Slashdot Mirror

← Back to Stories (view on slashdot.org)

Government Wants to do Massive Internet Monitoring

Posted by ryuzaki0 on from the all-they-want-to-do-is-protect-you- dept.

jht writes "Taking the Clinton Administration's electronic paranoia to new heights, this NY Times article details plans to have the FBI establish an infrastructure (called FIDNET) capable of monitoring all non-military public networks. And you were wondering why they're so down on encryption... The NSA is reviewing it now, with final rules expected in September. " Uh,oh. This is potentially a Very Bad Thing. You may want to e-mail your Congressional Representative about it. (Free NYT online subscription required to read the article.)

10 of 304 comments (clear)

  1. A Plea... by jcrosby · · Score: 4

    The description under the post on the main page says you MAY want to write your representative. I'm begging you all -- PLEASE write your rep! Posting on /. only won't solve the problem. Please take action. Once momentum for this sort of thing builds up, it's almost impossible to stop. Let's use our community size to have some positive influence.

  2. This could get to be a real problem, folks. by fable2112 · · Score: 4


    On the one hand, I'm not one to encourage needless paranoia. On the other hand, I don't like this.

    I'm in a fairly militant mood these days for both personal reasons (as discussed on the Ticket Booth Tyranny thread) and political ones ( Damien Echols' Rule 37 appeal was denied, and I'm very pissed about it).

    Post-Columbine, a friend of mine was given trouble for wearing a BEIGE trenchcoat. If the Powers That Be (or anyone else) start looking for a certain "profile," then anyone who has anything in common with that profile is screwed. Where I live, there have been a lot of recent stories concerning racial profiling. (Maybe THAT is why more African-Americans aren't on the net. *wry smile*)

    But of course, it's not just race. If someone wants a scapegoat, it's easy to pick a likely-looking one. This goes on in schools, it goes on in law enforcement, and it goes on in politics.

    I'm not over-cautious with personal info because I don't feel I have to hide things from people. However, I realize that if things in this country get really crazy, I'm going to be one of the first people that gets harassed for being a social deviant.

    The FBI's probably got a file on me as it is, but as long as I'm not kicked out of my housing or prevented from getting a job or arrested for something I didn't do (or something I did do that shouldn't be illegal), I don't give a damn. However, I've got contacts, resources, and what-have-you; many of my fellow social deviants aren't quite so lucky.

    So I fight for their right to keep their correspondence and personal details private. And since some of them talk to me over e-mail, I don't want anyone reading my e-mail either. Things that I do that are public or semi-public record (/. posts, my web page, petitions I've signed, that sort of thing) are obviously things that I don't mind having traced back to me. But there are a lot of people who can't or choose not to be as open as I am, and dammit, that's their right. (Even in the current atmosphere of Don't Ask, Don't Tell, for instance, I'm sure some homophobic military types would love to scan e-mail looking for anything that might suggest a soldier is gay. *sigh*)

    Another big problem here is that people don't profile for actual criminals as often as they seem to for stereotypical criminals. Racial profiling is a major example of this -- black man driving nice car in suburbs, wonder how he got it? Drug money? Let's stop him. Etc. Satanic Panic based profiling is another biggie; there is no other reasonable explanation for why Damien Echols is on death row and his two friends are in prison serving life sentences. With net-based searches, we'd get the additional problem of "profiling" of anyone who, say, visited 2600's website.

    I, personally, have nothing to hide, and haven't suffered much in the way of harassment. But damned if I'm going to make it easier for other people to have their lives ruined for no good reason.

    --
    "Somebody exploded a letter-bomb today ... but it wasn't anybody I knew" -The Moody Blues, "Dear Diar
  3. Stickin' it to the man... by Anonymous Coward · · Score: 5

    This isn't as big a deal as people are about to start freaking out about - although it's definately worth a letter or two to your wonderfully representative *ha* elected officials.

    The open-source and linux communities have the power to make these plans effectively useless through the implmentation of transparent public key encryption schemes - Fuck ITAR, this is an international community. A good implementation followed by a new "secure" linux distribution - perhaps Trinix - or maybe RedHat, but they're less likely to take on "the Man", IPO and all.

    So let them monitor your SSH sessions, let them monitor encrypted web communitications. The key is to make it automatic and transparent, so that the end user doesn't have to do anything.

    I'm sick of this bullshit from the US Government - I'm not a US Citizen, but being north of the border in Canada means this crap will diffuse up sooner or later - Our spineless prime minister does what the US wants.

