[Lots of details and interesting suggestions. Keep reading. --Declan] --- Date: Wed, 23 Apr 2003 15:35:23 +0200 (MET DST) From: Paul Wouters <paulat_private> To: Declan McCullagh <declanat_private> cc: Fred Baker <fredat_private>, John Gilmore <gnuat_private> Subject: Re: FC: Weekly column: Cisco's wiretapping plans, int'v with Fred Baker Declan, I am a concerned Dutch citizen, keeping a public eye on the wiretapping situation there, especially since we were, until Cisco announced their plans, far "ahead" of the world (even before 9-11). Articles I have written on this subject are availble online, often in dutch and English, and include: http://www.fnl.nl/ct-nl/archief2001/ct2001-06/ct200106032033.htm (Dutch) http://www.opentap.org/ct/ct.aftappen-eng.html (English) http://www.fnl.nl/ct/archief2002/ct2002-12/aftappen.htm (English) http://www.opentap.org/ccc/ (English) In response to your article "Inside Cisco's eavesdropping apparatus" on http://news.com.com/2010-1071-997528.html?tag=fd_nc_1 I have a few comments to make: First you quote Baker saying: > We've had direct contact with the FBI and other agencies. When I was in > Holland I (spoke at a conference with the head of the equivalent of the > country's Central Intelligence Agency). The fact that he came out and > said something made the 8 o'clock news. I had a meeting with him and > some of his people a few days later to figure out what he wanted and > what he intended to do with this. As an engineer I wanted to understand > a customer's problem. The 8 o'clock newsitem Baker is referring to can be seen at: http://www.xtdnet.nl/paul/fb.mpg Only the introduction is Dutch, the remainder is in English with Dutch subtitles Let me put this a bit in context though. Baker spoke at the ISOC on januari 16, 2002. I was there as well. Baker explained that any wiretapping technology should not go into the protocols (eg TCP/IP) themselves, because it would make the internet infrastructure weaker. It is the same argument as the Clipper chip. Backdoors are bad. Escrow keys leaking out would mean an international disaster. Baker, or rather the IETF, made a conscious decision not to weaken the protocols, even though the LEA's (Lawful Enforcement Agencies) wanted this. Baker did acknowledge that some sort of wiretapping needed to exist for those LEA's. But he would not comment on what he or Cisco deemed to be the solution, except that Cisco was working on it. The boasting of our Dutch CIA being present is really out of context. Our intelligence agencies have been going through various reorganisation rounds, with the Old generation leaving (Dr. van Leeuwen) and new people settling in. Veenstra was just doing some PR for the BVD. Both the military intelligence and the civil intelligence units had ben revamped, now called MIVD (Militaire Inlichtingen en Veiligheids Dienst) and AIVD (Algemene Inlichtingen en Veiligheids Dienst). Note the difference between "binnelandse" (Internal affairs) and "algemene" (generic). By now, we also know that our government "needed" more and better SIGINT to protect against fundamentalists and terrorists. A new organisation, the NSO (Nationale SIGINT Organisatie) was setup to cater for those post 9-11 worries. All that Veenstra said that day was that they had an "extreme focus on terrorist activity". That took about 10 to 15 minutes. How ironic that only four months later Pim Fortuyn, the leader of the new political party LPF that rose from nothing to become the second largest political party in the Netherlands, was shot dead. Unfortunately, the secret nature of LEA's can explain both failure and success as a reason for more power and money. One of the other things I would like to comment on is Baker's remark in the news item that he didn't believe "new laws were being made". I think by now it has become quite obvious that all Western governments are quickly morphing into a police state. Though I will let others comment on the "no new laws" statement Baker made regarding the US situation, I will comment on the Dutch situation. In the last four years, most of the "temporary laws" (In Dutch "nood-verordeningen") protecting big events such as the Eurpoean soccer Championship or our Royal Wedding are still in place. Any engineer walking in the center of Amsterdam after 7pm officially violates one of these laws if he carries a screwdriver with him. In the entire downtown area of Rotterdam and Amsterdam you can be "preventatively searched". Without any cause or suspicion. By being in the center of Amsterdam you must be a criminal. But let me get back onto the topic of wiretapping. We now know Cisco would like to implement a wiretapping solution in their hardware, instead of in the protocols. From a first cursory glance over the document, it seems that Baker's draft complies with the ETSI norm. The Netherlands already has such a system in place. It is called Transport of Intercepted IP Traffic (TIIT) of which the (secret!) specifications can be found on http://www.opentap.org/ The one line explanation of the system is "Digitally signed XML warrant goes in, tapping data comes out". The government stressed that it would never automate tapping without involvig the ISP. The experiences with this system are currently fairly limited. The government is tapping about 100kb continiously, with peaks going to 0.5 to 1 mbit. These figures are based on their public router statistics. Bits of Freedom (www.bof.nl) tried to obtain numbers on the telephone and internet taps using the Dutch version of the Freedom of Information Act, but despite a government reimbursement system for telco's, it claimed it had no central registration of these taps, the government didn't want or need these numbers