your messages on that one
* Copy encrypted message to USB stick
* Move USB stick to your "regular" online computer
* Send message via regular online computer
* Recipient copies encrypted message to a USB stick
* Moves USB stick to their offline computer and decrypts there
Net result; internet-connected computers never see the unencrypted message. Yes, Joe Blow cheating on his wife might not bother, but you can rest assured that mobsters and terrorists will take that extra step. How could the FBI be so braindead as to not think of this?
I'm not repeating myself
I'm an X window user; I'm an ex-Windows user
Err...
Are you saying Obama is a Nazi?
I don't really approve of him (but he has been far better than I had feared he would be and I'd have voted for him if I had to - I voted third party) but I'm pretty sure that Obama is NOT a Nazi, descended from Nazi financiers, or is he affiliated with any Nazi groups. There are all sorts of valid complaints to make about Obama but, I'm pretty sure, that he's a Nazi financier descendent is not one of them.
"So long and thanks for all the fish."
FTA:
Many of todayâ(TM)s communication tools are open source, and there is no way to hide a capability within an open source code base
Which, sadly, is all the justification they'll need to make open software illegal - or if not, equivalent to having "terrorist materials" on your computer.
And why, ladies and gentlemen of the jury, would the accused have hacking tools (read: Linux) on his computer if he *didn't* intend to hide his activies from the government?
If they can't make OS illegal outright, they'll make it a secondary offense, for example, obstruction of justice, or similar. The only ones using it would be those who could make a good case in front of a jury that it was *necessary* - i.e. engineers, sys admins, etc...
The society for a thought-free internet welcomes you.
Pathetic. The reason your statement does sound serious is because you cannot care either way. Here is a hint: You are not a toll, you are a psychopath. Better get help.
Here is another hint: You cannot "bitchsmack" anybody while hiding behind anonymity. A pathetic and cowardly attempt like that will never commandeer any respect. But I can understand that you have trouble grasping that.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
HEY! If that guy really is suicidal you are committing a crime, you jerk.
You don't have to egg him on. There are plenty of geeks on this board who have been bullied in school and thought of killing themselves at one point or another in their lives. The ones who didn't follow through on it (almost all of them) did so because they came to their senses and found a reason to continue, before they met some total asshole like YOU.
(You may fuck off and die now)
Don't listen to the asshole below and have as many kids as you like. They will likely be sensitive and intelligent, and contribute greatly to the world of the 21st century. It is also allowed to live in another country, there are a lot of them.
Enjoy posting your shit comments anonymously while you can, if these people have their way no one will be allowed to be anonymous on the internet. Ever.
Are YOU using the TOOL, or is the TOOL using YOU? Think about it!
so my initial idea six years ago to move to china, out of europe and not to the u.s. still seems to make sense
Free speech was meant to be free for all... how can anyone grow up in a nanny state ?
Did the CIA need to rely on scotus or ask permission from congress before its recent militarization culminating in the drone program? The idea that the executive branch even follows rule of law any more is entirely obsolete.
Completely different story. This dicussion is regarding a government agency that is reported to be considering to implement law. Your example is an agency working outside of the borders of the law.
I'm not a complete idiot... Some parts are missing.
The biggest issue at hand here is that these agencies and the government see it as law enforcement's "right" to be able to tap your communications, when in fact, the only reason tapping was ever used in the first place was because the technology was inherently insecure. I see no reason to enable their power trip by prohibiting one from intentionally protecting one's data and information use (the kind of thing the Fourth Amendment is specifically designed to protect) from the start.
In SOVIET RUSSIA... erm...NSA AMERICA, the Internet logs onto YOU!