Limited Email Surveillance Approved 249
MrNougat writes "CNet reports that some surveillance of your email has been permitted by U.S. District Judge Thomas Hogan in Washington, D.C., without first requiring any evidence of wrongdoing. Curiously: 'instead of asking to eavesdrop on the contents of the e-mail messages, which would require some evidence of wrongdoing, prosecutors [of the US Justice Dept.] instead requested the identities of the correspondents. Also included in the request was header information like date and time and Internet address--but not subject lines.'"
Land of the free (Score:5, Insightful)
Re:Land of the free (Score:4, Funny)
http://www.workingforchange.com/comic.cfm?itemid=
Re:Land of the free (Score:3, Insightful)
What? Niger and Nigeria are different countries? Are you sure? Do you think that Bush's people know?
(Also, I've gotten some amazing offers from correspondents in Spain, and because of the ETA gang, that's considered a terrorist country.
Re:Land of the free (Score:4, Interesting)
Ask Hunter S. Thompson.
Re:Land of the free (Score:3, Insightful)
You have a president that has been hiding various stuff and instigating laws to protect his backside while doing the reverse for the people of the country.
If he was innocent he would have nothing to hide.
Don't worry. (Score:3, Informative)
Now, you have to prove to the government that you're actually using any Rights you want to hang on to.
I recommend calling and sending real letters to your CongressCritters.
Re:Don't worry. (Score:2)
Re:Don't worry. (Score:4, Insightful)
Or what? Seriously, what would you do? Sadly, I think you overestimate your ability to protect yourself.
Re:Don't worry. (Score:5, Insightful)
I don't know exactly how to pound the point home any harder, but they are preparing for national upheaval. They are building concentration camps, my friend, and if anyone tries rebellion they are going to become permanent residents. You're presenting a false choice, letting rebels live or killing them. They've plans to lock them up en masse. Bush already has defacto power to strip citizenship and human rights away at will; locking protestors or armed rebels into Kellogg Root and Brown maintained mass prison camps wouldn't stonker them at all. In case ya'll haven't noticed, crossing SS designated boundaries around public events (I interpret this as leaving the "1st Amendment Zone") is now a federal felony subjecting the criminal to arrest -- by the Secret Service. As a terrorist, essentially.
This isn't a new plan, either. Reagan's people had a contingency plan set up to mass arrest and imprison dissenters back in '84. Our boy Oliver North had a huge hand in the plan. It's amazing how the same names keep popping up.
they have taken on vast unconstitutional powers to capture terrorists. Now, the next step is to redefine "terrorist". They've already designated PETA a terrorist organisation. Peace groups have been infiltrated and monitored since 2001 -- as terrorists, of course. Bush has linked criticism and terrorism already. His posse obviously is following a plan which ends with their party enabled to imprison dissenters without trial, subject to torture at will, or even death. Didja hear Guantanamo has a execution station now?
You can't get near the President anymore unless you sign a loyalty oath and are vetted by the SS for Republicanism. Show up with a sign or a T-Shirt with something to say and you are out, or under arrest. And despite what you might think,the cops are all on board with the President. I saw what happened in Chicago back in 2003. The cops are hard-core Republicans. Same with the military brass (not so much the rank and file). Someone once refered to the Army as the armed forces of the Republican party.
In other news, hunger strikes have nearly disappeared at Guantanamo Bay after they've strapped the hunger strike non-people into "feeding chairs", forced food down tubes, and physically prevented the tortured from throwing up the food. Afterwards they locked them into "cold cells" for punishment. I can only assume they're using the cold water hoses in the 50 degree concrete cells again, to get those prisoners nice and hypothermic and quiet.
I don't feel very ironic anymore. This is very dangerous. they are totally out of control, and there is no mass media that anyone trusts anymore, since news was turned into a "business" instead of a loss leader to keep a broadcast license, to tell us what's happening. We have to read overseas press to find out what's going on in our own country.