    So rather than bitch and moan and cry and whine, we've got the tools to make this system effectively useless. Run with it.

    AC (with damn good reason).

  4. Re:Routine Encryption: Maybe not the Answer by Carl+C-M · · Score: 3
    I take exception that the only way to combat misuse of personal information is through routine encryption.
    • Routinely encrypting all my traffic may not buy me much privacy.
      • Traffic analysis can reveal where I have been surfing and who I have been emailing without saying anything about what I was saying. But I imagine that in this hypothetical police state exchanging email with subversives would be a crime. And don't think that anonymous remailers will protect you; remember anon.penet.fi.
      • Failing traffic analysis, I am still conducting transactions with websites, who is to say that they won't decide that its financially advantageous to get together and construct detailed profiles of me. Isn't that what ads.doubleclick.com is doing?
    • How do I know that my security protocols are really secure? I just downloaded PGP from some random website or installed the standard Red Hat Distribution. How do I know that the implimentation wasn't weakened so that powerful interests can read my mail anyway? Worse I might believe that I can send whatever I want with PGP and end up incriminating myself more completely.
    • Rather than pressuring congress to allow me to implement weak and insecure protocols that give me the illusion of privacy, why don't we pressure Congress to open up government. "Okay Congress, you want to monitor our networks for criminal activity, you can, if you make verifiable public records of all activities and results from the monitoring." Better yet, if they want this tool, let them build it, but make it a public domain tool that serves everyone. Why should we trust incompetent government workers to secure our networks?

      This bargain could be struck on many levels. If congress wants to monitor all email, I'd be quite happy to go along with this if in exchange the government would publish all gov. documents on the web five years after creation regardless of classification.

    • Perhaps surveillance of everyone is immanent, but it doesn't have to be clandestine. We have an opportunity to choose how it is implemented.
    If given a choice between having all my email read by the NSA without my knowledge or permission or having all my email read by the NSA and receiving notification whenever it happens; I will always pick the later case. Even better is if I recieve notification from anyone when that email is used. Whose to say that Coca-Cola doesn't have nefarious schemes?

    -Carl Coryell-Martin

  5. It's all a gummint conspiracy by jabber · · Score: 4

    That's right folks,

    Never mind the privacy issues, never mind ethics or morals or any of that ethereal stuff like Liberty or Freedom. It's about the money.

    Ever since the boom of the Internet, the Federal government has been losing money. They support much of the backbone infrastructure through NSF grants and such. The Internet2 is based in major Universities, but funded by the Fed, and we're going to piggyback off of that tech in a little while. The Fed is losing money since their grants are used to send spam and view porn.

    But that is not the biggest dollar sinkhole that results from the Internet Age. It's all about the stamps!

    That's right. The price of stamps has gone up dramatically over the last vew years. As we've migrated out corespondences to the net, the U.S. P.S. has tried to break even by hiking stamp prices. This just drove more people onto the net, and into long distance phone companies. This is why they're fostering competition and the proliferation of 10-10 numbers...

    The government is just trying to make the net less convenient, more shady and just plain creepy(r) to drive the sheeple back to using the ol'U.S. Post. Under Federal regs, nobody (FBI, NSA, CIA, IRS...) can read your mail.

    Watch for new U.S. Mail ads this fall. I ga-roon-tee it.

    --Where'd I leave my meds?

    --

    -- What you do today will cost you a day of your life.
  6. The classic quote by Kaa · · Score: 5

    "When they took the fourth amendment, I was quiet because I didn?t deal drugs. When they took the sixth amendment, I was quiet because I was innocent. When they took the second amendment, I was quiet because I didn?t own a gun. Now they?ve taken the first amendment, and I can say nothing about it."

    It might interest people to know where this came from. The original quote belongs to Pastor Martin Niemoller who had the misfortune to live in Nazi Germany in the 30s:

    "First, they came for the labor unions but I wasn't a labor unionist, so I didn't speak up. Then they came for the Communists but I wasn't a Communist, so I didn't speak up. Then they came for the Jews; but I wasn't a Jew, so I didn't speak up. Then they came for the Catholics, but I wasn't a Catholic, so I didn't speak up. Then they came for me-and there was no one left to speak up."

    You might want to keep this in mind.

    Kaa

    --

    Kaa
    Kaa's Law: In any sufficiently large group of people most are idiots.
    1. Re:The classic quote by sjames · · Score: 3

      By monitoring everyone's communications on the net at random, they are going after ALL of those groups and more. All you have to do to be logged is to have a packet pass through a monitored network.