themselves, and therefor these numbers do not exist, and cannot be obtained by worried citizens. NLIP (www.nlip.nl), the Dutch branche organisation of ISP's, has a long history of behind doors negotiations with the government on behalve of their members. The government swept away their 'demands'. So they have foccused their effords on making tapping as cheap as possible for their members instead (while publicly not stating that they are no longer "nationally involved". Unfortunately, they do still seem to be used as an excuse by the government to claim "they are talking to the ISPs". This kind of conflict of interest (ISP's involved in law making only secondary to their own reduction of expenses) is very dangerous. Two weeks ago I also learned, indirectly through this NLIP, that the government is writing up a decree (Dutch: "Algemene Maatregel van Bestuur"), that is, a law that does not need the aprovement of parlemant, that will allow LEA's to control the tapping equiptment of ISP's remotely. The goal is to reduce the number of people who know about a tap. The side effect (or one could argue that this is in fact the intended effect) is that the legal system will be bypassed completely. The ISP doesn't know when it is tapping its customers, and cannot check the validity of the warrant. We will just "have to trust them". But can we? Only two months ago, the Dutch had their own version of "FoxNews" when the program Zembla reported that the Dutch tapping room is completely outsourced to a questionable Israeli company: http://www.opentap.org/zembla/ (Dutch) http://www.fnl.nl/ct/archief2002/ct2002-12/aftappen.htm http://www.opentap.org/foxnews/ Comverse (sorry, Verint-systems) has to come in and fix/repair/maintain the digital tapping rooms very regularly. They hook up Hebrew keyboards and no one knows what they are doing. An anonymous source within Comverse told c't magainze (www.fnl.nl/ct) that 9.1GB Sony MO disks are used: http://www.sony.net/Products/DataMedia/products/525MO/91GBMO.pdf And that they can put 240 hour of conversations on one such MO using the following codec: http://www.vidicode.nl/Dutch/scr_nl.htm So even if our government means well, our data apparently leaks out anyway. (Then again, the Wassenaar Agreement the Netherlands signed includes Israel anyway, so Israel could just order their own taps from our government anyway). But worse, the Zembla newsitem also showed that the police had manipulated evidence. This became painfully obvious when one of the "intercepted GSM phone calls" was heard pulse dailing (Remember those days when dialing was done with a dial?) I have long ago come to the conclusion that yes, tapping is a neccessary evil. We need to accomodate this. But it is of vital importance that tapping does NOT become an automatic system that only involves LEA's. There is a valid reason that LEA's don't trust LEA's. That is why they want to be able to tap each other, and that is the reason for the ETSI demand for multiple parallel invisible taps. We should not play their game. LEA's have their own, secret, agenda. Back to Mr. Baker, Mr Baker also mentions: > What we're doing is putting the capability in a separate image so you > know what you're getting when you get it. Under U.S. law, if you have > that ability, you could be required to use it. Our service provider > customers have asked us not to put it in the standard image, so that > they can't be forced to use it. Though this seems like a reasonable stance, let's not forget that a far more important argument for Cisco is that putting a tapping image in their Cisco's per default would cause two thirds of the worlds to no longer buy Cisco. This is coming dangerously close to putting "Trusted computing" into the router. I am sure it's trusted, but who owns the device? It is of vital importance that any tapping accomodating protocol is completely free and open, so that opensource implementations can be written. The solution? In the TIIT specification, there is a special function to ensure that the tap is still working properly. Ever 64 packets or 5 minutes, a cryptographical checksum is generated by the tapping box over the intercepted data, and also send to the LEA. This is to ensure the integrity of the datastream to the LEA. I believe that the ISP should not only be allowed, but should be forced to keep those checksums themselves. Those can then later on be given to the courts to determine any evidence tampering by the police. And it also ensures that the ISP will always know about a tap in his network, and will always have the means to check the legality of such a tap. I sincerely hope Mr. Baker will add something similar into his Cisco's. If he does not, ISP's will be prevented from checking the legality of warrants, and on top of it they will face a rush of LEA's taking over their Cisco's. If we are not allowed to investigate the correctness of a warrant, nor the proper functioning of our LEA's, then we might as well end the charade of the courtroom and admit that we have chosen to live in a police state. Paul Wouters Opentap ------------------------------------------------------------------------- POLITECH -- Declan McCullagh's politics and technology mailing list You may redistribute this message freely if you include this notice. ------------------------------------------------------------------------- To subscribe to Politech: http://www.politechbot.com/info/subscribe.html This message is archived at http://www.politechbot.com/ Declan McCullagh's photographs are at http://www.mccullagh.org/ Like Politech? Make a donation here: http://www.politechbot.com/donate/ -------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Wed Apr 23 2003 - 09:27:23 PDT