Re:Don't worry. (Score:4, Interesting)
The feeding chairs were in today's news. The prison officials are quite proud of their accomplishment. They seem to really like tying up naked men. Those men are simply trying to die to leave hell. They are being tortured, every day they are in a cage. We've let thousands free from these camps, uncharged, since they hadn't done anything. Fairly good bet we're hosing down innocent men. We've killed about 32 during their various tortures, didja know? It was in the news. Google is your friend. That's the number the military admits to torturing to death.
All you have to do is read. But you don't, do ya. Ya get your news from Limbaugh and the new, "culture-changed" CNN, and of course Fox News and the others.
this isn't "liberalism", this is about morality and truth. It's about not torturing innocent people, about concentration camps being built while CBS and NBC and CNN and Fox don't give a damn.
Re:Don't worry. (Score:3, Informative)
I was wondering too, so I Googled [google.com] and got the following link:
Time for old tricks... (Score:2)
Damn...been a long time since I've played with nym accounts and remailers, but, at least that will confuse them for fun for a bit....with multiple bounces and each remailer stripping off header info, and encryption the whole way...would be near impossible for them to trace anything.
Time to go do some research on what servers are still out there...and creating reply blocks...and mixmaster....etc...
Re:Land of the free (Score:2)
As a non-US-resident, I have no idea how the US Postal Service actually handles "privacy" issues.
Although, I find it hard to believe that generic data (who sent a letter, whom it was adressed to, when and where it was dropped in the mailbox, letter weight) would be deemed "private" enough, so that the government would have absolutely no access to it, if it wanted to.
(Note: perspective from a citizen of an ex-communist state)
Now, think about how the US Post handles this, and ask yourself if i
Re:Land of the free (Score:3, Insightful)
And yes, I don't give a rat's behind about "official" privacy policies.
What you grow accustomed to, during a "totalitarian regime", was to be TOLD your government is good, cares for you, and so on and so forth... while all along KNOWING that if you make a false move you risk your freedom, or even life.
That certainty of knowledge makes it more than easy to ignore any privacy issues... as you are too paranoid already to even start believing your government will do what they say they do.
The o
Re:Land of the free (Score:2)
Any postal employee might be able to read the contents of your mail, but you might just notice something wrong about the envelope. Or you might not.
Any sysadmin could read your e-mail, and you would never know about it. And that's almost certain.
It's not the CONTENTS, it's the "wrapping". Sender, receiver, time and location of mail sent.
Is it a secret for the postal service, yes or no ?
If it's not a secret, why should e-mail
Re:Land of the free (Score:2)
Is it a secret for the postal service, yes or no ?
If it's not a secret, why should e-mail be any different ?
Clearly he did read exactly what you wrote, that's why he said:
Ob Dr.Evil quotes (Score:5, Funny)
You're quasi-free.
You're the margarine of free.
You're the Diet Coke of free.
Just one calorie, not free enough!
Re:Land of the free (Score:2)
Re:Land of the free (Score:2)
Re:Land of the free (Score:2)
Re:Land of the free (Score:2)
If you sent a letter through the US mail. They would find out similar information without opening the letter. They would know the return address, mailing address, What day and from what post office it was mailed from. As long as they read the subject line or email It really isn't unvasion of privacy.
And like many people have commented, if your paranoid, use incyption.
Re:Land of the free (Score:2)
Back at you...
If you sent a letter through the US mail. They would find out similar information without opening the letter.
No... they *could*... but it is not reasonable to think that they *would* because it would be too labor intensive to do so with very little to show in return.
Also, they would not even consider doing this with the mail becasue it would be painfully obvious who should pay for the ability... them.
However, not only do they do this with email because "it is easy"...
Re:Land of the free (Score:5, Informative)
Plus, as the article mentions, it was the intention of Congress to bring these type of "trap and trace" orders for email in line with phone lines when they amended the law more than 4 years ago, so this isn't really news.
The Supreme Court ruled as early as 1979 that the fourth amendment doesn't require a warrant for a pen register [findlaw.com], because you have no expectation of privacy in what phone numbers you call. I can't fathom any reason why federal investigators should have to meet one standard to get a pen register on your phone, and a different standard to get the same information for your email.
