Interesting People mailing list archives
more on cryptome: How the FBI Surveils the Net-Official Use Only
From: Dave Farber <dave () farber net>
Date: Fri, 02 Jan 2004 16:08:25 -0500
Delivered-To: dfarber+ () ux13 sp cs cmu edu Date: Fri, 02 Jan 2004 12:36:38 -0800 From: Seth David Schoen <schoen () eff org> Subject: Re: [IP] cryptome: How the FBI Surveils the Net-Official Use Only Sender: Seth David Schoen <schoen () zork net> To: Dave Farber <dave () farber net> Dave Farber writes: > Delivered-To: dfarber+ () ux13 sp cs cmu edu > Date: Fri, 02 Jan 2004 10:18:17 -0800 (PST) > From: Joseph Lorenzo Hall <jhall () SIMS Berkeley EDU> > Subject: cryptome: How the FBI Surveils the Net-Official Use Only > To: Declan McCullagh <declan () well com>, Dave Farber <dave () farber net> > > Hi Declan, Dave, > > I thought you two and your respective lists might find this > interesting... posted by Mr. Young at Cryptome: > > How the FBI Surveils the Net-Official Use Only > http://cryptome.org/fbi-cgvop.zip > (a ~400KB zipped PDF file) > > It contains the document, "Electronic Surveillance Needs for > Carrier-Grade Voice over Packet (CGVoP) Service" > > ( A version of this document where copying and pasting has been > enabled is here:> http://www.why-war.com/resources/files/fbi_surveillance_voice_over_packet.pdf
> ) > > I'm in no way qualified to analyze this document, although I'm sure > some VoIP people out ther are... here's the last paragraph of the > exec. sum.: > > "To facilitate industry interaction, this document captures law > enforcements needs regarding LAES [Lawfully authorized electronic > surveillance] capabilities for CGVoP [Carrier-Grade Voice over Packet] > Service. The document focuses mainly on communicationidentifying > information associated with service-related events that are of > interest to law enforcement. The document also addresses law > enforcements needs regarding the content of CGVoP communications." I think it's more a matter of "how the FBI wants to surveil the net" than "how the FBI surveils the net". They have described these as "needs" and "requirements" and there are some big fights brewing over packet CALEA. (Of course, most of the substance of these fights is FBI and DOJ people describing their "needs" and getting press to report on the issue. This has been going on for over a year now and is now bleeding into the question of whether or not VOIP companies are legally to be carriers regulated by the FCC.) Here is a more fundamental question. When you make a VOIP call, why does your service provider know your session key? (Or, in the alternative, when you make a VOIP call, why isn't your conversation encrypted with a session key?) There have been software VOIP applications for years (PGPfone and SpeakFreely are the earliest I recall) that do end-to-end encryption. If VOIP "carriers" don't do that, they have taken a technological step backward. What a hollow "victory" over the Clipper Chip if all your voice session keys are "escrowed" down at some VOIP technology company (which is safeguarding them less well than the Clipper plan would have). -- Seth Schoen Staff Technologist schoen () eff org Electronic Frontier Foundation http://www.eff.org/454 Shotwell Street, San Francisco, CA 94110 1 415 436 9333 x107
------------------------------------- You are subscribed as interesting-people () lists elistx com To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- more on cryptome: How the FBI Surveils the Net-Official Use Only Dave Farber (Jan 02)