Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
The Internet

Government Wants to do Massive Internet Monitoring 304

jht writes "Taking the Clinton Administration's electronic paranoia to new heights, this NY Times article details plans to have the FBI establish an infrastructure (called FIDNET) capable of monitoring all non-military public networks. And you were wondering why they're so down on encryption... The NSA is reviewing it now, with final rules expected in September. " Uh,oh. This is potentially a Very Bad Thing. You may want to e-mail your Congressional Representative about it. (Free NYT online subscription required to read the article.)
This discussion has been archived. No new comments can be posted.

Government Wants to do Massive Internet Monitoring

Comments Filter:
  • When 'they' go after the first of any of these groups (or any other non-criminal groups) it will be time to speak up.
    Ah, but the government doen't go after non-criminal groups. First, they declare the group criminal (or better yet, a "conspiracy" or a "threat to national security"), then they go after them. The government defines crime, ergo those they oppsose are always criminals.

    Who are they after these days? They're after the pot smokers, the porn watchers, the gun owners, the religions outside the mainstream, the animal rights advocates, the environmentalists, the cypherpunks; basically, anyone who doesn't shut up and do what their corporate masters demand.

  • for playing f*cking Cyberpunk in Denny's!

    Seriously, we used to play every night at the Denny's we frequented, and this was in Denver, about the time the McVeigh trial was going on. Well, in the game, we were planning an assault that involved nerve gas, guns, and a lot of heavy explosives. We were tossing ideas back and forth with the waitress, who was a closet gamer.

    Well, some concerned citizen obviously though we were stupid enough to plan a REAL bombing in a public place, and called the police. It got back to the FBI, and they had the place staked out for 3 days, which was when we played again, to question us about it.

    It was ridiculous....they had the waitress in back, grilling her for like 45 minutes, and then came out to ask us questions. We were like "Dude, it's a game...here are the books, here are the dice...wanna see my stats?"

    So I am on file with the FBI as a terrorist now. Yay.


    I know it's off-topic, but I feel your pain, man.

  • This is the truly scary part.
    There is no way the government could possibly do this task intelligently. There isn't the manpower and computational power available. You're right.

    So simplistic monitoring it will be. And the results will be similar to those of SurfWatcher software... You won't be able to research Childhood causes of breast cancer, hashtable processing algorithms, or anything containing a word combination that some bureaucrat deemed inappropriate in some context.

    That is of course for 'in the clear' communication. If you send something encrypted, you'll end up on a 'watch' list, and your activities will undergo closer scrutiny.

    And just try to take a guess at who is going to pay for all of this. No new taxes!! But we'll jack up the old ones. After all, it is a matter of national security.
  • ``The plan was created in response to a Presidential directive in May 1998 requiring the Executive Branch to review the vulnerabilities of the Federal Government's computer systems in order to become a "model of information and security."

    In a cover letter to the draft Clinton writes: "A concerted attack on the computers of any one of our key economic sectors or Governmental agencies could have catastrophic effects."''

    Oh, I see. The Government finally realizes that it's got to do something about the security of their computer systems and in order to make themselves more secure, the Government has to monitor all citizen's network traffic.

    Where can I get encryption software (like that in Cryptonomicon) that allows 4096-bit keys????

  • Read the article folks, they're proposing two things:

    1) The construction of an FBI monitored network behind which nonmilitary government networks would reside.

    2) Expanding this monitoring to selectively protect commercial networks.

    Comments:
    #1 is a Good Thing. As a taxpayer, I have no problems about protecting public property with firewalls, etc. This is just an extension of what the Pentagon is already using to protect military networks.

    #2 *could* be a Bad Thing, if those sectors of industry are forced to submit to such monitoring. Given the American tendancies not to trust the government, I really doubt banks, etc. will elect to join such systems if they have to capitulate the standards of encryption they already enjoy.

    The interesting part, is that the FBI is jockeying to become the knowledge/technology leader amoung conventional law enforcement agencies. The FBI has already started to internationalize, participating in counter-terrorism, investigating war crimes, etc.

    But can the Internet be monitored in a fashion that doesn't affront the American values that the FBI are sworn to protect? Maybe. But that doens't mean that the Federal government doesn't have the right to protect their (our) computers the same way as private networks.
  • Sounds like the work of Francis Dec [teleport.com] to me...


    Now THERE'S a writer, dammit! Woo-hoo! Read, and
    be enlightened. heh.


    "Sneak shameless hangman rope gangster government leaders into Frankenstein living death eternal
    slavery, I now go to death for your lowest deadly felony crime against me. Frankenstein Earphone Radio
    parroting puppet gangster slave do not dare to repeat any part of this truthful message. For like Mr. Francis
    E. Dec, Esquire, you too are expendable and you too can be beaten bloodily by the gangster police and
    dragged in chains into a windowless telephone booth type prison cell and put into maximum security
    insanity prison for undetectable extermination, and by the lowest gangsterism, namely, the law, character
    assassinated for life as an insane, criminal menace to this worse Gangster Communism. Now that your
    terrified, trembling delirium has subsided have your computer subdivision play out my letter, and you, reread
    my letter FOR YOUR ONLY HOPE FOR A FUTURE. Francis E. Dec, Esquire, 29 Maple Street,
    Hempstead, NY."


    dr. j
    "hey, where's my $100?"

  • Actually, it wasn't meant seriously, it was a joke, but if you all are really interested. I have written her a few small demos before, and I was considering writing her a BIG CD with pictures and stuff of us, music, and demos on it. I revised that idea, and we're going to make one together while we're on vacation. She'll help pic out pictures, and I'm writing some programs and stuff for it. It should be nice :-)

    Good suggestions though guys :-)
  • Sorry dude, some one invented one-time-pads a while ago...
    Beyond that, everything is breakable...
  • These seem like really good points... do you have any references to the security break ins?

    It all seems like:

    1 Small (perhaps temporary) problem exists.

    2 Government claims they can fix it by raising taxes and spending money.

    3 Problem gets worse.

    4 Government claims that things are getting better or getting worse, but they need to spend more to really fix it.

    5 Goto 3

    Perhaps the problem is at step 2. The goverment shouldn't be fixing the problems anyway because they have a vested interest in maintaining themselves.

    People have that attitude all the time, though. I get strange looks when I say that I see my goal as an software engineer is to make myself obsolete. I want to do my job well enough that they don't need me to do it anymore (because it's soo automated, or so easy that anyone can do it, or because it's completely solved and doesn't need doing anymore...). I want to be able to move on to other things, but most people don't get that. Perhaps people in the goverment more so.

  • Actually, it wasn't meant seriously, it was a joke, but if you all are really interested. I have written her a few small demos before, and I was considering writing her a BIG CD with pictures and stuff of us, music, and demos on it. I revised that idea, and we're going to make one together while we're on vacation. She'll help pic out pictures, and I'm writing some programs and stuff for it. It should be nice :-)



    Good suggestions though guys :-)
  • yeh, wern't those the people who advocated terroism beacuse they knew they could never achive power democraticaly?

    why yes, they were!
    Idiot, I'd rather have the contry run by microsoft and AOL then a buch of stalin wanabies. I mean compared to the 'opressive' US China, Russa, cuba, North Koria, those places are paradices!

    I do think this 'listening' system is a terrible Idea however
    "Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
  • Yes, of couse, wern't those the guys who advocated terrorism beacuse they knew they could never achive what they wanted through a true democratic process?

    why yess they were!

    no goverments, just 'syndicates' like microsoft? woohoo! sounds like a plan!
    "Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
  • Agreed...

    The person isn't evil, isn't a tool, and really believes in the goal, is convinced of the sincerity of those he/she works with...

