[Politech] Can the Feds really require that peer-to-peer VoIP be wiretappable? [priv]

From: Declan McCullagh (declan@private)
Date: Mon Aug 08 2005 - 18:14:49 PDT


I'd bet that Thomas is more familiar with the details of VoIP protocols 
than I am. But I would venture two points: (1) Vonage has told me in the 
past that they have not received a wiretap order but could comply if 
they did. (2) The Feds have said they're prepared to outlaw certain 
products that doesn't provide ready wiretap access, period.

Take a look at FCC Chairman Kevin Martin's statement on Friday:
http://hraunfoss.fcc.gov/edocs_public/attachmatch/DOC-260434A2.pdf
"I am committed to ensuring that these providers take all necessary 
actions to incorporate surveillance capabilities into their networks in 
a timely fashion. To this end, the Commission intends to continue 
working closely with industry representatives, equipment manufacturers, 
and law enforcement officials to address and overcome any challenges 
that stand in the way of effective lawful electronic surveillance."

Can anyone clear this up?

-Declan

PS: Previous Politech message:
http://www.politechbot.com/2005/08/08/schizo-fcc-deregulates/


-------- Original Message --------
Subject: Re: [Politech] Weekly column: Schizo FCC deregulates DSL,	but 
regulates Net-wiretapping [priv]
Date: Mon, 08 Aug 2005 11:04:11 -0500
From: Thomas Junker
To: Declan McCullagh <declan@private>

PLEASE OMIT MY EMAIL ADDRESS.

On 8 Aug 2005 at 11:04, Declan McCullagh wrote:

> The text of the FCC's CALEA order is not yet public, but early signs
> are worrisome. The FCC's two-page summary says that voice over
> Internet Protocol (VoIP) providers like Vonage that mimic traditional
> phone service must rewire their networks to be easily wiretappable.

Essentially can't be done because VoIP is peer to peer after call setup. 
  Pen
register could be done via the servers that handle call setup, but voice
capture, NFW.  Of course they could require a back door into the consumer's
VoIP box and duplicative voice streams to be sent to a law enforcement
server... surely no one would notice that their box and network are sending
another 90 kbps somewhere... oh, wait!

And what about people and companies who run their own Asterisk VoIP PBXs?
Calls that take place within the universe of SIP and related VoIP units 
known
to a PBX never touch a carrier's server for call setup.

It's one thing for gummint to tell telcos and network providers to do 
onerous,
expensive, inefficient and vulernable things to capture voice or network
traffic, it's another thing entirely to try to tell people to do things 
that
can't be done due to the decentralized nature of things like VoIP.

Regards,

Thomas Junker
[email withheld to frustrate harvesters]

_______________________________________________
Politech mailing list
Archived at http://www.politechbot.com/
Moderated by Declan McCullagh (http://www.mccullagh.org/)



This archive was generated by hypermail 2.1.3 : Mon Aug 08 2005 - 18:26:38 PDT