U.S. Is Working to Ease Wiretaps on the Internet

http://www.nytimes.com/2010/09/27/us/27wiretap.html?_r=1&ref=global-home

 

There is just no end to this is there

The jist of the article says that everything will have to have a backdoor built-in. So "let's strip away the rights of 99.999% of the public in order to catch the few".

How about instead, they just do a better f*#@+!^ job.

 

Very easy to say when you're not involved in it. Unlike what most think, the agencies involved have budgets, tight, rather pitiful budgets. Are you aware more is spent on foreign aid, "stimulus" packages and "pork" than military defense and national security? That isn't a political rant, that is a fact straight from the mouths of those in the know. The ugly truth is, it is "going dark" out there. Contrary to wannabe couch spy beliefs, the reality is that it can be very difficult to get cooperation from foreign-based ISPs, server hosts, VPN providers and other privacy-based service providers. This is especially true when such foreign-based services are hosted in countries that are on less than friendly terms with the U.S, and anyone else for that matter. And, increasingly, these indeed are the countries that are being used to hide activity.

Is there a major problem going on with privacy and other rights? You bet there is, and not just in this country. However, neither you nor anyone else will stop it. You may delay it, but you won't stop it. We're nearing the time, but that's another subject. On topic, those these problems with rights are occurring, do realize what is involved in day to day intelligence and other security matters before condemning anything and everything the government does.

 

I believe we live in a day, and age where unfortunately this is necessary. Its like choosing the greater of two evils. You have to decide between a balance of public safety, and privacy. My belief is that if the Government wants to Wiretap any form of communication device then they should be required to get a warrant. To get a warrant they should have to provide evidence or a reasonable suspicion that a felony is being committed. The one exception to rule would be if there was an overwhelming amount of evidence that would suggest that peoples lives are in immediate danger that would not allow time to get a warrant. I know this is providing a loop hole for abuse, but lt's choosing the greater of 2 evils. We are always at war with terrorism, and we always will be.

 

Yeah. Forgive me for not getting all weepy over whether the IC has a hard time with my encryption and anonymity. Let's put it like this: attribution and built-in back doors for LE's convenience will happen over my dead body.

NSA is a lawbreaker. USCYBERCOM will operate as a domestic military monitor. These organizations are a bigger threat to democracy than any other entity on the planet. The billions of $'s flowing into the private security sector are tainted. If you don't have a problem with your government having unfettered access to all you do, how about Booz Allen? Do you care if they do? The problem is too monumental to be detailed here in a small space. Let's just say that anonymity and encryption are communications applications and stem from natural communication rights. Don't be so quick to hand them over to LE. And don't forget that Norbert Weiner, Robert Taylor and Warren Weaver, et al, some of the major figures in information theory and the internet itself, could see the the problem taking shape way back when. That why cybernetics is called an issue of communication and control.

 

While you have some valid points there, and trust me, it's going to get BAD, you wouldn't HAVE security without these agencies breaking laws.

 

NIX, i suppose i misspoke on the issue of backdoors. I wasn't really even thinking of backdoors when i was speaking in the previous post. I'm acqually against mandatory backdoors in encryption, and security devices like hardware firewalls. I don't believe it should be mandatory for a company to provide a backdoor.

 

DW

These agencies have unlimited power and "unlimited budgets" and if you did any reading at all, you would of known that the 911 attacks could of been prevented if not for the one-up-manship and competition and failure to share info between these various agancies - "they didn't do their job"!

They tracked the perpetrators to just a few miles of the secret NSA headquarters where they were staying in a motel but because of resisting to share information between agencies, they lost them

 

DW, forgive me for being glib. It's the female in me. And the lawyer, too. But really? I wouldn't have security without LE breaking a few laws?

Well, the corollary to that is that you're not going to have privacy without me breaking a few laws, either.

How's that sound?