    This person is a tool of a larger organization, although in this case more or less ignorant of his/her involvment. My point is that you cannot stop this kind of invasion of privacy by appealing to the techies who write code for the FBI.

    I personally believe that there is a lack of people who hold their own beliefs and convictions above money in their own pocket. We can only hope to educate and pursuade those who don't have these convictions, but how many of the remaining ones who believe that this is wrong will turn down that high paying offer from a government agency because they know it is wrong?

    I know I would, and I suppose you would too. You give me faith that there are others as well. They are not bastards who need to be shunned, or made fun of, or ridiculed. I believe there is more to life than money and I hope these people will believe that as well.
  • FuckITAR is a GREAT name for some easy-to-use encrytion software... ;-)
  • Calling something socialist doesn't make it so, just like calling something a "republic" doesn't make it a representative form of government. The members of the Union of Soviet Socialist Republics were neither socialist nor republics.

    In its most basic form, socialism simply means an economic system based on the exchange of labor, as opposed to the capitalist system which is based on ownership of resources. Socialism may or may not be statist - the exchange of labor may be either voluntary or directed by the state. (Capitalism, OTOH, relies on a strong state to enforce property claims. "Anarcho-capitalism" is a contracition in terms.)

    "Leftist" orginally meant favoring the interests of the "common folk", as opposed to the "nobles." (Supposedly nobles sat to the king's right, commoners to his left, but that may be a UL derivation.) These days, the equivalent to the nobles would be the capitalist owners, while the commoners are the workers. ("Work" must be understood to include intellectual labor - failing to do so is a common error amoung socialists.)

    This "socialist-capitalist" dimension is independent of the "free market-central control" and "(small l) libertarian-authoritarian" axes.

  • Excluding extremely high-traffic servers, a PC that is connected to the internet is devoting anywhere from a tenth to a thousandth of its processing power to the task of actually generating net traffic. I would estimate that a ratio of 1 PC monitoring to every 100 actually generating traffic would be more than sufficient. I imagine you could get away with a ratio closer to 1:10000.

    It seems to me, from the article, that they'll be concentrating on specific points of vulnerability. That is, data flowing from Joe's ISP to Jane's ISP down the street will probably go unmonitored, but data flowing from Jane's ISP to Chase Manhattan Bank will be tracked and catalogued. At least, that is how it would be likely to work if they were really trying to defend the vital points of our data infrastructure against attack, which is what they claim. Any evidence to the contrary would seem to me to point to definitely sinister motivations.

    Actually, that brings up an interesting point. The stated aim of this system is to detect attack and intrusion attempts -- the worry is that it will be misused for surveillance and monitoring of private communications. But a system that does one should be constructed differently from a system that does the other. I'm no expert -- perhaps someone out there would care to expound on whether that statement is accurate, and what those differences are most likely to be.
  • The only problem with this idea:

    The primary alternative to Gore (G.W.Somethingorother) has absolutely no respect for the bill of rights either. Haven't heard that much about it lately, but his campaign has been Lawyer-nastygramming a lot of sites simply for the mention of his name...They even shut down a supporters site. Seems he has never heard of (or doesn't acknowledge) the first amendment. Of course, if it went to court, the site-owner would win, as it's valid commentary/satire/some form of protected speech...but I wouldn't be surprised if a few visits from the Secret Service occurred anyway.

    Okay...the point (If you've read this far)

    CONGRESS is the root of the problem - for some reason, they seem to feel a need to pass laws on everything. Repeatedly. Even when it is something that regulates itself quite well, they just can't keep their fingers out of it.

    My suggestion: Voter rebellion - Don't *ever* vote for an incumbent - always vote for a challenger. If enough turnover is generated, we might start seeing normal people running, hopefully eliminating the professional politician class. If people with a job went to DC, did the job for 2, 4, or 6 years, they would probably at least be closer to the cluetrain than the existing taxpayer-supported leeches.

    Wow..guess I'm getting a bit hostile towards our elected officials :)
  • FBI nor CIA nor NSA have _any_ kind of jurisdiction outside the US borders. FBI operates domestically and CIA operates abroad. The thing is i guess most of the CIA operations are illegal by the laws of the country they are operating and by international conventions. To me CIA is no different from the "evil" KGB. Both are propably spying on Finnish high-tech industry to gain trade secrets for domestic industry.

    The thing is that currently there is no counter-force to the US. It's rather unfortunate since they no can do pretty much what they please and there is no one that can do anything about it. EU should do something about it. Echelon for example which is operating on European soil.
  • god damn netscape crashes!!! l;asdjkfl;asdfjkl;sdfjka
    "Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
  • I can neither confirm nor deny specifics about Marly or Greatful Dead stickers, but:

    There are still a disturbing number of search-and-seizure^H^H^H^H^H^H^H^H^H^H^H^H^H^H^H^H ^H^H^H law enforcement assaults against people who are guilty only of DWB / WWB / BBIP**

    There are an alarming number of children being sent home on a regular basis for wearing the wrong color shirts (ie gang-related colors)



    **Driving While Black / Walking While Black / Being Black In Public



    Fuck with a cop today! Hang your License plate upside down!
  • The thing is, in order for that code to be a valid communication tool, someone has to know what it means. In general, things that require a codebook or codetable aren't breakable, except if you get a copy of the codebook/table. That's why the germans thought they were secure in WWII. They were using code books, that we somehow managed to get our hands on. (sneaky americans) Randomly changing your definition of a code based on time will only work if the other side knows about it and how to handle it.
    There are some computer encryption schemes that require a codetable, but then, if someone gets ahold of your codetable, your encrypted messages are easily breakable. The current standard is to make it so that you have to run an ungodly amount of checks to break the encryption. On Unix, the code for the passwords was chosen because a) it was a one way deal, meaning that the output could not be processed back into the data, you have to process the data through the same engine and check it, and b) it took a little over a second to calculate the encrypted value of one password. It has a random seed, between 1 and 4096, and that's before going into each character. To hack one password, it would have taken a little over 10M years or something disgusting like that. Look at the rc5 distributed net. It takes quite a host of computers and its still taken a long* time for them to grind down on the numbers.
    Basically, you have to have some pattern so that the person you're talking to can reproduce the message, otherwise, you're just being solipsistic. Of course, my take is that this whole world is my solipsistic nightmare, but you're probably not going to subscribe to that.

    --Raelin
    *long is a very relative term. Given that I just mentioned 10M years, a few years isn't very long comparative, but still, if you're trying to get information that might give you an advantage, chances are, you'll find better ways to get what you want.

    PS On another note, isn't it possible (Note, I'm not a trained mathematician, just a college student) to develop a code that produces multiple human readable results, one as the real result, and others that would be there to throw off the trail?
  • As someone who lives outside the U.S. I don't accept that as a reasonable solution. All of my traffic that goes out of Canada gets routed through the U.S. Does that put my traffic under the (domestic) jurisdiction of the FBI because it passes through some switches/routers in the States, even though neither of the end points is American?

    Now, even if FIDNet has no jurisdiction over me, what about the CIA/NSA? If the U.S. government is putting so much research cash into _spying_on_their_own_citizens_, do we believe that this research will not also be shared with their external agencies?

    The right answer is to develop strong encryption methods in a country which does not have stupid hypocritical export regulations, and export everywhere.

    "Q: What do you think about American Culture?
    A: I think it's a good idea."
    A2: But not a realistic proposition...
  • "public networks" in this sense refers to the whole internet, not just the web or somthing. like a "public park" or "public land" (the goverment would be able to listen to anything you said in a park, or where you work....)

    this would iniclude email, ICQ, as well as things like usnet posts
    "Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
  • Its Unconstitutional See Ammendment IV

    Amendment I

    Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the
    press; or the right of the people peaceably to assemble, and to petition the government for a redress of grievances.

