Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×
Privacy

New Zealand Government To Snoop On E-mail 140

Posted by timothy from the give-an-inch-they'll-charge-you-rent-on-it dept.
Hairy1 writes: "The New Zealand Government is planning to increase the powers of the police so they may intercept e-mail, according to the The New Zealand Herald. Paul Swain wants to exempt police from laws against hacking so they may snoop into emails. Read the story." "Recent history suggests the usual glib official assurances that such organisations and people will not be snooped on by state security and intelligence services will be worthless," the story quotes the spokesman for a group called Gatt Watchdog as saying, but insert-your-cause-here. Hard to watch just a few people's e-mail.
This discussion has been archived. No new comments can be posted.

New Zealand Government To Snoop On E-mail More

New Zealand Government To Snoop On E-mail

Comments Filter:

  • I'm from the government.... (Score:3)

    by www.sorehands.com ( 142825 ) on Saturday July 29, 2000 @10:31PM (#894388) Homepage
    I'm from the government and I am here to help you.

    Only criminals don't want the police to search their car/house/purse/pockets?

    The check is in the mail.

    Three lies.

    In a free country to keep ones rights, you can't surrender them. For when you do, it ceases to become a free country.

  • Now HERE is the funny thing, New Zealand has NO large (Or noticeable) religous right.

    That is: There are NO "brain-dead voters" as you say. I remember reading that, per head of population, NZ has the largest middle class in the world. By that note, we arn't really that conservative. There is NO large "Mums against porn" movement or "drugs kill children" movement or any sign of "The internet is BAD" movement.

    New Zealanders (Like myself) are quite happy to let others do what they like as long as you don't tread on my toes.

    Infact, we've got along with our government so well, we don't have a constitution in the traditional sense.

    This is very weird for me, it flys in the face of everything we consider normal. We have good privacy laws, it's almost fun using them :-). I seriously doubt that this is something NZ wants. People, and the courts, don't tolerate the Government interfering with their lives when they don't want them too. Ie. Aziz finding the agents in the house. The Security Intelligence Service (SIS) have always flouted laws just a little (The shit I've heard... but can't possibly say because it would result in an international incident :-) ) but now that they could be reading MY email has me concerned. Perhaps they are worried because the drug dealing gangs in NZ (Who are a an okay bunch mostly) organise drug stuff over the internet. Big deal cops, you waste enough money as it is on choppers..

    What is also very weird is the police assoc. spokesperson referring to political assasination! I see the Prime Minister every now and again walking down the main street (I live in the capital) visibly unprotected. No one even gets out of her way :-). There are no motorcades or anything like that. I'm free to walk around the parliament grounds and could quite easily pick off as many politicians as I want, email would have nothing to do it! To do somthing majorly criminal in NZ is a piss easy, look, the French blew up a Greenpeace ship in a very busy port and wouldn't have been caught if they had simply kept the yacht they had sailed in on.

    I doubt it will fly in NZ. It all makes me wonder if this email snooper system could be an addition to the ECHELON system (Which NZ is a member). People will care, and it won't get too far.

    Oh, BTW - We have not picked up guns in a over century to fight for our freedom, we should never do it again.
  • The first arrivals in NZ were Maori, who arrived around 900AD. In spite of the efforts of some English, they did a lot better than most "natives". The English suffered quite a bit in battles against the Maori, in spite of their superior weapons. They also managed to sign a treaty with the Queen of England, called the Treaty of Waitangi (some tribed signed to get protection from other tribes with which they were at war).

    On the negative side for the Maori, they commited genocide against a genetically similar sub-race, called Moriori, who were (unfortunately for them) pacifists.
  • You must have gone through NZ in a drug-induced haze after smoking some fine Gisborne weed!

    NZ economy is one of the free-est in the world, and the government doesn't get much of a sanctioning voice in it. None (or very little) of that class crap either, whether breeding (UK) or money (US) .

    As for resources, there are plenty of natural and people ones. The only problem is that the people type resources who are any good go overseas for more money.

    Try working there, then in the EU or US and you'd understand that the average Kiwi is quite well skilled, and generally pretty competitive. Themain problems stem from small economy and distance to markets.
  • I'm pretty sure you can get a copy of your police record. Hell, even if you can't fill in a form to get it, it isn't that hard - witness recent events in the NZ parliament.....
  • In the UK, it was the Conservatives that were trying to get these powers in first, against the expressed policies of Labour.

    Then Labour came into power, made a total about-face despite their pre-election statements, and brought in laws that are every bit as bad or worse than those which they had opposed.

    Needless to say, the Conservatives are currently berating Labour for it, despite their previous stance. But when the Conservatives finally oust Labour again, they'll slam the iron fist down even harder --- guaranteed.

    Because you see, it has nothing to do with the nature of politicians' beliefs, and everything to do with the fact that the machine of government (which is much more than just politicians) demands absolute control if it can get away with it quietly.

    Well, in this instance it can get away with it, because in our innocence we've created an easily interceptable transport and storage mechanism to underpin the Internet's mail service. No big deal: let's create another mechanism which isn't susceptible to interception.
  • Im planning to move to new zealand in a few years... which might not be to good for electronic mail... but if im running my own web server, with my own mail server,... it would be much harder... because it goes directly to my computer and not an ISP... maybe that could do it, but i have lots of friends in NZ... i guess im gettin my mail read now ain't i... and my girlfriend is from new zealand... maybe we can get this out of there before it becomes to large. it is kinda like that FBI thing, carnivore. -Moldy
  • True, but what I said is still applicable now. Until the authorities "get it" about encryption and/or encryption becomes popular for normal use, email isn't a viable option for secure communication under any circumstances in my mind.

    --
  • It would seem that the most applicable method would be to bypass the ISPs outgoing mail transport. Can you run an SMTP thru a dial-up account ? I don't see why not.

    That leaves the receiving end as an exposed tap point. Use IRC/DCC as some kind of funky SMTP tunnel ?

    One of these days we need a public mail-transport system *and* appropriate legislation to protect the priacy of such. Why is it so easy for the law enforcement agencies to get such draconian legislation passed, and so difficult for the average citizen to oppose it ?

    - just another costmic ray -
  • Conservatives tend to be for private companies and against governement power, socialists tend to be against private companies and for more governemental control. Moreover neither is interested in personal freedom.
  • >Vote against all politicians who suggest, fund and advocate the usage of electronic surveilance of innocent civilians.

    Unfortunately, that will make things worse here. The Government currently in power is pretty much a coalition of the parties least likely to endorse dubious police powers like this. The last government is (I think) still "on trial" for allegedly encouraging police abuse/over-reaction during the APEC summit here. Other notable features of that government included a huge campaign to get the public to anonymously report people who they suspected of recieving a social welfare benefit they were not entitled too. That one was right out of "Brazil" and had resident Jews who survived Nazi Germany writing of how fearfully reminiscient it was becoming. (Everybody yells "Nazi" against policy that they disagree with, but I sit up and pay attention when the people saying it are speaking from first-hand experience). Fortunately it was abandoned when something like over 80% of reports turned out be false alarms (read: made out of spite or ignorance)

    The key, I think, is to bluff the Members of Parliment into thinking you would vote against them, and hope you never have to :-)

    Or even better would be the ability to mix'n'match the policies of the different parties, cause there ain't a single one whose policies don't have big problems. (read: things I disagree with :-)

  • As for court orders.. can a court not subpoena snail mail as well? Can they not search/examine/sieze mail? If not.. why doesnt' everyone use the USPS to send their cocaine shipments around?

