Yeah, but Tomi Ahonen is a moron. This is the same guy who claimed that Symbian was clearly the best mobile smartphone OS and would crush iOS & Android if only given a chance. Riiight....
The book "A for Anything" by Damon Knight jumps immediately to mind. The book centers around a real device that could duplicate anything. Is it the end of world hunger and need - or an evil machine bent on the destruction of our way of life, one that must be destroyed immediately?
The best defense against this sort of this is the operating system. The ideal mechanism for software management is for the OS to only permit software to be installed in a specific directory tree, one per application, instead of allowing software to sprinkle DLLs all over the place. Installation should be a recorded transaction which can be replayed in reverse by the OS to verify that software has truly been removed. This, along with really good privilege separation, will ensure that rogue applications cannot evade detection and removal.
Besides, incompetence by one company doesn't mean no wiretapping, it just means loss of sales by that company. Planned, industry-wide incompetence is not incompetence - it's collusion, and is a criminal offence when performed against the state.
I'm a software engineer working for a data networking company, and I'm working on our project for residential Voice over IP - so I have some knowledge of these issues.
Basically, the Communications Assistance to Law Enforcement Agencies (CALEA) act passed by the US Congress in 1994, requires "telecommunications providers" to provide tappability on any and all telephone calls they may carry. There are also some reasonably stringent requirements on the nature of the tappability, so a token effort will not suffice. For any residential phone service to be approved by the FCC, it will have to satisfy the requirements of CALEA. Companies or the IETF really have no say in the matter. The only people who can change this are Congress (not even the Supreme Court, unfortunately, because they have already ruled federally approved wiretapping to be legal).
Now, this applies only to so-called "telecommunications providers", i.e. people who provide a phone jack in your house (be it through a DSL line, cable modem, or whatever). If the phone signalling protocols are modified to perform this function, then they will also end up affecting all signalled calls going through voice/data routers - whether they are signalled from black phones or from PCs masquerading as phones. Again, this will almost certainly happen.
The only place where there isn't an existing law is for tapping data flows on the Internet (which may happen to be voice flows, perhaps through a conferencing tool like NetMeeting). The issue was raised that these flows will have to be policeable. Further, given the current federal stance on wiretapping and information gathering, it is a near-certainty that the FBI will move to have a law enacted which enables them to tap any data flow (identifiable by a source/destination IP and/or port number). Congress will have no trouble in passing this law. Again, once it is a law, the IETF or anybody else will have no say in the matter. ISPs will require this feature to stay licensed, and therefore networking companies (i.e. us) will have to implement it in order to stay in business.
Just about everybody in my company who works on this is pretty much unanimously unhappy about it. Some people have even advocated not implementing CALEA-compliant tapping capabilities just to "see what happens". Needless to say, that will not happen. That doesn't stop us from thinking that it sucks, though.
--
I wanted to call myself Anonymous Coward, but it was already taken by somebody.
Slashdot Mirror
Yeah, but Tomi Ahonen is a moron. This is the same guy who claimed that Symbian was clearly the best mobile smartphone OS and would crush iOS & Android if only given a chance. Riiight....
http://communities-dominate.blogs.com/brands/2013/02/nokia-misery-in-single-pictures-today-part-8-in-series-the-elop-strategy-to-go-windows-from-feb-11-2.html
The book "A for Anything" by Damon Knight jumps immediately to mind. The book centers around a real device that could duplicate anything. Is it the end of world hunger and need - or an evil machine bent on the destruction of our way of life, one that must be destroyed immediately?
I would have thought some skin medication....
Never mind.
The best defense against this sort of this is the operating system. The ideal mechanism for software management is for the OS to only permit software to be installed in a specific directory tree, one per application, instead of allowing software to sprinkle DLLs all over the place. Installation should be a recorded transaction which can be replayed in reverse by the OS to verify that software has truly been removed. This, along with really good privilege separation, will ensure that rogue applications cannot evade detection and removal.
Too bad Linux doesn't do any of this...
Besides, incompetence by one company doesn't mean no wiretapping, it just means loss of sales by that company. Planned, industry-wide incompetence is not incompetence - it's collusion, and is a criminal offence when performed against the state.
I'm a software engineer working for a data networking company, and I'm working on our project for residential Voice over IP - so I have some knowledge of these issues.
Basically, the Communications Assistance to Law Enforcement Agencies (CALEA) act passed by the US Congress in 1994, requires "telecommunications providers" to provide tappability on any and all telephone calls they may carry. There are also some reasonably stringent requirements on the nature of the tappability, so a token effort will not suffice. For any residential phone service to be approved by the FCC, it will have to satisfy the requirements of CALEA. Companies or the IETF really have no say in the matter. The only people who can change this are Congress (not even the Supreme Court, unfortunately, because they have already ruled federally approved wiretapping to be legal).
Now, this applies only to so-called "telecommunications providers", i.e. people who provide a phone jack in your house (be it through a DSL line, cable modem, or whatever). If the phone signalling protocols are modified to perform this function, then they will also end up affecting all signalled calls going through voice/data routers - whether they are signalled from black phones or from PCs masquerading as phones. Again, this will almost certainly happen.
The only place where there isn't an existing law is for tapping data flows on the Internet (which may happen to be voice flows, perhaps through a conferencing tool like NetMeeting). The issue was raised that these flows will have to be policeable. Further, given the current federal stance on wiretapping and information gathering, it is a near-certainty that the FBI will move to have a law enacted which enables them to tap any data flow (identifiable by a source/destination IP and/or port number). Congress will have no trouble in passing this law. Again, once it is a law, the IETF or anybody else will have no say in the matter. ISPs will require this feature to stay licensed, and therefore networking companies (i.e. us) will have to implement it in order to stay in business.
Just about everybody in my company who works on this is pretty much unanimously unhappy about it. Some people have even advocated not implementing CALEA-compliant tapping capabilities just to "see what happens". Needless to say, that will not happen. That doesn't stop us from thinking that it sucks, though.
--
I wanted to call myself Anonymous Coward, but it was already taken by somebody.