Freedom, "subject to the needs of law enforcement"

"Consumers are entitled to run applications and use services of their choice, subject to the needs of law enforcement."

http://beta.news.com.com/2061-10804_3-5884130.html?tag=nefd.aon
FBI to get veto power over PC software?
September 27, 2005 11:37 AM PDT

The Federal Communications Commission thinks you have the right to use software on your computer only if the FBI approves.

No, really. In an obscure "policy" document (http://dw.com.com/redir?destUrl=http%3A%2F%2Fhraunfoss.fcc.gov%2Fedocs_public%2Fattachmatch%2FFCC-05-151A1.pdf&siteId=3&oId=2061-10804_3-5884130&ontId=10784&lop=nl.ex) released around 9 p.m. ET last Friday, the FCC announced this remarkable decision.

According to the three-page document, to preserve the openness that characterizes today's Internet, "consumers are entitled to run applications and use services of their choice, subject to the needs of law enforcement." Read the last seven words again.

The FCC didn't offer much in the way of clarification. But the clearest reading of the pronouncement is that some unelected bureaucrats at the commission have decreeed that Americans don't have the right to use software such as Skype or PGPfone if it doesn't support mandatory backdoors for wiretapping. (That interpretation was confirmed by an FCC spokesman on Monday, who asked not to be identified by name. Also, the announcement came at the same time as the FCC posted its wiretapping rules (http://beta.news.com.com/Wiretap+rules+for+VoIP%2C+broadband+coming+in+2007/2100-7352_3-5883032.html?tag=nl) for Internet telephony.)

Nowhere does the commission say how it jibes this official pronouncement with, say, the First Amendment's right to speak freely, not to mention the limited powers (http://dw.com.com/redir?destUrl=http%3A%2F%2Fwww.cato.org%2Fccs%2Fenum-powers.html&siteId=3&oId=/Wiretap+rules+for+VoIP%2C+broadband+coming+in+2007/2100-7352_3-5883032.html&ontId=10784&lop=nl.ex) granted the federal government by the U.S. Constitution.

What's also worth noting is that the FCC's pronunciamento almost tracks the language of the 1996 Telecommunications Act. Almost.

But where federal law states (http://dw.com.com/redir?destUrl=http%3A%2F%2Fwww4.law.cornell.edu%2Fuscode%2Fhtml%2Fuscode47%2Fusc_sec_47_00000230----000-.html&siteId=3&oId=/Wiretap+rules+for+VoIP%2C+broadband+coming+in+2007/2100-7352_3-5883032.html&ontId=10784&lop=nl.ex) that it is the policy of the United States to preserve a free market for Internet services "unfettered by federal or state regulation," the bureaucrats have adroitly interpreted that to mean precisely the opposite of Congress said. Ain't that clever?
Posted by Declan McCullagh
There's much talk about CALEA and wiretapping. There are good signs that this will apply not just to providers like Vonage and Skype, but also to point-to-point internet telephony, and possibly even to homebrew/hobbyist-writen software.

You have the right to speak freely, subject to the needs of law enforcement. Damn, that's scary.

Not surprising. Just another step towards full blown police statism so that when we are united to Mexico and Canada our system of population control will fit in with theirs.

Ah yes, another fine product brought to you by the War on Terror.

What happened to warrants? I know, I know, the bill of rights is an anachronism.

If you need encryption software, you must be a terrorist or some other enemy of the state with something to hide. The government is just doing its job to protect us and we can't have ordinary citizens conducting their affairs in secrecy.

Apropos of something my father once told me:


"Son, they can take your life, your property, and everyone you love from you. The only thing they cannot take is what you know. Therefore, learn all that you can, every time the opportunity presents."

In that spirit:

http://gcc.gnu.org/

http://www.amazon.com/exec/obidos/tg/detail/-/0789718162/qid=1128280748/sr=8-1/ref=pd_bbs_1/102-1236211-7153756?v=glance&s=books&n=507846

http://ciphersaber.gurus.com/

Nothing wrong with this. Excellent! I'll have to write President Bush and thank him for this one. I personally won't be satisfied until I can have an FBI employee at my keyboard with me, and the employee types in for me and reads me back only the responses that have been government approved.