    As for 'public', don't take the term as literally as that. For all intents and purposes, it *IS* public.

    Yes, it's a bunch of private/semiprivate/public/whatever else depending on jurisdiction, networks all hooked together by zillions of different agreements in different jurisdictions. To me, and to any sane individual, this is what 'public' is. You are carrying all kinds of traffic that you didn't originate. Especially if you are a larger carrier.

    This is why it is 'public'.
  • 1) Add encryption into sendmail's transmission of mail.

    The latest release of the free version of sendmail (8.11.0) includes some encryption features (specifically, STARTTLS. TLS is Transport Layer Security, and provides encrypted communications server-to-server). See sendmail.org [sendmail.org] for more info.

  • What do you think the US, Australia, the UK and New Zealand have in common?

    They are the countries member to Echelon.

    This is obviously no coincidence. What we are seeing is the declassification of part of the Echelon system, without admitting its previous existence.

    The fact that this is happening all at the same time in these very same countries is simply explained by the fact that we are witnessing a joint action, coordinated centrally, to officialize a system of spying on civil populations.

    Why Echelon wants to make public part of what it already does beats me, frankly. Any ideas?

  • email should be fairly brief, and therefore it should not be to expensive to subscribe to a foreign ISP, and dial in for checking email.

    For example, you could dial up a US ISP, and NZ will be unable to spy on you. Just the FBI. Oh.

    Okay, so you dial up a British ISP, and neither the NZ authorities or the FBI will be able to spy on you. Just the British Government. Bugger.

    Right, from now on, all my correspondence will be sent from China. At least we know that they're going to be spying. And also I'm not likely to do anything to upset them.
  • Email taps will be helpful for leos, and public watchdogs will continue to act against excesses of all kinds by leos.

    If the people responsible for some of these "excesses" (or, to put it in plain English, these crimes) routinely spent time in prison (real don't-bend-over-for-the-soap prison, not Club Fed), this argument would carry some weight. As long as the the "public watchdogs" have no real teeth to sink into abusive LEOs, they provide a mere illusion of protection.

    Its not really that big a change if the taps are held to pre-existing standards of survielance.

    The problem is that the de facto "pre-existing standards" are far too loose -- even if somebody gets caught stepping over the wide-ranging line, it doesn't much matter.
    /.

  • Eugene,

    We know what you have been posting and we
    really can't have you speaking out anymore.
    It just isn't polite to say these bad things.

    Really, lets not fuss over this... your government
    loves you and would not like to see your
    messages get routed to say that girl you've
    been talking to alot on chat. Really, what
    would your girlfriend think? But we have been
    having some problems with the old echelon box.
    It is very tough to say what could happen.

    *Evil Smiles*

    --The Men Behind The Looking Glass
  • Is there a reason you seem to be actively trying to avoid the point? The NZ/Brit/Carnivore/Echelon systems allow government access far beyond snail mail, period. Most people seem to get that.

    Or is that what you want?

    While it may come as some surprise to you, US Mail cannot be searched/examined/siezed without due cause. And, yes, a lot of drugs did get shipped that way :), before the 16oz. -> ID requirement made it fairly easy to trace mail and fairly dangerous to drop it off. And cocaine, btw, is highly detectable and very expensive, making it a very bad idea to ship it in the mail.

    Generally, "sane individuals" (as you put it) consider it an act of fascist/communist governments to go reading their mail, to find what they can find and create dossiers about people. Those good, sane people have been posting their concerns here a lot, probably because most SlashDoters come from the FREE WORLD (God bless it!).

    But, unfortunately, there are dangers in the fact that the internet allows participation by all. Evidently you have lived under a fascist government, given your opinions. For instance, your definition of 'public' would apply to the world's phone system, as well. I'm not sure what highways would be. Evidently the U.S.'s would be private, but Europe's public. Typical RED propaganda here, denoucing the US for privatization, applauding socialist measures in Europe, and trying to place private resources like phone and internet communications in the so-called public's (read: you commie bastards) hands.

    And who modded you up? Evidently there are a few more communists around here...

    All bent on making the InterNet public property, no doubt, and then reading all our emails, and doing who-knows-what with our precious bodily fluids.

    Well, we won't let you take over a good, private forum like SlashDot! VALinuxers, unite! Start IP filtering mods from current and former communist countries, NOW!, or all is lost!
  • From what I've seen, the post-Thatcherite Conservatives in the UK are pretty far to the left, at least compared to conservatives in the U.S. In the U.S. they'd be the equivalent of Democrats. What happens with political parties is that they will adapt their policies to the mood of the country in order to win elections. And the mood of the U.K. seems to be that quite invasive actions by government are ok. As an example, look at the number of cameras covering public places in the U.K. We're on that road in the U.S. as well, but the emphasis seems to be on red-light and speeder cameras (mainly because they're a great source of revenue to cities). Example 2: as part of the new RIP law, the U.K. proposes to track the movements of cellular phone users without a warrant. The only justification would be that a police supervisor thinks its a good idea if they know where you've been. I'm beginning to wonder just where the limits are, as far as the Brits are concerned.
  • My Dad is Maori.

    Don't worry, I've come to expect these kind of things from your type.

    (yes I'm kidding - I find my race as irrelevant and funny as most people. In fact, I love screaming at people "it's because i'm black, isn't it?" heh heh heh)

  • Oh, forgot to agree with you on Vietnam being a wash. So i'll do that, too.
  • 1) With court order, why should computer systems be treated any different than meatspace systems?
    2) Why do you assume you have a 'right' to privacy when you send cleartext data on the public internet? (I know we feel we DO have a right to privacy, but if it is there in the clear, a court can take it).
    3) USE ENCRYPTION.
  • But HERE (read: Denmark) It's IS the law. AS per ruling by supirior court several months ago. E-mail is NOT to be considered "private" (it does go through the ISP's networks), and as such the (Danish) privacy act is NOT in effect. This means that if YOU decide to run an ISP service, and buy the webhosting from another ISP, in essence competing with them, and they read You email from clients, then responds with THEIR offer on the services You thought You could make a living on, This is not illegal. Because if You did not want the offending ISP to read You mail, You'd not send it via them, right ?
    A fairly pointless and in my eyes dumb argument. But it's the law.

    Now, form there and to allow people OTHER than the ISP to read the mail, in my eyes it's a small step. And I for one will start not only to encrypt my emails, but also to avoid countries with RIF or Canivore (or whatever), because they are no longer talking about "just email". They're also talking secure Business-2-Business comunication over the internet. I do not know/understand why more businesses have not stood up and argues their loss of profit. Because that WILL be a consequence.
    Regardless, IF any laws are passed, I will (as I am now) avoid ANY and ALL comminucation with nodes that are "affected". In essence the discussion held on "cutting the US out of the internet". I for one MIGHT not have anything to hide, but that doesn't give ANYONE the right to look thourhg my communication which is DEEPLY personal (not that I'm buying sextoys or hookers on the internet, but I MIGHT), and the privacy should be respected. It would trouble me deeply to know that I could not send my mom an email without someone else (even if it's just a computer looking for "flagged words") reading it.

