×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

More on Cisco Building Surveillance into Routers

michael posted about 11 years ago | from the route-around-this dept.

Privacy 469

An anonymous reader writes "The company recently published a proposal that describes how it plans to embed 'lawful interception' capability into its products. Among the highlights: Eavesdropping 'must be undetectable,' and multiple police agencies conducting simultaneous wiretaps must not learn of one another. If an Internet provider uses encryption to preserve its customers' privacy and has access to the encryption keys, it must turn over the intercepted communications to police in a descrambled form." See our earlier story and the RFC for background.

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

469 comments

Bah, fuck! (-1, Troll)

I'm a racist. (631537) | about 11 years ago | (#5783272)

This is just not cool. That's all there is to it. It has some good points, but I feel, overall, it's bad.

Discuss amongst yourselves...

First post?

Don't want them watchin me.. (-1, Troll)

Anonymous Coward | about 11 years ago | (#5783279)

I would hate to have someone watching me..

FP

dang it! (-1, Offtopic)

Anonymous Coward | about 11 years ago | (#5783289)

crap! I thought I had fp here, but u loser beat me too it. crap. oh well, go ahead. mod me down. I feel better now

Yes, but ... (5, Funny)

Anonymous Coward | about 11 years ago | (#5783291)

will they implement the evil bit?

What's being discussed IS teh 'Evil Bit'. [n/t] (0, Informative)

Anonymous Coward | about 11 years ago | (#5783424)

Big brother (5, Insightful)

blate (532322) | about 11 years ago | (#5783293)

Looks like just another opportunity to have our rights violated. I'm sure the Department of Homeland Insecurity is thrilled about this. Is this what Cisco means by "Empowering the Internet Generation"?

I don't see what the big deal is. (-1, Flamebait)

beee (98582) | about 11 years ago | (#5783322)

I've never understood the fear of "big brother". The only people who have something to fear from something like this are the people who are doing something wrong in the first place. Downloading some source code? No problem. Pirating software? Bingo, you're caught. Isn't this just effective policework? I'm not saying you personally are doing anything wrong. Unless you're using your internet connection for something illegal in the first place, this shouldn't be a concern. Heck, think of all the extra bandwidth we'll have once the fileswappers are stopped! ;-)

Sounds like time to ban an IP (-1, Offtopic)

Anonymous Coward | about 11 years ago | (#5783415)

Taco? Anyone home?

Re:I don't see what the big deal is. (4, Insightful)

The Fanta Menace (607612) | about 11 years ago | (#5783416)

...because the loss of privacy leads to victimisation.

Sure, you're not doing anything illegal. But Inspector Plod is watching you anyway, and hey, he sees you downloading an interesting piece of porn.

Oh! It turns out you like watching [insert odd sex act here]. He guesses that might mean you are a member of [potentially embarrassing minority group]. He then uses this evidence to make your life hell.

Political groups can use these increased surveillance powers to spy on their opponents. Everyone ends up feeling "watched" and suddenly no-one trusts anyone anymore.

Protect your privacy while you still can.

Re:I don't see what the big deal is. (4, Insightful)

TarPitt (217247) | about 11 years ago | (#5783498)

Oh! It turns out you like watching [insert odd sex act here].



So then Inspector Plod duly notes this. Later, when you speak out on a public issue unpopular with Inspector Plod's superiors, your affection for [insert odd sex act] is mysteriously leaked to the media.


You might want to ask Scott Ritter [nydailynews.com] about a misdemeanor "sealed" arrest record that strangely became public knowledge after he publicly criticized recent Iraq policies.

Re:I don't see what the big deal is. (5, Interesting)

jay-be-em (664602) | about 11 years ago | (#5783429)

The real problem I see here is that we are creating a methods by which a government member can know absolutely anything about anyone at any particular point. Now what if we (meaning the US) mistakenly elect government officials with very bad intentions? It HAS happened before in democratic countries, and I will neglect specific examples in order to avoid Godwin's Law. I don't necessarily fear what our current government will do with these technologies. I DO fear the prospect of a group of rogues using an infrastructure that we implemented for evil. I really believe that it is necessary in a free society to maintain some methods of secret communication. All revolutions which resulted in a better society required channels of secret communication that were unheard by 'Big Brother' as some may say.

Re:I don't see what the big deal is. (5, Insightful)

st0rmcold (614019) | about 11 years ago | (#5783443)


Yay, another ignorant, there are certainly an abundance of people on slashdot who have the "I have nothing to hide" mentality.

You say pirate software, sure it's illegal. But what I visited web sites or downloaded materials related to religions? or sexuality? completly legal materials. And imagine an agent, who has his own moral views and decide he dosen't agree with what you are doing, even tho is completly legal, he can make your life a living hell, this goes for most everything, our privacy is the most important part of our freedom, because other people don't always share our views. Especially on very controversial issues.

