Forgot your password?
typodupeerror

Zimmermann, Encrypted VoIP, and Uncle Sam 325

Posted by CmdrTaco
from the something-to-think-about dept.
An anonymous reader noted that Phillip Zimmermann and his VoIP encryption software are the subject of a NY Times article today. The article touches on the FCC, privacy, and related issues. Given all the suspicious behavior of the Bush Administration relating to wiretaps and phone records, this sort of thing is all the more important to be very aware of.
This discussion has been archived. No new comments can be posted.

Zimmermann, Encrypted VoIP, and Uncle Sam

Comments Filter:
  • Cryptome (Score:2, Informative)

    by Threni (635302)
    It's also available from Cryptome:

    http://cryptome.org/zfone-agree.htm [cryptome.org]
    • Re:Cryptome (Score:5, Informative)

      by prz (648630) on Monday May 22, 2006 @03:13PM (#15382834) Homepage
      I wish Cryptome would not redistribute my Zfone software. This morning I had to upload a new version due to a last minute mistake we made before the release, and Cryptome probably got the uncorrected version. This is beta software in flux, rapidly changing with new updates likely, especially shortly after it hits when we discover early problems. Further, I've just added critical warnngs to my web site about how to do the installation for Windows, and if someone grabs the software and posts it somewhere else, it will lack those warnings. There are good reasons why I want to maintain control of the distribution, especially during the initial public beta. --Philip Zimmermann (prz@mit.edu)
      • Re:Cryptome (Score:3, Insightful)

        by phoenix.bam! (642635)
        You sir, are a hero. Thank you for your work.
      • Re:Cryptome (Score:5, Insightful)

        by SEAL (88488) on Monday May 22, 2006 @03:50PM (#15383117)
        Then why do you insist on having people register in order to download, instead of providing a simple link?

        For better or worse, people interested in this type of technology also have a vested interest in anonymity.
        • Re:Cryptome (Score:5, Informative)

          by prz (648630) on Monday May 22, 2006 @05:35PM (#15383841) Homepage
          Although the US has ended most of their export controls for crypto software, there are still some reasonable export controls in place, namely, to prevent the software from being exported to a few embargoed nations, such as North Korea, Iran, Libya, Syria, and Sudan. And for commercial encryption software that you actually pay for (not this free public beta), there are now requirements to check customers against government watch lists as well, which is something that companies such as PGP comply with these days. PGP Corp volunteered to host the public beta software on their server, with all the appropriate checks in place. That's why you have to register, to make sure you are not in an embargoed country, to keep me in compliance with U.S. export laws. Been there, done that. -Philip Zimmermann
          • And for commercial encryption software that you actually pay for (not this free public beta), there are now requirements to check customers against government watch lists as well, which is something that companies such as PGP comply with these days.

            How do you go about that? Suppose I were to set up a small business reselling GPG or something similar. Does the government simply hand me a copy of the watch list and let me do the checking myself? Or must I pass along the names of all my customers to them for

            • by grahamsz (150076) on Monday May 22, 2006 @06:41PM (#15384238) Homepage Journal
              Yeah they pretty much hand you the lists

              http://www.treas.gov/offices/enforcement/ofac/sdn/ delimit/index.shtml [treas.gov]

              Of course some of the entries are obviously from gathered inteliigence. I recall having to block anyone called "The Chess Player" from signing up. Unfortunately most websites don't gather date of birth, and when you do name only matching you catch a lot of innocent people - who are usually mightily pissed off about having to call EVERY SINGLE SITE that they try to sign up for.

              The other big caveat is what you're supposed to do when you find a match - it's virtually impossible to stop them just changing their details and signing up again.

