US Policy Would Allow Government Access to Any Email 516
An anonymous reader writes "National Intelligence Director Mike McConnell is currently helping to draft a new Cyber-Security Policy that could make the debate over warrantless wiretaps seem like a petty squabble. The new policy would allow the government to access to the content of any email, file transfer, or web search."
Really? (Score:5, Insightful)
Not that I support this, but I sure as hell don't intend to make it easy for people to invade my privacy when I'm not doing anything illegal.
Re: (Score:3, Funny)
Well, considering that you live your life with such privacy paranoia that you feel you have to post AC and therefore probably aren't much threat to the government
Re:Really? (Score:4, Insightful)
That said, there are NO sources for this statement. The PDF link gives a 404 and they don't explain what they meant other than using broad terms. It sounds like a lot of FUD without a source to back it up. Does anybody have the PDF? If not then I'd like to see more sources than just an un-signed editorial on Raw Story.
Re:Really? (Score:5, Informative)
If you RTFA, it's from The New Yorker. Or, at least it was in TFA when I read it earlier today before Slashdot posted it.
I'm too lazy to check to see about the link now, but fortunately, since I thought the article interesting, I saved it. So here it is [googlepages.com]. It's an 18 page PDF, The proposal is mentioned on page 11.
Re: (Score:3, Insightful)
Re: (Score:3, Insightful)
It depends on what you write in your posts. If the FBI, CIA NSA, KGB, Gestapo or anyone else wants to read your screed, they may, may they not? After all you're not posting bomb making instructions or other stuff these guys would care about are you?
Forget about privacy in todays modern world. About the only things that may still be private, are the thoughts in your own head. So far only God and you know what those are
Re:Really? (Score:5, Insightful)
Re:Really? (Score:5, Interesting)
Re:Really? (Score:5, Insightful)
Re:Really? (Score:5, Insightful)
So, how exactly is revealing a password any more incriminating than say, allowing police into your home -which is "standard practice"?
-Don't tell us that you killed her -which would be incriminating, just tell us your password -which is something absolutly neutral.
Re:Really? (Score:5, Funny)
Re:Really? (Score:5, Insightful)
Still, as long as the constitution holds out, they can ask you your password and you can plead the fifth.
Re:Really? (Score:4, Insightful)
C'mon. You should know by now that the constitution went belly up back in 1798 [wikipedia.org]. Well, the bill of rights anyway. The parliamentary stuff in the main body is still holding up.
Re:Really? (Score:5, Informative)
No, it doesn't. See sneak and peek [uga.edu] warrants.
You can try encrypting all of your files but if they can gain physical access to the machine(s) in question without you knowing about it then it's a simple matter to install a keylogging device and obtain any passwords needed to decrypt your data.
Re:Really? (Score:4, Funny)
Personally, I prefer my homemade claymores for that purpose.
Bloodstains are much easier to spot when I get home.
Re:Really? (Score:5, Insightful)
I don't feel comfortable taking such a narrow interpretation of the bill of rights that only things that are literally and directly incriminating are protected.
Sadly, it doesn't matter what you feel comfortable with. It's what a judge feels comfortable with. And lately they seem to be quite comfortable with broad, in some cases overreaching IMHO, interpretations of the bill of rights.
Re: (Score:3, Informative)
Re:Really? (Score:4, Funny)
Or You Could Go With the Reagan/Bush/Rove/Cheney (Score:5, Funny)
"I don't recall"
Re:Really? (Score:5, Insightful)
Want to try to deny you disagree against government policy, or that you wont vote to keep them in power, or that you don't 100% agree with a corporation that supports the current government and your life and the future of your family will be systemically targeted. Unless you publicly support them and their chosen evangelical religion of power and control, you will become the enemy, and will be accused and judged by the 21st century Internet inquisition and potentially targeted for harsh interogation techniques.
Don't fit their current preferred 'mold' of what they define to be a good, white, evangelical, american and honestly how well will you and your family fare under the 21st century Internet inquisition. Conspire to be free and believe in democracy and justice and you will learn how easily conspiracy laws can be abused.
