Slashdot Mirror
Government Backs Down On Network Monitoring Plan?
GNUCyberKat writes "This article relates how the US government is now approaching their plan to monitor private sector networks. It presents both sides (mostly through links) but is otherwise a good article. "
I believe you've confused "right" with "technological capability."
Let's create a package that would be able to act as a telnet gateway for every protocol (even DNS). Let's put it in as many boxes as we could. Let's create tiny boxen with it and hide in our school's networks. Let's put crypto on it (SSLeay). Let's create some protocol to enable our apps to use those gateways like sockets. And let's LD_PRELOAD hack our glibcs to make all apps (even dynamically-linked netscapes) use them. Let's include chaining capatibilities on them. NOW let's see if they can trace us >:-)
Actaully, I was thinking more of CALEA. The proposal that had hooks into all the telecom networks. It seems to me like their proposals are getting more daring.
"One man can change the world with a bullet in the right place."
- Mick Travis, "If..."
What business does the government have with what kind of drugs are out there? So it can create lucrative black market terrorists organizations that thrive? Seems like the government is creating all these problems in the first place.
So the government monitors traffic on the net. It learns new ways of getting in trouble after some government employees take a kickback by leaking some inside information gained by email exchange by engineers at a tech startup. Patents are issued and the government has a company paying billions in taxes on a new product on its soil.
Monitoring can create some unhappy people. Let's play fair and everyone will get along better.
Just imagine the profile they could have on your name. What are your interests? What hours of the business day did you post to slashdot? Did you ever make any posts to alt.sex? Do you ever intend to run for political office?
Almost a non-intelligence issue. As a Democrat, I am ashamed of some of the policy coming out of my representatives.
Maybe we need to come together and form some kind of Technocratic party and run our on canditates. Heh. Just a thought.
This sig is false.
Yeah, I'm running for pres as a write in independant canidate, of course, I don't expect to win, but ya know, I'm voting for me!
later
dan
Dan
It presents both sides (mostly through links) but is otherwise a good article.
Heaven forbid that someone should write a balanced journalistic piece!
Daniel
Hurry up and jump on the individualist bandwagon!
>I believe you've confused "right" with >"technological capability."
More like "mathematically capability". Which is the same thing as "right" (if there is such a thing as a "right" at all) if you ask me...
It's not a question of whether or not they are, it's a question of how they approach it.
Here's the kind of thing they're worried about: imaging a virus or worm whose payload is a packet sniffer. Mostly it spreads as quietly as it can, but when a copy finds itself on a host in the target domain, it starts sniffing for l/p pairs and other critical information. When it has them, it sends out an http request. I'll leave the contents of the response to your imagination.
Is this so implausible? Could it do serious damage to your organization? Do you know how to prevent it?
which is that they will be searching for "patterns of patterns." And the privacy buffs restated that there is the opportunity for misuse. Nothing new.
The classic Good vs. Evil stories. The good are always the underdogs and dominated by the evil, and in the end, somehow the good end up winning. Unfortunately, those are just fictional stories (and I wonder where the ideas for the stories came from?). The Us Gov and wealthy top 1% (corporations and those who dominate them) among other nations, both "democratic" and not, have effectively maintained their dominance. The US has been so good at it that they can actually manipulate public opinion to be in their favor. Just by wording something so it sounds good, or completly with holding the actions from he public. With the assistance of corporate owned media, which of course would not want to cover news and events that threaten their security, they have been doing this.
In the past however, although the public's access to instant information was not like it is now, for those who wanted to participate in the politics, they had to research more on their own. With the way things are now, people just sit on their ass and rely on campaign slogans and media coverage for their information. I even see among the posts of people on this website absurd comments praising big bussiness and the government, and making insane comments such as "their is no classes in the U.S." It may seem like that in your little bubble of middle/upper-middle/upper class world. Everyone has access to the Internet! No one is poor! The poor just don't work hard enough! The economy is booming! This means this, not that! Right does not mean correct, right means wrong!
People also never ask why protesters protest, or why terrorists target. They assume they wacko lefties...or they all support totalitarian type governments, like that makes any sense. Of course this is true in some cases, but among the millions of anti-capitalist people in the western world, very few of those go about furthering their cause through major violence. of course that's all the media seems to cover. Many of those people also support DEMOCRATIC state socialism and anarchism not the existing totalitarian forms of socialism. Even the capitalist Libertarians in the US agree something is wrong, but see the governments as the central problem, and corporations as the answer.
