C
Chad Harris
Next time you hear any hype from MSFT or anyone else on "security" and
"privacy" just be aware that the US goverment will be doing full internet
wiretapping and backdoors will be in every router your ISP uses. Your
information is not and will not be secure and private. This also includes
services like Vonage and Comcast's CDV internet phone service. With a
backdoor to ISP routers, your internet traffic can be monitored as well. On
June 1 and 2 of 2006 MSFT and other companies were summoned to meet with US
DOJ and pressed to turn over customer information and save customer
searches for 2 years. Although you see
See:
http://www.winbeta.org/comments.php?catid=1&id=4209
http://www.nytimes.com/2006/06/10/t...adc6aafd625349&ei=5088&partner=rssnyt&emc=rss
http://www.eff.org/Privacy/Surveillance/CALEA/
CALEA (Computer Assistance Law Enforcement) is quietly in the background of
current news again, because the FBI is pushing congress to mandate that all
future routing equipment manufactured will include back doors for law
enforcement. Like in CALEA mandates for telephone switching equipment, such
back doors require no warrant to activate, and hence can be secretly enabled
at will. Some vendors have already eagerly embraced CALEA inspired backdoors
to internet routing equipment in anticipation of future intercept mandates,
thereby already compromising the integrity and security their current and
future customers. This approach of using backdoors on Internet connected
systems, even more so than the original CALEA mandates for wiretapping
backdoors in telephone switching centers, is a danger to both our
infrastructure and our society.
CALEA has required that all telephone switching equipment manufactured since
1994 must include backdoors to enable wiretapping. While the need for lawful
legal intercept is estimated to be in the range of 1000 or so wiretaps per
year, and past practices have required not only warrants but also physical
access to switching centers, these requirements were neither unduly
burdensome, nor unduly expensive for the limited number of lawful
investigations normally engaged in per year, whether back then or today.
What these historic pre-CALEA limitations did assure is that the cost of
mass privacy invasion would be far too expensive to ever effectively
undertake.
By contrast, CALEA mandated backdoors allows one to activate wiretaps
remotely on any scale desired, and to do so entirely in secret. Indeed, the
NSA wiretapping scandal is an example of how CALEA can be misused. That the
huge volume of information being collected, and the fact that most of the
older telephone switching equipment does not normally support true network
remote access, had forced the NSA to co-locate facilities in a number of
switching centers to collect their data. Applying CALEA backdoors to
distributed and even end-user deployed routing equipment that is already
Internet connected of course eliminates the need to co-locate facilities,
and hence would make it much harder to detect or determine the scope of any
future illegal government activities, in regard to misusing Internet
wiretapping.
While these mandates may be only originally intended for spying and use
within North America, clearly, with proprietary telephone switching systems,
such equipment was often also sold overseas. As the Greek prime minister
discovered in 2004, when he and 100 other governmental officials were tapped
for over a year by someone making use a CALEA mandated backdoor, “source
secret by obscurity” backdoors often do not remain secret. Of course this is
not the only incident where CALEA backdoors have been used for espionage
purposes by others. Such systems are hence inherently insecure by design.
When one deliberately builds in government mandated backdoors that can be
opened in secret and without notice, one is opening such systems to
undetected access by anyone who can discover and operate them, including
those who may be deemed even more undesirable than national governments
spying on their own citizens. Even, as noted in the case of the Greek
Government, the security of government facilities themselves may be
compromised by outside parties. Such information may be used to blackmail
individuals, to acquire identity information for theft, or to acquire
passwords and information that could be used to compromise the underlying
security of key infrastructures and safety systems, like for example power
generation systems.
Personally I do not feel any “safer” in a state that requires the
infrastructure for enabling or engages in mass surveillance of it's own
citizens, or that practices guilt until proven innocent while claiming to do
so in the name of my “protection” and safety. Indeed, I find that such a
state is in fact a far greater danger to the safety of myself, my children,
and the people as a whole, than the potential threats I am supposedly being
protected against, whether real or imagined.
June 10, 2006
Ruling Backs Internet-Phone Wiretapping
By BLOOMBERG NEWS
WASHINGTON, June 9 (Bloomberg News) — Comcast, Vonage and other companies
that provide telecommunications services over the Internet must allow
wiretapping of phone calls by law enforcement officials, a federal appeals
court ruled Friday.