    Amendment II

    A well regulated militia, being necessary to the security of a free state, the right of the people to keep and bear arms, shall not be infringed.

    Amendment III

    No soldier shall, in time of peace be quartered in any house, without the consent of the owner, nor in time of war, but in a manner to be prescribed by law.

    Amendment IV

    The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no
    warrants shall issue, but upon probable cause
    , supported by oath or affirmation, and particularly describing the place to be searched, and the persons or
    things to be seized.

    Amendment V

    No person shall be held to answer for a capital, or otherwise infamous crime, unless on a presentment or indictment of a grand jury, except in cases
    arising in the land or naval forces, or in the militia, when in actual service in time of war or public danger; nor shall any person be subject for the same
    offense to be twice put in jeopardy of life or limb; nor shall be compelled in any criminal case to be a witness against himself, nor be deprived of life, liberty,
    or property, without due process of law; nor shall private property be taken for public use, without just compensation.

    Amendment VI

    In all criminal prosecutions, the accused shall enjoy the right to a speedy and public trial, by an impartial jury of the state and district wherein the crime
    shall have been committed, which district shall have been previously ascertained by law, and to be informed of the nature and cause of the accusation; to
    be confronted with the witnesses against him; to have compulsory process for obtaining witnesses in his favor, and to have the assistance of counsel for
    his defense.

    Amendment VII

    In suits at common law, where the value in controversy shall exceed twenty dollars, the right of trial by jury shall be preserved, and no fact tried by a jury,
    shall be otherwise reexamined in any court of the United States, than according to the rules of the common law.

    Amendment VIII

    Excessive bail shall not be required, nor excessive fines imposed, nor cruel and unusual punishments inflicted.

    Amendment IX

    The enumeration in the Constitution, of certain rights, shall not be construed to deny or disparage others retained by the people.

    Amendment X

    The powers not delegated to the United States by the Constitution, nor prohibited by it to the states, are reserved to the states respectively, or to the
    people.
  • I think we should accept it now - our privacy is slowly eroding and will soon be a thing of the past... paranoid ? Not if they really are after you...
  • Man, that is exactly the kind of attitude that governments love to spread, because it makes the job of taking away your liberties that much easier. When the entire populace takes on this "Holier than thou" attitude, trying to prove to each other that "they have nothing to hide", the government has already won.

  • All you freaks who say "why should you be afraid" are missing the point. It is not out of fear of being caught. It is a constitutional right.
    Geez, governmental voyeurism should be scaring the pants off you people!!!!!

    The Divine Creatrix in a Mortal Shell that stays Crunchy in Milk
  • as far as attacks on civil liberties........ (also during world war 2)
    "Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
  • it's amazing how stupid people can be sometimes.....
    "Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
  • C'mon guys... the US and its band of cronies (Canada, UK, NZ, Australia) do this already. Remember? It's called Echelon. Echelon Echelon Echelon. And it's nasty.

    -- adr
  • Nope, second...

    When will you sad, pathetic, "Look at me, I'm a first-poster" kiddies finally get a life ? You server no purpose but to annoy....

    To keep on-topic, perhaps if we are watched by the various American agencies they could at least put an end to the sorry individuals such as below...
  • by jcrosby ( 42052 ) on Wednesday July 28, 1999 @03:23AM (#1779713)
    The description under the post on the main page says you MAY want to write your representative. I'm begging you all -- PLEASE write your rep! Posting on /. only won't solve the problem. Please take action. Once momentum for this sort of thing builds up, it's almost impossible to stop. Let's use our community size to have some positive influence.
  • Didn't you hear that Barry Sanders is retiring from the Detroit Lions???
  • You know what the first thing that I think is?

    "Hmmm - I wonder how good the Indian Ocean link is. Because we could always just cut the U.S.A. out of the link completely. Let them sort it out and connect them up once they want the rest of the world back."

    I fear this sort of thing - it produces yet another block of mindless statistics, generates more FUD against the Internet and the whole reason we should be getting computers to talk to eachother in the first place, and serves only to increase the importance of the watchers at the expense of the watched.

    Leave aside methods of IP forging and misdirection, and the possibility of abuse by hackers and corrupt agencies. You've still got the threat hanging over your head. The FBI might not have any power over me as an Australian Citizen directly, but no doubt ASIO would love to help its big brother, and even if I was immune to that pressure, there's always the people I've been talking to, and the servers they run, and ...

    Write to your congressman. Do everything in your power to point out the futility of the Big Brother mentality. The best argument is to ask to see their records on public display. After all, if you knew who a terrorist was, wouldn't it be easier if you could use FIDNET's tools? No big surprise that this doesn't appeal to them...

    AFAICS, you people in the USA have a problem. How to stop the mentality of blame and mistrust in your government that is crippling your education, legal, communications and health systems, and turn it around into productive work. I don't have the solutions - you'll have to do the best you can.
  • the fbi has some authority in some countries such as russia b/c of inter-gov deals to work with international crime. not that not having authority has ever stopped the us from interfearing with other countries... really they are just advsiosors... with guns, not a some covert team underming your govenrment
  • Fair point. From this day forth I shall duly ignore all first posters...
  • hehe. before I scrolled down and saw your definitions, I was thinking other things.

    s/black/baked/g

    :)
  • Whilst the point you are making was not argued, the stuff about knowing your email address and the like is rubbish... the *only* things that are sent when you contact a page are such things are what browser you are using, what page you requested, what OS, your ip address and the like. Yes, they can find out your ISP from your ip address (have you ever done a traceroute ?) but that's no problem... just sign up from a library computer to one of the free isps that is quite happy to allow Mr A B from CDE to have an account.
  • I've decided to collect any links to articles, or other information I can find on this story and post them at fidnet.homepage.com [homepage.com].

    Just added the CDT commentary, which also has the draft itself, online.
  • how much disclosure can we squeeze out of the government and powerful organizations?

    Never enough probably. We don't have that kind of control over our government. The way we're going, we'll continue to have less and less control. As long as elections continue to heavily favor the 2 main parties (not that they are much choice when you can't tell the difference between them much of the time), we'll never be able to vote for real change in the government.

  • The summary of this article says "the National Security Agency" is reviewing this proposal. Now, I will admit that I don't know what input NSA might have, but that's not what the NYT article says. Instead, it's the National Security Council, which is a completely different animal. The NSC is a bunch of advisors, not a spy agency.


    ...phil
  • The RFC doesn't seem to address the possibility of using African Swallows, which are my favorite since they have good distance, can carry large packets (2 of them can carry a "coconut"), and decent speed.

  • So they are afraid for their own networks. But that doesn't stop them hacking into Slobodan Milosevic's accounts to try and stop his flow of money or any other of a thousand and one kooks out there. So I guess we choose who we give our civil rights to don't we. Of course the people effected can't complain they have been branded criminals by the ISA (INC STATES OF AMERICA)(I don't support any of these monsters so don't go after me on that!. You think they don't do their own snooping (don't be so naive) I with them being able to monitor traffice at ROUTERS (NOT AT GOVERNMENT SITES AS YOU SO ERRONEOUSLY DEDUCED) they will be able to see all traffice. ECHELON have been doing this for years and I guess the FBI are chaffing to have a go as well.

    Remember that the government of the United States is it's people not peppered hair man who can't keep his dick to himself!!!

  • There have been an enourmous number of government sites hacked, and they want to stop it from continuing.
    Then they should:
    • not put sensitive data on machines directly connected to the Internet
    • hire competent admins
    • run stable and secure OSes and servers
    • use B-level trusted OSes and implement serious physical security for machines with sensitive data
    • configure servers properly
    • apply all security patches
    That would be a hell of a lot more effective than snooping everyone's communication, wouldn't it? I mean, if the objective were really to stop website vandalism and the compromise of sensitive information.
  • Not really...