I'll go ahead and assume you're just a youngin, because any adult in his/her right mind knows this, and knows that the ability to believe in what you want is the real freedom, without having people in power being able to discriminate.

Re:Big brother (1, Informative)

eenglish_ca (662371) | about 11 years ago | (#5783341)

Cisco is playing lab dog to the government but not its customers. Isn't our privacy guaranteed within the constitution preventing actions anywhere near this? Shouldn't simple encryption be able to circumvent the schemes that are being implemented into the hardware?

Re:Big brother (4, Insightful)

blate (532322) | about 11 years ago | (#5783418)

>> Isn't our privacy guaranteed within the constitution preventing actions anywhere near this?

Sadly, no. We're basically one Supreme Court ruling away from losing substancial liberties -- free speech, free assembly, privacy in our homes and bedrooms, free communication... not to mention second amendment rights, abortion, etc... Be afraid... and for God's sake, don't vote Republican.

Re:Big brother (5, Interesting)

MORTAR_COMBAT! (589963) | about 11 years ago | (#5783526)

not to mention second amendment rights [...] Be afraid... and for God's sake, don't vote Republican.

The Democrats want to take away the second amendment rights. The Republicans want to take away the 1st, 4th, abortion, etc.

Wisen up and rise up. Revolution is the only way. Those in power will fight very hard to stay in power. You end up having to ask yourself one question: How much do you value the rights for which millions have fought and died for?

As for me, I'm going to just use a bit of double-think and forget that I had that thought, so I can go on being a happy little sheep in my comfy white-collar suburban world.

Re:Big brother (1, Insightful)

Anonymous Coward | about 11 years ago | (#5783430)

Isn't our privacy guaranteed within the constitution preventing actions anywhere near this?

Wow, this misses the mark. Privacy isn't explictly written into the constitution, although it is often claimed from the forth and tenth amdendments. That doesn't matter because this is only to be use for lawful warrents.

Here's the forth, since you don't seem to have read it recently.

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

"Earlier story"??? (-1, Offtopic)

Anonymous Coward | about 11 years ago | (#5783295)

So is EVERY article today going to be a dupe??? And some of you people *pay* for this site???

Re:"Earlier story"??? (-1, Flamebait)

Anonymous Coward | about 11 years ago | (#5783327)

It's a followup you fucking moron, they put a link to the earlier supposed duplicated story ON THE ARTICLE!! It's a good thing you're not an editor; with the amount of reading before you post that you preform there might be dupes every second.

Time to break out your own encryption (5, Insightful)

mrjive (169376) | about 11 years ago | (#5783299)

If you encrypt everything yourself, there's not much they can do about it, now is there?

Re:Time to break out your own encryption (4, Insightful)

Nightlight3 (248096) | about 11 years ago | (#5783420)

Well, no, expect to put you on the list of those who have something to hide.

Re:Time to break out your own encryption (3, Insightful)

jay-be-em (664602) | about 11 years ago | (#5783441)

The real question is when will encryption become a Bad Thing in the eyes of the general public?
When will using any sort of encryption however trivial in form or use cause a knock at your door?

Re:Time to break out your own encryption (2, Insightful)

swb (14022) | about 11 years ago | (#5783474)

This is as good a reason as any to always provide your own edge equipment and edge equipment management.

Sigh. (5, Insightful)

Pirogoeth (662083) | about 11 years ago | (#5783301)

As it says though, don't blame Cisco. If they didn't do it, sure as shootin' someone else would. Blame Ashcroft. Hopefully Cisco will find a way to build auditing tools into this to help promote responsible use.

Re:Sigh. (2, Interesting)

binaryDigit (557647) | about 11 years ago | (#5783364)

Hopefully Cisco will find a way to build auditing tools into this to help promote responsible use.

Actually I would think that the bigger hope is that the laws that are designed to prevent abuse of this type of tapping hold up. From a technical point of view, you absolutely don't want an "easy" way to do auditing. Again, looking at it from the standpoint of the "users" of this tapping ability, you want complete anonymity (i.e. you don't even want some curious sys admin to peek and see how many, if any, taps are currently going on.

But as a citizen, you would hope that if you get thrown in jail with some encriminating evidence derived from this sort of surveillence, that the authorities would had to have gotten a search warrant, which means that they would have to have some type of reasonble suspicion and to prove it to a judge. I know, it doesn't always work this way, but like I said, from the bigger picture, this isn't a technology issue, you really want the social/political side of this to "work".