In a 2-to-1 decision, the Court of Appeals for the District of Columbia
Circuit upheld a Federal Communications Commission directive treating such
companies the same as conventional phone companies for law enforcement
purposes. Comcast and other cable companies offer Internet service over
their networks, and Vonage is the biggest provider of Web-based phone
service.
Under the Communications Assistance for Law Enforcement Act, known as Calea,
phone companies must ensure that their networks are accessible to
authorities for wiretapping.
The American Council on Education, an association of 1,800 universities and
degree-granting institutions, challenged the commission's decision,
contending that providers of Web information services should be excluded
from the act. But the court ruled that the F.C.C. was correct in extending
the act to the Internet.
"Calea expressly provides that the commission may extend the definition of a
telecommunications carrier," Judge David Sentelle wrote for the court.
"Accordingly, we deny the petition for review."
Private networks, like those at universities, remain beyond the scope of
Calea, the court said.
Matthew Brill, a lawyer with Latham & Watkins in Los Angeles, who argued the
case, said the American Council for Education was "pleased the court
recognized the broad exemption of private networks." At the same time, the
group is disappointed the F.C.C. ruling on extending the reach of Calea was
upheld, he said, adding that an appeal was possible.
The wiretap law has covered traditional phone service since its enactment in
1994. The F.C.C. voted last month to maintain a May 2007 deadline for
compliance by those providing broadband and Internet phone service.
The commission's chairman, Kevin J. Martin, said in a statement on Friday,
"I am pleased that the court agreed with the commission's finding, which
will ensure that law enforcement agencies' ability to conduct lawful
court-ordered electronic surveillance will keep pace with new communication
technologies."
The United States Telecom Association, whose 1,200 member companies include
AT&T and Verizon Communications, the nation's biggest phone companies, has
said broadband carriers face technical difficulties in helping law
enforcement monitor their lines for suspected criminal activity.
Judge Harry Edwards said in a dissenting opinion that Calea specifically
exempts providers of "information services" from having to allow law
enforcement wiretaps.
"The commission apparently forgot to read the words of the statute," Judge
Edwards wrote. "Calea does not give the F.C.C. unlimited authority to
regulate every telecommunications service that might conceivably be used to
assist law enforcement."
CH
"privacy" just be aware that the US goverment will be doing full internet
wiretapping and backdoors will be in every router your ISP uses. Your
information is not and will not be secure and private. This also includes
services like Vonage and Comcast's CDV internet phone service. With a
backdoor to ISP routers, your internet traffic can be monitored as well. On
June 1 and 2 of 2006 MSFT and other companies were summoned to meet with US
DOJ and pressed to turn over customer information and save customer
searches for 2 years. Although you see
See:
http://www.winbeta.org/comments.php?catid=1&id=4209
http://www.nytimes.com/2006/06/10/t...adc6aafd625349&ei=5088&partner=rssnyt&emc=rss
http://www.eff.org/Privacy/Surveillance/CALEA/
CALEA (Computer Assistance Law Enforcement) is quietly in the background of
current news again, because the FBI is pushing congress to mandate that all
future routing equipment manufactured will include back doors for law
enforcement. Like in CALEA mandates for telephone switching equipment, such
back doors require no warrant to activate, and hence can be secretly enabled
at will. Some vendors have already eagerly embraced CALEA inspired backdoors
to internet routing equipment in anticipation of future intercept mandates,
thereby already compromising the integrity and security their current and
future customers. This approach of using backdoors on Internet connected
systems, even more so than the original CALEA mandates for wiretapping
backdoors in telephone switching centers, is a danger to both our
infrastructure and our society.
CALEA has required that all telephone switching equipment manufactured since
1994 must include backdoors to enable wiretapping. While the need for lawful
legal intercept is estimated to be in the range of 1000 or so wiretaps per
year, and past practices have required not only warrants but also physical
access to switching centers, these requirements were neither unduly
burdensome, nor unduly expensive for the limited number of lawful
investigations normally engaged in per year, whether back then or today.
What these historic pre-CALEA limitations did assure is that the cost of
mass privacy invasion would be far too expensive to ever effectively
undertake.
