RE: Will your cisco have the FBI's IOS?
This whole thing makes me think that we should be encouraging VOIP traffic to run over IPSEC so we can claim we don't know what it is. Owen pgp0.pgp Description: PGP signature
RE: Will your cisco have the FBI's IOS?
Owen, That sounds like an invitation to have the Jack Booted Thugs barbeque your home a'la Branch Davidian compound style. :) Christopher J. Wolff, VP CIO Broadband Laboratories, Inc. http://www.bblabs.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Owen DeLong Sent: Monday, March 15, 2004 7:51 AM To: 'nanog list' Subject: RE: Will your cisco have the FBI's IOS? This whole thing makes me think that we should be encouraging VOIP traffic to run over IPSEC so we can claim we don't know what it is. Owen
RE: Will your cisco have the FBI's IOS?
This is part of a law enforcement wishlist which has been around for a long time (See Magic Lantern, Clipper Chip et. al. for examples). What is desired here is a system by which all communications originating/or terminating at $DESIGNATED_TARGET can be intercepted with no intervention by and/or knowledge of the carrier hence ensuring the security of the investigation. The trouble with a system like this is that like all backdoors it can be exploited by non-legitimate users but law enforcement personnel tend to have a very limited understanding of technology and communications tech especially since to the majority of LEA's AOL == Internet many local LEA's their only internet access is AOL. I've been asked how do you track down all $NET_MISCREANTS in town. I told the chief that it requires good old fashioned police work. The net is not magic and is decentralized. But what is wanted is a centralized place where with the press of a button you can see who Joe Smith has been talking to, sending email to and what web pages he is looking at to make investigations easy from a civil liberties standpoint that is a _bad_ thing human nature being what it is. It is our job as members of the NANOG community to educate our politicians and police so that we do not end up living in a system which would be the envy of the Stasi and the Soviet era KGB Scott C. McGrath On Sun, 14 Mar 2004, Sean Donelan wrote: On Sat, 13 Mar 2004, Christopher J. Wolff wrote: I believe that CALEA versions of IOS are already available on cisco.com. It has a backdoor for any traffic originating from dhs.gov address space. ;) If law enforcement was satisified with the solutions already available, I don't think they would have spent the time creating this filing. It's probably a good idea for anyone associated in the Internet industry to read the filing because it may be requesting the FCC change definitions of who is covered and what they must do. Even if you thought CALEA didn't apply to you for the last 10 years; you might find out after this you will be required to provide complete CALEA capabilities. The requested capabilities may be more than are currently available from vendors. Do you know what is the difference between call-identifying information and communications-identifying information? They both have the intials CII. What is the difference between the phone number of a fax machine and the from/to lines on the cover page of the fax?
RE: Will your cisco have the FBI's IOS?
On Mon, 15 Mar 2004, Scott McGrath wrote: What is desired here is a system by which all communications originating/or terminating at $DESIGNATED_TARGET can be intercepted with no intervention by and/or knowledge of the carrier hence ensuring the security of the investigation. I don't think that is correct. Read the Justice Department's filing. With correct legal authorization, law enforcement already has access to any electronic communications through a carrier. From the Washington Post: The Justice Department wants to significantly expand the government's ability to monitor online traffic, proposing that providers of high-speed Internet service should be forced to grant easier access for FBI wiretaps and other electronic surveillance, according to documents and government officials. A petition filed this week with the Federal Communications Commission also suggests that consumers should be required to foot the bill. Is this a modem tax by another name. Should every ISP add a fee to their subscriber's bill to pay for it? Read the filing.
RE: Will your cisco have the FBI's IOS?
I have read the filing it's another step down the road. True all comms are subject to intercept _already_ what is desired is a way to _easily_ perform the intercept and the easily part is the kicker. Some things should be hard especially where civil rights are involved. See all the light and noise about the MATRIX system which is simply a means of collecting and indexing information which is already available to LEA's. However MATRIX removes the step of asking the provider for information on a individual basis hence law abiding people are now in the position of having their information searched without the oversight of the judicial system in fishing expeditions. Human nature being what it is the act of having to ask a judge to grant access to the information keeps honest people honest and judges almost never deny this type of request. In a perfect world we would not need locks on our doors, passwords for our systems. In situations like this who watches the watchers?. Currently a judge does in the future... Scott C. McGrath On Mon, 15 Mar 2004, Sean Donelan wrote: On Mon, 15 Mar 2004, Scott McGrath wrote: What is desired here is a system by which all communications originating/or terminating at $DESIGNATED_TARGET can be intercepted with no intervention by and/or knowledge of the carrier hence ensuring the security of the investigation. I don't think that is correct. Read the Justice Department's filing. With correct legal authorization, law enforcement already has access to any electronic communications through a carrier. From the Washington Post: The Justice Department wants to significantly expand the government's ability to monitor online traffic, proposing that providers of high-speed Internet service should be forced to grant easier access for FBI wiretaps and other electronic surveillance, according to documents and government officials. A petition filed this week with the Federal Communications Commission also suggests that consumers should be required to foot the bill. Is this a modem tax by another name. Should every ISP add a fee to their subscriber's bill to pay for it? Read the filing.