This is very depressing. Will the masses, even the so-called intelligent people, ever wake up? Will they always have control over the minds of the masses? I've been told in the UK, acceptance of (state) socialism, (libertarian) socialism/Anarachism is much greater, and even some elected officials in the Western governments belong to parties on the "left."
Bah! HDSJKLDHSKLJDSD. silence.
Hey, I might even vote for you. That would be *two* votes. ;)
This sig is false.
to the recent news about ESCHELON or whatever that name of the monitoring system that Austrailia came out with just a few weeks ago? Are they trying to legitimize everything that they have already done, or are we looking at the attempt to get into a second round of systems that people "know" about?
I NEVER said or implied the government had any right to do these things. All I said was the government was not going to going after warez kiddies pirating Photoshop, 3DMax, or the new Prodigy album. They're after different fish. I don't like the idea of this kind of monitoring either, I was answering a specific question. (not to be rude, but don't put words in my mouth)
bunch in the history of our government for using government agencies to abuse it's citizens.
How many FBI files got Colsen a prison term? ONE
How many FBI files did Hilary's bouncers get a hold of? 1000+. Why aren't they in jail?
Why are the vast majority of IRS audits of 5013c orgs done on conservative ones?
Another example: One of the assurances Congress put into the Census Act was that the information couldn't be used by government agencies to target individuals or groups. In January of 1942 FDR signed a Presidental Executive Order that gave the FBI permission to use the Census Data to target US CITIZENS of Japanese Ancestory for arrest and detention in concentration camps in the California and Nevada deserts. Their property was stolen by various agencies and people, thus depriving them of their due process.
Letting the inventor of the Internet, "No legal Controlling Authority" Gore, or "I didn't lie under oath" Clinton authorize their cronies in the FBI to start watching over my shoulder while I excerise my free speech rights is the quickest way I know to "chill" those rights, expecially if they are critical of the Amdministration. Remember what happened to the Chicago couple that heckled Clinton (no worse than the chicken man heckling Bush)?
"If you've done six impossible things before breakfast, why not round it off with an attempt to ban all cryptography from the Internet?"
--
Brent J. Nordquist N0BJN
The American government as all the right in the world to watch and record and analyze and study the dataflows on the Internet, just like anyone else has. If the FBI wants to act as an online security consultant, then that is completly fine with me.
Let's just change this a bit:
Would you agree with this statement? I don't think there is any important difference between the original and the new one. We are talking about networks that span the whole globe, where data is normally transmitted without encryption, and in which by tapping at the right place, you may intercept lots of communications. However, it is an invasion of privacy for the government to wiretap phones without a court order. Why should it be any different for, say, email or TCP connections in general?
Given that the these two huge holes in our human rights go away, I will gladly assume that every information generated by me on Internet (be it a random Telnet package or a slashdot post) falls into everybody's hands (including the American, Iraqee, and Chinese governments).
This may be true of /. posts, but I don't see how if I email you this would get into chinese gov't hands. (I can traceroute the path between our mailservers and see, but I don't think this will be necessary.) Same if I telnet to my university computer from a home dialup connection.
---
No...actually they're more a technical means which makes things *much* easier for the developers of that code.
People. Cookies Are A Good Thing. They give persistance to an environment that isn't persistant. They allow developers to code web applications that can follow you through the use of that application. I daresay that if it weren't for cookies hotmail simply wouldn't exist. How do you *think* they figure out how, at any given page, what user your are?!
There is no secret conspiracy to use cookies to rule the world. Believe me.
Your a fool if you think big brother isnt already watching.
we are born with cameras up our ass
Madhatter --It's no wonderland out there.
> It presents both sides (mostly through links)
> but is otherwise a good article. "
Isn't presenting both sides good?
The American government as all the right in the world to watch and record and analyze and study the dataflows on the Internet, just like anyone else has. If the FBI wants to act as an online security consultant, then that is completly fine with me.
The problem is the lack of cryptography to protect yourself (which of course is their fault), and the fact that online crime is prosecuted by an authoritian state in meatspace. Information crimes should be fought with information methods.
Given that the these two huge holes in our human rights go away, I will gladly assume that every information generated by me on Internet (be it a random Telnet package or a slashdot post) falls into everybody's hands (including the American, Iraqee, and Chinese governments).