  • Firstly, some email addresses for those concerned by these events:

    The Hon. Paul Swain: pswain@ministers.govt.nz
    (Minister of Information Technology, Associate Minister of Justice, and proponent of the increased powers in the NZ herald story)

    The Hon. Phil Goff: pgoff@ministers.govt.nz
    (Minster of Justice)

    Both can be snail-mailed at:
    Name
    Parliament Buildings,
    Wellington
    New Zealand (if you're overseas)

    Now, does anyone know of any petitions or anything being organised that I can contribute too?
  • Whenever something unpleasant happens in the US, smug Europeans tend to have a good laugh, and vice versa.

    haha :) NZ is NOT in Europe *grins*

  • Why one should be worried about other countries (Score:5)

    by rodgerd ( 402 ) on Saturday July 29, 2000 @09:16PM (#894413) Homepage

    This is, of course, why people should be worried about what happens in other countries. Whenever something unpleasant happens in the US, smug Europeans tend to have a good laugh, and vice versa.

    This is a perfect example of why such smugness is so dumb. Attempts to grant police more draconian powers in .nz are being justified with the UK RIP bill; no doubt people in the US will be unpleasantly surprised when the FBI justify Carnivore (and more) on the same grounds.

    Once it is considered acceptable for one country to behave abhorrently, other governments will do the same. How often have you heard proponents of strong government point to Asian dictatorships like Singapore as evidence of what could be achieved by strong government unquestioned (and unquestionable) by the people?

  • Its all falling into place. Muwahaha
  • Until your IP address, get's stuck on one of antispamming lists; like MAPS RBL, DUL or ORBS.

    My 24x7 IP address, got reassigned to one of those list blocked IP ranges. Note: My email server does NOT have an open relay. ISP checks every couple of months. I discovered the ORBS listing, after an email bounced back from "Lucent", "the technology people", NOT!!!!.

    I tried to get ORBS to remove/modify the IP range list without success. I.E I explained the due diligence by the ISP, open relay tests, etc. It didn't matter to them. Funny thing, guess where the ORBS representative was located??

    Yup, New Zeland, How Ironic.
  • > Not often myself, but on those occasions I do I just like to mention that wonderful success story (not) called the Soviet Union - that usually foxes them :-)
  • >In New Zealand, unlike the UK and the US, you cant get a copy of your police record.

    Are you sure about that? Recent legislation means you can now see what the SIS is holding on you ('bout bloody time), and things like the Privacy Act require that any database holding personal information be acessable and correctable by the people covered. Might it be the case that the police, as an arm of the government are exempt from civial requirements until some compliance date? (eg I know that the govt is exempt from it's Human Rights Act, and has postponed compliance with the Act, might this be something similar?)
  • Good for them! Email needs to be read by someone, why not the government?

    But seriously, this is a bad thing. It's a bad thing in the US, a bad thing in NZ, and a bad thing wherever else this type of thing happens. As superfluous laws crated solely to appease brain-dead voters (such as anti-porn/anti-prostitution, and especially in the US anti-drug laws). The Modern big governments seek to make anything that might be considered 'immoral' by anyone illegal, and make criminals out of all of us. And criminals need to be watched of course. Grab your guns people, our freedoms are being taken away every day.

  • Doesn't hacking sometimes result in peripheral damage? For example, doesn't an overflow bug kill the service that had the bug. If this is important for the ISP (For example a web server) then does that mean that the police would be immune from prosecution even if even if they find no evidence in a search?
  • The history of the New Zealand Police when it come to technology is not great. They have engaged in a few misdirected efforts to police the net in the past with little success. While I support the idea that police should be able to obtain warrants for e-mail the same as they do with phones, this article concerns me a little as it seems the same protections won't be applied to this.

  • Re:The domino effect... (Score:4)

    by Skald ( 140034 ) on Saturday July 29, 2000 @11:21PM (#894421)
    The US is the only country bull-headed enough to be FOR landmines.

    My Greek friends were bitching to me about this treaty a few years ago. Seems they used to have the mountains along the Albanian border mined, and never had any problems. Then the mines came out, and they started having problems with packs of armed bandits crossing the border at night, pillaging isolated houses, and slipping back before dawn.

    I don't know how popular or unpopular the treaty was with most Greeks. But I do suspect mines, like most things, aren't such a black-and-white issue.

  • Yes, its BAD.

    Do we have an alternative?

    Hacking is BAD too if you happen to see it from the government's point of view.
    Obviously they know its no use searching for a term like "Let's Hack" through the email messages.

    Its the same case as The Police has rights to search every house they suspect and have a warrant to search for. But here we are giving The Police an unlimited license to search for everything in emails. That's BAD too.

    Why can't we come up with an alternative if we have to criticise the only solution in front of the government? Is there any other fool-proof (this isn't even) method to prevent "BAD" hacking?

  • 192.168.0.0 -> 192.168.255.255 are addresses reserved for internal networks, they won't resolve on the internet.

    It is possible that neotrace et al think that it is in the US because it thinks that it is part of NSI's network (they hold the record to reserve it).

    These are most likely machines on the ISP's network, though really they shouldn't be doing that (if you used the same addresses on your office network it would probably bggr up quite nicely).

    That said they might be using these machines to spy on you, can't get anywhere without going through the ISP.

    If you aren't paying for call charges set up an email address and get it on as many spam lists as you can and then get your comp to download and delete them overnight, give them something fun to read).

  • The only country in the world that has kangaroos is Australia, moron.
  • I'm free to walk around the parliament grounds and could quite easily pick off as many politicians as I want

    Well if there was any doubt as to whether the law would go through it's gone now :)

    Got to wonder about the Echelon angle though, maybe the UK & NZ are test cases...

    But hey that's just a bit too paranoid, isn't it??

  • Couple o' minor points.

    a) I believe that there are actually subtle means of opening a non-sealed (as in ink/sticker, not as in glue) envelope. Even seals can be forged. So don't consider paper correspondence immune...

    b) Not all terrorists are swift, shall we say. I'm reminded of the WTC bomber who went to demand a refund on the rented Ryder truck he used. Oops.

    c) E-mail is a bit easier since there are usually archival backups and such. It can be difficult for, say, the White Hou^H^H^H^H^H^H^H^H^Hrandom people to be sure they've completely eradicated all traces of communications, such as tape backups and not-yet-erased files at intermediate sites and so forth.

    Plus, networks go down, servers get confused... there's no real-time guarantee of fast service (I've personally had mail delayed for days, and very strange weirdness involving third parties.), so the occasional mail could even be intercepted, delayed, investigated, and THEN forwarded without necessarily arousing that much suspicion.
  • Blockqouth the poster:
    I for one am going to start encrypting everything just to piss of the government...
    I am a teacher, and one day a student emailed me joking about my using PGP to sign email. He wanted to know if I was a terrorist. I responded that I feel it's our civic duty to use PGP (or other encryption), to encrypt EVERYTHING we can, and to integrate it fully into our online experience. Then, too many legitimate interests will be using PGP for the government to legislate it away. As long as encryption is considered fringe, scare tactics will be enough to shut it down...
  • Blockquoth the poster:
    The interceptors are giving themselves progressively greater powers to ensure that encrypted mail can either be decrypted by them or used as incriminating evidence in its own right by being encrypted in the first place.
    IANAL by far but I worry about erosion of Fifth Amendment [loc.gov] rights. If my mail is used as evidence against me, I believe that violates the prohibition on self-incrimination. If I am jailed for not surrenderng encryption keys, that violates the same. What does it mean to have such a protection if invoking is allowed to viewed as pleading guilty?
  • "is just like opening every letter you receive: a federal violation in 99% of the countries on Earth"

    Like most things, it would generally be illegal for a citizen to open somebody else's mail (and in some countries, it might be illegal for a citizen to open his own mail, depending on the contents -- "Why would they have sent you this subversive literature if you are not a subversive?"), but I would bet that in 99.9% (Sealand might be an exception) of countries it is legal for the government to do so, provided that they give themselves permission first (I can't help thinking that judges aren't exactly in the private sector)

  • Well, actually (1) does work, because the new version of sendmail that I mentioned above includes SMTP authorization - which allows full encryption of all communications between client and server. Just set up your Linux box to send mail directly rather than through the ISP, and you're fine (although, as you mention, this won't protect against snooping on the receiver's ISP... but that's a job for GPG.)