Re:Sigh. (0)

Anonymous Coward | about 11 years ago | (#5783387)

It doesn't make it ethical to say, "If I don't do it, someone else will." It's almost as bad as "My boss told me to do it." You have to do what's right even if other are doing wrong.

Re:Sigh. (2, Interesting)

bigmouth_strikes (224629) | about 11 years ago | (#5783395)

If they didn't do it, sure as shootin' someone else would.

That's a terrible excuse. There is a huge difference if (one of) the world's largest maker of networking hardware implements traffic content surveillance, or if some miniscule manufacturer on Iceland does it.

I blame them, they shouldn't get their hands in this jar.

Re:Sigh. (1)

mehfu (451236) | about 11 years ago | (#5783435)

So... even if something is not right you can justify it by saying: "Someone else will do it eventually anyway" ?

If Cisco executives come to their minds and cancel this stupid project maybe others will follow. It's not probable but it's nevertheless a nice gesture...

Re:Sigh. (0)

Anonymous Coward | about 11 years ago | (#5783455)

As it says though, don't blame Col Klink. If he didn't do it, sure as shootin' someone else would. Blame Mengele. Hopefully Klink will find a way to stalag administration tools into this to help promote responsible use.

Re:Sigh. (4, Interesting)

fobbman (131816) | about 11 years ago | (#5783496)

I don't believe that the "if I didn't steal your car, someone else surely would have" statement would make me stealing your car acceptable.

Re:Sigh. (2, Insightful)

4of12 (97621) | about 11 years ago | (#5783497)


As much as John Ashcroft deserves round condemnation for his leading the charge to trample fourth amendment rights, I don't think he's necessarily to blame here.

IIRC, law enforcement has for years, if not decades, worked with telephone carriers so that wiretapping was a technical possibility that could be exercised when it was needed during the course of an ongoing criminal investigation.

That was back in the old days when a court order was necessary to establish that kind of eavesdropping. Now, of course, the criterion for the U.S. government listening in on private citizens is less stringent.

I agree with the earlier poster, though. There's no reason why an SSL session can't be used to safeguard the privacy of individuals.

Once again, a heavy-handed policy will needlessly sacrifice privacy for a majority of law-abiding citizens. These measures will achieve the admirable goal of keeping tabs on that large class of dangerous criminals, Terrorist That Are Too Stupid. [The policy makers responsible for this kind of bad legislation and technological half measures should stop making the mistake of assessing the intellect of terrorists based on the intellect people like themselves, clicking away on Outlook attachments, being in Shock and Awe at the results, etc.]

I'm almost sorry to point out technical deficiencies. The obvious solution- you can see this coming - is to impose even more restrictive and more instrusive monitoring, to outlaw SSL unless it is "to an authorized commercial provider", etc.

Another strike against Cisco. (4, Informative)

supabeast! (84658) | about 11 years ago | (#5783309)

Is it just me, or is this another great reason to buy cheaper, better network equipment from someone else? If I were running Cisco, I would be a little more concerned with the market share being sucked up by newer companies than with adding the cost of undetectable snooping to the product line.

Now I certainly feel justified in moving my company off of Cisco's overpriced products.

Re:Another strike against Cisco. (1, Informative)

PaperJam (624824) | about 11 years ago | (#5783362)

I'm not sure what kind of contract prices you are getting, but I think the prices we pay are pretty justifiable. They have great service and support and if you use CiscoWorks, it really makes the task of monitoring an enterprise-network pretty easy.

Re:Another strike against Cisco. (2, Informative)

austad (22163) | about 11 years ago | (#5783449)

Umm, even with a 40% discount, Cisco is quite high on their pricing, and this is going to raise their prices even more.

Take a look around, check out some specs on other manufacturers hardware. You'll be surprised at what you find.

I still buy Cisco, because it's not my money I'm spending. However, you bet your ass that if it was, I'd be looking elsewhere. I bought some non-cisco equipment before and it was nicer to use, cheaper, and performed much better.

Check out some of the Extreme and Foundry equipment. Foundry is dirt cheap for their upper end equipment, and is right on par performance-wise with Cisco. There's some firewall company started by some ex-cisco guys and some intel guys. I forgot the name now, but I remember looking at them and they were way better than the PIX.

Why would anyone but government agencies see this eavesdropping stuff as a feature and want to pay for it?

Re:Another strike against Cisco. (1, Informative)

PaperJam (624824) | about 11 years ago | (#5783507)

I agree that some of the other equipment may be less expensive, but there aren't tools powerful enough for an enterprise network. As I said before, we use CiscoWorks and Solarwinds, the ladder of which monitors just about any platform, but also pulls MIB variables from SNMP. I used a lot of different equipment, but I keep going back to Cisco. Perhaps we are just too deep in propietary equipment, but when you are dealing with a network of about a thousand devices it is necessary to have some semblance of unity.

