[hcs-d] Government wiretapping

Joseph Tassarotti tassarotti at college.harvard.edu
Mon Sep 27 23:47:54 EDT 2010


Also maybe Skype is a bad example because they may already have such a
backdoor or something.


<-----Original Message----->

 	 	From: Joseph Tassarotti [tassarotti at college.harvard.edu]
Sent: 9/27/2010 11:41:56 PM
To: andreioprisan at fas.harvard.edu
Cc: carl at avtok.com;gdb at MIT.EDU;hcs-discuss at hcs.harvard.edu
Subject: Re: [hcs-d] Government wiretapping 

Greg was saying that in principle the government wouldn't have direct
access to this backdoor and that they would still need to present a
warrant to Skype or whomever. My point is that historically the
intelligence agencies have pressured private companies into violating
the privacy of their users even when they don't have warrants. If the
feds came to Skype and said we want access to this person's stuff and
pressure Skype even though they don't have a warrant, Skype can easily
say it's not feasible. I'm pretty sure your conversations are end-to-end
encrypted between you and the other party, so you would have to force
the user to upgrade to some different version of the software that used
a broken encryption scheme. It's a lot harder for the government to
compel Skype to do that without a warrant. However if there is a
government mandated backdoor, then when the government comes knocking
without a warrant it would be much easier for them to pressure Skype
into exploiting this backdoor.


<-----Original Message----->

 	 	From: Andrei Oprisan [andreioprisan at fas.harvard.edu]
Sent: 9/27/2010 11:15:32 PM
To: tassarotti at college.harvard.edu
Cc: gdb at MIT.EDU;carl at avtok.com;hcs-discuss at hcs.harvard.edu
Subject: Re: [hcs-d] Government wiretapping 

We all know that from a technical perspective it's not impossible to
implement. They would have to hand over master encryption keys to the
FBI when asked to. And Skype can't outright lie, they would have to
modify some protocols but not impossible.


On Sep 27, 2010, at 10:44 PM, Joseph Tassarotti wrote:



	That only works if Skype has the guts to refuse to release this
stuff if there's no warrant. Under the current system, Skype (or
whoever) doesn't need to have guts. They just have to say it's
impossible. Compare with how the telecom companies handled the NSA
wiretaps under the Bush administration. They caved under the pressure
and then the Senate wanted to give them immunity for violating the
privacy of their users. 
	
	
	
	<-----Original Message----->
	
 	 	From: Greg Brockman [gdb at MIT.EDU]
Sent: 9/27/2010 9:49:26 PM
To: joe at hcs.harvard.edu <mailto:joe at hcs.harvard.edu> 
Cc: carl at avtok.com;hcs-discuss at hcs.harvard.edu
Subject: Re: [hcs-d] Government wiretapping 

Wait, as I understand the proposed law, it's not about trying to get 
around legal process. Rather, it's about making sure that when the 
government gets a warrant for a Skype phone call, Skype has the 
technical ability to decrypt said phone call and give it to the 
government. The government itself will not gain that ability and will 
still have to go through exactly the same protocols they do now. 