Re:Land of the free (Score:2)
Cheers,
Ted
Re:Land of the free (Score:2)
Truthier words were never spoken.
-Eric
No such thing as "Land of the free" (Score:3, Informative)
Slogan updated (Score:2)
We apologize for any inconvenience.
So use encryption! (Score:5, Insightful)
In my opinion, if you're not already assuming that the contents of your unencrypted email are public to the world, you're fooling yourself. If you want it to be unreadable, encrypt it.
I think the only permission anybody ought to need in order to eavesdrop on a communication is the owner of the wire. If you're contracting with the owner of the wire for services, and privacy is important to you, make that part of the contract. Or save yourself some effort and money and simply encrypt your communications. It's nearly effortless. It won't cost you anything (money wise) for the software.
Also, I take exception with the summary that "some surveillance of your email has been permitted." The article says, "the Justice Department asked a federal magistrate judge to approve monitoring of an unnamed person's e-mail correspondents." I sincerely doubt that I am that person or one of his correspondents, unless he is a spammer. I recognize this could affect me in the future because a precedent has been set ... but again, that's easily handled with encryption now, isn't it?
Complaining about this is tantamount to making love to your wife in your open front doorway and then demanding a law be passed to protect your privacy from your neighbor or the police car driving by. For crying out loud! Isn't some burden on you to secure your own privacy? This is not so far from the DMCA requiring legal protection against breaking "protection mechanisms" that are not effective in the slightest. Why in the world would you trust the government enough to expect them to take responsibility for securing your privacy?
People seem to be looking for an expensive legislative solution to a technological problem that already has an inexpensive technical solution.
Re:So use encryption! (Score:5, Insightful)
Encryption will block them knowing the dirty joke you just told your friends, but it won't stop them from knowing WHO your friends are!
The 6 degrees of Kevin Bacon. (Score:3, Interesting)
So, you sent and email to Mr. A.
Who sends email to Mr. B.
Who sends email to Mrs. C.
Yeah, you see where this is going. Just about anyone can be connected to anyone else with enough hops.
And the government would be "justified" in collecting the information on each of the people in those hops because those people are "connected" to someone under investigation.
Re:So use encryption! (Score:5, Informative)
Mixmaster remailer.
Re:So use encryption! (Score:2, Funny)
.
.
.
The e-mail doesn't really go anywhere. But Boy is it secure!
Re:So use encryption! (Score:2)
and, of course, those can be spoofed [cert.org]. So, using e-mail header information to identify criminals and/or terrorists seems like it could produce a lot of false positives.
Which is valuable and has precedent (Score:3, Informative)
Wiretapping law has distinguished between content and header-like information for a long time. Before Skype, even back before email, people used to communicate using devices called "telephones" which set up point-to-point voice grade audio streams. Police would sometimes record, not the actual
Re:So use encryption! (Score:2)
Re:So use encryption! (Score:5, Interesting)
Does he fire up his hotmail account and send an email to durkadurka@hotmail.com?
Of course he doesn't. TBH the easiest way would be to post on a webboard that has a lot of innocent traffic, or on the USENET. Heck even just play an online game (MMORPG) and say something like your looking for +3 Orc slaying knife for two gold pieces.
This method of scanning email headers doesn't solve the issue. All combatants must realise they are being spied on.
Re:So use encryption! (Score:4, Interesting)
Thanks to spammers, you can buy lists of 'open proxies' that will let you hide your IP and access the person with the owned computer's ISP's usenet server, which you really only need to do when sending messages. Thus rendering any sort of traffic analysis of the group completely useless.
But the best method of sending data on the internet is hiding it in, say, a GIF. You don't even need to use stenography, you can just take an encrypted binary file, put a GIF header at the start of it, and put it in a 1x1 image link somewhere on a web page between two specific times, and have any receipient 'innocently' surf past your page, and then go get it out of their cache. Bonus points if you manage to write bad HTML so that only one specific browser will go and get the 'image', like IE 4 or Firefox 0.7, although you shouldn't make that obvious or people might get curious. Be sure to put a real image up there the rest of the time, and reset the date back whenever you make changes.