Re:Another strike against Cisco. (2, Informative)

Obiwan Kenobi (32807) | about 11 years ago | (#5783446)

Is it just me, or is this another great reason to buy cheaper, better network equipment from someone else?

Uh, like who? Who else makes equipment as dependable, and most especially, has the most kick-ass support I've ever come across.

True story:

I once had a router go out on me, a little 1600. Being clueless (well, mostly harmless as Mr. Adams would say) about em, I could telnet it and see that the flash memory had gone bad. I was freaked and has no idea how to fix it. As a last resort I called up Cisco, knowing I was going to be reamed for not having a contract.

After explaining my situation, the guy on the other end started walking me through fixing the problem. This is all fine and good, and I waited for one of those Okay-Now-We're-Going-To-Get-Paid breaks where they'll cut off support until you give them a credit card number. I've ran into these kinds of hiccups before, specifically with Symantec support.

But that moment never came. I kept waiting on it and during a file transfer, a new memory image which he made specifically for this problem and had given me a ftp user/pass to use in which to download it, I asked him how we should work out the payment for this call.

He responded: "No, that's okay. You bought our products and this call can demonstrate what kind of support you would get if you purchase a support contract with us."

Within 45 minutes of picking up the phone, my router was fixed and worked perfectly. He also guided me through backup and restore procedures, and some helpful hints in getting my CCNA.

We bought a 3 year contract with them the next day.

Now you tell me where you can get that kind of support and reliability. Do I agree with this being a terrible thing? Of course. But don't knock their equipment or their service. Top notch all the way.

So, I guess that means... (2, Insightful)

Ratphace (667701) | about 11 years ago | (#5783311)


...with these kinds of emerging technologies coming into service that the last frontier of protected communciations is telepathy, and since the last time I checked this wasn't a very prominent form of communication, it's safe to assume that every last single thing we say or do anywhere is monitored/recorded. :(

Bummer...

Thanks For the info! (-1, Flamebait)

jasonsfa98 (648370) | about 11 years ago | (#5783312)

Won't buy anything from Cisco ... Wait, I don't buy their crap now, it's too slow! (speaking of LAN switches and stuff)

propriorty (1)

eternal (112324) | about 11 years ago | (#5783314)

im sure it will be propriorty like everything else they do so noone will be able to use it anyway. God knows they have never read a RFC

you want privacy? (1, Funny)

Dawn Keyhotie (3145) | about 11 years ago | (#5783319)

Privacy is for terrorists. Only terrorists have any need for privacy, so what are you trying to hide?

Cisco is just being an upstanding and Patriotic American(TM) under the all-American DMCA, CTEA, and PATRIOT Acts, lawfully passed by the Congress Corporation, and signed into American Best-Practices by Chairman Bush.

"Privacy is dead. Get over it." - Scott McNealy

Re:you want privacy? (5, Insightful)

blate (532322) | about 11 years ago | (#5783399)

Just wait until some petite functionaire in the Federal Government thinks that, for some reason, you're a terrorist (I mean the generic "you", not you in particular). Do you really want to make it any easier for them to tear your life apart?

Remember that law enforcement agencies are significantly motivated by *politics* -- which may or may not be what's in the best interests of national security, personal liberty, or justice. Today it's Arab terrorists they're targeting. But, perhaps if the recording industry pumps some more money into congress, they'll start locking up college kids for duping Metallica songs.

Locking up real, bone-fide terrorists is fine by me -- indeed, I encourage and support it. But giving some beaurocrat with a hair up his ass more power to invade my privacy is not the way to do it.

This concept isn't new. (4, Informative)

gosand (234100) | about 11 years ago | (#5783404)

Privacy is for terrorists. Only terrorists have any need for privacy, so what are you trying to hide?Cisco is just being an upstanding and Patriotic American(TM) under the all-American DMCA, CTEA, and PATRIOT Acts, lawfully passed by the Congress Corporation, and signed into American Best-Practices by Chairman Bush.

I get what you are saying, but this is not a new concept. I used to work for a big cell-phone maker, in the cellular software division. I saw preliminary information about a wiretap project that would allow the carrier to intercept, log, and reroute calls if told to do so by some authorized government agency. I have no doubts this is possible, because we were working on real-time systems. To do it would take a second or two at most. I don't know what ever happened to that project, it kind of faded away and our department didn't actually work on it. But this was back in '94, so I am sure something similar has been implemented somewhere.