Re:Really? (Score:5, Interesting)
No sources (Score:5, Insightful)
Has anybody actually SEEN the draft so that we can comment on it intelligently without relying on "I think the US government is bad, so I'm going to assume they're doing horrible things"? The PDF link in the Rawstory unsigned editorial doesn't work, so it's awfully hard to evaluate their claims. The homepage of Rawstory makes their bias pretty clear, so I'm inclined to not just take their word.
Re:No sources (Score:4, Informative)
Has anybody actually SEEN the draft so that we can comment on it intelligently without relying on "I think the US government is bad, so I'm going to assume they're doing horrible things"?
The problem with this reasoning is that it doesn't take much effort to know that the US federal government has done bad things. It's not a matter of conjecture. The US has spied on law abiding citizens, check out MLK, done medical experiments on people without their approval, and has forcibly sterilized people. The US has also broken a number of treaties.
FalconRe: (Score:3, Insightful)
Not constitutional, but then, many things aren't.
Re: (Score:2)
If we lose the 5th amendment argument, then it wont matter what you do. If they cant read your files, you get tossed in the clink regardless of potential content. Or worse, using private encryption becomes a crime all itself.
Re: (Score:3, Interesting)
It seems almost every day I become more and more angry with the crap that our "representatives" do on "our behalf". If the PDF linked in this article actually existed, I'd be typing up letters to my congressmen. Unfortunately the article fails to present itself as credible because of a lack of sources, so in the event that the allegations are true, we don't have enough information to do anything.
Re: (Score:3, Insightful)
Re:At least they won't be able to mass-scan... (Score:5, Informative)
There is a firefox plugin Firegpg [tuxfamily.org] that you can use with gmail to encrypt, sign, and decrypt email.
I dunno if it works with yahoo....it might...
Re:At least they won't be able to mass-scan... (Score:5, Informative)
The main obstacle to mass encryption these days is Microsoft. I expect to be skating over Hell's frozen wasteland before Microsoft adopts encryption in Outlook/Hotmail.
I've been encrypting and signing mail in Outlook Express and Outlook for years. The certificates are installed via XENROLL.DLL or CERTENROLL.DLL. Windows actually has a really good encrytion API.
If you go here [comodo.com] you can get a free e-mail certificate. Once you install it to the cryptography store you can sign and encrypt mail in any Microsoft email program. If you use the Windows Live Mail [live.com] application you can encrypt messages in Hotmail too.
Re:Really? (Score:5, Insightful)
This doesn't work for public discussion lists, or even private ones, unless they're very strictly controlled.
It also doesn't help for p2p traffic, as those are between two essentially anonymous parties, and thus, have no way to prevent a man in the middle attack, even if they DO use encryption (unless the tracker mediates, which, for most implementations that I've seen, it doesn't, even if it's using SSL)
The simple fact of the matter is that encryption is the wrong mechanism to solve this problem. Removing power from your government is the right mechanism, ideally.
Re: (Score:3, Funny)
127 hours? (Score:3, Insightful)
Re:127 hours? (Score:4, Funny)
Re: (Score:3, Insightful)
> And what is it going to do about my encryption keys?
Same thing they did in the UK: Pass a law making it illegal not to divulge them, and pass another law that says if you forget or lose the keys, the burden of proof is on you to prove that you forgot or lost the keys.
Except in the United States we have this thing called the 5th Amendment which says someone can't be forced to say or do something that will incriminate themselves. As someone up the thread pointed out a judge already ruled for a de
The Constitution... (Score:4, Insightful)
I like this quote. (Score:2)
So, that would mean that the societies with the most surveillance were the most secure, right?
Like Soviet Russia.
Correct (Score:4, Insightful)
So, that would mean that the societies with the most surveillance were the most secure, right?
Re: (Score:3, Insightful)
Re: (Score:2)
Nobody is safe nowadays !