              • by hughk (248126)
                The OFAC list is seriously fscked as it is orientated purely around latin representations of names. From many languages (i.e., Arabic, Cyrillic) there are multiple latin transliterations. The data is usually of dubious provenance and there may be discrepancies between the same entity listed in two diffent places.
          • Re:Cryptome (Score:3, Informative)

            by forand (530402)
            Mr. Zimmermann, the registration page that is being refered to only asks for you email address, thus your argument is invalid in this case.
            http://www.philzimmermann.com/EN/zfone/index-regis tration.html [philzimmermann.com]
            So why do you require registration?
      • Re:Cryptome (Score:2, Funny)

        by Anonymous Coward
        Philip, I'm not sure I can trust that this message was really from you, as your message seems to be lacking an OpenPGP Signature. ;)
  • Brave New World (Score:4, Insightful)

    by TripMaster Monkey (862126) * on Monday May 22, 2006 @02:50PM (#15382630)

    From another NYTimes article, Bush Aide Defends Eavesdropping on Phone Calls [nytimes.com](emphasis mine):
    President Bush's national security adviser, Stephen J. Hadley, insisted today that a newly disclosed government effort to compile data on millions of telephone calls in search of terrorist-linked calling patterns was a legal and "narrowly designed program" that did not involve listening to individual calls.


    So why exactly is the government getting their knickers in a twist over Zfone? After all, the program is just intended to compile a database of call information, not actually listen to the content of the conversations. Doing that, as the administration has repeatedly told us, would require a court order.

    So if you have a person you suspect from the numbers he's connected with, and you do obtain that court order, and it turns out he's using Zfone, there are other ways of getting the content of that conversation (hint: it has to be unencrypted at some point, so the 'terrorists' can understand each other). Arduous, sure, but since this will be done on only a select few, it's not that much of a hardship.

    No, the reason the government doesn't like Zfone is because they want perform blanket surveillance on all American citizens; to listen to all our calls, all the time. By utilizing speech-recognition software and an ever growing list of suspect words and phrases, they will be able to keep tabs on the unruly U.S. population, weeding out terrorists, political dissidents, environmentalists, Democrats, and other 'undesirables'.

    • Re:Brave New World (Score:3, Insightful)

      by Penguinisto (415985)
      "After all, the program is just intended to compile a database of call information, not actually listen to the content of the conversations. Doing that, as the administration has repeatedly told us, would require a court order."

      Because someday the FBI (or whoever) may find it harder to listen in on these encrypted conversations in cases where they have a court order to do so.

      /P


      • As I said in my previous post, there are other ways of getting the content of a conversation. Since the content must be decrypted at either end, listening devices positioned at either endpoint are easily capable of intercepting the communication, encrypted or not.

        As I said, this is arduous...much harder than just listening to a line, but eavsedropping on American conversations shouldn't be easy. If the FBI (or whoever) is serious enough about capturing the content of a particular communication to obtain a
        • Re:Brave New World (Score:2, Insightful)

          by Penguinisto (415985)
          "As I said, this is arduous...much harder than just listening to a line, but eavsedropping on American conversations shouldn't be easy."

          Maybe, maybe not... but then, there are times when time is of the essence, and even the time taken to decrypt something the hard way in a timely manner is of utmost importance if there are potential lives at stake. The world's first electronic computer, Colossus, was built to decrypt German encryption during WW2, and was specifically built to be as fast and efficient as p

          • The world's first electronic computer, Colossus, was built to decrypt German encryption during WW2, and was specifically built to be as fast and efficient as possible, because timely intelligence = lives saved.

            That's nice. But being at war with a country is different than spying on your own citizens.

            While I doubt that decrypting a phone conversation nowadays usually isn;t exactly what one would call an urgent thing, there may be times where it is.

            There may be.

            The problem is, far Far FAR FAR more often i

            • "That's nice. But being at war with a country is different than spying on your own citizens."

              I'm very sure that both the UK and the United States during WW2 were very busy searching for saboteurs and pro-nazi sympathizers within their respective citizenry, and used quite an array of wiretapping and other techniques to do so.

              "The problem is, far Far FAR FAR more often it is not."

              Agreed, but it is still there. Another semi-related factor is that encrypted conversations are more likely to attract attenti


          • Maybe, maybe not... but then, there are times when time is of the essence, and even the time taken to decrypt something the hard way in a timely manner is of utmost importance if there are potential lives at stake.