By contrast, CALEA mandated backdoors allows one to activate wiretaps
remotely on any scale desired, and to do so entirely in secret. Indeed, the
NSA wiretapping scandal is an example of how CALEA can be misused. That the
huge volume of information being collected, and the fact that most of the
older telephone switching equipment does not normally support true network
remote access, had forced the NSA to co-locate facilities in a number of
switching centers to collect their data. Applying CALEA backdoors to
distributed and even end-user deployed routing equipment that is already
Internet connected of course eliminates the need to co-locate facilities,
and hence would make it much harder to detect or determine the scope of any
future illegal government activities, in regard to misusing Internet
wiretapping.
While these mandates may be only originally intended for spying and use
within North America, clearly, with proprietary telephone switching systems,
such equipment was often also sold overseas. As the Greek prime minister
discovered in 2004, when he and 100 other governmental officials were tapped
for over a year by someone making use a CALEA mandated backdoor, “source
secret by obscurity” backdoors often do not remain secret. Of course this is
not the only incident where CALEA backdoors have been used for espionage
purposes by others. Such systems are hence inherently insecure by design.
When one deliberately builds in government mandated backdoors that can be
opened in secret and without notice, one is opening such systems to
undetected access by anyone who can discover and operate them, including
those who may be deemed even more undesirable than national governments
spying on their own citizens. Even, as noted in the case of the Greek
Government, the security of government facilities themselves may be
compromised by outside parties. Such information may be used to blackmail
individuals, to acquire identity information for theft, or to acquire
passwords and information that could be used to compromise the underlying
security of key infrastructures and safety systems, like for example power
generation systems.
Personally I do not feel any “safer” in a state that requires the
infrastructure for enabling or engages in mass surveillance of it's own
citizens, or that practices guilt until proven innocent while claiming to do
so in the name of my “protection” and safety. Indeed, I find that such a
state is in fact a far greater danger to the safety of myself, my children,
and the people as a whole, than the potential threats I am supposedly being
protected against, whether real or imagined.
June 10, 2006
Ruling Backs Internet-Phone Wiretapping
By BLOOMBERG NEWS
WASHINGTON, June 9 (Bloomberg News) — Comcast, Vonage and other companies
that provide telecommunications services over the Internet must allow
wiretapping of phone calls by law enforcement officials, a federal appeals
court ruled Friday.
In a 2-to-1 decision, the Court of Appeals for the District of Columbia
Circuit upheld a Federal Communications Commission directive treating such
companies the same as conventional phone companies for law enforcement
purposes. Comcast and other cable companies offer Internet service over
their networks, and Vonage is the biggest provider of Web-based phone
service.
Under the Communications Assistance for Law Enforcement Act, known as Calea,
phone companies must ensure that their networks are accessible to
authorities for wiretapping.
The American Council on Education, an association of 1,800 universities and
degree-granting institutions, challenged the commission's decision,
contending that providers of Web information services should be excluded
from the act. But the court ruled that the F.C.C. was correct in extending
the act to the Internet.
"Calea expressly provides that the commission may extend the definition of a
telecommunications carrier," Judge David Sentelle wrote for the court.
"Accordingly, we deny the petition for review."
Private networks, like those at universities, remain beyond the scope of
Calea, the court said.
Matthew Brill, a lawyer with Latham & Watkins in Los Angeles, who argued the
case, said the American Council for Education was "pleased the court
recognized the broad exemption of private networks." At the same time, the
group is disappointed the F.C.C. ruling on extending the reach of Calea was
upheld, he said, adding that an appeal was possible.
The wiretap law has covered traditional phone service since its enactment in
1994. The F.C.C. voted last month to maintain a May 2007 deadline for
compliance by those providing broadband and Internet phone service.
The commission's chairman, Kevin J. Martin, said in a statement on Friday,
"I am pleased that the court agreed with the commission's finding, which
will ensure that law enforcement agencies' ability to conduct lawful
court-ordered electronic surveillance will keep pace with new communication
technologies."
The United States Telecom Association, whose 1,200 member companies include
AT&T and Verizon Communications, the nation's biggest phone companies, has
said broadband carriers face technical difficulties in helping law
enforcement monitor their lines for suspected criminal activity.
Judge Harry Edwards said in a dissenting opinion that Calea specifically
exempts providers of "information services" from having to allow law
enforcement wiretaps.
"The commission apparently forgot to read the words of the statute," Judge
Edwards wrote. "Calea does not give the F.C.C. unlimited authority to
regulate every telecommunications service that might conceivably be used to
assist law enforcement."
CH