Re:The Constitution... (Score:5, Insightful)
email? Does anybody think that email is private? It is sent in clear text so I would say that it is as private as a postcard.
There is an election coming soon. So for those that really fear this find out where the candidates stand on it.
Then vote.
BTW don't focus so much on the President BTW take a hard look at your congressional reps.
Re:The Constitution... (Score:5, Insightful)
Re:The Constitution... (Score:5, Insightful)
As I say in every discussion of this nature, "private" in the sense of "can a police officer legally look at this and use it as evidence?" is completely different than in the sense of "could a malicious person who wanted to snoop on what I was saying possibly look at this, the law be damned?"
E-mail is about as physically private as a letter. They are fairly trivial to read but it does require you take take deliberate action to do so. As opposed to a post card which could literally fall out of the postman's hand text-up and be read by accident, other people's emails don't just randomly show up on your screen even if you are an email server sysadmin.
And thanks to recent precedent email is becoming -legally- as private as a letter. Which to repeat, is a different standard, and regardless of the fact that letters are easy to read, they are still considered private. So while a malicious mail man could read your mail whenever they chose, a cop who wanted their evidence to stand up at trial could not without a warrant.
We need to remember both of these. First if you want real privacy even from malicious people, you need to encrypt your email. Second, we still need to keep unencrypted email to be legally private, since otherwise the idea is that if the police -can- read your encrypted emails then they don't count as private and thus no warrant is needed.
There is an election coming soon. So for those that really fear this find out where the candidates stand on it.
Then vote.
BTW don't focus so much on the President BTW take a hard look at your congressional reps.
True that. Sadly enough it's hard enough to get specific answers on what the Presidential candidates' stances are on the subject, much less all the representatives.
Re: (Score:2)
I am not sure that Email is any different but that is up for debate. Even if it gets the protection of law it is just to easy to sniff a line and get email for me to ever think of it as private.
You really don't need to check EVERY rep. Just yours since those are the only ones you can vote for.
With all the complaining about the P
Re: (Score:3, Insightful)
just because i don't send all my email with 128bit encryption, it doesn't give you or the government the right to read them.
Re: (Score:2)
Well except that there is no proof that this is true. That story is kinda short on any proof at all.
email? Does anybody think that email is private? It is sent in clear text so I would say that it is as private as a postcard.
Not only is the above true, but you should never do this and post a line from an incriminating email in a public forum :
(oh noes, what have I done !)
Re:The Constitution... (Score:5, Insightful)
Bill of Rights Toilet Paper (tm)
It comes with all 10 printed on each sheet. Congress Critters find it to be heavy duty absorbent. Somehow though, that stuff you water the Tree of Liberty with seems to slip through anyway, just a little, but it slips through....
Luddite revolution (Score:5, Funny)
He's just stretching the constraints (Score:5, Insightful)
Re: (Score:2)
Diminishing returns (Score:4, Insightful)
In the end, it's probably a lot more trouble than it's worth to go about things this way, rather than doing the 'traditional' sort of real-life investigation leading to a warrant &c.
Re: (Score:3, Funny)
Re: (Score:3, Funny)
Re: (Score:3, Interesting)
Still I suppose this would open up the avenue of attack that you could communicate in 'spam' code, trying to make your e-mails look like random spam generated, or you could send out a massive spam e-mail that actually contained information in it...
All said and done though, I don
Re: (Score:2)
Only instead of providing links to Web sites, the government's in-house search engine would provide links to users.
Re:Diminishing returns (Score:4, Insightful)
Other respondents have pointed out the arms race between spam and spam filtering; I had that in mind when I made my response. In essence, as a detection tool, this is going to be more or less useless, outside of the occasional one in a million lucky strike; really, the only way to use it would be to go mining it once you've already detected something nefarious and you want a more solid case--something that could easily be handled by a warrant and seizure of the suspect's computing assets.