            I'm sorry, but that argument just doesn't hold water. Your statement is analagous to saying that clothing must be outlawed, since clothing can conceiveably be used to conceal weapons. Frisking certain suspect individuals simply isn't good enough, since locating the weapons in a timely manner is
          • I don't want to be blunt, but you're wrong.

            The Atanasoff-Berry computer was built 5 years before Colossus and was unrelated to decryption.

            It's true that if we gave up our freedoms a police state could catch criminals easily. That's the problem with a police state.

      • Re:Brave New World (Score:2, Interesting)

        by advocate_one (662832)

        Because someday the FBI (or whoever) may find it harder to listen in on these encrypted conversations in cases where they have a court order to do so.

        Jesus...H... Christ... That's why they have supercomputers......... any comercial grade encryprtion/decryption program has to have a key short enough to enable real time encryption/decryption using normal computer chips... any key short enough for fast encryption/decryption of things like telephone conversations has to be easily brute forceable. The algorythm

        • Sorry, sir, but you are completely wrong. ANY VoIP-capable computer can encrypt a 12kbps stream with a 1024-bit key. And -- unless the whole academia is wrong and all the current off-the-shelf crypto algorithms have crypto flaws, no, not every supercomputer in the face of the earth could break the encryption. One would have to get the keys in another fashion to listen to the talks.
        • any comercial grade encryprtion/decryption program has to have a key short enough to enable real time encryption/decryption using normal computer chips... any key short enough for fast encryption/decryption of things like telephone conversations has to be easily brute forceable.

          While I am not any way in favor of government restrictions on encryption, I think this statement is patently false.

          A common PC can do real-time encryption/decryption of a telephone-quality digital audio stream with significant key le
        • Re:Brave New World (Score:4, Informative)

          by pjrc (134994) <paul@pjrc.com> on Monday May 22, 2006 @04:30PM (#15383418) Homepage Journal
          Some time ago, I implemented 3DES on an 8 bit microcontroller. In assembly language, it took about 2000 instruction cycles to run all 16 rounds of DES, plus the initial and final permutation, and the xor for CBC.

          So if you run it 3 times for triple des, that's approx 6000 instructions for every 8 bytes, or about 750 instruction cycles per byte. At 8000 bytes/sec for voice quality audio, my fast DES code would only need 6 MIPS on an 8 bit microcontroller. A slower version in C is readily available for free, which runs about 5X slower than my hand optimized assembly, requiring 30 MIPS.

          Certainly strong encryption is feasible in real time for voice audio, even on very inexpensive 8-bit chips.

    • MOD PARENT UP (Score:4, Insightful)

      by ZachPruckowski (918562) <zachary.pruckowski@gmail.com> on Monday May 22, 2006 @02:56PM (#15382682)
      Very true. But whenever technology gets involved in a discussion, people's eyes sort of glaze over. No one knows what's going on, they just hear Internet phone calls, terrorism, and encryption. While you and I know that anyone intercepting a packet (encrypted or not) can tell where it came from and where it's going, America doesn't. They probably think it's an effort at parity between VOIP and normal phone calls (if they know what VOIP is).
    • Re:Brave New World (Score:5, Insightful)

      by Tackhead (54550) on Monday May 22, 2006 @03:05PM (#15382780)
      > No, the reason the government doesn't like Zfone is because they want perform blanket surveillance on all American citizens; to listen to all our calls, all the time. By utilizing speech-recognition software and an ever growing list of suspect words and phrases, they will be able to keep tabs on the unruly U.S. population, weeding out terrorists, political dissidents, environmentalists, Democrats, and other 'undesirables'.

      From an old .sig quote:

      NSA is now funding research not only in cryptography, but in all areas of advanced mathematics. If you'd like a circular describing these new research opportunities, just pick up your phone, call your mother, and ask for one.

      ...and to cut down on the costs of their recruitment budgets!

      Considering that most of the parents of new postdoctorate-level mathematicians probably live overseas nowadays (and whose conversations are therefore legal to record), maybe the old .sig quote was always more true than funny.

    • TMM,

      The Narus software that Klein blew the whistle on (the stuff with AT&T), can decode nearly every well-used VOIP codec out there. I suspect that it was being used, heavily. I would imagine that the NSA has calls using VOIP software from lots of IP addresses they were looking at.