 

Tobacco, don't confuse me for a couch potato watching the 11pm news and/or listening to and nodding my head like a bobblehead to my favorite political party and deciding that makes me a security expert. Actually, the truth is that they DON'T have unlimited power and budgets. Why? Because of the politics of the very people they are working for. You need to do a bit more reading. It's VERY easy to scroll through the privacy forums here and pick a random blog off the internet and decide that these "omnipresent" people are out to get us and have infinite resources to do so. The ugliness is that their own people handcuff them.

As far as 9/11, that WAS an intelligence AND Administration failure. There IS a problem of "one up-manship" and not sharing amongst intelligence agencies. But that is far from a U.S problem, that happens everywhere.

 

It doesn't have to do with you being female or a lawyer, if you've not dealt with these kinds of issues before, then of course you wouldn't know. Neither human nor electronic intelligence has come without spying, without infiltrating organizations, groups of people, buildings, and so on. All of these things are illegal. Infiltrating means trespassing and/or hacking, spying is illegal, the most effective means of intelligence gathering is illegal. If you did not have that though, you'd have an even scarier world than you have now.


It's extremely easy to judge situations from the outside. The truth these days is hidden with politics, scare-tactics (usually political themselves), and media organizations shoving "facts" down the throats of citizens that don't know any better and hunger for even a shred of truth of what is going on in their world. Intelligence, as we see often in this forum, can take on some pretty ugly forms when the wrong people are involved. But take it away, and you'll quickly see how ugly things can get.

Edit: Just so I'm following along correctly, I assume by "LE" you mean law enforcement. Law enforcement and the jobs of the CIA and NSA are on completely different planets. Don't confuse them. Which is what I believe is going on with some people.

 

DW, my job is to analyze privacy concerns from a legal perspective. I'm well aware of the myriad of players involved, both public and private.

My point is a mirror of yours. If we are to tolerate illegal activities in pursuit of "security", then we had better be prepared to tolerate illegal activity in the protection of individual liberty. Because for many people, it will come to that.

 

That is where you and I agree, and, unfortunately, it's coming to that sooner than we'd like to hope.

 

Foreign aid?

http://static.globalissues.org/i/aid/2010/oda-since-1990.png

http://upload.wikimedia.org/wikipedia/en/7/7a/U.S._Federal_Spending_-_FY_2007.png

 

Well, then consider the cybercrafts launched and we'll do a postmortem when the static dissipates.

 

DW

These agencies "break the laws" all the time in the name of security. Current laws "do not apply" to them.

Don't think it is possible to get court orders for each and every of the 1.7 billion emails, cellphone calls and other forms of communication that they intercept, store and analyze "each and every day"

What the president is now going to try and do is make it so they "aren't" breaking any laws!

 

Bingo! Get a legitimate warrant, and with oversight....checks and balances. There is only one reason to try and avoid this. Abuse! That is the *ONLY* reason to subvert the Constitution.

 

Why did you bother to show me an image of U.S spending from last year? If you think that graph is even anywhere within the solar system of being accurate..um, I'm not certain what to tell you. Foreign aid includes a hell of a lot more than food to Africa or some such things. There's a hell of a lot more you aren't going to find in some graph on Wikipedia or some guys personal blog. It's hard for me to understand why some do this. What exactly do you think you're going to find by looking at a handful of sources? What exactly do you think you'll find without digging into and reading bills passed, what on and how your senators and reps are voting, researching defense-related websites and experts? Nothing, that is what you'll find. I'm not going to try and change the minds of anyone, it's your responsibility as a citizen to make an effort to find out what is happening around you.

 

The confusion between what actual security agencies do and how they work, and the political power being hungrily devoured by the power players, is quite evident in this thread. The power players are as corrupt as it gets, and yes, they certainly do want to watch every move you make and control everything you do. That's been the plan for decades. That is a fact and an entirely different problem that can't be even delayed until these certain ones are booted from their positions. Unfortunately, the clock is ticking, votes and threats of "over my dead body" aren't going to stop what is already set in motion. Much of the damage is already done, look to the U.K, that is the future of the U.S. And, that's just the beginning.

 

This is probably a dumb question. The internet is more than just America, and American laws don't apply all over the world.