Re:Diminishing returns (Score:5, Funny)
rj
Re:Diminishing returns (Score:5, Insightful)
Let's say you do something to piss some mucky-muck off and you get on the monitor list. It's only a matter of time before you mention in passing that you copied a DVD or any other heinous crime and bingo! The FBI/Federal marshals/etc are at your door.
Paranoid? I grew up in a communist state. I hate to think I've escaped to one, too....
Re:Diminishing returns (Score:5, Insightful)
But if the government really wants your hide, then they'll have it whether they have any real evidence or not--witness Cardinal Richelieu's words: "Give me four lines written by the most innocent of men, and in them I will find something to hang him." That was just as true then as now.
They found a way to make encryption mainstream! (Score:5, Insightful)
Then again, it's almost certain that they're already reading all the e-mail. This law is probably just to prevent them from getting sued about it later. Ug
Re:They found a way to make encryption mainstream! (Score:4, Insightful)
This is bad journalism (Score:2, Interesting)
It's in the New Yorker's print edition (Score:5, Informative)
Amendment IV to the Constitution (Score:3, Informative)
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
Re: (Score:3, Interesting)
"It's just a fucking piece of paper." -- US President George W. Bush on the Constitution
Re: (Score:2)
Re: (Score:2)
Re: (Score:3, Funny)
Re:Amendment IV to the Constitution (Score:4, Insightful)
They'd rather use GenXers as guinea pigs, a much smaller demographic that's not used to having governments and markets abide by their demands (or needs). They are also much more steeped in the individualist mindset such that they're capable of mass-organizing very little outside of the corporate environment.
So yes, you could say the Bill Of Rights is only for old people...
Re: (Score:2)
I can't believe it's come to this... (Score:2, Interesting)
The US is well along the path to becoming a police state. Personally, I am not concerned about a 1 in 1 billion chance of being murdered by terrists, but I clearly remain in the minority.
A likely scenario with this could also be to p
I got an idea.... (Score:5, Insightful)
That should sufficiently prevent this from becoming law!
Re:I got an idea.... (Score:5, Insightful)
Sounds like FUD (Score:5, Informative)
Re: (Score:3, Informative)
Since none of these offer the full story, only proof that such a story does exist (or will), it is hard to say how much FUD is in the Raw Story article.
BAH! (Score:2)
Of course my grand plan gets fuddled up when they just stick a sniffer on the outside of my network. But maybe by then I will have figured it out and set my firewall to deny traffic containing the terms
Re: (Score:2)
This sounds a lot like Carnivore [wikipedia.org]. The FBI has been indexing and searching emails for a long time. They're sent unencrypted over the wire, and the majority of Americans have no clue how easy it is to intercept email.
The Bush Administration has been requesting search results [searchenginewatch.com] for a long time, too.
Which begs the question - WHY ARE WE LETTING THESE OPPRESSIVE JERKS GET AWAY WITH THIS?
PGP + Constitution (Score:5, Informative)
You can't let the terrorists win (Score:5, Insightful)
Oh hang on we were fighting for freedom and liberty weren't we? So you need to give up all your freedoms to protect your freedom? You'd almost thought that the government was a repressive regime that wanted to subjugate people.
Re:You can't let the terrorists win (Score:5, Funny)
As this applies to regular mail, I think that it applies to email as well despite the government not getting a cut of the money.
No person shall be held to answer for any capital, or otherwise infamous crime, unless on a presentment or indictment of a Grand Jury, except in cases arising in the land or naval forces, or in the Militia, when in actual service in time of War or public danger; nor shall any person be subject for the same offence to be twice put in jeopardy of life or limb; nor shall be compelled in any criminal case to be a witness against himself, nor be deprived of life, liberty, or property, without due process of law; nor shall private property be taken for public use, without just compensation.
Self Explanatory, encrypt. Also as the beginning states they cannot do anything to you unless they bring you before a Grand Jury. The wording is clear that the only exception are members of the Military. Which brings me to a fun story.