This isn't new, we are just able to find out about things like this now because of the internet. As much as we don't want "our" technology mucked with by the government, I think it is going to be tough to prevent.

yeah, right... (1, Funny)

The Fanta Menace (607612) | about 11 years ago | (#5783321)

If an Internet provider uses encryption to preserve its customers' privacy and has access to the encryption keys, it must turn over the intercepted communications to police in a descrambled form.

Like I'd ever hand over my encryption keys to my ISP.

May ISPs offer managed VPNs, however. (0)

Anonymous Coward | about 11 years ago | (#5783503)

I tend to think that is what is being discussed here.

Re:yeah, right... (1)

tgd (2822) | about 11 years ago | (#5783546)

So what happens when you find yourself living in a Super-DMCA state, and you have no choice?

Thank you slashdot! (3, Interesting)

Joshuah (82679) | about 11 years ago | (#5783323)

If this is true, and Cisco does go forward with this, I will be sure not to buy anything Cisco. I will have to look for other devices to preform what is needed. Yeah, Cisco wont hurt by me not buying them, but if the word spreads, and people boycott Cisco for doing this, im sure they will change their mind unless Big Brother is giving them funds/tax breaks/whatever to get them to do this.

Re:Thank you slashdot! (0)

Anonymous Coward | about 11 years ago | (#5783403)

Ditto. But why do you buy Cisco anyways? Their security holes in the past have been strikingly huge, near stupid. Reminded me of watching all the sendmail bugs that came through around '94-'95. It seems many people buy Cisco because, well, that's the "in" name. (Sorta like folks buying Oracle in the very late '90s, because if you used it, you got funded or where considered more legit than someone who didn't.)

Then again, I still have to buy MS products from time to time, even though I prefer BSD OSs, so I guess I shouldn't talk. Maybe there's a reason you have to buy Cisco equipment.

Turn away from techno slavery (0)

Anonymous Coward | about 11 years ago | (#5783324)

I suggest to you, poor people. :)

Undetectable built-in backdoor (5, Insightful)

shrikel (535309) | about 11 years ago | (#5783330)

Eavesdropping 'must be undetectable,' and multiple police agencies conducting simultaneous wiretaps must not learn of one another.

So what happens when a black hat gets in?

Answer: a completely open router that acts like none of his packets have the "evil bit" set.

Really, this is starting to worry me. If it's all undetectable, and is built in, how is this different from the telescreens in 1984? Big Brother is reading your packets!

what about != U.S.A. ? (3, Interesting)

phrawzty (94423) | about 11 years ago | (#5783331)

I guess i can understand why Cisco is opting to build these types of technologies into their equipment, given the current U.S. political climate. But what about all the other nations of the planet that aren't reverting to McCarthy'ism? Will Cisco still be exporting non-backdoor-compliant hardware as well?

Re:what about != U.S.A. ? (1, Insightful)

Anonymous Coward | about 11 years ago | (#5783452)

You haven't been here long, have you?

As many /.ers will surely flock to tell you, the US is wholly greedy and imperialistic and you will, if not already, be overrun by our military, dominated by our foreign policy, slaves to our economic weight, and pretty much subject to our every whims. Echelon is everywhere, we have the capacity, TIA is a joke because it's already been implemented, and we will crush you.

Nevermind our airline industry, where over the top bullshit security, crushing background checks, overexpensive faire, et al., has led to a truly burgeoning industry. (Just overlook all those backruptcies and multiple billionaire dollar government bailouts.)

So shut up, bend over, and take it. We already own you, you just haven't figured it out yet.

(The above is hugely sarcastic.)

Should assume your channels are vulnerable (5, Insightful)

xtal (49134) | about 11 years ago | (#5783332)

This doesn't seem to be that big a deal to me. If you're passing large amounts of data around that would attract the attention of people who could get a lawful intercept warrant, then I would assume you are smart enough to use SSH, IPSec, or some other similar secure communications technology that renders the capability of this system useless. I smell an attempt to get a law mandating that ISPs upgrade to this equipment, meaning they'll have to replace all their existing non-conforming equipment by some date. I imagine the post-dot-com networking market is taking a hurting now.

"They" can already get IP logs and such that reveal a lot even without access to the information contained in the packets. Traffic analysis is a very powerful tool. The only people who would really stand a lot to lose from this would be the music and/or warez traders. Warez isn't that big a deal, and music copying isn't a big criminal deal here in Canada.

*shrug* Another cash grab. Hope someone 0wns the system good and makes Cisco look stupid. Oh, wait, DMCA. Nevermind.

Re:Should assume your channels are vulnerable (0)

Anonymous Coward | about 11 years ago | (#5783508)



This doesn't seem to be that big a deal to me. If you're passing large amounts of data around that would attract the attention of people who could get a lawful intercept warrant, then I would assume you are smart enough to use SSH, IPSec, or some other similar secure communications technology that renders the capability of this system useless.