I remember when I used to think that Clinton was the worst thing that could ever happen to this Nation. I beginning to think I was wrong.

Clinton was a communitarian, not a traditional liberal in the ACLU mold. He would have done the same thing. Remember, Janet Reno was his ideal of an Attorney General.

Janet Reno is an evil creature. She deserves to be in jail both for her deeds under Clinton, and her deeds while in Florida.

You have the right to speak freely, as long as your dot gov gets a complete word for word transcript.

Nice. :banghead:

Hey, only 7 replies before "Clinton did it". A new record? :rolleyes:

Just to let you know, because it was done in the past does not excuse current actions.

http://www.pgpi.org/

PGP Corporation Online Store (http://www1.pgpstore.com/product.html/?productid=524508&currencies=USD)

Share what you know. Learn what you don't.

There is no fine print in the Bill of Rights.

The only thing freedom should be "subject to" is the rights of our fellow Americans. I ain't holdin' my breath though. :rolleyes:

CALEA was before 9/11.

Mandated many communications systems have built in aids for wiretapping and tracking.

Among other things.

One of those little packages that slipped through while everyone was worked up over some "issue" or another.

There are simply more little landmines like this than anyone could possibly keep track of.

As GeekwithA45 pointed out a link to, GCC is a GNU C compiler, it is not public domain, but it is totally free with very few restrictions placed on its use. Just cause you not a computer programmer does not mean that you cant download and build programs that other people have written, especially from overseas, where these restrictions dont exist.

3 good windows ports of gcc are:
MingW, allows you to build windows programs
Cygwin, basically an expanded package with a lot more goodies
DJGPP, it works, has a lot of unix tools, but it is hard to build a lot of packages with.


I totally dislike our governments moves in the past few years to restrict the flow of information. But there are ways around it.

There is no fine print in the Bill of Rights.

Well said, longeyes! Unfortunately, the Bill of Rights doesn't include any penalties for violations.

There is no fine print in the Bill of Rights.Well said, longeyes! Unfortunately, the Bill of Rights doesn't include any penalties for violations.Ah, but it does. Have a quick look at the Second Amendment; the penalty is implied.

You mean, the penalty that our free state will no longer be secure if the 2A is not honored?

no the penalty for giving up our rights and obligations of the 2nd is TYRRANY! exactly what we've got...

>>>Ah yes, another fine product brought to you by the War on Terror.<<<

Ding Ding Ding! Bin Laden wins!

James Madison is rolling in his grave!

:barf: :banghead:

aiecs adwcl dfwcx grwqa vbsdz poitx slowx kslwa gjowi xlwaz peokd roeds aosim fjsio aklwk xlsow psoer!

The c13 cypher was approved for civilian use. all gov't officials get ECC though, because they are not "civilians". :barf:

There are one or two cyphers I know (and may or may not use) that even the huge resources of the gov't would be hard pressed to break in a timely manner.


Of course, these computers wouldn't even be hooked up to the internet, so it's moot unless they're found in a search.

right up there with
" in the interest of national security"
that one scares the C%^p out of me.

AFS

Years ago I adopted a "policy" that anything I do/write/speak is going to be listened to. That doesn't stop me from saying whatever I want.

That said, just because they can get the raw data, doesn't mean it has to be intelligible. Sure they can get copies of my emails, but with PKI encryption, they'll have to burn a bunch of cycles to read them. Maybe they'll get a good recipe for rack of lamb for their trouble, maybe a "hello" to an old friend or some other stuff that won't interest them in the least. It matters not. Since I'm a law-abiding citizen, what they won't get is anything "useful" to securing the country or enforcing laws. They are just wasting their time putting the law-abiding under the microscope. So get them to waste enough time that it becomes unproductive... and then impossible.