When I was in the Army deployed to Iraq they told us that they had to scan our computers before we left to look for secrets and obscene material. Well this made me very angry so first I offered my services to a few friends and setup truecrypt volumes for them. Then I took a picture of myself flipping off a camera, labeled them things like Fuck Me hard(several different variations on that theme) and distributed 30,000 copies all over my hdd. Let's just say that when they put in the scanning disk the person performing the scan got really tired of seeing me flip him off and they didn't find anything. I know it was petty and he really wasn't doing it because he wanted to, but I think that I made a point even if it was in a very small way. The leadership never ever scanned anything of mine again.
Re:You can't let the terrorists win (Score:5, Interesting)
Let me put it as easily as I can, we all worked a ummmm special mission. We were all very well trained with how to handle security and put in a position of trust. Yes it was my personal laptop and yes they can scan it which pretty much says that they don't trust me. However as you seem to be an officer just what would you have done? Can you punish me for having pictures of myself on my personal computer? Would JAG back that up? Also a few more circumstances here, they do care about obscene material as they scanned my computer mid tour and found some nude pictures of my wife and demoted me for that. I also was the guy that as a specialist redesigned the entire IT infrastructure that we were using to increase productivity substantially, I ran the entire network by myself, I ran a pacing item by myself, ran the websites by myself, built a server for them, and was the main CRO all that in addition to my regular job of 98C. Another thing that was fun was whenever the Trojan Spirit II went down they had to call me in no matter what time it was to come fix it(at least once a week because no matter how hard I screamed for them I couldn't get the A/C units fixed). I asked for people to train on the various systems, but they couldn't spare even one tech oriented person even though I had guys volunteering for it. I spent three days in the back of that damned thing working on it one time without sleep or food because my NCO's couldn't be bothered to at least bring me food, towards the end of that the ACE Cheif came to bitch about it not working. I politely told him to shut the fuck up and let me finish my job. So if I wanted to do some damage or betray anyone I damned well knew how to do it, scanning my personal equipment was a slap in the face to me and did not deserve my cooperation. Needless to say I had no respect for any level of my leadership as I was trying my hardest for a long time to be a good soldier and cooperate only to be fucked constantly. Yes, my point of view is one sided, but if they had a real problem with me then dammit that's what a counseling statement is for(I was an NCO for a while until the incident) and it could have been spelled out so I could fix it. I just didn't play games and called people out on bullshit so they didn't like me. So fuck the Army, I'm out now and they can kiss my ass.
Who cares? (Score:5, Insightful)
everyone knows (Score:2)
And what about foreign nation TLD's? (Score:3, Interesting)
Re:And what about foreign nation TLD's? (Score:5, Funny)
Something along the lines of "More! More! Harder! Deeper!" is my guess.
google web history (Score:2)
Re: (Score:3, Informative)
have you ever looked at your google web history [google.com]? yikes.
Nope, it asks me to signin, and I don't have an account.
FalconMake your voice heard (Score:5, Funny)
I know, it's not original.
Zero sum, my ass. (Score:2)
This is NOT zero sum. The magnitude of damage caused by this kind of stuff far outweighs any even theoretical increase in security.
I assume this happens already (Score:2)
PGP to the Rescue! (Score:3, Insightful)
Encrypt your email (Score:5, Interesting)
Seriously. There are already libraries such as FLTK [fltk.org] and QT for the graphic front end. For the back end, you could use XySSL [xyssl.org], OpenSSL [openssl.org], or even GNU GPG.
I'm about 20 hours into an encryption client, and I've already got people using it. I initially wanted to use GPG, but realized that most technophobes won't go for a command line application. So I pulled out FLUID (the FLTK design utility) and had a prototype working within hours.
Today, there's no excuse for not encrypting your email. I realize that you may think you have Constitutional rights in this regard, but GW & Co. have the guns, the taxpayer financing, and even the (unsolicited!) cooperation of the major network carriers. It doesn't matter what you think the Constitution says if you can't even get a trial. You're on your own from here on out.
