The fact that you have a secure method to communicate with X, Y, and Z becomes evidence that the four of you might have something to hide.
Remember, wiretaps aren't random checks, they're triggered by some other evidence that hints at criminal activity but doesn't quite prove it... or done once they're already ready to catch a small fish but they're letting them continue to operate for a few extra weeks just so they unwittingly give up the whole gang.
If the spooks think two brothers are plotting together, then nothing they say about mom is of any use, the spooks can stay on the line because the warrent will say all coversations between the two are in bounds. If the spooks think the phone sex line is just a front in the operation, they can listen into that call, but I'm sure the judge isn't going to think it's so funny while signing the warrent...
You're confusing straight VoIP with VoIP-as-PTSN. When a direct encrypted VoIP call is made, the spooks at least get to know that you communicated with whomever is on the other end of that IP address, and sometimes that much "envelope information" is useful without any need to find out what was actually said.
However, when you use a Vonage or similar clearing house, all a tap on your IP address is gonna tell them is that you connected to Vonage. What for? They won't know. But Vonage has all the data, and the key to decrypt with them. Perfect place for a wiretap...
The whole point of the article is that the FBI does not want to actually do the tapping. They want Vonage, Packet8, etc. to do the tapping for them.
Just another case of "if you wanna play phone company, you gotta..." that the VoIP companies keep trying to run from. Their cost advantage is in part based the fact that they don't have to do a lot of the things the old line phone companies are required by law to do. Basically, if you set yourself up as an intermediary common carrier, you're protected from most copyright complaints, but you're gonna start getting wiretap requests...
You don't need encryption for protection from wiretaps in those situations, the spooks are already required to disconnect (or ditch-and-not-listen-to any recording) the instant they realize it's a call that is unrelated to the matter being investigated.
The analog phone network is pretty physically secure (messing with the wires through town will attract police, and the central offices are pretty secure places) so there's really not that much risk of an unauthorized analog wiretap.
The system's pretty good as it is, the spooks just want to make sure technology doesn't take away what's one of their strongest tools for stopping crimes before they get any worse.
All "citizens arrest" is good for is the permission to restrain a person in otherwise illegal ways (see also: kidnapping) because they have just committed a serious crime in front of you for only as long as it takes to summon a police officer to make a real arrest.
The RIAA is skipping a step in busting these pirate distributors. They need to file a lawsuit against these vendors, then get an injunction to make them stop while the case is pending.
Of course, this also has a bit of a "hoax" smell to me. Does the RIAA confirm that these are their people, not some nuts with the letters RIAA on their jackets?
Has anybody blaming human actions for global warming offered any reason why the ice age ended? I don't think humans were around then to be responsible...
Yep... environmentalist predictions about 2050 are great because that's 46 years away... enough time so that nobody who is making false predictions will still be arround to be called wrong, nor will there be anybody who remembers the predictions to call them wrong.
The internet was designed to be a peer-to-peer place, and this sort of mentality plays into that idea.
Careful, if we were to try to turn back the clock to the way the Internet was designed to be, you might end up dropping all of.com because it wasn't meant for commercial use.
There's software out there so anyone can sign a certificate. Who needs the suits at Verisign?
Because a cert signed by you is useful for nothing more than "This conversation is encrypted, and I say I'm me." A cert signed by a Verisign translates to "This conversation is encrypted, and Verisign says I'm me."
What good is that? Well, not much among geeks, we don't trust Verisign further than we can throw them, but we're depending on them to keep this silly DNS thing going. However, web browsers are set with a default list of trusted "Certificate Authorites" who are allowed to sign certificates. Companies who are on those lists can sign a certificate that'll work without errors, anybody else's certificate will prompt a message indicating that the name's right, the time's valid, but the issuing authority isn't on the list of authorities you trust. (You can manually add a new authority if you want... but try convincing users to do that!)
The problem is, so many cheapskates have now signed their own certificate that the bogus authority error isn't stopping users since it's so common when nothing's really wrong. As a result, we're seeing a lot of look alike sites use SSL to get the padlock to come up, and users not being phased by the red-flag alerts that this doesn't seem to be the site they think it is.
The reason they're very uneasy about telling people where the "cap point" is set is because if they relased that number or formula, people would set their systems to use slightly less than the limit, and the ISP would still get swamped and have to lower the limit.
Yep. Nobody's supposed to be "offering a service" over their home bandwith. Even if the files you're offering to share are legal in copyright sense, you're still doing something you're not supposed to do with home bandwidth. File servers belong at the center of the network, clients on the edge of the network...
Nah, their right to not be locked into a long-term committment to you is equal to your right not to be locked into a long term committment to them. Unless the agreement specifically says they have to provide you service next month, they don't. They can just send you a letter that says "It's over... goodbye!" and that's it. Unless they're doing it for some illegal reason, like racial discrimination, they can do that.
If you haven't noticed yet, ISPs market home Internet connections based on the downstream bandwidth speed, and give you about 1/10 to 1/5 of your downstream as a upstream channel speed.