  • Your point is excellent and well put.

    We need to educate everyone in the use of encryption, starting with the same "not-so-savvy friends and business associates"...

    Knowledge, to use an old saying, is power, so let's empower 'the masses' !
    And fight these government policies at all levels!
  • It also uses XForms, which makes it effectively useless for anything but European languages (although I see they're porting it to GTK).

  • Since so many institutions (the government, your ISP, your neighbors on the same cable branch, the guy with the keys to the phone closet, etc.) can hack into your E-mail and other network transmissions anyway, maybe one should just make it legal. That way, every user will understand that they need to use cryptography for all messages.

    In order to make laws like in the UK that require giving up keys meaningless, I think we should also start keeping random data on our hard drives (e.g., filling the empty blocks with random data) and adding random bits to our communications (for images and speech, the low order bits are usually already random enough). That's good security anyway. Here is a start--or is it a secret message... ?

    QUDIHKOO DPKAPOAM REFPQTII ITOXOBWF WANELCSO RCOHRPUJ TZYKTHTB AHYOJUUF UHKFKCUC FIJXXEGR EFBXMUYM CXBMSVSN DCTNFNPK VZHSDOKH TLEFGDRJ ATVSONFR QYEVLUGG TNZXCJFV VJBBNSKN MGFAUKRK JVGUQMBJ AAHCKMXG WYIJRTWD ZCETMVEV

  • Re:Courageously following the US's lead (Score:2)

    by Anonymous Coward
    Nope.
    • NZ law has always favored police.
    • NZ politics periodically limits their activities.
    • This proposal is more likely to be changed than the usual one.
    This proposal probably comes from organizational imperatives. There are only a couple of checks&balances.

    One analysis of New Zealand civil society is that it is "an unenforced police state". The police have quite a good image in NZ, and mostly do good work. They do have a history of being *very* nosy about groups with views unpopular with voters or the govt of the day. This proposal comes with the constraint that the highest court commonly available to NZers (I think you can still try to get the UK Privy Council to overrule) has to affirmatively say that each suggested snooping is OK. Getting details about what the High Court thinks in these cases appears to be difficult.

    Common experience is that the police can do most things they want to until some judge uses an interpretation of common law to shut a particular activity down, or the voters learn about it and complain loudly, whereupon the govt of the day tells the troops to cool it or changes the rules of combat.

    Statutory law is rife with exceptions in favor of police. (Look at the text of the censorship legislation for a great example). Some of this is in the nature of the business (it is an error to make *all* reading of censored material illegal- who then would decide what is censored?) but the legislation is crafted so that there is essentially no review outside internal police hierarchy.

    NZ is a small country, so it is quite likely that new police behaviour will be noted. There is some sense of fairness and common courtesy that the voters seem to demand, not just pocketbook calculations.

    (In one example, the govt decided that suspected overstayers from Pacific islands should be rounded up. This hit the national media next day and the govt retreated in a week, despite the clearly described expected benefit of higher wages for the average New Zealander.)

    If police snooping on email is regarded like police searching in private homes, look for public outrage and massive editing of the proposal.

    If most folk think this is like phone tapping, this should go thru with minor changes.

    -Expat NZer

  • http://bear-software.freeservers.com/
  • I think the landmine thing is mostly cos after the US left they left the landmines behind, and have made pretty much no effort to clear up the mess, meaning that in some places farming is like russian roulette.

    Also IIRC they have refused to give information on how to safely defuse the landmines to these monsterous International Organisations who are actually doing something about them as it threatened US security.

    So they just have to go out poking around with long sticks.

    Interesting term 'Rogue nation', what is the definition?

  • Echelon does this already. (Score:4)

    by Eugene Cabanopscotch ( 27837 ) on Sunday July 30, 2000 @12:00AM (#894437) Homepage
    (I live in NZ) Who cares really if the Police will be able to read email, considering that 75% of NZ's international traffic is brought in over satellite (in some cases using Cisco's weak export grade encryption) does it really matter when the Echelon station in Waiopai has been reading our email since before there was email?
    Not only that, but our Government doesnt even have access to this data - they let the US and Australia snoop our private communications and cant even check to see that it's not being abused!
    Much more frightening that someone reading my personal mail (usually innane messages to my friends anyway) is the thought of other countries using this information to make sure that the next international contract my company is tendering for goes to someone else!

    That will be all.
  • Your point about citizens pushing for consititutional protection is a good one, except that NZ DOESNT have a consititution. It is currently an underground debate that no politicion will address as it means every law has no legal right to exist (and no politicion thereof has any right to suck money off a taxpayer and for that matter taxes are illegal too). Scary stuff

    Genuine NZ Kiwi - Eats roots and leaves.

  • Cute (Score:1)

    by Kalidor ( 94097 )
    Now we can keep up to speed on the revolt by the people of New Zealand against their sheep masters. Seriously though, how exactly are they going to put this into affect. We should remeber the last time the police got into large scale computer tools, IBM pulled out of New Zealand because it couldn't handle all the changes the goverment made to the contract. This is of course ignoring all together how rather unstable the internet services in Kiwi land seem to be, and how even the Kiwi population scoffs at all the press releases about how well the computer industry in New Zealand is keeping up with times.

  • So I notice any time I contemplate nipping to Spain for a holiday 8)

    Seriously, it's a trend, and that's one example. One could equally cite people who feel smug that they aren't in Australia, for example.

  • Both. New Zealand cabinet ministers are typically involved in several roles, usually with one primary area of responsibility and a number of assistant roles.

    The main potential problem we have inNew Zealand is that the New Zealand Labour party is cursed with a desire to emulate Tony Blair's Labour Party, right down to having a little proto-facist in cabinet (Phil Goff, the .nz Minister of Police, should be called mini-Straw).

    The Libertarianz are very much on the fringe of New Zealand politics; we're futher to the left here, and, historically, the left have been guardians of civil liberties in most areas. Sadly, as I mentioned earlier, their desire to emulate .uk's New Labour extends to a mindless "get tough on law and order issues" posture.

  • What is also very weird is the police assoc. spokesperson referring to political assasination!

    Which is insane. If anyone was going to be offed, it would have been Muldoon.

    I wonder to what degree some of this nonsense is a result of the previous, right wing government, importing so-called experts from .us organisations to come and preach at Kiwis about how we should have a proper US style war on drugs and the like. Hopefully we'll be too sensible as a country to listen.

  • (Look at the text of the censorship legislation for a great example).

    Most of the exceptions here are in favour of the Customs department, not the police.

    If most folk think this is like phone tapping, this should go thru with minor changes.

    And, indeed, if it is tightly regulated and targeted - like phone tapping by police (but not the SIS) - then it's hardly an alarming proposal. Unfortunately, it appears that the police are pushing for draconian powers in this area, and the idea of the SIS gaining more powers in this area is downright scary, given their record of responsible use of their other powers.

    One analysis of New Zealand civil society is that it is "an unenforced police state". The police have quite a good image in NZ, and mostly do good work.