What would make a huge dent is if more and more people encrypted their everyday communications. When the mass of "secure" (nothing is forever, just for some period of time) traffic becomes overwhelming, the clowns at FBI/NSA will get more selective, and stop hassling workaday folks with this nonsense. I would encourage everyone to get a free certificate from Thawte or another provider, or use GPG/PGP/etc religiously. Generate certificates often (yearly). The FreeSwan project was an attempt at something similar, ubiquitous encryption of all IP traffic.

Don't do this because you have something to hide, but because it causes expensive resources to be utterly wasted, resources that would be better put to use on other fronts (real threats). That will lead to "profiling" of terrorists instead of grammaw's emails being cracked and read, and some beaurocrat trying to figure out the exact location of those bunyons and liver-spots she talked about. The gist is kind of like everybody having fake weeping-dynamite strapped to them and showing up the airport, forever... TSA would have to decide whom to spend more time on.

I found this book, and others like it useful in ideas for steganography:

Disappearing Cryptography, Second Edition - Information Hiding: Steganography and Watermarking (The Morgan Kaufmann Series in Software Engineering and Programming) (Paperback)


If somebody doesn't know the message is even there, they can't read it.

Some nice ways to hide and/or encrypt your more-important messages in email, mostly for programmers who can write a relatively quick program to do these things and distribute it:

1) Make a fake reply-to and stego your message inside what is obviously a "spam" email. Send hundreds or thousands out, the real recipient just needs to get one and decrypt the hidden message. There are lots of "open" email servers out there, pick one. Use a subject that will immediately turn everybody off or get culled from other mailboxes... something like "Huge Spooge Now!", and make lots of grammatical and spelling errors. In short, make it authentic looking spam, and have fun with it.

2) Use the submariners and diplomats method. Make CD's full of one-time-pads for your encryption client. Hand to your buddies. Send an encrypted email using one of those pads, put the CD/cipher/pad name or number in the subject so its cleartext. Without the CDs and contents, it will take brute force to crack, and all that work is worthless toward cracking future messages, since they keys and cipher(s) will be different.

3) Layer your encryption. Nothing wrong with passing some text (the more the better, pad with lots of stuff, like the constitution, for example) through one cipher engine after another, as long as the other side knows how to decrypt. Don't even think about using common keys throughout though. Make the message like the inside of an onion, lots of layers.

4) Write a set of clients that creates private keys from common objects in plain sight. Use say the picture of the white house from their website, the text of the Constitution from a .gov website, a pic of the current pres, etc. Hash all of them, combine hashes, hash the hashes your "lucky number" of times, etc. whatever you want. Then take the hash (and maybe your birthday or something else) as a seed as a private encryption key. Then XOR the data with some other pics on the web (one after another), maybe something bizarre and freakish like (I actually used this once for a business customer who demanded maximum obscurity of data) a link to a pic of a naked chick with a lobster in an inappropriate place, etc. Have some real fun, that's also important! Think about the looks on somebody's face whose trying to keep up with the madness you've built into it, before just giving up to try a brute-force approach. Email the ciphertext. In other emails provide clues as to what to use (and number of iterations of hashing or other variability) so your recipient starts his copy of your custom client which comes up with the identical privale key and XOR combos. Better yet, combine this with the CD-one-time-pads full of pics and document text on each side. Talk about a winner... Again, make the cracker go to brute force and waste cycles that translate into hours/days/months/years.

5) All the above can be used to write a VOIP proxy that offers realtime encryption of the datastream. Again, have fun learning and doing it.

The name of the game is this: force the snoopers to use brute force... always. 99% of the time you can force their hand, somebody is going to decide your message isn't important enough to throw the machine cycles at.

And yes, I write encryption/stego for a living, among other projects (for financial institutions, not some evil empire, foreign or domestic).

If anybody is interested, I'll do a writeup on how to beat keyboard snoopers running on your hardware also for messaging purposes.