[LINK] Australian Privacy Foundation's 'easy option'?
rchirgwin at ozemail.com.au
Sat Apr 28 09:30:44 EST 2007
stephen at melbpc.org.au wrote:
> Richard writes,
>> Well, the story's a bit of a technical jungle, but I would guess
>> the "easy option" is to:
>> - Force backdoors in encryption;
>> - Impose the interception load on ISPs; and
>> - Require mass-capture of traffic.
> Thanks RCx2 and AC .. all ones if you ask me (no pun intended).
> But, what about an encrypted VoIP / WiFi VPN scenario? T'would
> seem a simple future set-up for another Mokbel family, or perhaps
> the Jihad inclined. Any ideas how FedGov intercepts will work then?
I would still consider encryption to be more of a problem than
interception (caveat: in *most* cases!). VoIP / WiFi - the WiFi still
needs to get to the Internet somehow, so there will be a physical port
at which traffic can be captured. The problem is that capturing a packet
is not much use if you can't determine what's inside the packet.
Say the WiFi is in a home network: there will be a (probably) ADSL port
getting from the WiFi to the Internet. Ditto from a public access point.
If we are talking VoIP over a wireless ISP, then there is a service
provider involved, which would be the target of the warrant (ie,
"traffic from subscriber X").
As an aside: I remarked some time back that the WiMax Forum has
incorporated hardware client authentication into the standard;
essentially, if the standard were implemented by service providers, then
the WiMax modem would not connect until it's been cleared by a root
server (in the US, operated by Verisign). I would presume that
interception was in peoples' minds in putting forward this odious standard.
> Btw, for clarification regarding the APF position, Nigel kindly emails:
> Stephen .. One of our Board members forwarded your comment
> on the. article, with a question about my assertion about easy options.
> What I meant to convey in my longer discussion with the journo was that
> the government has a tendency to take the 'easy option' of legislating to
> accommodate law enforcement & national security ambit claims (often
> unsubstantiated with hard evidence of need or likely effectiveness) rather
> than doing the hard work of trying to maintain the difficult but essential
> balance between those public interests and other important values,
> including privacy and civil liberties.
> Feel free to post this to LINK if you wish
> Nigel Waters, Board Member and Policy Coordinator
> Australian Privacy Foundation
> E-mail: enquiries at privacy.org.au
> APF Web site: http://www.privacy.org.au
>> OK: encryption is a problem for interception. But interception itself
>> is not such a mystery. For that part, you do what you've always done -
>> get a court order applying to a specific connection and capture its
>> traffic. Even packets traverse physical ports. Yes, I know that there
>> are specific workarounds but most services run through a specific
>> physical link.
>> Let's take the "Skype on cellular" option. Here, a court order to
>> capture all traffic from a particular mobile device would enable the
>> intercept; once again, it's that once you have the traffic, you need to
>> decrypt it.
>> Where the VoIP call is to a PSTN phone at the other end, things are
>> simpler, because at some point the call is likely to be "in the clear"
>> (not universally, just "mostly").
>> I suspect at some point law enforcement is going to have to accept that
>> encryption is "here to stay". What if the TCP/IP decryption problem is
>> solved? There's always quantum crypto just around the corner.*
>> * I have a problem with an apparent contradiction in quantum
>> cryptography. Intercepting a message supposedly destroys the quantum
>> entanglement, meaning you cannot intercept undetected. Yet to overcome
>> the distance limitations of the technology, scientists have also
>> invented "quantum repeaters" - which seems to me to represent a
>> possible MITM attack on the communication path.
>> stephen at melbpc.org.au wrote:
>>> Tony forwards:
>>>>> Subject: ACMA introduces new number range for innovative
>>>>> communications services such as VoIP
>>>>> ... new location-independent service type, and number range, to
>>>>> facilitate the introduction of innovative communications services ..
>>> Hmm .. maybe these two items, above and below, are related? Does
>>> anyone know what the Australian Privacy Foundation's 'easy option'
>>> might entail?
>>> Net Voice Haunts Spooks
>>> Chris Jenkins APRIL 24, 2007
>>> Spooks and police these days have to deal with almost untraceable Skype
>>> calls made from mobile phones using mobile data networks using handsets
>>> such the Hutchison X series.
>>> The proliferation of carriers and services and the advent of easily
>>> available encryption means the days of the humble phone tap have
>>> IT security expert and Queensland University of Technology faculty of
>>> information technology associate dean Bill Caelli said.
>>> "The biggest challenge right now for law enforcement is the legal and
>>> practical challenge of convergence," Professor Caelli said. "It's a hot
>>> topic. .. What do you do about VoIP, about Skype and all those sorts of
>>> IP networks don't readily lend themselves to interception or even
>>> emergency calls services, said the Australian Privacy Foundation's
>>> "There are some questions as to whether technically the VoIP carriers
>>> able to provide the law enforcement agencies with the interception
>>> capability that they require. There are ongoing discussions about
>>> they can deliver," he said.
>>> More and more communications services are being encrypted as a matter
>>> course and transmitted over privately owned networks. This encryption
>>> forcing agencies to use less capable and easily discoverable means of
>>> eavesdropping on suspects, such as bugging a room, Professor Caelli
>>> The arrival of IP has thrown up law enforcement issues that simply
>>> exist in the era of government-owned phone companies offering simple
>>> services from within the exchange.
>>> For example, a company using a VPN may conduct encryption using its own
>>> equipment on its own premises, for information to be transmitted via
>>> own network, Professor Caelli said.
>>> "The dimensions that you're running into are not just technical.
>>> legal and they have to do with ownership and with point of
>>> he said.
>>> "How would interception work in a VPN environment where everyone is
>>> connected to what is essentially a telephone exchange owned by the
>>> "Once you move across to a TCP/IP world, how do you separate out the
>>> The arrival of new communications was also challenging the safeguards
>>> that govern the way telecommunications were intercepted, the APF's Mr
>>> Waters said.
>>> "The temptation for governments is to say this is all too difficult and
>>> to take the easy option, and this results in an overall diminution of
>>> privacy," he said. The Australian --
> Cheers all ..
> Stephen Loosley
> Victoria, Australia
> Link mailing list
> Link at mailman.anu.edu.au
More information about the Link