    Yes and no. Personally, I'd like a bit more scepticism in the area of the police here, but .nz is a curious beast here. There are plenty of people, for example, who hardly have unreserved love for the police as a result of the Springbok riots, but are quite happy with general police performance. Proposals to give the police arbitary powers in many areas (eg fighting drug or gang crime) quite regularly fail.

  • Good points. I do use encryption where possible. Problem is that unless the person you are communicating with is also using it, it won't work. I think the problem here is that the people of New Zealand will have to abide by a law, and the Police will be exempt. It may go beond simply reading your email to actually cracking your computer to obtain your email.
  • Also it is worth noting that most legitimate targets for SIGINT have dried up over the years.

    There's probably a certain truth to that. Nothing so desperate as government functionaries staring at disestablishment.

  • You should be able to hack on mailman or majordomo to have it run pgp/gpg over mail. You should also have a look at using MTAs that support TLS extensions (SMTP with SSL). Exim, qmail, sendmail, postfix, zmailer all have or are currently adding these.

  • New Zealand is becomming a very sick and demented country. The very soul has been sold from under our feet by the lying bastards who try and represent us. There are polititions who run us whom no citizen of this country ever voted for, and we are all owned by the IMF and worldbank. Our systems are becomming more and more like those in Germany and any other country that has ever borrowed money frm the IMF. The government is nothing more then puppets having their strings pulled at the right times by those who tell them what to do. For instance the student load scheme which is projected to be about 4billion in 2001 is deemed an "asset" of the country. Anyone got a spare bit of cash to but a few thousand students lives? And as for echalon... well... nuf said i reckon! So now are leading the world once more with our spy tactics. Already we are fast becoming the first cashless country in the world... all the banking records, phone records, tax records and anything else in a databse form are linked together... not that the police here are particulary brilliant... arresting students for "thinking" they might be free thinkers. (no kidding!) least now we have the peace of mind that someone is checking our emails to make sure there aren't words like.... Bomb, assination, Child Porn, LSD, freedom, I like Peanuts, and others in our emails. Thanks guys!
  • As the police (theoretically) do not go into people's homes without warrants, the government should only spy on a person's internet connection (e-mail's, homepages, media storage places as xoom's media sharehouse, etc) with a warrant and with the persons knowledge (like in the "real world"). In my opinion, sniffing one's e-mails randomly and without his/her knowledge of it is just like opening every letter you receive: a federal violation in 99% of the countries on Earth.

    /* c. hs laviola
    claviola@rj.sol.com.br, uin# 55799523 */
  • Only if you don't have a personal email account, fair enough if they want to read email to your business account, and knowing about that you can remember not to use it for anything you don't want them to read, e.g. job applications, messages to your doctor. The problem is that when goverment gets involved they have access to everything, the potential is that you have NO privacy whatsoever communicating via email, or even surfing the web, EVERYTHING you do can be watched and logged. There is a pretty big difference, and while it probably isn't very important at the moment if you are just a reasonably avarage citizen, well think of the worst government you can imagine (well ok it doesn't have to be _that_ bad [you are one sick puppy btw]), and what they could do with tools like this. You don't know who is going to be governing next decade, next century... but it will be way easier for them to prevent any dissent if they already have all the regulations, hardware, software, and historical logs/archives at their fingertips. Also the gradual erosion of privacy is quite likely to lead to that sort of government.
  • Sounds almost like the sort of Big Brother style government old Adolf was keen on. Mr Hitler would probaly be quite suprised to see a people he described as "ignorant savages, walking on all fours and living in trees" to take a step towards totalarianism.
  • 100!
  • In reality it is already being done but not only by the government. It being done by script kiddies and crackers. Your government is already looking at your e-mail they just want permission to do it now.
  • In my opinion I don't think it is the New Zealand Police who are behind this move. Generally the Police can't even catch simple minded burglers much less highly skilled technical criminals. I think that this is only one data point in a contining international effort to control the Internet. The Internet caught the World Governments by surprise. The NSA and other intelligence agencies first attempted to limit the ability of people to encrypt communications. That didn't work - encryption is out of the bag - so they are getting laws passed in every country they can to ensure Goverenment have access. In other words its not about catching criminals - its about control. You know what they say - who controls the information controls the world.

  • Get used to your e-mails being insecure. I know people are going to say "encryption", but think about this:

    Before Quantum Cryptography [mcgill.ca] becomes available, Quantum Computing [qubit.org] will have arrived (many suggest within a few years) and it will render insecure [qubit.org] most or all encryption methods using conventional computers. It has been proven that a quantum computer will be able to factor large primes (see reference in RSA's overview [rsasecurity.com] which, interestingly, predicts that quantum cryptography will be realised before quantum cryptoanalysis -- but they would say that, I guess ...).

    (Find more about Quantum Cryptoanalysis [altavista.com] on AltaVista [altavista.com].)

    Sorry guys, but encryption will soon be a thing of the past (before it rises again in a different form on a different infrastructure). Bye, bye privacy, bye e-commerce, bye.

    Learn to live with it.

    (For the record: there is a different issue in some of the comments: should the Govt snoop your e-mails as a matter of routine? I don't think they should, any more than I think they should read all the postcards that are sent through the mail.)

    ---

    "Where do you come from?"

  • I should have added that steganography will probably still work. However, that is not what most people are using or seem to be talking about when they say "encryption". Shame, really.


    ---

    "Where do you come from?"

  • Recent, similar sentiments on the part of the government are being bandied about in France, England and the good ol' home of the free, United States.

    In all cases, these politians make generalizations that claim that criminals are making use of the Internet (please, no more "cyberspace" or "the Web") as a means of communication.

    Don't buy this bill of goods without proof. Demand proof that established criminals and terrorists are using the Internet as an intergral part of their planning and execution of their crimes.

    Otherwise, this is only another means for scared, outdated governments to try and tap into our privacy.

    Vote against all politicians who suggest, fund and advocate the usage of electronic surveilance of innocent civilians. Put your money where your vote is.

  • Things have changed between 1998 and now. (one significant change is that they now have a Breakfast show instead of BBC World in the morning, and the first show is not "Maggie's Garden Show".)

    There seems to be a trend of Christchurch becoming a new center of technology in the Austrialiasia sector, some companies have been bought by international outsiders and then left alone to continue their efficient development models. Lots of large companies (Compaq, Trimble Navigation, Pulse-Data, The Holliday Group, etc) have their heavy-duty development houses here.

    Because of the scale of the country, many new technologies are trialed here first, and then implimented otherwhere once proven successful. The government is being put under enough pressure to change immigration procedures for information technology people.

    Don't count New Zealand out just yet. :P

  • In New Zealand we have a little piece of paper known as the Privacy Act. This little bill makes it illegal for anyone to obtain, use, distribute or whatever, anything about me unless they have MY direct permission to do so. In all the discussion I have read on Slashdot, no one seems to have taken this into consideration.

    Effectively what this means is that the police cannot read my emails unless I give them permission to do so, or they obtain them from the intended recipient with their permission. It is just the same as the police being unable to give out my name, address, phone number and criminal record details unless they have a court order or my permission.

    So how does this play into effect as far as I'm concerned?

    Simple. Primarily, for the government and the police to pull this off, they'd have to amend the already existing and established Privacy Act before they could even pass this new bill before the house. Secondly, we live in a democratic country. If we can get enough people to back it and sign a petition, a referendum can be forced which would request that all those eligable to vote do so on this particular topic. The downside is that this requires that there be those willing to stand up, make a stand and prepare a petition. There also needs to be awareness of this petition for people to sign it.