      The irony is, that the old fashioned circuit switched network with channelized circuits, it would be a massive engineering effort to tap and do voice recognition on every call. It would be nearly impossible given the way
    • Evil Republicans!! (Score:5, Insightful)

      by g_adams27 (581237) on Monday May 22, 2006 @03:56PM (#15383165)

      > By utilizing speech-recognition software and an ever growing list of suspect words and phrases,
      > they will be able to keep tabs on the unruly U.S. population, weeding out terrorists,
      > political dissidents, environmentalists, Democrats, and other 'undesirables'.

      Those evil Republicans! Except, wait... wasn't it the Clinton Administration that launched a 3-year criminal investigation of Phil Zimmerman in 1993?

      And wasn't that the same President who championed the Clipper chip, so the government would have the keys it needed to decrypt your phone calls?

      • *sigh*

        As I explained earlier, my inclusion of Democrats, along with environmentalists, was the use of hyperbole to make a point.

        Apparently, I'm going to have to slow-pitch these in the future...perhaps if I included members of PETA, Linux enthusiasts, and musicians in my list, it would have been clearer.
      • by SonicSpike (242293) on Tuesday May 23, 2006 @03:50AM (#15385417) Homepage Journal
        ...inherently distrust government no matter who is in power. Libertarians always view the government as untrustworthy, expansive, over-reaching, and inefficient by it's very nature. Thus the idea is to limit the government to its most basic and fundamental operations as set forth in the Constitution by our founding fathers.

        The lines between the Dems and the Reps here in the US have blurred to the point that distinction is negligible.
    • So why exactly is the government getting their knickers in a twist over Zfone? After all, the program is just intended to compile a database of call information, not actually listen to the content of the conversations. Doing that, as the administration has repeatedly told us, would require a court order.

      You answered your own question. Even if you obtain a court order, you would not be able to listen in on a Zfone call since the encryption is done using the peer to peer model.
  • by zappepcs (820751) on Monday May 22, 2006 @02:59PM (#15382712) Journal
    and all that relates to national security. CALEA, the thing that allows wiretaps under warrant, is in place for all previous communications methods, including paging. What government wants is CALEA type access to new communications types. HOWEVER: Neither the constitution, any ammendment, any subsequent law, or even terms of use, specify that your communications have to be made in an open unenctrypted manner. In fact, in the US, if there is no evidence, there is no crime, and no way to know the criminal. Its all part of that innocent until proven guilty mindset.

    If all your telephone calls, emails, etc. are encrypted by you and the other intended party or parties involved, there simply is nothing the government can do about it. With probable cause, they can 'try' to compel you to divulge the encryption key, but then you don't have to testify against yourself in the U.S. ... at least not yet.

    Neither can the government, church, or any other person(s) compel you to divulge your thoughts, or secrets.

    Its time for the encryption phones to start appearing on the market.

    This little problem will quickly spiral out of control until those that want to snoop on others have more work to do than they ever imagined. The basic problem here is that the people they say they want to spy on are not using the communication systems the same way as everyone else, and their communications are encrypted, or hidden in ways the government cannot prevent, nor detect with the laws and practices that they wish to install.

    Wiretapping on the scales being talked about recently are stupid, prohibitively stupid, and will be nearly 100% ineffectual.

    They can't find Bin Laden with all the military might, but somehow they are going to catch him making a phone call? uh, yeah right.... of course, its the little people that lead to the big ones, but they have been spying on the little ones all along... still haven't caught him.
    • Its time for the encryption phones to start appearing on the market.

      That is exactly what my company is offering: IAX2/SIP (Asterisk) over VPN (FreeS/WAN, OpenVPN). It's getting easier to convince businesses to use encrypted communication channels nowadays.
    • They can't find Bin Laden with all the military might...

      I contend that they can find Bin Laden, but don't really want to. The minute he's captured, any (remaining) support for continuing the "War On Terror" goes right out the window. As long as he's out there, the administration can yell "9/11" to justify anything they want and the sheeple will buy it.