Their networks are designed assuming that you are a standard web user... URLs up, big image-filled content pages and webstreams down. It wouldn't surprise me that the people who are getting the letters are those who are offering up Linux ISOs and other open software on BitTorrent. Even though they're not in copyright trouble, they're guilty not using their web connections for "interactive" browsing, which is something that the the AUP usually says something about. They don't mind people who download all day since that doesn't clog their networks as badly as people who are uploading all day.
If you really want to share open source software with the world, get yourself a cheap dedicated webserver that has tons of bandwidth usage with it. Set up BitTorrent there, and let it fly. Just make sure you don't go over your quota for bandwidth and you'll get close to 700GB out for only $99 a month.
This is a national effort by Comcast to raise their rated speed from 1.5 Mbps to 3 Mbps downstreams. In communicating with my own dedicated server at a fast hosting company, I've actually had sustained transfers at 3.75 Mbps. They are really rolling out a good upgraded network.
Nah, what the FBI is saying is that Carnivore is a device that follows the rules laid out by the laws, courts, and Constitution.
If the courts say that somebody can be tracked on the internet, the subpoena goes to the ISP, and they can't really turn it down. The ISPs hae to turn over the suspect's traffic. However, there was a big loophole in that, the ISPs could claim that they don't have the technology to do such capturing and recording. So, now, the FBI's response to such a claim is to give a Carnivore box for free to the ISP and say "Okay, now you do have the technology to do that, we'll run it."
Anyway, this isn't quite Carnivore, because in order to install such a traffic logger, you first need to know where to put it. So, instead, they duped the person into reading an e-mail with a web bug in it, that got them the IP address which they could then equate to a person... and slap the cuffs on him.
So am I... in fact, I'm getting hit equally as often by both Slurp and Googlebot. And I didn't pay Inktomi either, although I do use Google Adwords...
BTW... has everybody noticed that including a URL your/. profile and then making posts that get modded up exposes that URL right here, on a site that's treated with authority?
Google's search will be just as good as it's always been, the number of times it's used has no impact on how much knowledge it has about the web and what it does about it.
Yahoo owns both Inktomi and Overture... for them to be dumping Google and moving to the suppliers that they own outright is something that was easy to see coming, the only question was when.
The fact that you have a secure method to communicate with X, Y, and Z becomes evidence that the four of you might have something to hide.
Remember, wiretaps aren't random checks, they're triggered by some other evidence that hints at criminal activity but doesn't quite prove it... or done once they're already ready to catch a small fish but they're letting them continue to operate for a few extra weeks just so they unwittingly give up the whole gang.
If the spooks think two brothers are plotting together, then nothing they say about mom is of any use, the spooks can stay on the line because the warrent will say all coversations between the two are in bounds. If the spooks think the phone sex line is just a front in the operation, they can listen into that call, but I'm sure the judge isn't going to think it's so funny while signing the warrent...
You're confusing straight VoIP with VoIP-as-PTSN. When a direct encrypted VoIP call is made, the spooks at least get to know that you communicated with whomever is on the other end of that IP address, and sometimes that much "envelope information" is useful without any need to find out what was actually said.
However, when you use a Vonage or similar clearing house, all a tap on your IP address is gonna tell them is that you connected to Vonage. What for? They won't know. But Vonage has all the data, and the key to decrypt with them. Perfect place for a wiretap...
What are they going todo when we start running ipsec tunnels for all our voip connections?
Break in and install a tiny wireless bug next to your PC...
The whole point of the article is that the FBI does not want to actually do the tapping. They want Vonage, Packet8, etc. to do the tapping for them.
Just another case of "if you wanna play phone company, you gotta..." that the VoIP companies keep trying to run from. Their cost advantage is in part based the fact that they don't have to do a lot of the things the old line phone companies are required by law to do. Basically, if you set yourself up as an intermediary common carrier, you're protected from most copyright complaints, but you're gonna start getting wiretap requests...
You don't need encryption for protection from wiretaps in those situations, the spooks are already required to disconnect (or ditch-and-not-listen-to any recording) the instant they realize it's a call that is unrelated to the matter being investigated.
The analog phone network is pretty physically secure (messing with the wires through town will attract police, and the central offices are pretty secure places) so there's really not that much risk of an unauthorized analog wiretap.
The system's pretty good as it is, the spooks just want to make sure technology doesn't take away what's one of their strongest tools for stopping crimes before they get any worse.
All "citizens arrest" is good for is the permission to restrain a person in otherwise illegal ways (see also: kidnapping) because they have just committed a serious crime in front of you for only as long as it takes to summon a police officer to make a real arrest.
The RIAA is skipping a step in busting these pirate distributors. They need to file a lawsuit against these vendors, then get an injunction to make them stop while the case is pending.
Of course, this also has a bit of a "hoax" smell to me. Does the RIAA confirm that these are their people, not some nuts with the letters RIAA on their jackets?
Has anybody blaming human actions for global warming offered any reason why the ice age ended? I don't think humans were around then to be responsible...
Yep... environmentalist predictions about 2050 are great because that's 46 years away... enough time so that nobody who is making false predictions will still be arround to be called wrong, nor will there be anybody who remembers the predictions to call them wrong.
The internet was designed to be a peer-to-peer place, and this sort of mentality plays into that idea.