Unfortunately it is a big deal. You just gave up every last drop of privacy you had. What's the next step? Microsoft setting up accounts in Windows to let the Goverment log in and listen to what you say via your microphone? Or to photo ID you via your webcam? It's a complete violation of rights, especially without any method to "watch the watchers".

Also from my limited knowledge of how encryption works, if they can record your key exchange, then its as if you're not encrypting anything!

Re:Should assume your channels are vulnerable (1)

override11 (516715) | about 11 years ago | (#5783545)

Hey, big suggestion here, and I might just be stupid. But..

Turn your computer off!!!

Its that easy, realy it is. If it doesnt have power, nobody can listen! :P

This makes me wet!! (-1, Troll)

Anonymous Coward | about 11 years ago | (#5783333)

Let me say this: This story makes me spurt juices out of my vagina at an enormous rate. There's so much lubricant coming out of my joy hole that the cushy padding on my chair is soaked. And Febreeze ain't gonna get that out!!

I can feel the warm liquid drip out of my vagina, trickle down my labia, and make its way through my pubic hair. Ooooooh what a feeling.

God, I need a big, huge cock right now to fuck me silly. Anyone willing?

Re:This makes me wet!! (0, Insightful)

Anonymous Coward | about 11 years ago | (#5783388)

Why don't you use your own?

Re:This makes me wet!! (0, Offtopic)

Ratphace (667701) | about 11 years ago | (#5783402)


I am sure if you take the time visit your local rancher, he'll have something around his property to satisfy your urges. tksinfoyoroktksbye.

Drive home safely!

Re:This makes me wet!! (0)

Anonymous Coward | about 11 years ago | (#5783411)

What do mean? This IS SLASHDOT you know!

1984 (1)

Anonymous Coward | about 11 years ago | (#5783336)

If George Orwell was dead, he'd be rolling in grave right now. I can't believe that a corporation such as Cisco would blatantly harvest information about their users for their own profit?

Would Cisco obey government orders if the Pentagon decided to use all civilian networking devices for a DoS attack against someone in the Middle East, North Korea, or Canada?

This just makes me sick!

Re:1984 (1, Funny)

Anonymous Coward | about 11 years ago | (#5783459)

George Orwell has been dead for over 50 years. And as far as the spinning goes - I have a generator hooked up to his grave that's powering my house. So back off!

Re:1984 (0)

Anonymous Coward | about 11 years ago | (#5783470)

How could you do a DoS attack on the Middle East and North Korea? I thought they pretty much don't have any service to begin with. :)

Other countries. (2, Interesting)

incom (570967) | about 11 years ago | (#5783337)

How will they be protected from american surveillance? Buy nortel or some other such brand?

Hey... (-1, Troll)

Anonymous Coward | about 11 years ago | (#5783340)

I've got a port [goatse.cx] to which you can route your packets of semen. Make sure your interface [goatse.cx] conforms to the standard wire density and length.

Btw, I know a guy named Cisco... he's got a mouth like a hoover! But I FAIL IT getting with him. Some guy named Taco [cmdrtaco.net] got to him first. Oh well. At least I have my computer [apple.com] to keep me company.

So what good is this (1, Interesting)

Anonymous Coward | about 11 years ago | (#5783342)

If you are using decent key exchange protocols and encrypt your traffic?

And besides, aren't you worried that your stuff goes to some AOL server when you're using AIM? Wake up... Echelon does not exist, it's being built. Let's do something about it.

it only bothers the unknowing honest. (5, Interesting)

Lumpy (12016) | about 11 years ago | (#5783345)

or the very stupid evildo-er.

If I simply send everything encrypted AND send lots of fake packets... I.E. random sized files that consist of the contents of /dev/random to all my comrades they will never EVER figure it out.

It's called hiding in a sea of garbage. Now write a nice small program that is a P2P sharing app (or a plug-in for one) that sends around some of those random files to other users (small ones 1-100K in size then keep your files in that size range)

Screw with them as they screw with you.

so a freenet node will completely hose this "eavesdropping system"

Re:it only bothers the unknowing honest. (0, Flamebait)

mikeee (137160) | about 11 years ago | (#5783472)

But most evildoers are very stupid.

Re:it only bothers the unknowing honest. (0)

Anonymous Coward | about 11 years ago | (#5783541)

True, caught hackers are the dumb ones. same as criminals in general they get caught because they are dumb as a box of rocks.