    The first thing us NZ'ers need to do is write to our local MP (Member of Parliament) and express our concern and state exactly what our views on this issue are. Tell them exactly why we think this is a bad idea and why we consider it a breach of our privacy. In New Zealand, if you contact any MP or Minister, they are legally required to reply in some form or another.

    As a service to all out there, here is the website to go to to find the email address of not only the Prime Minister herself, but also of the MPs and Ministers.

    http://www.parliament.govt.nz/mp s-and-ministers.html [parliament.govt.nz]

    So what about this argument of using encryption? I don't encrypt mail when I send it snail mail. I don't encrypt my cheques when I pay bills. I don't encrypt my postcards home when I'm overseas. I don't have to decrypt my newspaper when I read it in the morning. Would someone tell me why I should have to encrypt email? It is my right to send email in the manner I so choose. I know there are elements on the internet that are "shady", but I calculate that risk into the content of the email every time I press the send button. I don't see why a government should force me to use encryption simply because a few bad eggs on the net have gotten smart enough to use a computer instead of the phone.

    The most amusing part to all this is that the last time there was any terrorist activity in New Zealand was when a few Frenchmen bombed the Greenpeace boat "Rainbow Warrior" in Auckland harbour. (What is it about the French and blowing things up? Rainbow Warrior, Muaroa Atol and the nuclear testing, and more recently a Concorde full of Germans.) With the lack of terrorist activity in NZ, and crimes being mostly theft and road issues, why does the police even need to snoop emails? Bank robbers in NZ just go into a bank with a gun and a stocking and demand money over the counter.

    If anyone in NZ wants to get a petition going (I've already started one in my area of Auckland) look at my user info page, remove the "nospam" from my email address and get in touch with me.

  • Try an ISP in S. Ireland, I think they have legislation now making it illegal for the government to read your email.

  • Terrorism smoke screen (Score:4)

    by Angst Badger ( 8636 ) on Sunday July 30, 2000 @12:31AM (#894469)
    In the last century, the democracies of the world fought innumerable wars, with tens of millions of casualties, to prevent the loss of our freedoms at the hands of fascism and communism. No one suggested that we surrender our freedoms to Hitler or Stalin in order to avoid battlefield casualties. But today, the governments of the English-speaking countries and more than a few of our European allies are suggesting that we surrender our freedoms to avoid a few dozen deaths a year from terrorism. What a crock!

    Freedom comes at the price of bloodshed, folks. And these days, it's surprising little bloodshed. Terrorism exists precisely because the enemies of freedom lack the power to do significant damage, so they concentrate on some high-profile but not especially great carnage. Terrorism should be suppressed to the best of our ability, of course, but please bear in mind that more people die in domestic disputes every night in America than die in terrorist attacks in a decade. Terrorism is only an issue because we allow ourselves to be panicked by a few crazies.

    In the one case that could have been a major terrorist disaster -- the World Trade Center bombing -- the disaster was averted by the ignorance of the terrorists, not Carnivore. The intelligence agencies like to make mysterious noises about all the attacks they've averted, but we never see any evidence to back up those claims.

    State security is a dangerous thing. The very apparatus necessary to ensure total security is the same apparatus necessary to ensure totalitarian rule.

    I can't speak for other countries, but we have much more pressing problems in America. Tens of thousands die every year on the highways due to drunk drivers; somewhere between one-sixth and one-third of all women will be sexually assaulted at least once in their lives; child abuse and neglect is rampant; the two leading causes of death for minors are murder and suicide. When we make progress on those fronts, then let's pour our resources into chasing a handful of terrorist acts. Until then, don't tread on me.

  • I was having a discussion a week or so ago on a mailing list about Carnivore and how to get around it by using encryption. Encrypting email between specific people is relatively easy (if you can convince them to use encryption), but the question came up about how we could easily encrypt list traffic.

    The list structure is the common one where there's a central address that recieves mail and churns it out lots of times to everyone who's signed onto the list - but since people can subscribe and unsubscribe dynamically, posters don't know who is on the list at any given time.

    The only obvious way I can think of doing this is if everyone encrypted their postings to the central list-server, which would in turn decrypt it and re-encrypt it maybe hundreds or thousands of times over for each person subscribed to the list. This doesn't seem very efficient and I'm not sure if there are any list servers out there that will do this, anyway. (Please yell out if you know of any.)

    Does anyone know of any relatively efficient methods of running distributed mailing lists where all the traffic is encrypted? (Preferably something that's not very difficult to set up.)

    I'm fully aware that people could just subscribe to the list, but I don't think it's as important because there might still be standard security steps like requiring authorisation before joining.


    ===
  • It's very smart of governments around the world to begin to take away people's civil liberties quickly, and before the entire population of the world is online.

    Why are they trying to get it done so quickly?

    So when EVERYONE and their mother is online, the won't know the difference betwixt the (non-existant) privacy they have now, and the privacy people used to enjoy years ago.

    Now is pretty much the time to get our asses in gear and make a statement that we will not tolerate this kind of flagrant violation of our civil liberties. Anyone else remember anything about illegal search and seizure? Write your congressmen, vote...and most importantly - VOTE WITH YOUR POCKETBOOK! This is the online equivalent of the FBI or whomever basically just coming into your home and looking through your shit while you're not there. The only difference is most people don't know enough right now to care. CHANGE THAT! MAKE PEOPLE AWARE!

    I, for one, am making PGP a standard. (Apologies for the US specific references....you all get the point).


    FluX
    After 16 years, MTV has finally completed its deevolution into the shiny things network

  • Re:we live in frightening times (Score:2)

    by Anonymous Coward
    Encryption and that steg-o-something or other merely wave a big flag that says "hey! we're doing something clandestine, look into us more closely!"

    Yeah, but that's false reasoning and the public and the authorities must be taught that encryption does not imply that crime.

  • Encryption is not enough (Score:3)

    by Morgaine ( 4316 ) on Sunday July 30, 2000 @04:00AM (#894475)
    Encryption on its own is not enough to deal with the issue of mail interception. The interceptors are giving themselves progressively greater powers to ensure that encrypted mail can either be decrypted by them or used as incriminating evidence in its own right by being encrypted in the first place.

    The problem is inherent in the current naive SMTP/POP3/IMAP model of mail service. It served us well for two decades, at a time of network openness and innocence. That time has now gone. DARPA researchers wanted to make their network stand the odd atomic bomb. Now we have a different evil to overcome.

    Here are the key aspects of the problem, and the areas that a solution would need to address: Time to replace SMTP/POP3/IMAP. [slashdot.org]
  • This Paul Swain guy, is he

    (a) the Information Technology and Associate Justice Minister as referenced here [herald.co.nz] or is he
    (b) the Commerce Minister as referenced here [herald.co.nz]?

    I read this, and actually started getting interested in New Zealand politics. (slow weekend) A bunch of good starting points here [yahoo.com]

    IANAL (I am not a Libertarian) but maybe these guys have the right idea: Libertarianz [libertarianz.org.nz]
    Altho as a whole, Libertarians are pretty strong on intellectual property rights, a whole 'nother issue...

  • use gpg [gnupg.org] or pgp [pgp.com]. use mailers like pine, mutt [mutt.org] or eudora [eudora.com] that support them.
  • then they should use encryption. use gpg [gnupg.org] or pgp [pgp.com]. use mailers like pine, mutt [mutt.org] or eudora [eudora.com] that support them.
  • then use a good level of encryption. i don't think any company is exercising due dilligance if they aren't encrypting their email.

    use gpg [gnupg.org] or pgp [pgp.com]. use mailers like pine, mutt [mutt.org] or eudora [eudora.com] that support them.
  • First, the UK said it would survey email, then Janet Reno ruled that Carnivore would be allowed to be used, and now this. It seems as each day passes it is getting more and more important to encrypt [pgpi.org] your emails.