.com because it wasn't meant for commercial use.
Careful, if we were to try to turn back the clock to the way the Internet was designed to be, you might end up dropping all of
There's software out there so anyone can sign a certificate. Who needs the suits at Verisign?
Because a cert signed by you is useful for nothing more than "This conversation is encrypted, and I say I'm me." A cert signed by a Verisign translates to "This conversation is encrypted, and Verisign says I'm me."
What good is that? Well, not much among geeks, we don't trust Verisign further than we can throw them, but we're depending on them to keep this silly DNS thing going. However, web browsers are set with a default list of trusted "Certificate Authorites" who are allowed to sign certificates. Companies who are on those lists can sign a certificate that'll work without errors, anybody else's certificate will prompt a message indicating that the name's right, the time's valid, but the issuing authority isn't on the list of authorities you trust. (You can manually add a new authority if you want... but try convincing users to do that!)
The problem is, so many cheapskates have now signed their own certificate that the bogus authority error isn't stopping users since it's so common when nothing's really wrong. As a result, we're seeing a lot of look alike sites use SSL to get the padlock to come up, and users not being phased by the red-flag alerts that this doesn't seem to be the site they think it is.
The reason they're very uneasy about telling people where the "cap point" is set is because if they relased that number or formula, people would set their systems to use slightly less than the limit, and the ISP would still get swamped and have to lower the limit.
Yep. Nobody's supposed to be "offering a service" over their home bandwith. Even if the files you're offering to share are legal in copyright sense, you're still doing something you're not supposed to do with home bandwidth. File servers belong at the center of the network, clients on the edge of the network...
Nah, their right to not be locked into a long-term committment to you is equal to your right not to be locked into a long term committment to them. Unless the agreement specifically says they have to provide you service next month, they don't. They can just send you a letter that says "It's over... goodbye!" and that's it. Unless they're doing it for some illegal reason, like racial discrimination, they can do that.
If you haven't noticed yet, ISPs market home Internet connections based on the downstream bandwidth speed, and give you about 1/10 to 1/5 of your downstream as a upstream channel speed.
Their networks are designed assuming that you are a standard web user... URLs up, big image-filled content pages and webstreams down. It wouldn't surprise me that the people who are getting the letters are those who are offering up Linux ISOs and other open software on BitTorrent. Even though they're not in copyright trouble, they're guilty not using their web connections for "interactive" browsing, which is something that the the AUP usually says something about. They don't mind people who download all day since that doesn't clog their networks as badly as people who are uploading all day.
If you really want to share open source software with the world, get yourself a cheap dedicated webserver that has tons of bandwidth usage with it. Set up BitTorrent there, and let it fly. Just make sure you don't go over your quota for bandwidth and you'll get close to 700GB out for only $99 a month.
This is a national effort by Comcast to raise their rated speed from 1.5 Mbps to 3 Mbps downstreams. In communicating with my own dedicated server at a fast hosting company, I've actually had sustained transfers at 3.75 Mbps. They are really rolling out a good upgraded network.
Same problem as a spammer. How can you be truely annonymous when demanding $2.5 million? Extortionists will get caught eventually.
Nah, what the FBI is saying is that Carnivore is a device that follows the rules laid out by the laws, courts, and Constitution.
If the courts say that somebody can be tracked on the internet, the subpoena goes to the ISP, and they can't really turn it down. The ISPs hae to turn over the suspect's traffic. However, there was a big loophole in that, the ISPs could claim that they don't have the technology to do such capturing and recording. So, now, the FBI's response to such a claim is to give a Carnivore box for free to the ISP and say "Okay, now you do have the technology to do that, we'll run it."
Anyway, this isn't quite Carnivore, because in order to install such a traffic logger, you first need to know where to put it. So, instead, they duped the person into reading an e-mail with a web bug in it, that got them the IP address which they could then equate to a person... and slap the cuffs on him.
So am I... in fact, I'm getting hit equally as often by both Slurp and Googlebot. And I didn't pay Inktomi either, although I do use Google Adwords... BTW... has everybody noticed that including a URL your /. profile and then making posts that get modded up exposes that URL right here, on a site that's treated with authority?
Yahoo didn't own Inktomi "back then". The Inktomi deal didn't close until March 19, 2003.
It's more like that Yahoo went on a fairly spaced out buying spree over the last 18 months or so to pick up all of the legit compeitors to Google.
Overture also owns AllTheWeb. Apparently, this translates to Yahoo having three distinct web crawling units... Inktomi, AltaVista, AllTheWeb...
Nah, now would be the time to IPO... turn 1/3 of the company into cash just before it starts getting seriously challenged by Yahoo.
Not the best for the people who buy the IPO, but the people who make the decision to offer an IPO are the people who presently own the company.
Google's search will be just as good as it's always been, the number of times it's used has no impact on how much knowledge it has about the web and what it does about it.
Yahoo owns both Inktomi and Overture... for them to be dumping Google and moving to the suppliers that they own outright is something that was easy to see coming, the only question was when.
Could Apple be considering selling a 2 GB model at a loss under hopes that users will max it out, and then trade it in for a larger model?