Gangs for example.. are just the really stupid dope heads. why you ask? let's see... let's all pile in my low-rider and shoot up dat' homiee dat' dissed muh ride!

multiple hidden wiretaps... (5, Interesting)

frenztech (302220) | about 11 years ago | (#5783355)

"multiple police agencies conducting simultaneous wiretaps must not learn of one another" -- If the police cannot determine if a wiretap is running on the router, then what is to stop a malicious party from running one there without administrative knowledge?

Re:multiple hidden wiretaps... (1, Insightful)

Anonymous Coward | about 11 years ago | (#5783521)

Whats to stop them now?

If you have access to an ISP and jack in a laptop with its NIC in promiscuous mode, you can pretty much already collect the same stuff.

Answer: nothing.

Your internet connection is not secure and never was.

Damn... (1)

BubbaTheBarbarian (316027) | about 11 years ago | (#5783358)

Just when you thought it was safe, you find out you cannot even go outside your own net.

Stuff like this is going to hasten a return to peer to peer dial-up services like we had in the early 90's. Stuff like this seriously gives me the creeps. Knowing that my business's and my private info can be tapped like that and by multiple agencies is just...

Say it all together now...

Evil.

War 1984...not...

encryption (4, Interesting)

JDizzy (85499) | about 11 years ago | (#5783365)

What is the point of encryption if you have to give up the keys. I say its up the the spooks to have the capabilities to crack my encryption rather than force me to hand over the keys. Even then, I'd only hand over the keys in encrypted form, still forcing them to use their supper computers. Serriously, encryption is a black and white area... some grey, but mostly either a situation where you use it, or don't... </rant>

Re:encryption (0)

Anonymous Coward | about 11 years ago | (#5783550)

IMHO, you're missing something. Sometimes networking people encrypt all the traffic from point A to point B as a way of getting it across that distance securely. They're not trying to break or subvert your encryption. They don't want your keys. They're using their own keys to do their own encryption for their own purposes.

The encryption wording here may just be designed to prevent the ISP from rendering the wiretap useless by saying, "sure, we'll let you read all the packets on this router" but saying to themselves, "of course, everything that goes through THAT router will be encrypted before it gets there and decrypted after it leaves."

It's a 2-Sided Coin (5, Interesting)

serutan (259622) | about 11 years ago | (#5783367)

McCullagh makes an excellent point that US government agencies have a history of illegal surveillance. If protecting the public justifies building in eavesdropping capability, then it equally justifies building in accountability. Terrorists and civilian criminals aren't the only menaces to the public. Surveillance activity should be logged and sent to secure storage which can be accessed through well-defined legal channels.

Re:It's a 2-Sided Coin (1)

KingRamsis (595828) | about 11 years ago | (#5783537)

it is truly sad what is going on in the US, the US was an example of freedom, democracy until governor Dubya arrived to the whitehouse, go ahead blame it on 911
if i'm a terroist would I just write a plain text email and send in the open ? I mean that would be really stupid
There are a zilion ways to hide information and mathmatically proven to be impossible to break, anyone with minimal programming knowledge can come up with a way if not breakable at least not immediately breakable

So for a one in million chance of a dumb stupid terroist sending plain text emails all the people must be burdened with breaching there privacy and risk of illegal surveillance

And remember: Linksys == Cisco (0)

Anonymous Coward | about 11 years ago | (#5783392)

I also never buy Cisco crap, not just for this recent reason, but also for their "assistance" to third-rate/world country's censorship efforts...

So, this outlaws quantum encryption then (4, Funny)

mark-t (151149) | about 11 years ago | (#5783393)

Since eavesdropping on quantum encrypted transmissions is always detectable.

Re:So, this outlaws quantum encryption then (2, Interesting)

fobbman (131816) | about 11 years ago | (#5783522)

Not only that, but if the Patriot Act II get enacted, you are in American, and you hide your wrong-doings with encryption, you can add an additional 5 years to whatever sentence you get. Better go back to using carrier pigeons.

From a republican viewpoint, I can understand how (-1, Flamebait)

Anonymous Coward | about 11 years ago | (#5783398)

privacy might be regarded as a bad thing.

Luckily, we have alternatives (4, Interesting)

bigberk (547360) | about 11 years ago | (#5783400)

If they do start to implement such eavesdropping facilities, I imagine that a lot of people might switch to routers powered by open source (such as Linux, BSD) so they can really know what's under the hood. Remember that a low end Pentium running Linux can easily route 10/100 Mbps.

That being said, Cisco knows that companies that used to buy from them will still probably buy from them. So this can't be a huge risk to their company. But the 'new features' would firmly embed government eavesdropping facilities in major ISPs, banks, large companies, schools, universities, etc.

Re:Luckily, we have alternatives (2, Insightful)

Lieutenant_Dan (583843) | about 11 years ago | (#5783447)

But that probably won't help you much if upstream they are using Cisco.