  • Quite the trend.... (Score:4)

    by Lucretius ( 110272 ) on Saturday July 29, 2000 @09:30PM (#894484)

    We'll, we've been hearing about the United States governments actions in regards to the monitoring of email (the carnivore system, etc), and now its about the right time for the rest of the world to come in a bit too. It does look as if all governments are taking it upon themselves to monitor email for "illegal activity" which brings up some interesting questions.

    Why do governments beleive that email is different than snail mail? Is it because its easier to use, or just easier for them to read? I'm not quite sure, I tend to think that they are treating it like phone lines because they can, not because of any sort of precedent. You can't open up a snail mail letter because of the envelope and people would know you're reading it, but you can easily tap a phone line, as its not as easy to detect the intrusion of privacy. Email follows the path of the phone line, but its just easier, as they can just intercept it before it gets there, and there is really no way for anyone to know if they've read it. I guess this is quite obvious material...

    While I have nothing to hide in my emails, I guess its just starting to piss me off that all the governments of the world are starting to take their turns reading my email just in case I might be a terrorist threat. Seriously now, how many terrorist organisations would be dumb enough to not encrypt their emails that they send to each other, its ludicrous. I for one am going to start encrypting everything just to piss of the government...

    If enough people would do this sort of thing, it would be impractical for the government to do this sort of thing, and hopefully it will just go away.

  • we live in frightening times (Score:5)

    by The_Messenger ( 110966 ) on Saturday July 29, 2000 @09:35PM (#894486) Homepage Journal
    Goddammit, it seems like with every day that passes, we have less of an excuse not to encrypt interpersonal communictions. I'm surprised that businesses don't require employees to encrypt any mail that leaves the intranet.

    Fucking government assholes... if you weren't such snooping bastards, maybe I wouldn't feel it was necessary to ensure my privacy. My problem is that not-so-savvy friends and business associates require me to use cleartext e-mail. Ah, life is depressing...

    ---------///----------
    All generalizations are false.

  • -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This is just yet another wonderful reason to start informing people of PGP, what it is, and how to use it.

    Stop whining, and start encrypting. Then they can read all the email they like... course... decrypting it would be harder... and you'd at least be aware of the fact that your email is compromised if they court-order your private key.

    Be vigilant. -----BEGIN PGP SIGNATURE----- Version: PGP 6.5.3 iQA/AwUBOYNAL8Q/V8QYw1ouEQKrjQCfSajlPpgnBxpDeWJNih h/9//okvcAn2+u +XGNFWpb9zM+t8Dk3+UlEBkO =JyHX -----END PGP SIGNATURE-----

  • It's time to replace SMTP/POP3/IMAP folks (Score:3)

    by Morgaine ( 4316 ) on Sunday July 30, 2000 @01:10AM (#894494)
    There are five aspects of Internet mail services that have attracted this attention from the interceptors:

    1. Mail addressing is in the clear during transport.
    2. Mail content is in the clear during transport.
    3. Mail storage is in the clear after delivery.
    4. Senders send mail to their own ISP's servers.
    5. Recipients receive mail from their own ISP's servers.

    (This refers to the mail services used by the largest proportion of Internet users, the ordinary Joe Bloggs with a dynamic dialin account with a free or very low-cost high-volume ISP.)

    These features together have been instrumental in the current domino effect as more and more countries decide to violate their citizens' privacy. They provide the interceptors with a known fixed point at which to intercept any given person's mail, full knowledge of where his mail is going, full knowledge of the source of incoming mail, and full legibility of the content of correspondance.

    If you consider the nature of the people concerned, one might as well have called these mail standards the Please Intercept Me Protocol. We've made it ridiculously easy for them to snoop, so they're doing it. It's our fault. You can't blame them for lack of scruples -- if they had any, they wouldn't have placed themselves in a position where they can wield coercive power over others.

    So, let's take our standard catch-all phrase and modify it to suit the new circumstances: The Internet interprets mail interception as a fault and routes around it.

    In other words, let's create a mail system with the following attributes:

    1. Mail addressing details are not visible except between pairs of delivery points, which see only the from/to information that applies to them at that point in the transport. Multiple layers of encryption keep all other details of addressing invisible. Something along the lines of onion routing seems feasible.

    2. Separation of payload from addressing, and the payload is of course always encrypted. Encryption must not be optional, ever, and apart from a strong default, the encryption algorithms used must be arbitrary, multiple, and unidentified.

    3. No storage of mailboxes on a customer's ISP's servers. This can be addressed either by using remote servers in safe jurisdictions, or preferably by doing away with the concept of remote mailboxes altogether, ie. keeping mail in transit at various dynamic funnel points until the destinee appears online and signals his presence.

    4. No single transit destination for a person's mail. The biggie here is that MX records direct mail to the fixed point of the ISP's choosing, so this whole methodology needs revising to allow the use of a dynamic set of customer-chosen remote funnels instead.

    5. Senders should not send mail to their own ISP's relay as smarthost, but bypass it, ie. communicate directly with some remote destination. Unix-type boxes already do direct end-to-end delivery by default anyway, but the new scheme should make that the norm on all platforms.

    Well, that doesn't sound like a particularly difficult spec. Let's have a little think about it, rummage around the IETF to see if there's anything already in the works that might do the trick or be a good starting point, and get to it.
  • While I have nothing to hide in my emails, I guess its just starting to piss me off that all the governments of the world are starting to take their turns reading my email just in case I might be a terrorist threat. Seriously now, how many terrorist organisations would be dumb enough to not encrypt their emails that they send to each other, its ludicrous. I for one am going to start encrypting everything just to piss of the government...

    Also it is worth noting that most legitimate targets for SIGINT have dried up over the years. Crypto like DES, RSA, Blowfish, etc. has been around for many years and is for all practical purposes unbreakable. Except for the occasional slip-up, and traffic analysis, there is no data to be gleaned from legitimite targets, they are mostly smart enough to use an unbreakable crypto scheme. I believe that legitimate for for SIGINT are only Military or Diplomatic targets. The only things that use weak or no crypto are private and commercial communications. Therefore it seems that much of the data gleaned by SIGINT is going to be non-Government targets, that they shouldn't be targeting.

    Personally I think that most of the SIGINT force should have been buried when strong crypto made is so much less effective. It only exists now as a possible threat to liberty if it ever falls into the wrong hands. Like the START and SALT nuclear weapons treaties, this weapon too should be disarmed and disbanded.

    If annother big war comes then we may need to revive the old knowlege but I don't want to see our SIGINT services turned into the agents of some Big Brother/Though Police organization--only used to keep Commerce high and the people in control. The road to Hell is paved with good intentions they say, and there need be no "Grand Conspiritor", only people doing what they believe is right and what they believe is in their best interest.

    Annother rant filed.

  • I can't exactly say I like snooping, but I don't think it's unnatural given what the Internet is.

    The Internet is just a bunch of networks joined together with archaic unreliable agreements, carrying each other's traffic. It's impossible to tell what's going to happen to data once it's transmitted into the open system, and if people want to monitor the traffic passing through their system I don't think anyone can really complain about it. I do have a problem when governments coerce ISP's into letting them watch, but it even if they didn't it can't be relied upon that the ISP wouldn't simply choose to show the government what was in your email anyway.