      Flame me if you want, but the Bush Administration is EVIL. I'm not saying that Bush himself is evil (he's not that smart), but his policies and cronies

    • they can 'try' to compel you to divulge the encryption key, but then you don't have to testify against yourself in the U.S. ... at least not yet.

      I am not a lawyer (just a law student) but I am fairly certain that the government could compel you to divulge your encryption key as it would not be testimonial evidence (something akin to why you can be forced to give up your fingerprints, etc)

  • Know how it works... (Score:5, Informative)

    by GPLDAN (732269) on Monday May 22, 2006 @03:05PM (#15382771)
    Phil took an open source VOIP client and added encryption to it. By his own admission, he doesn't know much about how to make VOIP work well, codecs and all that. But his encryption is very clever. It uses Diffie-Helman to generate a per-session key, which is stored in a completely volitile way. i.e. it is destroyed after the call terminates and cannot be retrieved (stored in memory which is then overwritten). So, even if a man (or government) in the middle records the RTP stream and then gets a search warrant to get the key to decrypt the call, it won't be there.

    Look for his techniques for peer to peer key setup, which again is very clever and well thought out, to be used in a variety of new ways. I expect you will see a bit-t client soon that can also generate this one time session key between peers. It will be much more computationally intense than what you see bit-t clients like Azureus do to the CPU now, but no more than using S/FTP. Well, maybe more, because of the number of keys being setup and destroyed and the memory allocation needed in a swarm situation. But for peer to peer calls, it's strong and I expect that Phil, who was nearly bankrupted by Uncle Sam, trying to defend himself, will again be the NSA crosshairs. The guy is just a warrior, what can you say? Guys like him and Klein who blew the whistle on AT&T are the ones fighting for privacy and against a police state. And they will not be treated kindly by this administration.


  • Anyone spare a time's link w/o login?
  • by N1ck0 (803359) on Monday May 22, 2006 @03:09PM (#15382812)
    Just don't leave the country again Zimmerman...or you may end up locked inside that customs office where they 'want to leave lawyers out of this' again. :)

    PGP Story:
    MPG 1.1G [uiuc.edu]
    WMV 378M [uiuc.edu]
  • by mpapet (761907) on Monday May 22, 2006 @03:16PM (#15382850) Homepage
    So, I'm the evil-agency-du-jour and today I'm auditing IP traffic. If you are a person of interest, they know:

    1. You are sending packets to and from specific IP addresses.
    2. Grabbing copies of those packets.
    3. Putting super-computers to work on them.
    4. Discover you are ordering pizza over SIP. (whatever, it's funny)

    The concept of "Privacy" was dead a long time ago. I *still* don't understand the outrage when most of your activity is available through many data brokers. What's not there, is available with little procedural check or balance.

    Where it is very valuable is company to company communication. Where your competitors may not have the expertise to get the info.

    But, then there's the encryption problem anyone has that uses it. It's stupifyingly easy to build a case on suspicion. Trying someone in the court of public opinion is easy and swift. "He uses encryption so he must be hiding something.." is all it takes to end a career, destroy your social status.

    Cryptographer==criminal. Film at 11.

    If one can codify it's everyday use, I think it's a big step forward.

    • The concept of "Privacy" was dead a long time ago.

      Then I guess you won't mind when I publish video taken from inside your house of you screwing your wife or girlfriend.

      I *still* don't understand the outrage when most of your activity is available through many data brokers.

      Maybe it has something to do with the increase in identity theft, innacurate records, and increasing reliance on those records for everything from employment to being allowed to get on a airplane.

      "He uses encryption so he must be h
    • The concept of "Privacy" was dead a long time ago.

      No, the concept is alive and well. You just don't get much of it anymore because we don't have many laws to preserve it.
    • If your key is long enough, #3 would require super-computers larger than The Sun. No government is as powerful as exponential growth :-)

      You should study crypto before posting.
    • ...Discover you are ordering pizza over SIP.

      ...and get arrested for "wasting" the police state's time.

      My father was once arrested for "obstructing justice":

      A police office pulled him over and performed a safety check on his car (Dad thought he had a burned out tail-light or something -- usually a "get it fixed in 48 hours warning" offence). This took about half an hour.

