[LINK] Australian Privacy Foundation's 'easy option'?
Richard Chirgwin
rchirgwin at ozemail.com.au
Sat Apr 28 09:30:44 AEST 2007
stephen at melbpc.org.au wrote:
> Richard writes,
>
>
>> Well, the story's a bit of a technical jungle, but I would guess
>> the "easy option" is to:
>>
>> - Force backdoors in encryption;
>> - Impose the interception load on ISPs; and
>> - Require mass-capture of traffic.
>>
>
> Thanks RCx2 and AC .. all ones if you ask me (no pun intended).
>
> But, what about an encrypted VoIP / WiFi VPN scenario? T'would
> seem a simple future set-up for another Mokbel family, or perhaps
> the Jihad inclined. Any ideas how FedGov intercepts will work then?
>
Stephen,
I would still consider encryption to be more of a problem than
interception (caveat: in *most* cases!). VoIP / WiFi - the WiFi still
needs to get to the Internet somehow, so there will be a physical port
at which traffic can be captured. The problem is that capturing a packet
is not much use if you can't determine what's inside the packet.
Say the WiFi is in a home network: there will be a (probably) ADSL port
getting from the WiFi to the Internet. Ditto from a public access point.
If we are talking VoIP over a wireless ISP, then there is a service
provider involved, which would be the target of the warrant (ie,
"traffic from subscriber X").
As an aside: I remarked some time back that the WiMax Forum has
incorporated hardware client authentication into the standard;
essentially, if the standard were implemented by service providers, then
the WiMax modem would not connect until it's been cleared by a root
server (in the US, operated by Verisign). I would presume that
interception was in peoples' minds in putting forward this odious standard.
RC
RC
> Btw, for clarification regarding the APF position, Nigel kindly emails:
>
> --
> Stephen .. One of our Board members forwarded your comment
> on the. article, with a question about my assertion about easy options.
>
> What I meant to convey in my longer discussion with the journo was that
> the government has a tendency to take the 'easy option' of legislating to
> accommodate law enforcement & national security ambit claims (often
> unsubstantiated with hard evidence of need or likely effectiveness) rather
> than doing the hard work of trying to maintain the difficult but essential
> balance between those public interests and other important values,
> including privacy and civil liberties.
>
> Feel free to post this to LINK if you wish
>
> Nigel
>
> *************************************************************
> Nigel Waters, Board Member and Policy Coordinator
> Australian Privacy Foundation
> E-mail: enquiries at privacy.org.au
> APF Web site: http://www.privacy.org.au
> *************************************************************
>
>
>> OK: encryption is a problem for interception. But interception itself
>> is not such a mystery. For that part, you do what you've always done -
>> get a court order applying to a specific connection and capture its
>> traffic. Even packets traverse physical ports. Yes, I know that there
>> are specific workarounds but most services run through a specific
>> physical link.
>>
>> Let's take the "Skype on cellular" option. Here, a court order to
>> capture all traffic from a particular mobile device would enable the
>> intercept; once again, it's that once you have the traffic, you need to
>> decrypt it.
>>
>> Where the VoIP call is to a PSTN phone at the other end, things are
>> simpler, because at some point the call is likely to be "in the clear"
>> (not universally, just "mostly").
>>
>> I suspect at some point law enforcement is going to have to accept that
>> encryption is "here to stay". What if the TCP/IP decryption problem is
>> solved? There's always quantum crypto just around the corner.*
>>
>> RC
>>
>> * I have a problem with an apparent contradiction in quantum
>> cryptography. Intercepting a message supposedly destroys the quantum
>> entanglement, meaning you cannot intercept undetected. Yet to overcome
>> the distance limitations of the technology, scientists have also
>> invented "quantum repeaters" - which seems to me to represent a
>> possible MITM attack on the communication path.
>>
>> stephen at melbpc.org.au wrote:
>>
>>> Tony forwards:
>>>
>>>
>>>>> Subject: ACMA introduces new number range for innovative
>>>>> communications services such as VoIP
>>>>>
>>>>> ... new location-independent service type, and number range, to
>>>>> facilitate the introduction of innovative communications services ..
>>>>> <http://www.acma.gov.au/WEB/STANDARD//pc=PC_310162>
>>>>>
>>>>>
>>> Hmm .. maybe these two items, above and below, are related? Does
>>> anyone know what the Australian Privacy Foundation's 'easy option'
>>> might entail?
>>>
>>> Net Voice Haunts Spooks
>>> Chris Jenkins APRIL 24, 2007
>>> <http://australianit.news.com.au/articles/0,7204,21609052%5E15319%5E%
>>> 5Enbv%5E,00.html>
>>>
>>> Spooks and police these days have to deal with almost untraceable Skype
>>> calls made from mobile phones using mobile data networks using handsets
>>> such the Hutchison X series.
>>> The proliferation of carriers and services and the advent of easily
>>> available encryption means the days of the humble phone tap have
>>>
> passed,
>
>>> IT security expert and Queensland University of Technology faculty of
>>> information technology associate dean Bill Caelli said.
>>> "The biggest challenge right now for law enforcement is the legal and
>>> practical challenge of convergence," Professor Caelli said. "It's a hot
>>> topic. .. What do you do about VoIP, about Skype and all those sorts of
>>> things?"
>>> IP networks don't readily lend themselves to interception or even
>>> emergency calls services, said the Australian Privacy Foundation's
>>>
> Nigel
>
>>> Waters.
>>> "There are some questions as to whether technically the VoIP carriers
>>>
> are
>
>>> able to provide the law enforcement agencies with the interception
>>> capability that they require. There are ongoing discussions about
>>>
> whether
>
>>> they can deliver," he said.
>>> More and more communications services are being encrypted as a matter
>>>
> of
>
>>> course and transmitted over privately owned networks. This encryption
>>>
> is
>
>>> forcing agencies to use less capable and easily discoverable means of
>>> eavesdropping on suspects, such as bugging a room, Professor Caelli
>>>
> said.
>
>>> The arrival of IP has thrown up law enforcement issues that simply
>>>
> didn't
>
>>> exist in the era of government-owned phone companies offering simple
>>> services from within the exchange.
>>> For example, a company using a VPN may conduct encryption using its own
>>> equipment on its own premises, for information to be transmitted via
>>>
> its
>
>>> own network, Professor Caelli said.
>>> "The dimensions that you're running into are not just technical.
>>>
> They're
>
>>> legal and they have to do with ownership and with point of
>>>
> interception,"
>
>>> he said.
>>> "How would interception work in a VPN environment where everyone is
>>> connected to what is essentially a telephone exchange owned by the
>>> company?
>>> "Once you move across to a TCP/IP world, how do you separate out the
>>> services?"
>>> The arrival of new communications was also challenging the safeguards
>>> that govern the way telecommunications were intercepted, the APF's Mr
>>> Waters said.
>>> "The temptation for governments is to say this is all too difficult and
>>> to take the easy option, and this results in an overall diminution of
>>> privacy," he said. The Australian --
>>>
>
> Cheers all ..
> Stephen Loosley
> Victoria, Australia
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link
>
>
More information about the Link
mailing list