    When I was at Sydney University (AUSTRALIA the 53rd state of America) we had the FBI investigate over infiltration of the NASA site. Since the site accessed was on US soil the Hoover boys where justified in coming over here.

    Not only that speaking to a friend of mine who is in the FEDERAL POLICE (similar to the FBI in OZ)he said that the FBI do have jurisdiction here upon cooperation with an Australian Agency or Government body. Seeing as we are so far up the ISA's ass do you think we would say no!!!
  • AND: Keep it simple. Explain to them that there is nothing special about the internet. E-mail should be as protected as snail mail; chat as protected as a phone conversation. Law enforcement and security agencies have every thing they need to legally monitor communications. It's called getting a warrant and it requires proving to a judge that there is likely to be something amiss.

    Most govmint types "Just Don't Get It" (TM).

    Cryptography is nothing more that putting your private letter in an envelope and expecting that the Post Office will not open it.

  • by Anonymous Coward
    >1. Labor unions ?
    >2. Communists ?
    >3. Jews ?
    >4. Catholics ?
    > When 'they' go after the first of any of these
    > groups (or any other non-criminal groups)


    Now who decides what is a criminal group? Of course, you know it's criminal to be a Labor Unionist, Communist, Jew or Catholic. ;)

    As for in the US of A, they've already started to go after the dope smokers(all property stolen and sold + 30 year sentence for smoking pot), to a smaller extent the nerds(anything you own that involves electronics or telephony in any way gets stolen if anyone(usually someone in the FBI looking for a case) says you might have done anything possibly illegal with a computer and you never get it returned, plus some accused have spent long times in jail without trial), and probably a lot more that I don't know about. They've been going after the Native Americans for so long that people don't notice anymore, IIRC the last military action was in the 1970s, and theft of land and property continues to this day.

    I've never done illegal drugs or cracked, illegally hacked, or phreaked, so don't call me a dope-smoking h4x0r lamer. These things are happening in the US, and if you live here in the States you should be very concerned.

    You should be concerned that people are getting life sentences for petty crimes. You should be concerned that people are getting pulled over, harrassed, and arrested for Driving While Black. You should be concerned that the people have lost their constitutional right to constitute a fighting force powerful enough to defeat an invading army, or to defend against the US military if the government becomes corrupt. You should be concerned that the Congress is considering an amendment to the Constitution that will make it illegal to protest against the government by burning a flag, which if it becomes law will be a precedent for further legistlation restricting public protest.

    As for the topic, monitoring the public does not show a desire to solve crimes. It shows a desperation to find criminals which makes every citizen a suspect of crimes that have not yet been commited. Public monitoring could also be used to find people who do not like certain government policies(say, public monitoring for instance) and punish them in underhanded ways such as ordering an IRS audit(It's happened before, Nixon ordered the IRS to audit several of his political opponents).

    Most people consider themselves to have a right to privacy. The gov't does not need to hear their telephone conversation with their aunt, the gov't does not need to see what's in the love letter they're writing to their [g|b]f, the gov't does not need to watch them take a piss. You get to the old envelope example -- If we didn't value privacy we wouldn't use envelopes, and it is in fact a federal offense to tamper with mail.

    The government already has the powers to post surveillance on somebody, however they need to go through a judge and present evidence that this person may be a criminal. If the gov't doesn't have a good reason, the judge can tell them to stuff it. With public monitoring, this important legal right will disappear.

    These 'rights' are often considered 'loopholes' that let guilty men go free. We have them for a reason. The founders of the US knew what a corrupt police force did compared to an honest police force, and drew up a set of laws that requires the police to be honest. When the police have acted in ways which deprive the rights of the suspect, you will read in the morning newspaper about a guilty man who has gone free because of a loophole, never mind that a man is not considered guilty until he has gone through a trial and been found so. Losing suspects and evidence because of acting in an illegal manner is what keeps the police forces honest. When we lose these laws and regulations, we stand to be ruled by a corrupt police system.


    -Perpetual Newbie
  • You are a very good citizen aren't you. Of course they are doing it for benign and helpful reasons.

    Must be easy to get elected over their with people like you voting.!!!

  • Times got a mandatory registration process and This kind of measure should not be encouraged.

    I would like reading Times articles but I don't like being categorized and I don't want anyone to control the information that comes in front of me.
    I accepted the registration process of Slashdot b'cause they enable easily everyone to be anonymous but I don't trust a bigger company doing the same.

    Times does not enable easily and clearly a way to browse its articles anonymously.
  • I find it difficult to believe the government is deluding itself into believing that somehow it can detect "network intrusions" -- let along determine whether these network intrusions were not from someone being paid for security testing.

    And they are further deluding themselves in believing that they can monitor all of the Internet traffic.
  • So use the login "cypherpunks" password "cypherpunks". That's about as anonymous as you can get.


    ...phil
  • actualy you can SSL hotmail, I think.

    there's also a site called "hushmail.com" witch uses 2048bit ecryption in java. it's not a US company, obviously...
    "Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
  • by Anonymous Coward
    The ACLU does not favor Clinton. Maybe take a look at their site. The ACLU consists largely of libertarians (socialist and capitalist) and such. It is well known, even among hardcore democrats that Clinton resembles more of a moderate Republican, than a "liberal" Democrat. Al Gore is even worse. This blind party loyalty/hatred is stupid. Not all democrats meet certain descriptions, nor republicans. Democrats are FAR from left wing at all. They tend to favor a bit more social spending, but that's about it. I don't like either side, because as you move more to the left of democrats, it tends to be limiting of freedom, but more help for those who need it. More to the right, more control over your freedom, but more favor to corporations. Not that either side dislike corporations, they're both business friendly political parties. I don't see how anyone could disagree with this. Democratic party does not equal Communists. The republican party does not represent fascism, although both seem to be fairly close to fascism. They both get paid off by the wealthy and corporations, so, if one party really opposed them, it'd be unlikely the rich and corporations would invest into their funding.

  • Yeah, I think you're right. The article mentioned gave too little details about what exactly Big Brother had in store.
    Remember, the NYT got all of it's information from the civil liberties union (mention in the first paragraph). They themselves did not look at a copy themselves. All they said was
    "A draft prepared by officials at the National Security Council last month, which was provided to The New York Times by a civil liberties group..."
    A draft. Nothing more. Furthermore, what makes everyone so sure the "civil liberties" group in question didn't leave out parts of the report in order to obscure some facts about it.
    I believe
    A) The government has a right to be worried about a cyber-terrorist attack
    B) They already have anti-terrorist laws in effect for "conventional" technology, why is this any different
    C) Until we see a final bill, unabridged, and not some NYT article giving their insights to a civil liberties insights on a bill that isn't even out of a subcommitte yet, let's keep the hysteria factor to a minimum.

    It's not like I'm not concerned about it, but as it stands now, we don't have enough information about it to really base our judgements on.
  • Do as I have and let your congressional representative KNOW how big of an issue this is. The silent masses are slowly being robbed of their individual freedoms one at a time. Stand up and show some solidarity! I can't believe some of the people writing comments on this page...ready to lay down and let the Man walk on in. Didn't you guys see Braveheart? Grow some nads and do something before it's too late!
  • That is not strictly true.....


    Ever heard of a thing called the MILITARY INDUSTRIAL COMPLEX (look back to this councils roots during Roosevelt, WWII)

  • Oh yeah that's right. Like you didn't follow them into IRAQ, KOSOVO or anywhere else they want to send their stormtroopers, oh that's right there called NATO PEACEKEEPERS. You where so powerful that you never had US troops protecting you from the RED BEAR during the COLD WAR. Had so much money that you needed a MARSHALL PLAN after WWII and if you hadn't had the YANKS at the beginning everybody would be singing DEUTSCHLAND UBER ALLES by now.

