
FBI pressures Internet providers to install surveillance software - ojbyrne
http://news.cnet.com/8301-13578_3-57596791-38/fbi-pressures-internet-providers-to-install-surveillance-software
======
oscargrouch
In any other civilized country, after being caught spying, governments would
be ashamed and massacrated by public opinion and politicians would review and
stop their actions immediatly

.. but in US they(the big brother) have no shame at all.. they continue to do
it as if theres nothing wrong with.. and people just act normal while civil
rights get shattered appart in pieces..

people need to get real.. this is pretty serious.. this will have a great
impact and damage not only on civil rights but also in business..

Im sure a lot of people form outside US are waking up and will start to build
their own local versions of sucessful US bussiness.. and this is just the tip
of the iceberg.. we can think of a lot of other things coming, and none of the
are good for anybody

~~~
dobbsbob
This is going on in all of our countries, not just the US. There was a student
riot here when they jacked the tuition 300% and now the police demand cameras
everywhere, hidden SIM card kill switches that wipe the entire phone rendering
it a brick so they can prevent organizing during social unrest (they shopped
this as anti theft measures, but of course only the authorities have control
of the kill switch and you have to report your lost phone), special tags on
vehicles to trace them at all times, drones, and ISP level spying because you
have nothing to worry about if you're not a criminal right? My country is
contracting the exact same intel corps the US is contracting which are run by
ex CIA managers. My country is leasing the exact same software that uses
previously unknown exploits to backdoor all our communications that the US is
using like FinFisher/FinSpy and VUPEN. It's a giant festering dystopian
industry straight out of 1984 with tentacles across the globe.

They are showing up to campuses here and offering huge salaries for "data
analyst" positions. They are not even trying to hide the fact anymore that you
will be spying on your own neighbors while developing these databases. They
used to pretend it was to prevent terrorism and crime now it's blatent
shredding of the bill of rights/constitution and developers are signing up in
droves because they're the ones paying the most money and nobody else here is
hiring. My country's version of CENTCOM is all over political commentary,
newspaper articles and radio stations denouncing all detractors of this new
fascist order. The politicians use this feedback as "proof" of positive
feedback on their new rights slashing spy programs. The privacy watchdog in
charge of the spy agency in my country was promptly sacked as soon as they
took office. They now operate in total secrecy.

This isn't sustainable. Eventually all of us will rise up and cast off the
20th century dictator leftovers destroying our countries, starting wars,
watching us through our smart TVs, creating food shortages, pumping up
armnaments and fear.... It's only a matter of time the question is how far
will they go and get away with this until we burn it all to the ground.

A century from now all of our descendents will study this period as the 21st
century dark ages and those kids will wonder how anybody survived the great
oppression.

~~~
mtgx
They're starting to ask Apple and Google for the same kind of kill switch in
Android phones and iPhones, and it's also promoted as a way to prevent theft.

~~~
duaneb
Isn't that called "Find my iPhone"? We don't even NEED the authorities! :D

------
silentOpen
It's very simple: a free country is run by free software by definition. A free
country has published laws that are implemented and debugged (adjudicated) in
public.

If the FBI wants carriers to install software on their network devices, the
FBI is implementing regulatory law as code in the network substrate. The
source and its build and development process must be public. They have no
magic tricks and there is no unknown capability that this could compromise.
It's simply a requirement for a country governed by the law. It's how we watch
the watchers.

Seeing as how we can't even get voting machine source code released, I have
little faith that the spy state will cede its code in the near future. Given
this, it's now time for all able-minded hackers to build tools for personal
liberty and spread them far and wide. Godspeed.

~~~
jivatmanx
The author of the code for section 215 of the Patriot act, Sensenbrenner, says
it is being used totally beyond what he intended.

In this sense, it can be said to be executing arbitrary code, perhaps it can
be said that the typical method of those in power is to look through the
10,000+ page laws, search for the weakest and most arbitrary provision, and
exploit it to the fullest extent possible.

Of course, part of the reason for this is that no debugging was done - after
receiving the law, the military went so far as to lie about how it was being
used.

~~~
mpyne
No offense but Sensenbrenner deserves his share of blame for this too.

People pointed out even back then that that Patriot Act was _way_ overbroad
and could lead to things exactly like this.

Militaries plan against the _capabilities_ of a possible opponent, not just
what they think the opponent _intends_ to do.

Congress should never have let it get passed in the shape it was in, but
Sensenbrenner should have written the legislation keeping in mind the
_capability_ it would give the Executive branch, not just presumed intent.

------
declan
By request I just posted this 2006 court opinion that says all email headers
except Subject: lines are metadata. No wiretap order required to do a live
intercept:
[https://plus.google.com/u/0/112961607570158342254/posts/9Cu7...](https://plus.google.com/u/0/112961607570158342254/posts/9Cu7Q9kDUhc)

------
diminoten
Wait so this captures HTTP request "metadata" \- is that everything but the
body of the request?

But it also sounds like more. They're talking about Facebook correspondence
names, email address "to"s and "froms" \- stuff you _can 't_ get out of HTTP
"metadata" but have to analyze the content body and extract. So if they're
analyzing content, isn't that a line they're crossing into content?

And how are "Internet search terms" metadata? I guess if it's part of the URL
as query parameters it's metadata?