And you can trivially think of a way to have two people do this to each other so they can talk back and forth. They just each have pages on somewhat related things, and browse a bunch of pages on that topic, always making sure to go past each other's.
The great thing about this is that the receiving end can defeat a keylogger. Just make sure the 'check the cache for encrypted files' is a program that they won't notice when installing the keylogger, for example a solitaire game, and it pops up the decoded message when you start it between exactly 32 minutes and 37 minutes after adding the image to your cache, or something. Most software keyloggers do not include any sort of screen capturing, because that would require a lot of space, and hardware ones cannot do it at all, or at least not reasonably. (And see Cryptonomicron for how to defeat this, although note the method of communication in that can be logged also.)
Although obviously if you send messages, a keylogger will catch them. In theory, you could click on the letter via your mouse, but a lot of software keyloggers are including mouse clicks exactly because of that. Although the message can be hidden via moving buttons around and renaming them, that is incredibly annoying for any message over two sentences, and it doesn't hide the fact you were doing something very suspicious, which, if they've bugged your machine, they were already pretty sure of.
But, but... "They sometimes forget," right? (Score:2)
Re:So use encryption! (Score:2)
That's evildoers you unpatriotic clod!
Re:So use encryption! (Score:2)
Re:So use encryption! (Score:2)
Re:So use encryption! (Score:5, Insightful)
Encrypt it all you want, they are not interested in what you are sending, and not even the subject, they are interested who you are communicating with and when.
Re:So use encryption! (Score:2)
Which doesn't seem all that different from what they can do with snailmail in the USPS (I assume) anyway. Though in both cases, you have t
Re:So use encryption! (Score:3, Interesting)
You're right, but this is a complete license to conduct fishing expeditions.
Imagine a situation in which you (A), being a non-terrorist might be obliquely linked to someone who is a suspected-terrorist (B). Such expeditions will allow the following chain of l
Re:So use encryption! (Score:2)
Re:So use encryption! (Score:2)
To entend the analogy, and answer your question, the situation for the last 30 years has essentially been that RSA have patented front doors and indeed, non transparent walls.
Re:So use encryption! (Score:2, Informative)
> essentially been that RSA have patented front doors and indeed, non transparent walls.
Wrong.
1) They patented a certain type of front door, not all of them - you could buy doors from other companies, or make your own. There's a type of door - a `one time door`, which can't be opened by anyone except for you and people you live with, as long as you follow the instructions cafefully.
2) You've been able to use RSA'
Re:So use encryption! (Score:2)
Re:So use encryption! (Score:5, Insightful)
Let me call the phone company right quick and ask that my DSL contract be amended to express that they will not allow someone to tap the lines. I'm sure they'll get right on that.
Or save yourself some effort and money and simply encrypt your communications. It's nearly effortless. It won't cost you anything (money wise) for the software.
Because everyone automatically knows how to encrypt e-mails.
Also, I take exception with the summary that "some surveillance of your email has been permitted." The article says, "the Justice Department asked a federal magistrate judge to approve monitoring of an unnamed person's e-mail correspondents." I sincerely doubt that I am that person or one of his correspondents, unless he is a spammer. I recognize this could affect me in the future because a precedent has been set ...
I agree with this. If I'm reading this right, the government is investigating a particular person and is asking for permission to monitor that particular person's e-mail correspondents. It's like tapping the phones of everyone who calls/is called by a mob boss. The precedent creates a slippery slope, but we haven't fallen down every time we've hit one of those.
Complaining about this is tantamount to making love to your wife in your open front doorway and then demanding a law be passed to protect your privacy from your neighbor or the police car driving by. For crying out loud! Isn't some burden on you to secure your own privacy? This is not so far from the DMCA requiring legal protection against breaking "protection mechanisms" that are not effective in the slightest. Why in the world would you trust the government enough to expect them to take responsibility for securing your privacy?
