Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] NYT report on Obama admin's wiretap plans

Alec Muffett alec.muffett at gmail.com
Mon Sep 27 07:44:08 PDT 2010


On 27 Sep 2010, at 15:02, Rebecca MacKinnon wrote:
> I recommend Glenn Greenwald's comparison of the Obama admin's latest moves with the UAE/Blackberry situation, which the administration criticized: http://www.salon.com/news/opinion/glenn_greenwald/2010/09/27/privacy/index.html
> 
> If the bill described by the NYT were to be passed into law, am I correct in my understanding that tools like Tor would be illegal and/or impossible to develop and operate in the U.S.? 


That would be my reading of:

> * Communications services that encrypt messages must have a way to unscramble them.
> 
> * Foreign-based providers that do business inside the United States must install a domestic office capable of performing intercepts.
> 
> * Developers of software that enables peer-to-peer communication must redesign their service to allow interception.

From https://www.nytimes.com/2010/09/27/us/27wiretap.html

I'd be more concerned for OTR than Tor, though I suspect the US administration would take potshots at both, and more besides. Does anyone remember/use Freenet?

The problem for the FBI/administration is that it's now 2010 and not 1997/8[1].  It's no longer a matter of putting thumbscrews on the big players like Skype and AIM; Haystack notwithstanding there are hundreds, probably thousands of geeks in the world there who can wire Ajax to an SSL connection and implement a point-to-point IM tool that is devoid of logging, running it over Tor to complicate matters is just frosting.  Stay beneath the radar of noticeability and you're safe enough for a while.

Contrariwise: the barrier to adoption of these homebrew solutions by the Four Horsemen of the Infocalypse[1] is usability, which is not easily solved.  Your average thug won't want more than a phone number to deal with, let alone a ascii-encoded 128-bit key.

I'm wondering why this is coming out, and why now?  Is there someone with something to prove, or are there budget cuts forthcoming?

It strikes me that a more economic approach would be for the FBI to float a Ruby-on-Rails stack as "Cosa Nostra Cloud Services, Inc" and just wait awhile.

	-a

--
[1] http://www.fipr.org/sfs3.html
[2] https://secure.wikimedia.org/wikipedia/en/wiki/Four_Horsemen_of_the_Infocalypse




More information about the liberationtech mailing list