I think encryption would be the best alternative. E-mails, web traffic, heck, even DNS queries ...

Re:Luckily, we have alternatives (1)

bigberk (547360) | about 11 years ago | (#5783481)

But that probably won't help you much if upstream they are using Cisco... I think encryption would be the best alternative
True.

DPUG Protocol (2, Interesting)

jkindoll (114886) | about 11 years ago | (#5783437)

In case you haven't picked it up from the article, the designation for this new protocol is DPUG..Double Plus UnGood.

As bad as it sounds, it IS their product (3, Insightful)

nurb432 (527695) | about 11 years ago | (#5783440)

If you don't like the ramifications of using a Cisco product, then don't buy one. ( i know i wont purchase another )

Then, tell them why you wont buy their product and choose a competitor that hasn't vowed to violate their users privacy rights.

Re:As bad as it sounds, it IS their product (0)

Anonymous Coward | about 11 years ago | (#5783480)

Just like if a factory bugged Camry that sends notices to the local authorities if you break the speed limit is okay because it's Toyota's product?

Re:As bad as it sounds, it IS their product (0)

EdMcMan (70171) | about 11 years ago | (#5783524)

And where else should we go exactly?

Another case why monopolies are bad.

phones (4, Informative)

ih8apple (607271) | about 11 years ago | (#5783458)

The only thing that surprises me is that they have been so slow to implement it. The government already has the equivalent of this for phone tapping:

Virtually all phone calls (cellular and land line) in America run through certain switches controlled by Verint [verintsystems.com] and they are always used by law enforcement for wiretapping (and are constantly accused of abusing their authority). (Google [google.com] for Comverse, the company's name before the recent change to Verint.)

Those cops... (4, Funny)

MoeMoe (659154) | about 11 years ago | (#5783467)

'and multiple police agencies conducting simultaneous wiretaps must not learn of one another'

Because if they did then all they would do all day is send data to each other through the router about what doughnut, gun, and police force is best...

The funny thing is... I'm an army reserve and Auxiliary Police Officer which means I can make fun of myself!

It Is Your Freedom (1, Redundant)

(X)Paul (664560) | about 11 years ago | (#5783477)

"They that give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -- Benjamin Franklin

I don't really see how this is a problem... (2, Insightful)

ERJ (600451) | about 11 years ago | (#5783494)

So, the cops can packet sniff. Really, they could do that before, all this does is provide a better mechanism to do so. If we are talking about privacy, hardware is not the issue, the current laws are. If packet sniffing requires a courts approval, what does it matter if it is implemented in the hardware or not?

I guess, to me, this really isn't a huge deal, just an easier way for the cops to do their job.

PPP over SSH... (1)

Mysticalfruit (533341) | about 11 years ago | (#5783510)

All hail encryption. All the more reason to encrypt everything.

Time to setup white list mail servers that only accept email from other white list mail servers where the keys have been shared via offline media.

These servers will interconnect via PPP over SSH connections (the keys will also be shared offline)

The filesystems on these machines will be encrypted also using keys stored on easy (and quickly) destroyable media (such as meltable USB memory sticks)

Just ideas...

duh this is in every phone switch today (1)

jj_johny (626460) | about 11 years ago | (#5783532)

maybe you all don't or have not done telephone work but this is the case (built in eavesdropping) in every telephone switch. Most office PBXes have it too.

So please get your heads out of the collective sand and realize that if your voice, VOIP or data traffic leaves your facilities its going to be picked up if someone wants to see it. So this is not new, nor is it news nor is it any different than what we already have in place.

undetectable (1)

mlknowle (175506) | about 11 years ago | (#5783538)

I think the real motivation for the undetecatblilty by other snoopers clause is for this reason: if you were doing something illegal, and it were possible to detect a tap if you were also tapping, then it would make sense to tap your own connection, and you could determine if anyone else (the feds / police) were doing so

Its all starting to make sense. (0)

Anonymous Coward | about 11 years ago | (#5783552)

With all these new über DMCA bills being passed aroung the country and which make it look like firewalls, VPN, etc.... are going to be made illegal.

Its finally coming into focus. All these privacy measures aren't going to be illegal, but will probably have to be purchased through your carrier, who, by the way has a copy of the key (imagine that). This will allow them to tap into you 'secure' connection at will, as well as pass it along to whatever authorities request it.

The both the providers and feds/local authorities would love this arrangement. The providers get a captive audience, and laws would be in place to protect them, and keep them from getting dragged into court. And the feds get to tap whoever's 'secure' connection they like.

Just a guess, but given the strong arm tactics being used lately, it wouldn't surprise me.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...