No, complaining about this is more like making love to your wife in your bedroom and realizing there's some perv in the bushes outside your window. E-mails are NOT broadcasts, it requires some effort and intrusion to tap someone's e-mail. A girl in a slinky dress is NOT asking to be raped, a house without bars on the windows is NOT asking to be robbed, and unencrypted e-mail is NOT an invitation to intercept and open it. It's smart to lock your car.
If you leave your car running while you run into to the store and it's gone when you come out, I'll call you a dope for making it so easy, but I'll still call the thief a scumbag for stealing someone's car.
Re:So use encryption! (Score:2)
Let me call the phone company right quick and ask that my DSL contract be amended to express that they will not allow someone to tap the lines. I'm sure they'll get right on that.
Yep. Real privacy is expensive. Somebody has to bear the cost.
Real protected media would be expensive, too. Instead of bearing the cost, the MPAA/RIAA just get laws passed so that no-good protection is legally "good enough."
Of course, if you want privacy you could instead use encryption.
Re:So use encryption! (Score:2)
None the less, there have been laws on the books for years which allow any ISP through which emai lroutes to examine the messages passing through for performance reasons - this includes reading the messages. If the ISP f
Re:So use encryption! (Score:2)
Or with email, who has permission to root thru mail servers' content.
Re:So use encryption! (Score:2)
Re:So use encryption! (Score:2)
Not quite, because its gainst the law to withold your encryption keys if you're asked for them [gnu-designs.com].
Encryption is great (and I use it heavily on drives, mail, backups and everything that contains non-public data), but not when its against the law to use it. Lovely world we live in, isn't it?
Re:So use encryption! (Score:2)
You're missing the point. Yes, it's in plain view of the public, but this isn't the problem - the problem, quite simply, is that the government is surveilling it without cause. I do agree however, that encryption may be the only way to re-establish some balance.
Re:So use encryption! (Score:3, Funny)
Ok - after some time spent researching this phrase [wikipedia.org], I think I'm able to translate this analogy for my fellow average slashdot readers. What he's trying to say is, it's "tantamount to downloading hentai in your open front doorway."
Re:So use encryption! (Score:3, Insightful)
Bush came along too early in it's toddler years of wide acceptance. There are too many precedents to be set that a Republican government has no qualms about shifting in their favor. To anyone who'd try to defend Bush or the Republican congress, answer this, what has Bush done to PROTECT privacy as president?
If you think the blame for this lies solely on Republican shoulders, you're dreaming as much as the people who think that the fact that their emails are difficult to intercept means that nefarious pe
China (Score:5, Funny)
Btdd (Score:5, Insightful)
Re:Btdd (Score:2)
Privacy (Score:5, Insightful)
Soon a day will come
They already want to be in on every financial interaction (sales/income tax). I rather pay a flat amount every year for "my share" of defense costs and be done with it. Are they going to ta happiness too soon? "You exchanged happiness, we want out fair share cause you wouldnt have been able to exchange happiness was it not for us"
I value my privacy, and I believe that the fourth amendment makes America a strong nation. The founding fathers of the USA understood that the right to privacy is one of those inalienable human rights endowed by our creator. (if you read the first amendment you will see that that it's a right "ot to be violated", rather than a gift from government. I believe the right to privacy is what keeps a nation free from oppression, tyranny, and pathological dictators. Fuck all the fake patriots who'll sell us otherwise.
Ethics of extended recording for later analysis (Score:2)
Somehow I think many of us would be against that particular thing. But hey privacy is only for those who have soemthing to hide. NOT.
Re:Btdd (Score:2)
My second point is the FEDs are going to quickly realise that your completely right. In fact pretty soon they'll realise that stoping viru
Re:Btdd (Score:3, Informative)
Try it. Telnet to your SMTP server and send an e-mail to yourself:
EHLO localhost
MAIL FROM: valid@email.address
RCPT TO: destination@email.address (or username on the system)
DATA
(From, To, Subject, etc would go here)
Any message
.
QUIT
This
Re:Btdd (Score:2)
Re:Btdd (Score:2)
Re:Btdd (Score:2)
Re:Btdd (Score:2, Informative)
Where an email ends up, and where it gets bounced to, are out of band communication.