      Finally, Dad asked the cop if he was free to go.

      "No, you committed a very serious offence!"

      ???

      "You were not wearing your seatb

  • Terrorists! (Score:5, Insightful)

    by homebrewmike (709361) on Monday May 22, 2006 @03:20PM (#15382887)
    Terrorists are already using encryption to protect their privacy. Don't you think you should as well?

  • by PFI_Optix (936301) on Monday May 22, 2006 @03:31PM (#15382980) Journal
    Before you launch into yet another tirade against the president, bear in mind that our divided Congress consistently allows things like this. This isn't a Bush thing or a Republican thing. This is a beaurocratic, ivory tower, professional politician thing. This happens because we elect the very wealthy from both parties, so that the majority of our elective government has very little connection with their constituents. We create political dynasties, voting for celebrities rather than leaders. Our current political situation isn't due to one man or one party, but rather one entire nation ignoring its own wellbeing in favor of the candidate with the best sound-bites and the stiffest hair. We might as well be getting our political news from E!: who cares how they voted, let's find out which congressman is cheating on his wife this week and what Hillary wore to session today.
  • by MikeRT (947531) on Monday May 22, 2006 @03:34PM (#15382999) Homepage
    If they have sufficient evidence to meet a reasonable probable cause standard, why not just let them into the house to bug the device itself? There are devices out there for keyboards which have a few hundred KB of memory and that sit between the keyboard and the port on the back of the PC.

    They don't need to block encryption, except to keep tabs on people that wouldn't meet the legal requirements. If they can't meet the legal requirements for a warrant to break into the suspect's house and bug them, then chances are the person hasn't committed a crime.
  • What can we do? (Score:5, Insightful)

    by Peter Trepan (572016) on Monday May 22, 2006 @03:45PM (#15383078)
    Free minds. The greatest chilling effect of universal surveillance doesn't come from men in black vans. It comes from being unveiled as a Commie, or an Islamic Sympathizer, or even A Guy Who Googled for "Fatties" in front of your friends/employers/relatives/whatever. The greatest force against freedom in our society is us.

    Not one of Sen. McCarthy's victims was actually thrown in a gulag. Think about that. They weren't fired by the government. They were fired by PHBs who acted in blind sympathy with loudmouthed bureaucrats. There would have been no McCarthyism if the public had not been willing to punish itself for unpopular thought and/or speech.

    We need a society in which there's no difference between what's illegal and what harms others, and holds all other things not only legal, but acceptable. Once we have that society, people who have done nothing to harm others really will have little to fear. But there's one more thing: If we're going to use public safety as an excuse for universal surveillance, we have to give the power of surveillance to everyone, not just government.

    Privacy advocates might cringe at that last statment, but consider this: People are getting more wired, surveillance is getting easier and cheaper, and that trend may never reverse. There may be nothing we can do to stop privacy from dying. Maybe we should start thinking about what we're going to do when it does.

    • Not one of Sen. McCarthy's victims was actually thrown in a gulag. Think about that. They weren't fired by the government.


      No, actually, Milo Radulovich [wikipedia.org] was fired by the government, the US Air Force. Three cheers for minimal research, kids!
    • We need a society in which there's no difference between what's illegal and what harms others, and holds all other things not only legal, but acceptable.

      Gurrrk.

      Put some more thought into this one. There are any number of things that are "unacceptable" that aren't bad enough to merit applying the might and majesty of the State's criminal justice system. By denying all social sanctions short of criminal prosecution, you create a society with the worst of both worlds: a plague of officers (lawyers) wors

      • You're right - my post was an oversimplification. Talking loudly in a movie theater steps on the toes of other moviegoers, and you should be able to snark at those people without having them arrested. I guess my point was that "your freedom ends where my nose begins," is a system that works better when people are less nose-y.

        Gay marriage is a perfect example. When this subject comes up, people turn out in droves to vote against other people's freedom. And then they complain when the majority votes to out
    • Re:What can we do? (Score:3, Interesting)

      by Arandir (19206)
      We need a society ... holds all other things not only legal, but acceptable.

