Re: Jamming IEDs
From: Juergen Nieveler (juergen.nieveler.nospam_at_arcor.de)
Date: 03/07/05
- Next message: Juergen Nieveler: "Re: Allied military cipher-code systems"
- Previous message: Juergen Nieveler: "Re: Ever improving non-nuclear submarines."
- Maybe in reply to: Andrew Swallow: "Re: Jamming IEDs"
- Next in thread: Dirk Bruere at Neopax: "Re: Jamming IEDs"
- Messages sorted by: [ date ] [ thread ]
Date: 7 Mar 2005 14:07:25 GMT
a guy <aguy@ameritech.net> wrote:
> You could not run and maintain a system without looking at that data.
> The legal system is just living in a fiction of their own creation.
Looking at the data isn't the problem. I look at sensitive stuff every
day, no problem there - the only catch is that I'm not allowed to really
READ the stuff (and remember it, and tell it to anybody, etc.).
That's a big difference.
>> Every ISP can easily monitor your IP traffic, but still you wouldn't
>> want the police to be able to go to your ISP and tell them everything
>> he has in his logfiles, do you?
>
> They do! Your ISP by law is suppose to have a Y to the FBI.
Tell them, but you'll have to buy them new keyboards :-)
I rather doubt that Netcologne.de will forward ANYTHING to the FBI...
BKA and Verfassungschutz maybe, but definately not the FBI.
> This was too much data for the FBI so they invented Carnivore as a
> ISP based monitor. That has now been retired so I assume that the
> switching
> fabric has recording/nodes-taps. Likely the smart monitoring ports on
> the large Cisco Switches.
The system used in Germany taps only into mail servers. There simply
isn't enough bandwidth available to mirror all VoIP, Web requests etc.,
as basically the ISP would have to have the same bandwidth to the police
that he uses for his customers on his connection to the various Internet
backbones (mainly DECIX over here). And that's not counting the traffic
that never leaves the ISPs own network...
>> Privay laws are about access control - sure, a phone company
>> technician can see a lot, but if he actually starts taking notes and
>> blabbering to his mates about "that blonde girl who receives phone
>> calls from lots of different men", he'll go to jail. Same thing for
>> the government - sure, they COULD go to a Telco and ask them to hand
>> over the call records, but THEY AREN'T ALLOWED TO. And that's a good
>> thing(tm) - or would you love to hail Big Brother?
>
> No... Example From one country we could login and look in a system in
> another country. You wouldn't even suspect it.
But as soon as you act on information gathered that way, people WILL
suspect it.
> Everything has backdoors.
Not everything.
> Whose law was violated?
The local law, if applicable. If you had access to the telephone switch
down the road from me, German law would be applicable, and Deutsche
Telekom would get a not-so-nice visit from the "Landesdatenschutz".
> Whom do you arrest? By what writ?
If in doubt, the local Telco/ISP-management. They are responsible for
maintining access controls and protecting customer privacy.
>> The problem is that it is MY PHONE. I don't want to receive any
>> telemarketing calls, no matter what reason they have to call. And
>> yes, not being called IS a right, just like privacy.
>>
>
> Don't bet on it.
YMMV. Just don't try this in .de, or you'll get A LOT of problems.
>> Look at the headers. I live in Germany, not the USA :-)
>>
> How are you going to catch the phone company running a script and
> noticing that you are up to something and the script will flag the
> intel services. You will never know.
Companies are monitored by offical "privacy officers" who are
responsible to prevent this from happening. They usually have clashes of
interest with law enforcement, and usually when that happens they
immediately inform the public about it.
>> If I catch the police looking at my call records without a court
>> order, both the Telco and the Police are in BIG trouble (for values
>> of BIG that include a fine of 400k EUR and a prison sentence of up to
>> 2 years).
>
> Get real. Nobody will tell you.
Want to bet? Regulations on Privacy here in Germany are MUCH tougher
than in the USA.
> The intel service will go to a judge and say we really need a police
> tap on this guy.
And the judge will ask "Why? Oh, you can't tell me? Off you go, then,
and find a better reason".
> If they need more info they will blame it on the US and say we
> intercepted this Echelon intercept of this fool. He looks really
> dangerous and we need to be one step ahead of the CIA on this one so
> grant us the tap...
Wouldn't work. First of all, the judge would ask to SEE the data, and
secondly it was illegaly intercepted and therefore cannot be used in a
legal procedure.
>> LOL - in Germany they recently introduced a law that allowed the
>> police to get a court order and get access to all emails from a
>> certain user (effectively mirroring the mailbox). Ridicoulously
>> expensive, highly sophisticated, politicians blabbering about how
>> this will make the world safer... but it really was just a pointless
>> waste of money.
>>
> Don't bet on it being a waste of money!
It was. Simply encrypt your mail, or use a web-based mail service in
another country, or set up your own mailserver. True, you can catch the
stupid criminals - but the dangerous ones aren't stupid.
>> You can monitor all you want - if the end points use strong
>> encryption you won't learn anything even remotely worth the tons of
>> money you put into the monitoring system, though.
>
> Sometimes it is enough just to watch your patterns and movement..
So you set up a system that creates an amount of static random traffic
in which you insert your real messages.
> That said .. strong encryption may be illegal in the EU and it does
> make people interested in you wondering why you feel the need for it.
> What are you hiding.
Nope. Curiously, the German government has even sponsored the GnuPG
project in the past - because they feel strong encryption protects our
businesses against the USA. And since GnuPG is open-source, there's not
even a chance of a government-mandated backdoor :-)
>> If I want to setup a communication network for a group of people who
>> want unmonitored communication, I can do so - wether the FBI likes it
>> or not.
>>
> But the NSA may notice it. Yes I could to and I know the method I
> would use esp. since it is below the noise threshold....
Indeed, that's the same way I'd set it up. A low-bandwidth encrypted
P2P- network, using tools like "WASTE" for example. Just make sure that
there always is a load of 10-20kBit/s on the line, varying randomly,
and insert your messages into the random data transferred 24/7. It's a
bit slower than normal email, but unmonitorable.
Alternatively, have everybody in your network set up Mixmaster-servers.
>> And that information is useless unless the government can find a
>> LEGAL way to get access to it, unless you don't intend to use the
>> data in court.
>
> For a court case somebody needs a legal method....
> Not for other uses....
People don't get executed without a trial in Europe, and don't
"disappear" to a vacation on Cuba either.
> Or spying...
> OR sats listening
> or sats listening to sats listening which makes it totally legal...
And still totally useless against smart terrorists who use crypto and
steganography software. For all you know, they could be sending
messages back and forth hidden in pictures they use when selling stuff
on Ebay - maybe Osama is a Powerseller? ;-)
Juergen Nieveler
-- Too err is human. To moo, bovine
- Next message: Juergen Nieveler: "Re: Allied military cipher-code systems"
- Previous message: Juergen Nieveler: "Re: Ever improving non-nuclear submarines."
- Maybe in reply to: Andrew Swallow: "Re: Jamming IEDs"
- Next in thread: Dirk Bruere at Neopax: "Re: Jamming IEDs"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