    Grow up or grow a brain - your naive nationalism is not based anywhere in fact or even fiction,.

    Kiss off moron
  • Fuck you!!!!!!!

    I do not take drugs nor have I ever taken them.

    Go fuck the prom queen moron!
  • Pity that most traffic goes through the USA anyway because of the large amount of ROUTERS and BACKBONE they have there.

    Nice idea though!!
  • Since posting this, it should be noted that strange things have started happening...

    Just today, maybe an hour ago, some guy pulled up across the street in a Green Ford Explorer and took pictures of my neighbor's house and my house.

    Big Brother is watching.
  • From what I have been told by people, many groups/organizations are allowed to monitor the Internet. I have been told that MSN monitors the things that you do while connected, and if you do bad things (which I wouldn't ever do :) such as downloading illegal software, sending illegal stuff, they can catch you. I don't think that the Internet should be monitored by the government, because I think that it's the person's responsibility to take the concequences for one's actions, and if anyone really wanted to plan a huge bombing or something, they wouldn't leave their tracks!
    I noticed before someone posted that all the money that they're spending on this could be used to provide houses for all the homeless people in America. I don't think that that's too true, but I'm sure that if they really needed to waste their money they should waste it on a good cause that would help everyone. I do not think that the FBI should monitor the Internet, because we are entitled to our first amendment. I'm no lawyer or anything, but I want my rights respected!
    Matthew McCoy
  • Are you ashamed of making love to your (boy/girl)friend?

    Do you do it on the front lawn, or do you prefer a bit of privacy?

    People prefer privacy for things they want to be private about. That's all; no value judgement or assumption of shame can or should be implied.

  • PGP and PGPNet allow 4096 bit keys.
  • I've heard that too, about the Dead sticker, on the Grateful Dead newsgroup, though it usually seems to be a southern or midwestern state. Deadheads that use stickers that aren't blatantly "Dead" like are said to be driving stealth.

    From my own experience, I've driven with Dead stickers on my cars for 12 years, I was pulled over once in Atlantic City for inadvertantly running a red light, and was let go, and once in Rochester for forgetting to turn my headlights on, and was let go.

    I think the police in Rochester have better things to do than pull over Dead or Phish stickered cars (about 10% of the cars on the road it seems).

    George
  • My brother-in-law is about as square as you get, and he has a Marley sticker on his wagon. (I think it makes him feel less square to like Marley).

    I've always had at least one Dead sticker on my car, to ward off evil spirits.

    Anyhow, Rochester police don't have the manpower to pull over every car with a Dead sticker, and I think I read in rec.music.gdead that 30% of cars with bumperstickers on them in Massachusetts have Dead stickers on them.

    George
  • Francis E. Dec Esquire!
  • Really? I've seen probably more references to the Brookings people than, say, their opposite numbers at Cato. At least in print...

    It's arguable whether the Dem's serve business as much as the GOP, given their traditional pro-labor stance and their general opposition to lowering capital-gains taxes and so forth. Still, a smart businessman will give to both major parties...

    Anti-war arguments? Well, yes. Historically, at least -- look at 'Nam, for instance, in which the Tet Offensive was portrayed almost as a VC victory. 'course, all sides warped the truth horribly in regards to that conflict. There was some coverage of your "no-blood-for-oil" protesters regarding the Desert Storm. I did see occasional coverage of pro-Serb/anti-Nato protests in the US and elsewhere, so it wasn't completely lopsided...
  • Um, you compared the stamp price increases to the inflation rate over substantial time periods lately?

    The latest stamp price increase covered the inflation rate for the year it happened. But there are typicaly several years between stamp price increases.

    Stamps are getting cheaper, not more expensive, in fixed-value dollars.


    Fear my wrath, please, fear my wrath?
    Homer
  • "First they came for the slashdotters and Ilakwejrl;mph'
  • by fable2112 ( 46114 ) on Wednesday July 28, 1999 @06:41AM (#1779762) Homepage

    On the one hand, I'm not one to encourage needless paranoia. On the other hand, I don't like this.

    I'm in a fairly militant mood these days for both personal reasons (as discussed on the Ticket Booth Tyranny thread) and political ones ( Damien Echols' [wm3.org] Rule 37 appeal was denied, and I'm very pissed about it).

    Post-Columbine, a friend of mine was given trouble for wearing a BEIGE trenchcoat. If the Powers That Be (or anyone else) start looking for a certain "profile," then anyone who has anything in common with that profile is screwed. Where I live, there have been a lot of recent stories concerning racial profiling. (Maybe THAT is why more African-Americans aren't on the net. *wry smile*)

    But of course, it's not just race. If someone wants a scapegoat, it's easy to pick a likely-looking one. This goes on in schools, it goes on in law enforcement, and it goes on in politics.

    I'm not over-cautious with personal info because I don't feel I have to hide things from people. However, I realize that if things in this country get really crazy, I'm going to be one of the first people that gets harassed for being a social deviant.

    The FBI's probably got a file on me as it is, but as long as I'm not kicked out of my housing or prevented from getting a job or arrested for something I didn't do (or something I did do that shouldn't be illegal), I don't give a damn. However, I've got contacts, resources, and what-have-you; many of my fellow social deviants aren't quite so lucky.

    So I fight for their right to keep their correspondence and personal details private. And since some of them talk to me over e-mail, I don't want anyone reading my e-mail either. Things that I do that are public or semi-public record (/. posts, my web page, petitions I've signed, that sort of thing) are obviously things that I don't mind having traced back to me. But there are a lot of people who can't or choose not to be as open as I am, and dammit, that's their right. (Even in the current atmosphere of Don't Ask, Don't Tell, for instance, I'm sure some homophobic military types would love to scan e-mail looking for anything that might suggest a soldier is gay. *sigh*)

    Another big problem here is that people don't profile for actual criminals as often as they seem to for stereotypical criminals. Racial profiling is a major example of this -- black man driving nice car in suburbs, wonder how he got it? Drug money? Let's stop him. Etc. Satanic Panic based profiling is another biggie; there is no other reasonable explanation for why Damien Echols is on death row and his two friends are in prison serving life sentences. With net-based searches, we'd get the additional problem of "profiling" of anyone who, say, visited 2600's website.

    I, personally, have nothing to hide, and haven't suffered much in the way of harassment. But damned if I'm going to make it easier for other people to have their lives ruined for no good reason.
  • {chuckle} Ahhhhh, fun. If memory serves, SJG even advertised that very same RPG as the only one investigated by the Feds (apparently who'd been a little sensitive, even at that time, to suggestions regarding cracking)...
  • most staffers and appointees indicted
    most staffers and appointees convicted


    I'm not sure about these. Reagan had quite a few of his staffers and appointees indicted and convicted for his Iran/Contra dealings.

    most dramatic attacks on civil liberties in this century

    While bad, they weren't the worst this century. Take a look at world war I, where members of the U.S. Socialist party were imprisoned for opposing the war. Not for doing anything illegal, mind you, just for speaking out publically against the war.

    largest expansion of US government spending since WWII

    I'm not sure about this one. I was under the impression that Reagan expanded US government spending significantly more than Clinton has. I could be wrong however.
  • Well, on the one hand there is nothing really new in this. NSA has been monitoring the 'net for ages, and now FBI wants to have a peek, too. On the other hand the government agencies are not exactly known for cluefulness, so the idea of yet another bunch of idio^H^H^H^Hgovernment servants watching the net does not appeal to me at all. They are very likely to see something they do not understand and do Very Stupid Things (tm) as a result.