      The problem with your viewpoint is that it equates legality with morality. You're not much different from those that would legislate morality. But instead of expanding the law to encompass all of morality, you're shrinking morality to fit within the narrow confines of the law. Both are wrong.

      I can agree with the idea that the government should not be banning non-violent actions, but as for accepting them, that's going too far. There
  • SIP Zfone? (Score:3, Interesting)

    by Doc Ruby (173196) on Monday May 22, 2006 @03:54PM (#15383149) Homepage Journal
    Where's the Zfone (or interoperable) SIP module for Asterisk? And which softphones & ATAs already include one?
    • Re:SIP Zfone? (Score:3, Informative)

      by wackysootroom (243310)
      See Phil Zimmermann's FAQ [philzimmermann.com] about Zphone.

      According to him, there are no ATA devices or any other hardware-based Voip phones that support ZRTP (the zfone encryption protocol). I doubt that Vonage or any other large VoIP service provider will ever offer a phone with ZRTP support due to pressure from the US government.

      According to my understanding, Zfone will intercept any SIP call made from your PC and encrypt it on the fly. This means that you should be able to use any software based SIP phone with Zfone.
  • It wasn't all Bush (Score:4, Informative)

    by randomErr (172078) <ervin DOT kosch AT gmail DOT com> on Monday May 22, 2006 @03:55PM (#15383160) Homepage Journal
    I would like to point out that wire/phone taps have been a staple of American history:
    From Wikipedia [wikipedia.org]

    During the American Civil War, government officials under President Abraham Lincoln eavesdropped on telegraph conversations. Wiretapping has also been carried out under most Presidents, usually with a lawful warrant since the Supreme Court ruled it constitutional in 1928. Domestic wiretapping under the Clinton administration led to the capture of Aldrich Ames, a former Soviet spy in 1994. Robert F. Kennedy monitored the activity of Martin Luther King Jr. by wiretapping in 1966.

    • by lelitsch (31136) on Monday May 22, 2006 @05:03PM (#15383626)
      You know, I love it when pundits don't even read their talking points before posting them. What part of "usually with a lawful warrant" didn't you understand. Yes, wiretapping has been goign on as long as there were wires. But the end run the current administration is doing around courts, FISA, Congress, and civil rights is pretty much unprecendented.
  • Hardware solutions (Score:4, Interesting)

    by harryk (17509) <harryk20022002.yahoo@com> on Monday May 22, 2006 @03:58PM (#15383177) Homepage
    First and foremost, I'm a long time fan of PRZ... he's a hero among heros and should be credited as such.

    Secondly, am I missing the hardware solutions for things like this? I've been a Vonage customer for some time, and while Vonage seems to take a blind eye to security (just ask them they'll tell you they are happy to work with the local and federal law enforcement agencies). When will I be able to use a handheld, encrypted VOIP device, and be sure that its secure?
  • by Il128 (467312) on Monday May 22, 2006 @04:22PM (#15383366) Journal
    Sorry but the idea that we all have to give up our freedom to be safe and free is just beyond stupid.
  • by FredThompson (183335) <<fredthompson> <at> <mindspring.com>> on Monday May 22, 2006 @04:22PM (#15383373)
    Imagine, a Republican administration using laws created by Bill Clinton's Democrat administration to monitor international phone calls of known terrorists.

    Incredibly suspicious.
  • by Beryllium Sphere(tm) (193358) on Monday May 22, 2006 @10:29PM (#15385067) Homepage Journal
    But at a conference last week in Cyprus, German officials said they had technology for intercepting and decrypting Skype phone calls, according to Anthony M. Rutkowski, vice president for regulatory affairs and standards for VeriSign, a company that offers security for Internet and phone operations.
    I'm not finding this in Googlespace. There's a publicly disclosed crack of Skype's call setup protocol (RC4 with key reuse?!) but not of the AES-protected voice stream.

    I'll try to save myself from being offtopic by asking whether zFone might be equally vulnerable (probably not, the few leaks about Skype's crypto haven't sounded encouraging).

"The value of marriage is not that adults produce children, but that children produce adults." -- Peter De Vries

Working...