So, if this moronic idea becomes law, how do they stop us from going overseas and downloading a foreign encryption software from a nation that still respects personal privacy? I use GPG for Win right now for some email. I'm assuming a pgp backdoor would compromise it, since it is pgp.

I know there are other email encryption softwares available. Bottom line, a free people will find a way.

 

By the eventual outlawing of encryption, that's how, and that's coming. As I said previously, intelligence agencies suffer from this very problem, of foreign companies being difficult to get information from. However, it's not as difficult as one would think to change that. The U.N itself is developing ideas and tossing around suggestions to keep track of the worlds population, some Middle Eastern nations such as Saudi Arabia have already killed encryption on devices like Blackberries. These small things can change everything, and change it quickly. You forget that there are very few modernized countries in this world, and fewer that can be said to be "free". The U.K was one, and look what happened there. The U.S is becoming the U.K, Germany's laws are being eroded, the Middle East was never free and the few privacy laws they have are being dealt with right now. We have seen what Sweden has been doing, Canada is changing, China has no freedom. It takes nearly nothing for the world to change, and it happens often before anyone has realized it.

 

http://www.globalsecurity.org/intell/library/budget/

Wish I were that "under-funded"!

 

Absolutely, Spy1. This old argument comes up when even mainstream media sources confuse all annual federal outlays with true "discretionary" spending in an annual budget. It's not fair to put allocated and paid for things like Social Security into a pie chart for spending (just one example). Take that stuff out and you have a discretionary budget that looks like this. (From 2005, but you get the idea).

 

CNET has also covered this story. Linky here.

Overall, I think the US govt. is fighting an uphill battle here. We have already been down this road a couple of times in the 90's and the govt. lost the fight then. First we had the whole Phil Zimmerman and PGP debacle; they prosecuted him for exporting crypto technology (munitions), but he was slick and exported the source code in book format. The courts eventually upheld his 1st amendment right to publish books filled with academic info.

And then a few years later we had the whole "clipper chip" debate where the government said they would supply us good citizens with strong crypto technology designed by NSA. The catch, however is that all keys would be held in escrow only obtainable by the govt. with a warrant. This quickly died after all the outrage from privacy advocates. As a result, the NSA eventually released that secret encryption algorithm known as SKIPJACK (it is indeed a strong cipher and gave the public world a look at how well NSA can design ciphers. The precision with which they implemented the number of rounds was most interesting; SKIPJACK has had all rounds broken but one, which means NSA probably knows more than the public world about how many rounds are needed). However, even the most secure ciphers do no good when there is key escrow.

So, in the end, they will lose this fight too. Even if they get the legislation, the cat is out of the bag -- people will simply use open-source software like GnuPG and Truecrypt. They will have no control over these products since they have no commercial interests and can't be forced to do anything.

 

And you believe that U.S. citizens will stand by when laws are passed to "outlaw" encryption and anonymity? The impassioned rhetoric is warranted. How will such a thing possibly work? Will private enterprise be willing to let gov't have free theoretical access to all their data? How will businesses secure their own networks? In fact, what about legitimate LE activity? Will we outlaw encryption for them, too? Maybe we'll have encryption and anonymity "licenses" for the good guys only.

Let's not forget that the internet is first and foremost a communication system. The old saying that data wants to be free doesn't even begin to cover it any more. The fact is, communication needs to be free. Communication theory is complicated. Information theory is just the beginning. Forget about the information age. This is the communication age.

Here's a quote from another current thread on Wilders, by poster Justin Troutman:

"Green cryptography reflects on the real-world notion that cryptographic failure almost always occurs at the implementation level and exploits the gap of understanding between cryptographers, developers, and users. We're working on another project now, dubbed Mackerel, which not only looks at the relationship between cryptographic implementation and its stewards -- cryptographers, developers, and users -- but also cryptography's relationship with communication, and how the two diverge, much to security's dismay."

https://www.wilderssecurity.com/showthread.php?t=282596&highlight=microsoft

Now that's smart. That's the kind of thinking that will lead us toward the future. That is the nexus between information theory and communication theory.