      Meanwhile, the money they are spending on this could buy every homeless person a condo.

      The real answer to preventing attacks on our infrastructure is to encourage the use of strong crypto and the development of hardware and software based on it.

      Finally, if the objective is to prevent cyber attacks from outside the US, why aren't the monitors confined to the border routers on the links to the 'outside'?

    2. Re:The classic quote by Stonehand · · Score: 3

      I'd say they're going after industry sysadmins, by planning to install monitoring software on non-governmental systems. Either they'll be required to hire government spooks who'll use those systems on-site, or far more likely, the monitoring system will either report electronically, perhaps with remote access, or it'll do something like log to CD-R's which are then shipped off to a gov't warehouse. In any event, I'm just as concerned with *how* and why they're "going after" a group as with whom.


      * If there are *any* vulnerabilities in the monitoring software, and I'm a sysadmin, you've now weakened my network. Thanks a lot.

      * How can I trust the monitoring software to know that that's *all* it's doing -- monitoring? And that none of the information, such as traffic analysis, could leak out to a competitor who happens to be a larger campaign contributor? For instance, if somebody's suddenly engaging in SMTP traffic with somebody at a competitor, and the traffic coincides with that to a recruitment firm or so forth.

      * Wouldn't this cause some to fall prey to false confidence? Given that the Gov't hasn't shown itself to be the most clueful 'bout computer security in the past, what makes them think that they can catch up?

      --
      Only the dead have seen the end of war.
  7. Why worry? -- that's why by Kaa · · Score: 3

    Let's say you go and visit www.hyperreal.org -- a site that contains, among other things, information about psychoactive substances, some of which happen to be illegal in the US. Now, of course, only drug pushers would be interested in information on such a filthy topic, right? So you wouldn't be surprised to see some cops on your doorstep with a search warrant, the probable cause being visiting the site? And don't bother applying for a government or a government-contractor job: "We see you engaged in some patterns of behaviour that could point to illegal activity on your part. Be thankful we don't prosecute you. Next, please..."

    This is fiction right now, but it could easily become reality.

    Just use strong encryption for everything. I don't see the problem.

    Use of encryption necessitates that both parties do it. In the example above how would encryption have helped me (other than using Freedom.net or some equivalent of it)?

    I know it is illegal to export it from the USA, but is it also illegal to use it?

    It is legal to use. For the time being, that is.

    Kaa

    --

    Kaa
    Kaa's Law: In any sufficiently large group of people most are idiots.
  8. Re:Money- Tool of Tyrants by Manax · · Score: 3
    And maybe some of them really believe that the goverment isn't really out to get them and are willing to help with this noble goal of protecting US citizens from the bad guys.

    Just image for a moment, someone who has graduated school, perhaps with a CS degree, has spent some time with ROTC, perhaps would like to get into law enforcement, but doesn't like the idea of getting shot. Instead, the person gets a call from someone at the FBI who says "We need people like you. We are building this network monitoring facility, with all this high-end equipment to help protect us all from terrorists abroad. We will be looking for specific types of attacks and we need you to help write the software for that." The graduate meets the FBI people, likes them, they sound like they really believe what they are saying (and perhaps actually believe it), and so the grad joins up.

    The person isn't evil, isn't a tool, and really believes in the goal, is convinced of the sincerity of those he/she works with...

    Bottom line, I'm scared by all the invasions of privacy, the goverment intrusions into far too many aspects of life, the threat of being harassed by the Enforcers (police), the unauthorized confiscation of private property, etc. but to say that these people are all immoral, irrational bastards out to screw us all is just demonizing people who are more like you and me, than different.

    Yeah, some of them are assholes, and some are stupid and many are irrational, but they are still just human beings trying to live out their lives the best they can.

    And while trying to get along the best I can, I try do something to make the world a better place (according to my own, perhaps warped, judgement) by avoiding (and protecting myself from) the assholes, educating the stupid and by being understanding of the irrational (and trying to help them do the rational thing).

    Bottom line, I'm very much against this proposed system, regardless of the goal, since I believe having a highly distributed, highly heterogeneous network, with individually applied security is the best defense. I also believe that a system like this can all too easily be used (by the stupid, or the irrational) to do bad things to you and I. (Besides being an ineffective way to do it's stated intent.)

    --
    "Why should I be content to simply live in this world, when I, as a human being, can CREATE it?" - Oertel