    Yet, on the third hand, this could be the necessary push to get strong encryption in wide use over the net. Generally it's too much of a bother but now that everybody and his lawyer will be compiling a database of IP traffic I just might try persuading my friends to use strong crypto in email.

    Kaa
  • by Anonymous Coward on Wednesday July 28, 1999 @03:27AM (#1779805)

    This isn't as big a deal as people are about to start freaking out about - although it's definately worth a letter or two to your wonderfully representative *ha* elected officials.

    The open-source and linux communities have the power to make these plans effectively useless through the implmentation of transparent public key encryption schemes - Fuck ITAR, this is an international community. A good implementation followed by a new "secure" linux distribution - perhaps Trinix - or maybe RedHat, but they're less likely to take on "the Man", IPO and all.

    So let them monitor your SSH sessions, let them monitor encrypted web communitications. The key is to make it automatic and transparent, so that the end user doesn't have to do anything.

    I'm sick of this bullshit from the US Government - I'm not a US Citizen, but being north of the border in Canada means this crap will diffuse up sooner or later - Our spineless prime minister does what the US wants.

    So rather than bitch and moan and cry and whine, we've got the tools to make this system effectively useless. Run with it.

    AC (with damn good reason).

  • "Government officials argue that they are not interested in eavesdropping, but rather are looking for patterns of behavior that suggest
    illegal activity."

    What I want to know is: what sort of patterns suggest illegal activity? Based on previous nonsense, I wonder if use of encryption is enough to raise warning flags.
  • by Carl C-M ( 3168 ) on Wednesday July 28, 1999 @07:24AM (#1779816) Homepage
    I take exception that the only way to combat misuse of personal information is through routine encryption.
    • Routinely encrypting all my traffic may not buy me much privacy.
      • Traffic analysis can reveal where I have been surfing and who I have been emailing without saying anything about what I was saying. But I imagine that in this hypothetical police state exchanging email with subversives would be a crime. And don't think that anonymous remailers will protect you; remember anon.penet.fi.
      • Failing traffic analysis, I am still conducting transactions with websites, who is to say that they won't decide that its financially advantageous to get together and construct detailed profiles of me. Isn't that what ads.doubleclick.com is doing?
    • How do I know that my security protocols are really secure? I just downloaded PGP from some random website or installed the standard Red Hat Distribution. How do I know that the implimentation wasn't weakened so that powerful interests can read my mail anyway? Worse I might believe that I can send whatever I want with PGP and end up incriminating myself more completely.
    • Rather than pressuring congress to allow me to implement weak and insecure protocols that give me the illusion of privacy, why don't we pressure Congress to open up government. "Okay Congress, you want to monitor our networks for criminal activity, you can, if you make verifiable public records of all activities and results from the monitoring." Better yet, if they want this tool, let them build it, but make it a public domain tool that serves everyone. Why should we trust incompetent government workers to secure our networks?

      This bargain could be struck on many levels. If congress wants to monitor all email, I'd be quite happy to go along with this if in exchange the government would publish all gov. documents on the web five years after creation regardless of classification.

    • Perhaps surveillance of everyone is immanent, but it doesn't have to be clandestine. We have an opportunity to choose how it is implemented.
    If given a choice between having all my email read by the NSA without my knowledge or permission or having all my email read by the NSA and receiving notification whenever it happens; I will always pick the later case. Even better is if I recieve notification from anyone when that email is used. Whose to say that Coca-Cola doesn't have nefarious schemes?

    -Carl Coryell-Martin

  • I've not seen reports that Echelon is employed within the US itself. From what I've read, Echelon employs the hardware formerly used to spy on the Eastern block to spy on Europe as a whole, focussing in particular on industrial spionage.
  • The plan, an outgrowth of the Administration's anti-terrorism program...
    Ah, yes. Not unlike Ireland's Special Criminal Court, ostensibly for terrorist cases in which juries are, ahem, impractical. This court is now used for drug dealers and pretty much any case in which a jury is likely to dismiss the case or return an inconvenient verdict.
  • If it wasn't obvious already, here is all the motivation you need to routinely encrypt every network traffic you can. With routine logging of activity and computerized searches of the reulting databases the possibility of misuse ranging from unauthorized abuse by individuals up to systematic clandestine surveilance of everyday netizens is immence.

    The only efective way to combat this is routine use of strong encryption no matter how innocuous the nature of what you're doing. The congress won't do much as these things are always justified in terms of stronger law enforcemnt aginst stalker pedophile spies form China (or whatever the bad-guy-du-jour is) And your representitive/senator can't appear to be "soft on crime" now can they?
  • It might encourage strong encryption. Especially when congress realizes this includes them. And any email they send. And out of US people can't get the same strong encryption due to export laws so the FBI can now see that the white house is taking kick backs from china and...
    Ok there are a few too many conspiracy theories there, but if you really want to scare the congressmen make them realize thi will include any email they send, or receive. Include stuff from their lobbyists.
    -cpd
  • here's a description about echelon: http://capo.org/opeds/pp0615.htm [capo.org]
  • Yeah, at least you can count on the NSA keeping your dirty laundry quiet, even the President has trouble geting information out of them. The FBI won't keep secrets anywhere near as well, and if they happen on something criminal, they'll try to prosecute even though due process wasn't followed.

    ----
  • by jabber ( 13196 ) on Wednesday July 28, 1999 @03:42AM (#1779859) Homepage
    That's right folks,

    Never mind the privacy issues, never mind ethics or morals or any of that ethereal stuff like Liberty or Freedom. It's about the money.

    Ever since the boom of the Internet, the Federal government has been losing money. They support much of the backbone infrastructure through NSF grants and such. The Internet2 is based in major Universities, but funded by the Fed, and we're going to piggyback off of that tech in a little while. The Fed is losing money since their grants are used to send spam and view porn.

    But that is not the biggest dollar sinkhole that results from the Internet Age. It's all about the stamps!

    That's right. The price of stamps has gone up dramatically over the last vew years. As we've migrated out corespondences to the net, the U.S. P.S. has tried to break even by hiking stamp prices. This just drove more people onto the net, and into long distance phone companies. This is why they're fostering competition and the proliferation of 10-10 numbers...

    The government is just trying to make the net less convenient, more shady and just plain creepy(r) to drive the sheeple back to using the ol'U.S. Post. Under Federal regs, nobody (FBI, NSA, CIA, IRS...) can read your mail.

    Watch for new U.S. Mail ads this fall. I ga-roon-tee it.

    --Where'd I leave my meds?
  • *nod* *sigh* I just had a very long discussion about this kind of stuff with a very good friend of mine. Post-Columbine, she started supporting restrictions that she would have found unacceptable before. I keep pointing out that THE WRONG THINGS are being restricted, and she says "so, should we restrict nothing?"

    What bothers me is that this person is a lesbian and Jewish. She should know better than to side with most of the folks who are decrying the decadence of American culture these days, because the let's-blow-things-up violence in a kid's movie like SW:TPM, which is what is freaking her out, is NOT what they are really complaining about. Personally, I don't enjoy shooting myself in the foot.

    I'm real militant on this issue because as an "out" bisexual and as a pagan, I know just how screwed I'm going to be if the Religious Reich ever gets its way. And when someone who shares those characteristics with me starts getting cozy with the perceived enemies-of-their-enemies, I get very upset because I know that they're going to be the next target of those who wish to censor and monitor. This is very much not a good thing. There is all sorts of potential for truly hideous abuse to go on here. *sigh* The posting of "... and then they came for me" elsewhere on comments for this article is far too relevant. :(
  • Perhaps this is another sign that geeks need to start getting involved in politics. We sit and watch the clueless government do one thing after another to take away privacy, cripple technology research and advance, and just generally try to treat us like children.