    The whole point is that by default the net is insecure, and the idea has always been that integrity and security have to be established at each end. To do otherwise is like talking in an open courtyard and assuming everyone will turn their backs, ignore you, and not talk over the top of you.

    Right now we have some great end-end protocols for ensuring integrity (and I guess TCP is the most obvious), but it really irritates me that there are so many people out there who don't give a damn about the security part of it. (Probably because of the sudden explosion in people who aren't interested in what goes on behind the send button.)

    Has anyone out there ever had any real success in convincing people (not just computer geeks) to use encryption automatically?


    ===

  • Socialists and Big Brother (Score:4)

    by John Jorsett ( 171560 ) on Sunday July 30, 2000 @05:01AM (#894502)
    I find it interesting that the more socialist governments seem to be the ones first out of the box with these sorts of proposals. Australia, New Zealand, Great Britain, France, etc. talk a good game about being for the ordinary person, but are the first ones to heave individual rights over the side when it suits them.
  • quantum computer will be able to factor large primes

    But I can factor arbitrarily large primes without any computer! OTOH factoring composite numbers is a bit tricky.
    --

  • If these get passed (Score:3)

    by Dyolf Knip ( 165446 ) on Saturday July 29, 2000 @09:44PM (#894509) Homepage
    They haven't said anything about a "you must give us your encryption keys" aspect of the NZ law, but they may very well follow the UK's lead in that regard. I'm really curious to see what happens the first time someone gets thrown in the slammer for refusing to provide a password. Really, it's just like giving someone a prison sentence because they refuse to confess to a crime, regardless of their guilt or innocence. Oh but don't worry, it'll only be used on people who we're sure are guilty. You have the solemn word of the government on that, yessir.

    Damn, but this whole thing stinks.

    --

  • Everyone has heard this before: "You should send all your email encrypted, not just the important stuff, so that (insert many good reasons here)".

    In a perfect world, this would in fact be the optimal solution. But, realistically, since this isn't happening any time soon, how about some other options that at least get us part of the way there?

    1) Add encryption into sendmail's transmission of mail. The goal here is to have the actual email traffic sent over the open wire encrypted, like ssh traffic is. OpenSSL could be used for this. Of course this does nothing to protect you if your computer is cracked or stolen (including by the gov't), hence:

    2) Store mail (in /var/mail) in an encrypted form. Again, this involves adding something onto sendmail, this time when the mail is written into the mail spool. This would be a bit more tricky than 1), since user mail programs would either have to be able to do the decryption or call some agent to do it for them.

    Despite the complications in 2), these still both seem very doable to me. 1) would require extending the SMTP protocol slightly, so that mailers can talk to each other and send things between each other in an encrypted form only if both are encrypted-capable. Has anyone else thought of doing something like this before? Is it as feasible as I think it is (or am I just low on sleep and not thinking clearly)?

    ---
  • you should write a screenplay!

  • Why new tech gets govt interest (Score:5)

    by A nonymous Coward ( 7548 ) on Saturday July 29, 2000 @09:57PM (#894514)
    I believe it's just standard power control freak activity. Look at telephone wiretaps. I personally find them abhorrent, a violation of privacy, etc. Way too open to abuse. I don't even like the idea of police listening to closed doors. But I digress :-)

    Think back to before the telephone. Criminals has to meet face to face or send letters, and I doubt letters did much for simple crime. Most likely, to organize a bank robbery or any kind of activity, they met face to face. The only way for police to listen in was informers in the meeting, or ear to the door. I doubt there was much ear to the door stuff, it would be too easy to prevent. So there wasn't a whole ot of police listening in on crooks.

    Then along comes the phone. Crooks weren't stupid, they could see how they could get together for a combined effort so much easier with a few phone calls. Police recognized this too, but suddenly they had the *capability* of listening in without having to put their asses in danger from twitchy guards protecting the meeting. And just like nowadays, they conned a mostly ignorant public into going along with their plans, with much the same message -- the innocent had nothing to fear, there would be no abuses, etc.

    IIRC wiretaps were originally thrown out of court until Congress passed some enabling legislation, which did not get completely smooth sailing. There was debate, but not enough. Probably a web search would refresh my memory, but I haven't a clue now where I read this, or how much I remember correctly.

    --

  • Hmmm... (Score:3)

    by BJH ( 11355 ) on Saturday July 29, 2000 @10:00PM (#894515)
    One of the things about New Zealand that lends itself to this sort of official snooping is the small number of providers. There's maybe three nationwide providers, and not that many smaller ones, so the government has only a few points to cover in order to read 90%+ of email. Added to that is the limited number of overseas links, and you have a situation ripe for official suppression.

  • I find it interesting that the more socialist governments seem to be the ones first out of the box with these sorts of proposals.

    The funny thing is that, at least in NZ, this is completely the opposite way around. The government that let the secret service (SIS) off the hook without explanation was the same one that pushes for free market etc. Hell there was even a report from the Herald that they were intending to give the SIS the ability to search someone/someplace without a warrant. They got found out and had to back-pedal on that one.

    The people most likely to shoot this one down are both extremes of the spectrum. The Greens (You can't get more socialist!) and Act (Almost managed a flat tax rate, and ditching of social welfare). The real evil is the ignorant centre, who have never had to campaign for anything in their lives.

  • This is definately not from terrorism. NZ has had one international terrorism event and that was when the french came in and bombed the rainbow warrior.
  • Citizens should be pushing for constitutional protection of privacy (in nations that don't have it already; it exists in the US, but only by Supreme Court fiat, AFAICT). Unless you think it's OK to read your mail before even charging you with anything.

    Yes, I think its "OK" for law enforcement agencies to monitor my communications after demonstrating reasonable cause for suspicion but before formally charging me. Thats what warrents are for. So, I guess I don't need to worry ablout constitutional garantees of privacy.

    Personally, I do believe in privacy, but as a balanced, rather than absolute right. That is, all things being equal, people should have a right to personal privacy. However, the world is full of situations in which all things are not equal and the right to privacy must be balanced against other equal or more important rights. Unfortunately, /. is the land of absolutes and slippery slopes, making a reasonable balancing of rights nigh impossible.

    As for the title question, I don't think criminals will "wise up" to the extent of making this useless. Taps are useful at the stage where the criminal does not yet know how suspicious the leos are of him/her. Everyone who commits a crime is not a criminal mastermind with an evil tech wizard advising them on how to stay one step ahead. Email taps will be helpful for leos, and public watchdogs will continue to act against excesses of all kinds by leos. Its not really that big a change if the taps are held to pre-existing standards of survielance.

    -Kahuna Burger

  • While Echelon is billed to intercept messages containing keywords, giving the NZ government the power to intercept email would give the service "carte blanche" to spy on a wide range of community groups, political organisations, trade unions and individuals "of interest" to (the NZ government).

    Imagine your boss giving you the feedback: "Ooops, your poorly worded e-mail got the organization into trouble today..."

    Your last jibe about corporate spying could shed more insight into the continued Echelon sabre rattling...

    US spy relic has Europe talking quietly [boston.com]

    (I doubt the referenced corporate example was from a *random* Echelon interception.)

  • From the article:

    Police believe criminals talk to each other by e-mail to avoid phone taps.

    So, won't criminals just use PGP and anonymous remailers (based in other countries with strict privacy laws) now?

    Citizens should be pushing for constitutional protection of privacy (in nations that don't have it already; it exists in the US, but only by Supreme Court fiat, AFAICT). Unless you think it's OK to read your mail before even charging you with anything.

Slashdot Top Deals

Lots of folks confuse bad management with destiny. -- Frank Hubbard

Close