"It presents both sides (mostly through links) but is otherwise a good article. "
Was this unintended, or is the poster suggesting that presenting both sides of the issue is a bad thing?
They're basically saying, "Oh, we were NEVER going to do anything more than monitor critical networks for anomalous activity..." That's still a little too much for me. Any banking concern or other enterprise that forms part of the "critical infrastructure" should already be paranoid about security, and doesn't need the feds to tell them when they're under attack or help them dig out of the situation. It's like Social Security: you must do your own retirement planning; if you rely on the government to do it, you're going to be poverty-stricken a year after you retire.
As usual, we're seeing the FBI (and most likely the NSA especially) trrying to stick its collective nose where it doesn't belong. Let us protect our own networks -- it's nobody else's business what traffic is on there. And I would tend to think it would be a lot easier for a foreign government to compromise one of these "trained, experienced analysts" once the system is in place than to actually crack all those thousands of systems and networks that such an analyst would be able to monitor.
Call me paranoid, but any security professional knows that paranoia doesn't go far enough.
"You can never have too many elephants on your team."
Could the government also be trying to do this in order to track warez, mp3, etc. sites? Doing this in the name of "proctecting our networks" seems like a cover-up. It sure would help out law enforcement if they're really interested in piracy.
Just a thought.
Plankeye
--------
.
Who the hell told Carrot Top he was funny?
Why does anything the government do have to be done in such a wasteful manner? I would imagine most people that have a server on the net that experience a problem can deal with it just by looking at the logs, find the identity, make a phone call and see if the person needs help. You don't need a multibillion dollar spying center to replace everyone's job.
Do morons run servers? They will if the government has its way and insists on playing big brother on everything. Its like we would be so helpless without laws and regulations covering everything. The internet was doing so good until we started getting laws about encryption it seems like its going downhill from there...
Even If they are watching, do you have any Idea how much information they would be collecting? WAY more than could possibly be analyzed in real time. But they're not watching (The internet is self-ran and their software would have to be installed everywhere to be effective, wouldn't it?) and you, sir, are simply paranoid.
My sig has a broken link in it.
whats left of the the humanity??
whats left of the individual freedom
what about the right not be controlled... right to chaos?
we're all controlled...
=========
Anger is gift...
freedom? yeah right --R.A.T.M
----====___SUBLIME___OR___NOTHING___====----
And I just saw an article reporting that Reno, I believe in a letter to the German government, stated her desire to see all cryptographic products banned from the Internet. Despite the technical and legal impossibilities involved, that was one more indication that the JustUs Department is solidly anti-privacy.
Interestingly, this seems to be a non-partisan issue, so I can't fall back on my traditional response of complaining about the Democrats. I've yet to see either party integrate a cohesive position on privacy and technology.
No matter how many battles are won, the war for security and privacy continues...
Believe it or not, the government is trying to act on the behalf of its citizens with most of these initiatives. If you read the actual text of the plan (available at http://www.cdt.org/policy/terrorism/fidnet/ )you will see that the plan calls for monitoring of mostly .gov site traffic. It calls for a plan to help certain critical infrastructure sections of the private sector in monitoring (ie, banking, utilities, perhaps stock market, etc). An outage in any of these areas of the private sector would have very detrimental long term effects on the Citizens of the US. THAT is why they want to do this.
Plus, if you believe everything you hear, the we must already be monitored, right?
The same rule that existed before still applies...if you want it to be secure, encrypt it; quit bitching about how THE MAN is going to screw your life and take some individual action.
The above is only my opinion.
As long as cryptography is legal, the disclosure that governments are monitoring communications will serve the public interest in encouraging additional use of cryptography.
Seriously, you shouldn't expect anything sent over an open channel to be private. Now the US government is helping people to realize that. Now if only we can get lucky on some cryptography export rule relaxation, we'll be all set.
Coca-Cola formula
As reported on some business news show yesterday, the private sector and the feds have very different goals and M.O.s when it comes to security efforts. Corporations just want to know how a breach occurs so they can fix the problem and prevent related losses and copycats. They abhor publicity. The feds are fixated on the act and catching and prosecuting the perps. As others have noted, they don't have a very good record of defending against their already known vulnerabilities. So they are fundamentally at odds.
A day later, the feds are saying, "aw never mind. We'll set up shop on our block and talk to you later."
If only net libertarians had such access.