Slashdot Mirror

← Back to Stories (view on slashdot.org)

Tap-Tap-Tapping the Net

Posted by michael on from the who's-there?-FBI-who? dept.

The IETF will be considering building wiretapping into internet protocols (see previous slashdot story) tonight at their conference; the Washington Post has a story on the subject. A great many civil liberties and technically-oriented organizations have signed onto an Open Letter urging the IETF to reject any attempt to build snooping into the net.

2 of 132 comments (clear)

  1. Whatever. by Signal+11 · · Score: 5
    Sure, let the IETF build in wiretapping stuff. I think they need to fail horribly before they stop doing stupid things like that. For one, if it's at the protocol level it will be exploited. Alot. Remember source-routing? Notice how everybody even remotely concerned about security has it disabled, and infact under linux and most UN*X implimentations require you to specifically enable it?

    Secondly, why should we care? Anyone doing anything illicit will be using encryption anyway. So catching criminals isn't the issue here. Hell, I frequently use PGP for stuff that I don't consider sensitive - like sending source back and fourth between my friends. The only use for a wiretapping protocol will be to let the l335 h4x0r d00ds have a reign of terror on the 'net.

    I say to hell with the IETF - Let the chips fall where they may (and they will fall!).

    --
  2. Wiretapping protocols by jd · · Score: 5
    This begs some interesting questions:

    1. How do the IETF propose to wiretap -AND- have strong PtP IPSec encryption?
    2. How do the IETF propose to locate packets, given that routers decide paths on-the-fly?
    3. How do the IETF propose to enforce this, when they are not a regulatory body? In fact, the strongest the IETF can do is release an RFC, which is just that - a request for comments.
    4. Who, exactly, is going to implement this wiretapping protocol? Even if the entire backbone used it, all you need do is tunnel through and the protocol becomes useless.
    5. What protections can the IETF impose, which guarantee that the wiretapping would even work, even assuming you -could- find all the fragments of all the packets and re-assemble them all? It's easy enough to modify a TCP/IP stack. A few tweaks here, a few tweaks there, and you're sending valid data which the sniffer will reject, but which your intended recipient will accept.
    In balance, I think it's useless, pointless and stupid. Stick to IPv6 promotion. That's useful. This isn't.
    --
    It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)