~~~
declan
The problem for engineers is that what lawyers call metadata does not track
the application/transport/Internet/link layer model we all know and love. A
good rule of thumb is that unless it's in the body of a message and maybe a
Subject: line, DOJ argues it's not content. URLs could go either way.

Re: Internet search terms, later in my article I try to address that: Whether
the FBI believes its port reader software should be able to capture Subject:
lines, URLs that can reveal search terms, Facebook "likes" and Google+ "+1s,"
and so on remains ambiguous, and the bureau declined to elaborate this week.
The Justice Department's 2009 manual (PDF) requires "prior consultation" with
the Computer Crime and Intellectual Property Section before prosecutors use a
pen register to "collect all or part of a URL."

------
northwest
> Judges are not always in a position, Boothby said, to understand how
> technology has outpaced the law.

How is it that this issue was not already addressed, yet?

Who runs this show?

~~~
afarrell
There are federal judges who do not use email. They have their secretaries
print out their emails, handwrite their responses, and then their secretaries
type them up.

~~~
northwest
Not forcing judges to be "eternal students" is like giving people democracy
but closing all schools and media outlets.

~~~
emiliobumachar
Forcing them could be worse. Who would judge if they are student-like enough,
and what would keep that entity from selectively enforcing the crap out of
activist judges it does not like?

------
state
I have been reading the cypherpunks archives recently, and have noticed that
Declan was pretty active on that list. Thought it worth mentioning, as his
articles have been popping up on HN with increasing frequency.

~~~
declan
Yep. Julian Assange and I go way back. :)

------
northwest
Not naming names, but...

> AT&T, T-Mobile, Verizon, Comcast, and Sprint declined to comment.

~~~
wil421
I think that the damage is already too great. They are probably already in all
the hubs, exchanges and its not like they will give them back. It's no
surprise that they are collecting all the cell data too, whether it be
metadata or content. Who knows what kinda stuff they have in the actual
hardware beside the repeaters they have on the fiber cables.

My question is how do we enact a change. The genaral public (non-tech people)
may not fully understand the implications of what they are doing and how much
of our data thy are taking. If the large companies are just going to bend over
how do we do something?

~~~
northwest
Some say we need to get behind them ;-)

But more seriously, the only _healthy basis_ for a way out I see is to make
literally every part of the "stack" open and transparent. "Open" as in "open
source", both regarding hardware and software.

~~~
wil421
<Some say we need to get behind them ;-)

I've meet them too as long as out keeps the terrorists out they're fine with
it.

Open source software would help especially open source networking software.

~~~
northwest
What I was trying to say:

When people bend over, your best bet is to get "right _behind_ " them, if you
know what I mean ;-)

------
mladenkovacevic
OK I'll hand it to you that was a pretty important article.

~~~
declan
It looks like that was directed at me. So: Thanks! :)

------
drblast
I think the fact that this is done on a large scale makes people more
complacent.

"Oh, they're monitoring the whole Internet for terrorists? OK!"

But if you told anyone, "The Feds have decided to monitor you and 1000 other
people chosen at random for the next year. Your phone calls will be stored,
and all of your web browsing activity will be logged. They probably won't use
it, but it's being stored just in case."

People would have a fit.

~~~
nrivadeneira
Considering everyone on the internet is being logged in some sort of way by
various entities at all times, I think most are used to it by now. The
government may have judicial powers, but I think most people have accepted
being tracked by things like browsers, analytics services, social networks,
etc. The next logical question is "How would government tracking affect my
life differently than Facebook tracking, and would it make my life worse?"
Considering the average person is probably not committing felonies on a
regular basis, the conclusion is generally "Well honestly, it's more likely
that Facebook tracking will affect my life negatively (ie. somehow posting the
weird things I look at on the internet on my news feed) than government
tracking." Since this person has already accepted Facebook tracking as part of
their lives, it's then pretty easy to accept government tracking.

Mind you, this is all speculation on what the average person might think, but
I'm not a big fan of slippery slope arguments so I tend to agree.

------
foxhop
AT&T partners with defence contractors to implement email spying

[http://www.informationweek.com/government/security/feds-
isps...](http://www.informationweek.com/government/security/feds-isps-team-on-
cybersecurity-for-defe/230800180)

------
northwest
If you want to turn this eternal discussion into results:

[https://news.ycombinator.com/item?id=6152935](https://news.ycombinator.com/item?id=6152935)

------
coldcode
How does this solve the issue with intercepting SSL traffic? Without "content"
there isn't much to go on in deciding how you could use the packets?

~~~
declan
Simple. Send a pen register/trap and trace order to, say, Microsoft for a
target's Hotmail traffic (except Subject: lines and body content).

I disclosed Microsoft's wiretap compliance system in this article last month:
[http://news.cnet.com/8301-13578_3-57593538-38/how-
the-u.s-fo...](http://news.cnet.com/8301-13578_3-57593538-38/how-
the-u.s-forces-net-firms-to-cooperate-on-surveillance/)

If it's Hushmail in Canada, that's why we have MLATs.

------
known
Obedience or Peace?

What is USA seeking from rest of the world?

------
mars
Qwn

------
icantthinkofone
If you want to continue to ignore the reason for this then this sounds bad.
And almost everybody here is ignoring the cause and fixating on the symptom.

~~~
emiliobumachar
Please be more explicit. What do you call cause, and what do you call sympton?