A SMTP converstation looks like this, simplified somewhat and with angle brackets replaced with { and } because I am lazy. client.dom sends C messages and has just connected to server.dom, which sends S messages. (After each response code, the server can send random text, though there are conventions there.)
S: 220
C: HELO {client.dom}
S: 250
C: MAIL FROM: {user@client.dom}
S: 250
C: RCPT TO: {user@server.dom}
S: 250
Re:Btdd (Score:2)
No, not really. They may get caught in a spam filter or something, but a non-paranoid SMPT server just looks at the SMTP commands and ignores the headers in the DATA block. SMTP is a protocol born in a more trusting era, when people on the net more or less knew each other--and if you did something stupid, you were likely to get a call ("Hey Bob, did you read the
No suject lines (Score:2)
This leads me to wonder, are there regulations in place saying how long a US ISP must maintain email logs for? If not, do any ISP's actually publish their data retention policy?
A Little Background (Score:2)
Two options left (Score:2)
Re:Two options left (Score:2)
Goatse might be better.
Re:Two options left (Score:2)
It just gets dumber. (Score:3)
Re:It just gets dumber. (Score:2)
Get yer encryption here, folks (Score:5, Informative)
Disclaimer (Score:2)
Re:Disclaimer (Score:2)
Re:Why oh why is it not built into email clients?! (Score:2)
Use Free Software (Score:5, Informative)
If you arent doing anything wrong then dont worry? (Score:3, Insightful)
We are on our way to... (Score:2, Informative)
This is the envelope information (Score:2)
How about the phone calls — couldn't they always observe, who is calling a suspect, even if the actual listening requires a judicial warrant?
No different then phones (Score:2)
This is the same thing only for email. Instead of a list of numbers, they get a list of email address and times that you've sent stuff too. No content, no subject lines.
Just Jimmy@MyMail.com emailed Jonna@YourMail.com at 9:37pm on 02/06/2006.
-Rick
It's for a grand jury , so different rules apply (Score:2, Informative)
This isn't another spying story- grand juries have had the power to read all of your documents to determine if a crime has been committed for hundreds of years.
slippery slope into police state 24/7 (Score:2, Insightful)
we are losing our liberties faster than we can blink, life under a microsc
No different than phones (Score:2)
I forget the case/legislation that established that difference in treatment. Someone else might can followup with that.
Government concerns aside... (Score:2)
I can't believe some of the stuff that people will put in an email that can be intercepted, forwarded, CC'd etc.
Northing new (Score:2)
The interesting case is going to be when your computer sends the e-mail directly to your friend's computer. In that case, there is no third party.
Traffic Analysis (Score:2)
Not unlike what police can get now with phones (Score:2)
Oh no! They're treating e-mail like regular mail! (Score:3, Interesting)
RTFA People. (Score:2)
You can loosen the grip on your mouse, now, people. Nothing UNUSUAL to see here, move along.
This is not new! (Score:2)
Re:I hate to be redundant (Score:2)
1. CC (or BCC) o.bin-laden@aljazeera.net in every email.
2. Wait 10 minutes.
3. Look outside.
Nothing unusual - you're fine.
Black vans start pulling up, neighbours with a two mile radius have been told to "go for a walk" - yup, you were right to be paranoid after all.
Re:I hate to be redundant (Score:2)
Re:I hate to be redundant (Score:5, Insightful)
You make an important point, but probably not the way you intended.
There is no "it." There is no one big, dramatic thing the government does that says, "This is the point where we're no longer free." France did not tumble overnight into the Reign of Terror. Russia did not go in a day from Revolution to purges and gulags. Germany did not start building death camps as soon as the swastika flew over the Reichstag. Cuba was as free as any country on Earth the day Castro took power.
Etc. Tyranny doesn't happen in an instant. It happens steadily, insidiously, and at every point there are people saying, "Oh, this isn't so bad, and it's for our own good
Re:Use encrypted ESMTP (Score:2)
Re:What about other countries (Score:2)