So why encrypt, even if you've nothing to hide? Well, simple, really. Why let the government violate the 4th ammendment with impunity? If you encrypt your email, the government can't perform secret, mass surveillance. Sure, they can pound on your door, and even demand the key. You might even have to give it to them. But in them doing so, you've achieved three key goals:
Encryption is highly Constitutional (TM) software. It keeps terrorists from eavesdropping on our conversations, knowing our whereabouts, and stealing our valuable intellectual property. If the government can't read my email, neither can the terrorists.
Be patriotic. Support the Constitution. Encrypt everything.
Unless it's bundled with Windows... (Score:5, Interesting)
Encryption should have been built into the protocols from the start but now I'm afraid the horse has bolted.
Impeach Them Already (Score:4, Insightful)
I mean, they're still spinning down how a Filipino Monkey [wikipedia.org] almost gave Bush a pretext for armageddon with Iran last week, continuing to blame Iran.
They still act like they don't even really know for sure who is "the enemy" in Iraq, or when the next Taliban attack [nytimes.com] will show how badly we're losing in Afghanistan to a bunch of medieval hicks hellbent on returning to the Stone Age.
And yes, they're still spying on every email, Web hit and phonecall in the US (hi, Dick!), while hustling to hand telcos amnesty for breaking the law at their request, even though they can't even pay the phonebill so it gets shut down.
These Keystone Konservatives would be hilarious if they weren't the most dangerous people ever in the world.
We have to call our lazy, complacent congressmembers and insist they impeach these criminal retards, instead of just easily running against them this year and inheriting all their catastrophic tyrannical powers.
Re:Impeach Them Already (Score:4, Informative)
Laugh while you can.
Your sorry assed demagogues have succeeded in squandering international goodwill towards the U.S., sold military technology [findarticles.com] to China in order to insure low prices at Wal-Mart and guaranteed that not only *you*, but your children (if you stop doing the hand dance long enough to have any), and their children's chidren will be paying the price [nationalpriorities.org] for their stupidity.
The long and short of it laughing boy, is that *your* party attempted to impeach a sitting president over a stain on a blue dress and failed, but have sufficiently befuddled the nation with misdirection and divisiveness that we are failing to impeach a president and his cronies who have lied to us [bushlies.net], lead us into a quagmire [findarticles.com], are shredding the constitution [truthdig.com] at every turn, and who felt the need to put safeguards in place [antiwar.com] to prevent them from being charged as war criminals like his father [deoxy.org] was.
So, yeah, good ahead and laugh, I for one will shed a tear.
what are the odds.. (Score:3, Interesting)
If the Bush administration 'loses' and 'accidentally deletes all traces' of their email every time they are being investigated, how could our inept government monitor the email of over 300,000,000 people in america?
Certainly there is a LOT of sarcasm in that question, but seriously [b]what grounds to they legitimately have[/b] to require access to users email WITHOUT a warrant? None if you consider that even our White House has redundant backup of their email which is likely on some cheesy Exchange server somewhere.
That means they have tons of time to get a warrant should it be justified.
Complete and utter bullshit (Score:4, Insightful)
One Good Thing ... (Score:3, Insightful)
Somebody needs to get cracking to devise a cipher that looks just like these spam noise words... something along the lines of a one-time pad [wikipedia.org]
Comment removed (Score:3, Insightful)
Re: (Score:2)
Yeah, I guess all those completely uninteresting people out there are why the FBI agents misuse national security letters and embezzle thousands of dollars from the wiretap tip jar.
tyranny (Score:3, Insightful)
What ever happened to the founding father's view that tyrany was ever vigilant and the tyrant would use any means to strip liberty away from its citizens?
Oh yeah, that isnt taught in schools :(
It, freedom from tyranny, not being taught in school may be part of the problem but another part is that those alive now haven't had to fight to preserve it. I think Thomas Jefferson hit it on the head when he suggested there should be a revolution about every 20 years. If you're born and raised under it more