Re: Will your cisco have the FBI's IOS?
Speaking on Deep Background, the Press Secretary whispered: I have read the filing it's another step down the road. True all comms are subject to intercept _already_ what is desired is a way to _easily_ perform the intercept and the easily part is the kicker. Some things should be hard especially where civil rights are involved. It can not be emphasized enough that what the Feebees want now is what they always have wanted That's NOT just a way to intercept What You Say, but a way to intercept What You Say INEXPENSIVELY FOR THEM. They can and do kick on CO doors with paper in hand; but they want to save shoe leather. This is a budget issue for them. Thinking it is purely a technology issue is a trap, as it is anything but. It's a manpower/staffing resources one. -- A host is a host from coast to [EMAIL PROTECTED] no one will talk to a host that's close[v].(301) 56-LINUX Unless the host (that isn't close).pob 1433 is busy, hung or dead20915-1433
RE: Will your cisco have the FBI's IOS?
David,
I believe that CALEA versions of IOS are already available on cisco.com. It
has a backdoor for any traffic originating from dhs.gov address space. ;)
C.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
David Lesher
Sent: Saturday, March 13, 2004 10:41 AM
To: nanog list
Subject: Will your cisco have the FBI's IOS?
X-URL:
http://www.washingtonpost.com/ac2/wp-dyn/A54512-2004Mar12?language=printer
Easier Internet Wiretaps Sought
Justice Dept., FBI Want Consumers To Pay the Cost
By Dan Eggen and Jonathan Krim
Washington Post Staff Writers
Saturday, March 13, 2004; Page A01
The Justice Department wants to significantly expand the
government's ability to monitor online traffic, proposing that
providers of high-speed Internet service should be forced to grant
easier access for FBI wiretaps and other electronic surveillance,
according to documents and government officials.
A petition filed this week with the Federal Communications
Commission also suggests that consumers should be required to
foot the bill.
{meaning guess who does their work?}
Justice Department lawyers argue in a 75-page FCC petition that
Internet broadband and online telephone providers should be treated
the same as traditional telephone companies, which are required
by law to provide access for wiretaps and other monitoring of
voice communications. The law enforcement agencies complain that
many providers do not comply with existing wiretap rules and that
rapidly changing technology is limiting the government's ability
to track terrorists and other threats.
They are asking the FCC to curtail its usual review process to
rapidly implement the proposed changes. The FBI views the petition
as narrowly crafted and aimed only at making sure that terrorist
and criminal suspects are not able to evade monitoring because
of the type of telephone communications they use, according to
a federal law enforcement official who spoke on the condition
of anonymity.
{..}
{It sounds to me like this means:
Tear out backbone
Move MAE-East, West and whatever into the
Jill Edgar Hoover Building.
Pay them rent for the Colo space...
YMMV}
--
A host is a host from coast to [EMAIL PROTECTED]
no one will talk to a host that's close[v].(301) 56-LINUX
Unless the host (that isn't close).pob 1433
is busy, hung or dead20915-1433
Re: Will your cisco have the FBI's IOS?
X-URL: http://www.washingtonpost.com/ac2/wp-dyn/A54512-2004Mar12?language=printer Easier Internet Wiretaps Sought Justice Dept., FBI Want Consumers To Pay the Cost Not sure whos viewpoint this is, it reads like its the FBI's: The problem the FBI faces is that it cannot identify and break down information that travels as packets of data over the Internet. Phone calls placed over the Internet are changed from voice signals into data packets that look much like other data packets that contain e-mail or instructions for browsing the Internet Erm no, phone calls on the internet use the same data structure as they do on the phone network, the difference is in the transport. Kinda worrying they want to pass a law but dont know why they want it. Steve
Re: Will your cisco have the FBI's IOS?
They have access into the TDM network at present. Now they want VoIP. -- James H. Edwards Routing and Security At the Santa Fe Office: Internet at Cyber Mesa [EMAIL PROTECTED] [EMAIL PROTECTED]
RE: Will your cisco have the FBI's IOS?
On Sat, 13 Mar 2004, Christopher J. Wolff wrote: I believe that CALEA versions of IOS are already available on cisco.com. It has a backdoor for any traffic originating from dhs.gov address space. ;) If law enforcement was satisified with the solutions already available, I don't think they would have spent the time creating this filing. It's probably a good idea for anyone associated in the Internet industry to read the filing because it may be requesting the FCC change definitions of who is covered and what they must do. Even if you thought CALEA didn't apply to you for the last 10 years; you might find out after this you will be required to provide complete CALEA capabilities. The requested capabilities may be more than are currently available from vendors. Do you know what is the difference between call-identifying information and communications-identifying information? They both have the intials CII. What is the difference between the phone number of a fax machine and the from/to lines on the cover page of the fax?