Greg 



On Mon, Sep 27, 2010 at 9:35 PM, Joe Zimmerman < joe at hcs.harvard.edu
<mailto:joe at hcs.harvard.edu> > wrote: 
> 
>> While I'm no lawyer, it seems unlikely that any such mandate would
hold up 
>> in court. 
> 
> I'm not sure about that. Courts have done some pretty crazy things in
the 
> past (e.g., letting the DMCA stand). 
> 
>> 
>> Plus, to access said encrypted data, the government would still 
>> technically need a warrant. The 4th amendment prohibits the
government from 
>> accessing the information without a search warrant, so any charges
they 
>> tried to bring against people based on evidence obtained without a
warrant 
>> would be thrown out before you can say "constitutional rights". 
>> 
>> And remember that the 5th amendment means that people have the right
to 
>> confront the evidence against them -- in particular the witnesses
against 
>> them -- making any charges doubly difficult for the government... 
> 
> Assuming the cases went to trial, as opposed to the people just 
> disappearing. Or, what is probably more common, the information
gathered 
> being used extralegally to blackmail or frame people for other things.
> 
>> 
>> It's not to say that I approve of this policy. Honestly, why the 
>> intelligence community goes to such lengths to avoid appropriate
legal 
>> processes (such as search warrants) boggles the mind. Particularly
when 
>> there are special courts set up specifically for the purpose of
issuing 
>> warrants for sensitive investigations. 
>> 
> 
> See above, in part. Although, it occurs to me that the government has
an 
> interesting angle here: right now, so much data on the Internet is
encrypted 
> that the feds don't know what to look for. Most of this is due to
traffic 
> over SSL, destined for servers that have a physical and legal presence
and 
> whose owners can be held accountable to the proposed new law. If all
of this 
> traffic effectively became cleartext (on account of the backdoor), it
would 
> become much more feasible to look for encrypted transmissions (any 
> whatsoever) as a sign of suspicious activity. 
> 
> -Joe 
> 
> 
> 
>> 
>> On Mon, Sep 27, 2010 at 20:05, Zak Stone < zstone at gmail.com
<mailto:zstone at gmail.com> > wrote: 
>>> 
>>> I imagine most businesses will vehemently oppose the legislation: 
>>> 
>>> http://www.nytimes.com/2010/09/28/business/global/28secure.html 
>>> 
>>> Zak 
>>> 
>>> 
>>> On Mon, Sep 27, 2010 at 5:37 PM, Zak Stone < zstone at gmail.com
<mailto:zstone at gmail.com> > wrote: 
>>> > It may be time to lobby Congress, folks, especially if there are
plans 
>>> > to somehow prohibit individuals from using strong encryption 
>>> > technology. This legislation hasn't passed yet. 
>>> > 
>>> > Zak 
>>> > 
>>> > 
>>> > On Mon, Sep 27, 2010 at 5:30 PM, Joe Zimmerman <
joe at hcs.harvard.edu <mailto:joe at hcs.harvard.edu> > 
>>> > wrote: 
>>> >> Not to mention the entirety of Nineteen Eighty-Four. 
>>> >> 
>>> >> -Joe 
>>> >> 
>>> >> On Mon, Sep 27, 2010 at 1:46 PM, Siddarth Chandrasekaran 
>>> >> < chandrasekaran.siddarth at gmail.com
<mailto:chandrasekaran.siddarth at gmail.com> > wrote: 
>>> >>> 
>>> >>> Frighteningly relevant: 
>>> >>> 
>>> >>> http://www.youtube.com/watch?v=7DRAD-j8ObI 
>>> >>> "There are of course those who do not want us to speak. I
suspect 
>>> >>> even 
>>> >>> now, orders are being shouted into telephones, and men with guns
will 
>>> >>> soon be on their way. Why? Because while the truncheon may be
used in 
>>> >>> lieu of conversation, words will always retain their power.
Words 
>>> >>> offer the means to meaning, and for those who will listen, the 
>>> >>> enunciation of truth. And the truth is, there is something
terribly 
>>> >>> wrong with this country, isn't there? Cruelty and injustice, 
>>> >>> intolerance and oppression. And where once you had the freedom
to 
>>> >>> object, to think and speak as you saw fit, you now have censors
and 
>>> >>> systems of surveillance coercing your conformity and soliciting
your 
>>> >>> submission. How did this happen? Who's to blame?" 
>>> >>> 
>>> >>> Siddarth 
>>> >>> 
>>> >>> 
>>> >>> 
>>> >>> On Mon, Sep 27, 2010 at 4:39 PM, Jim Danz < danz at fas.harvard.edu
<mailto:danz at fas.harvard.edu> > 
>>> >>> wrote: 
>>> >>> > What?  That's never happened to me on NYT and I'm definitely
not a 
>>> >>> > member. 
>>> >>> > 
>>> >>> > On Mon, Sep 27, 2010 at 4:35 PM, Carl Jackson < carl at avtok.com
<mailto:carl at avtok.com> > 
>>> >>> > wrote: 
>>> >>> >> 
>>> >>> >> http://imgur.com/tyiT0 
>>> >>> >> 
>>> >>> >> In other news, this is really really unfortunate. I'll
probably 
>>> >>> >> say 
>>> >>> >> more 
>>> >>> >> angry words when I figure out how to read the article :P 
>>> >>> >> 
>>> >>> >> Carl 
>>> >>> >> 
>>> >>> >> On Sep 27, 2010, at 4:30 PM, Greg Brockman wrote: 
>>> >>> >> 
>>> >>> >> > Looks like the government is considering mandating
communication 
>>> >>> >> > service providers to put backdoors in their softwares'
crypto: 
>>> >>> >> > http://www.nytimes.com/2010/09/27/us/27wiretap.html?_r=1 
>>> >>> >> > 
>>> >>> >> > Any thoughts? 
>>> >>> >> > 
>>> >>> >> > Best, 
>>> >>> >> > 
>>> >>> >> > Greg 
>>> >>> >> > _______________________________________________ 
>>> >>> >> > hcs-discuss mailing list 
>>> >>> >> > hcs-discuss at lists.hcs.harvard.edu
<mailto:hcs-discuss at lists.hcs.harvard.edu>  
>>> >>> >> > https://lists.hcs.harvard.edu/mailman/listinfo/hcs-discuss 
>>> >>> >> 
>>> >>> >> _______________________________________________ 
>>> >>> >> hcs-discuss mailing list 
>>> >>> >> hcs-discuss at lists.hcs.harvard.edu
<mailto:hcs-discuss at lists.hcs.harvard.edu>  
>>> >>> >> https://lists.hcs.harvard.edu/mailman/listinfo/hcs-discuss 
>>> >>> >> 
>>> >>> > 
>>> >>> > 
>>> >>> > _______________________________________________ 
>>> >>> > hcs-discuss mailing list 
>>> >>> > hcs-discuss at lists.hcs.harvard.edu
<mailto:hcs-discuss at lists.hcs.harvard.edu>  
>>> >>> > https://lists.hcs.harvard.edu/mailman/listinfo/hcs-discuss 
>>> >>> > 
>>> >>> > 
>>> >>> _______________________________________________ 
>>> >>> hcs-discuss mailing list 
>>> >>> hcs-discuss at lists.hcs.harvard.edu
<mailto:hcs-discuss at lists.hcs.harvard.edu>  
>>> >>> https://lists.hcs.harvard.edu/mailman/listinfo/hcs-discuss 
>>> >> 
>>> >> 
>>> >> _______________________________________________ 
>>> >> hcs-discuss mailing list 
>>> >> hcs-discuss at lists.hcs.harvard.edu
<mailto:hcs-discuss at lists.hcs.harvard.edu>  
>>> >> https://lists.hcs.harvard.edu/mailman/listinfo/hcs-discuss 
>>> >> 
>>> >> 
>>> > 
>>> _______________________________________________ 
>>> hcs-discuss mailing list 
>>> hcs-discuss at lists.hcs.harvard.edu
<mailto:hcs-discuss at lists.hcs.harvard.edu>  
>>> https://lists.hcs.harvard.edu/mailman/listinfo/hcs-discuss 
>> 
> 
> 
__________________________________________

=== message truncated ===	

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.hcs.harvard.edu/pipermail/hcs-discuss/attachments/20100927/305f51d9/attachment-0001.htm 


More information about the hcs-discuss mailing list