    And all the while, I see geeks complaining about it, but doing little else. Maybe it's time to start getting the word out to people what is being done, and do something to change it. All the whining in the world won't do any good if that's all that is done.

    I don't know, maybe a Geek Political Party? So the geeks will know who to vote for? So some visibility may be gained? Or is this just another one of those ideas that wouldn't work?
    ---
  • Which works until they make encryption illegal.

    I wouldn't be particularly worried, 'cuz I don't generally send stuff electronically that I wouldn't mind sending on a postcard. But that's entirely beside the point: The government has no bloody business reading my postcards or "monitoring all non-military public networks."

    The plan, as described in the article, is attacking the percieved problem ("attacks that might cripple Government operations or the nation's economy") the wrong way. If your house is vulnerable to break-ins because your door doesn't have a lock, you don't stay up all night watching your door, you install the best lock you can find (along with all the rest of the security system).

    Maybe someone knows this: In most of the recent cyber-attacks against government systems, have the crackers gotten in *despite* the best security systems, or have the gotten in because someone left the back door open?
  • by Kaa ( 21510 ) on Wednesday July 28, 1999 @03:53AM (#1779885) Homepage
    "When they took the fourth amendment, I was quiet because I didn?t deal drugs. When they took the sixth amendment, I was quiet because I was innocent. When they took the second amendment, I was quiet because I didn?t own a gun. Now they?ve taken the first amendment, and I can say nothing about it."

    It might interest people to know where this came from. The original quote belongs to Pastor Martin Niemoller who had the misfortune to live in Nazi Germany in the 30s:

    "First, they came for the labor unions but I wasn't a labor unionist, so I didn't speak up. Then they came for the Communists but I wasn't a Communist, so I didn't speak up. Then they came for the Jews; but I wasn't a Jew, so I didn't speak up. Then they came for the Catholics, but I wasn't a Catholic, so I didn't speak up. Then they came for me-and there was no one left to speak up."

    You might want to keep this in mind.

    Kaa
  • I'd certainly like to see some of the details filled in on this plan, as the NYT was fairly vague about it. This is probably because the plan isn't close to final yet. What sort of "patterns of patterns" are being monitored here? Other than detecting quantity-based attacks such as smurfs and mailbombs, I don't see what this monitoring can accomplish. Most attackers of other systems will look more or less like authorized users in terms of the quantity of bandwidth they use in their attacks. Only by inspecting the actual contents of their packets could you find out what their actions are, and there are way too many packets flying around for that. Also, how is this monitoring system planning to differentiate between authorized users doing potentially dangerous things (rebooting a server, etc) and unauthorized users doing the same thing?

    Implementation issues aside, this doesn't necessarily decrease the security or privacy of Internet use. With the proper tools anyone could monitor Internet packets right now, whether or not there is a sophisticated government effort to do so. Plaintext email and other unencrypted data will be no less secure under the FBI's plan, and packets to and from your host to the rest of the 'net will just be logged in one more place than they were before. The loss of privacy and security is not as severe as you would think; mostly because there wasn't a whole lot of privacy and security on the 'net to begin with. There's an understanding that you don't monitor traffic that isn't yours, but there's no guarantee that everyone who can see your traffic is high-minded enough to abide by that understanding.

    This is not to say that I support the government's monitoring plan - I don't think it will work, for reasons listed above. And of course I object to my traffic being preemptively monitored by a government party without a warrant or a court order. But I'm not sure even in the worst case there would be as much loss of privacy as there would be loss of the illusion of privacy. If this leads to more pervasive use of strong cryptography, wonderful.

  • Hey -

    lets all just think about this for a moment. Maybe I'm being simpleminded, but in order to effectively monitor all the traffic on the Internet today, wouldn't you have to have an equal amount of computing power in aggregate to that which is generating the traffic?

    Lets just say (hypothetically) that the total combined bandwidth usage on the internet today is 100 Terabytes daily (in the USA). This traffic is generated by a billion computers being online at once, all transferring files, exchanging mail, etc. Wouldn't it take a system (distributed or centralized) of equal processing power to effectively monitor this?

    Unless we're talking simplistic monitoring, where some widget is snapped onto the major switches, and whenever it sees some keywords, it generates a signal that computer X exchanged a restricted word with computer Y. But - come on, even that would require immense devotion of computing power (effectively a system that mirrors the power of the switch itself) and it wouldn't even be logging the traffic...

    Maybe I'm just being stupid - or overly optimistic. Someone let me know if my hypothesis is correct - that in order to monitor a system that has the complexity of the Internet - one effectively must duplicate the level of resources currently on the internet.

    - PW
  • by Kaa ( 21510 ) on Wednesday July 28, 1999 @04:06AM (#1779900) Homepage
    Let's say you go and visit www.hyperreal.org -- a site that contains, among other things, information about psychoactive substances, some of which happen to be illegal in the US. Now, of course, only drug pushers would be interested in information on such a filthy topic, right? So you wouldn't be surprised to see some cops on your doorstep with a search warrant, the probable cause being visiting the site? And don't bother applying for a government or a government-contractor job: "We see you engaged in some patterns of behaviour that could point to illegal activity on your part. Be thankful we don't prosecute you. Next, please..."

    This is fiction right now, but it could easily become reality.

    Just use strong encryption for everything. I don't see the problem.

    Use of encryption necessitates that both parties do it. In the example above how would encryption have helped me (other than using Freedom.net or some equivalent of it)?

    I know it is illegal to export it from the USA, but is it also illegal to use it?

    It is legal to use. For the time being, that is.

    Kaa
  • Having failed to control the availability of reasonable cryptography,
    the FBI wants to install a giant traffic analysis system. Some
    thoughts on this system:

    o It represents a second best surveillance tactic after
    eavesdropping. If you can't tell what a person is saying, it's at
    least interesting to be able to tell to whom they're saying it
    (traffic analysis). If the Clipper chip was plan A, this sort of
    thing is plan B.

    o This is definitely a lot bigger than what any private agency can do
    because they FBI can theoretically use the law to gain monitoring
    access at any network access point they desire, which a private entity
    could not, and likely would not, do.

    o Federal law enforcement realizes that the public computer
    internetwork has become or is rapidly becoming the world's primary
    nexus of communication, and therefore they must be able to analyze it
    in order to snoop on the citizenry.

    o Traffic analysis in order to hunt for "patterns of behavior that
    suggest illegal activity" might lead to a vague fishing expedition
    approach to law enforcement. Perhaps this is an attempt to do an
    end-run around troublesome fourth amendment protections, which are
    fairly well defined in the case of telephone wiretapping.
    Interestingly, this seems to me to require that the use of IP
    telephony would get far less protection from warrantless search than
    regular phone calls. For example, even if you encrypt your phone
    call, and even if you use anonymous forwarders, this type of system
    might theoretically allow the FBI to detect the end points of an IP
    telephony call, unless you handed the call off along the way to the
    PSTN (a normal phone company). The FBI could thus ensure that there is no
    reasonable expectation of privacy in telephone call end-points, which
    might then make such information admissable evidence in criminal
    prosecutions.

    o The conflation of domestic and international concerns may be a new
    tactic in the constant pursuit of greater surveillance powers for law
    enforcement. I expect we'll see more of this. Theoretically these
    measures are for "national security", and defense against foreign
    attack, but that excuse is being used to justify snooping in the US.
    The internet, by being a global medium open to easy foreign access,
    may well represent the thin edge of the wedge for this sort of
    argument, where foreign threats are used to expand the powers of
    domestic law enforcement.
  • The NSA has been monitoring Internet traffic for quite a long time not only on a domestic level, but globally. I suspect the NSA will either turn down the FBI's plan or declare neutrality because A) the NSA would get too much publicity if it was approved and publicity is the last thing they want, and B) they already have such a system. If they downright scrap the FBI plan, that will spurn assumptions that such a system exists and they don't want that either.
  • I mean, does it really matter all that much if someone knows what websites you're going to?

    You must lead a very boring life ;)

    Yes, it does really matter. See the post below for an instructive example.

    Kaa
  • by sjames ( 1099 ) on Wednesday July 28, 1999 @04:54AM (#1779925) Homepage Journal

    By monitoring everyone's communications on the net at random, they are going after ALL of those groups and more. All you have to do to be logged is to have a packet pass through a monitored network.

    Meanwhile, the money they are spending on this could buy every homeless person a condo.

    The real answer to preventing attacks on our infrastructure is to encourage the use of strong crypto and the development of hardware and software based on it.

    Finally, if the objective is to prevent cyber attacks from outside the US, why aren't the monitors confined to the border routers on the links to the 'outside'?

  • It's not slowly eroding. It's gone. Sorry to break the news.

    Even if you do encrypt all your communications, the headers on your email say where the mail came from and where it's going. This is almost as useful as knowing what is actually said, when combined with other information, say, banking transactions.

    Credit reports are only a SSN away.
    SSN's are only $50 away

    Everything about you is available to anyone willing to spend a little (very little - say $500) money...
  • by Stonehand ( 71085 ) on Wednesday July 28, 1999 @05:01AM (#1779934) Homepage
    I'd say they're going after industry sysadmins, by planning to install monitoring software on non-governmental systems. Either they'll be required to hire government spooks who'll use those systems on-site, or far more likely, the monitoring system will either report electronically, perhaps with remote access, or it'll do something like log to CD-R's which are then shipped off to a gov't warehouse. In any event, I'm just as concerned with *how* and why they're "going after" a group as with whom.


    * If there are *any* vulnerabilities in the monitoring software, and I'm a sysadmin, you've now weakened my network. Thanks a lot.

    * How can I trust the monitoring software to know that that's *all* it's doing -- monitoring? And that none of the information, such as traffic analysis, could leak out to a competitor who happens to be a larger campaign contributor? For instance, if somebody's suddenly engaging in SMTP traffic with somebody at a competitor, and the traffic coincides with that to a recruitment firm or so forth.

    * Wouldn't this cause some to fall prey to false confidence? Given that the Gov't hasn't shown itself to be the most clueful 'bout computer security in the past, what makes them think that they can catch up?
  • Encryption + anonymity.

    Hey, guys, accelerate your beta, we need this thing now!

    Kaa
  • Saige wrote:

    "Perhaps this is another sign that geeks need to start getting involved in politics. We sit and watch the clueless government do one thing after another to take away privacy, cripple technology research and advance, and just generally try to treat us like children."


    I think that last point in the most important. Rather than allowing people to make informed, possibly risky choices, it is increasingly the role of the gub'mint to decide what you *ought* to want to decide - in other words, as you say, treat you like a child.

    Several things flow together to make this happen -- here are the most obvious ones:

    1) Life expectancy is growing, and the portion of life considered 'childhood' or 'youth' is right alongside.

    2) People have come to expect / accept more guarantees in life; just like getting a free bed from Mom and Dad means you owe them (at least) filial piety, getting a free handout from Big Brother means the same.

    3) Young people -- because they are young temporarily and are busy doing things that MTV tells them today's hip teenager ought, or getting into the Ivy League, or going to punk shows, or hacking -- are not much of a political force; even when they occasionally become one, it's more like a militia than ...

    4) the Standing Army of Gerontocrats, as in the AARP and many others. Unlike young people, old people both stay old and have the experience to organize effectively.

    5) A general (and I think growing) tendency to accept regulation as necessary and appropriate, especially from non-elected bodies with no purpose *other* than to issue regulations. All the 3 and 4-letter acronyms you care to throw out: FDIC, FDA, FTC, FCC ... the fact that their appointers are elected does not make these bodies answerable to anyone but themselves and the rare, half-hearted reviews.

    6) Willingness to trade at every turn a little essential liberty for security.

    America was founded as a radically free society (for its time). In our time though, American freedom is lukewarm. "Still freer than most other countries" is not a very exciting slogan. :(

    • Mandatory school attendence, overwhelmingly at State-run schools, ought to raise more hackles than it does. Both parents and students ought to resent the assumption that their time and bodies belong to the regulators.

    • Laws that prevent 18(19/20)-year-olds from sipping a glass of wine in a restaurant ought to disgust everyone.

    • Increasing regulations about gun ownership ought to frighten anyone who looks at previous disarmament campaigns. (See jpfo.org)


    Answers? No good ones. I guess vote for (L)libertarian candidates and use encryption. Buy guns while you can.

    timothy

  • And maybe some of them really believe that the goverment isn't really out to get them and are willing to help with this noble goal of protecting US citizens from the bad guys.

    Just image for a moment, someone who has graduated school, perhaps with a CS degree, has spent some time with ROTC, perhaps would like to get into law enforcement, but doesn't like the idea of getting shot. Instead, the person gets a call from someone at the FBI who says "We need people like you. We are building this network monitoring facility, with all this high-end equipment to help protect us all from terrorists abroad. We will be looking for specific types of attacks and we need you to help write the software for that." The graduate meets the FBI people, likes them, they sound like they really believe what they are saying (and perhaps actually believe it), and so the grad joins up.

    The person isn't evil, isn't a tool, and really believes in the goal, is convinced of the sincerity of those he/she works with...

    Bottom line, I'm scared by all the invasions of privacy, the goverment intrusions into far too many aspects of life, the threat of being harassed by the Enforcers (police), the unauthorized confiscation of private property, etc. but to say that these people are all immoral, irrational bastards out to screw us all is just demonizing people who are more like you and me, than different.

    Yeah, some of them are assholes, and some are stupid and many are irrational, but they are still just human beings trying to live out their lives the best they can.

    And while trying to get along the best I can, I try do something to make the world a better place (according to my own, perhaps warped, judgement) by avoiding (and protecting myself from) the assholes, educating the stupid and by being understanding of the irrational (and trying to help them do the rational thing).

    Bottom line, I'm very much against this proposed system, regardless of the goal, since I believe having a highly distributed, highly heterogeneous network, with individually applied security is the best defense. I also believe that a system like this can all too easily be used (by the stupid, or the irrational) to do bad things to you and I. (Besides being an ineffective way to do it's stated intent.)


  • Fellow Rochesterian? Merry meet! :)

    They may not be bothering with Dead stickers (a very silly thing to do in any case in an area with so many colleges), but the suburban cops are allegedly "bothering" those who "drive while black" in some areas. Big local news item these days.

    But no, Rochester doesn't seem to be a bad area for most bumper stickers. Rainbow and other gay pride stickers are OK, and the "Pagan and Proud" birthday present that is going up on my car as soon as I find it again shouldn't be a problem. And of course, I'll be putting up an SCA or AEthelmearc Kingdom sticker soon too, because it's the easiest way to get friendly roadside assistance going to and from events. *grin*

    Me, I wish they'd bother to pull over the pizza delivery guys who drive down Route 383 on the wrong side of the road and/or the bozos who hit and run cats on said road. (I live there. One week, I saw three different road kill cats on three different sections of NY383. I was upset. I have two cats who stay inside because I don't want them to be next. One of them got out once, though. Scared me.)

    *sigh* That's always been the thing that bothers me. There's enough REAL problems going on, sometimes where you'd least expected it, that you'd think the cops would have better things to do than profile people who "look suspicious" to their all-too-often narrow minds. *grumble*

Sendmail may be safely run set-user-id to root. -- Eric Allman, "Sendmail Installation Guide"

Working...