Can terrorists use the Net to avoid wiretaps?
Can members of Al Qaeda use voice over Internet technology (VoIP) to avoid wiretaps?
Recent comments by Michael McConnell, Director of National Intelligence, seem to suggest that terrorists could create significant roadblocks for the National Security Agency by simply routing their traffic through the U.S.
Mike McConnell: I'll have some of what he's smoking,
(Credit: Office of the Director of National Intelligence)The incongruously named Protect America Act of 2007 gutted the existing Foreign Intelligence Surveillance Act (FISA), and allowed the National Security Agency to significantly expand its surveillance powers. It's set to expire in February, and the Administration is looking for reasons to justify extending the law. With perfect timing, Michael McConnell, Director of National Intelligence, has come to the rescue.
An interview published in the upcoming edition of The New Yorker quotes him, stating that,
"McConnell said that federal judges had recently decided, in a series of secret rulings, that any telephone transmission or e-mail that incidentally flowed into U.S. computer systems was potentially subject to judicial oversight. According to McConnell, the capacity of the NSA to monitor foreign-based communications had consequently been reduced by 70 percent."
Conveniently enough, if Congress passes legislation to further gut FISA, the NSA will be able to resume its warrantless snooping on the terrorists, the troops will be safe, global warming will cease to be a problem, and no more puppies will have to die.
While the average privacy geek would consider an NSA wiretap of an undersea fiber-optic cable carrying millions of phone calls to be surveillance, it turns out that the law does not agree. As per the existing FISA rules, anything the NSA does outside of the U.S. does not count as electronic surveillance, and thus does not require a warrant. Thus, any wiretapping that happens in Iraq will never require approval of the FISA court, with or without any new legislation being passed.
(I'm not the only one to call bs on McConnell's claims. Wired's Ryan Singel is offering a $1,000 wager that "when and if those rulings are ever released, we'll see they say no such thing." Clearly, the pay over at Wired is far better than CNET. While I can't offer the same level of money as Ryan, if McConnell does turn out to be telling the truth, I'll promise to switch my telephone service to AT&T--thus sending a little bit of money to the NSA's best friend forever.)
However, for the purposes of this blog post, let's assume that McConnell is in fact telling the truth. Let's assume that a phone call between two members of Al Qaeda in the Middle East that happens to flow through a U.S.-based server automatically kicks in a requirement that the NSA get a FISA warrant before it can listen in--even if the tap is conducted in Iraq, or under the Atlantic Ocean.
It's not surprising that this would be alarming to the NSA. In a previous interview, McConnell claimed that each FISA warrant takes more than 200 man hours to process. Were every member of the Iraqi insurgency to route his communications via the U.S., the NSA would presumably become the largest law firm in the world.
Which brings me to the point of today's blog post. If McConnell is to be believed, Al Qaeda merely needs to switch to using U.S.-based voice over IP services, and it can immediately crush the NSA under a pile of FISA paperwork. No matter where the NSA actually tried to intercept the Internet-routed phone call, a FISA warrant would be required. For $24.99 a month per terrorist, Al Qaeda could launch a gigantic legal denial of service against the folks at Fort Meade. Furthermore, now that the iPhone has been hacked to support VoIP software, the VoIP-subscribing terrorists could communicate in style.
Of course, the problem with using most commercial VoIP solutions is that phone calls flow over the wire in the clear, making it trivially easy for our spooks to listen in once they've dealt with that pesky matter of the warrant. Thus, any smart terrorist worth his salt would most likely use encrypted VoIP software, such as the uber-fantastic Zfone project, which can be had for free.
Christopher Soghoian delves into the areas of security, privacy, technology policy and cyber-law. He is a student fellow at Harvard University's Berkman Center for Internet and Society , and is a PhD candidate at Indiana University's School of Informatics. His academic work and contact information can be found by visiting www.dubfire.net/chris/. He is a member of the CNET Blog Network, and is not an employee of CNET. Disclosure.
If it's "legal" to wiretap outside the US, be it under seas or in Iraq, then go nuts. With the way IP networks go, there's no definitive way for anyone at that point in the life of an IP packet (physical point in life) to be able to definitively say whether it will cross the US or not. Therefore, I actually don't think "they" need to be concerned with it, again, as long as what they're doing at that point, and in my world, being relieved of the responsibility to follow each packet to see if it goes US or not.
"Those who would adandon freedom for security, deserve neither"
Many a soldier has given their life so that you might have the precious gift of freedom, don't give it up so easily...
I know I'm devil's advocating a bit here, but I think my points are valid. If I had the choice to be evesdropped on or not, then of course I'll pick not. If I'm evesdropped on, then, I'm personally not worried about it, since I'm squeeky clean.
The way we need to keep our freedoms, and to DEFINE exactly what our freedoms are, is to affect the laws and lawmakers in our country. Protest, write letters, boycott, do whatever you have to do, but do more than just whine.
(No one here is whining, I'm just making a point)
LAND LINES, as in what we would call MaBell in the past, can be recorded with permission of one party of the call (as in you) in 38 states. In the remaining states it either is Both parties must agree, or it is more technical then I have time to explain.
Thats for State law. There is also a Federal Telecommunications Act Law also about recording land lines. CellPhone recording is banned due to needing a scanner to capture the call; thats illegal. Scanners are also not allowed to reach the cell phone area if the unit is "stock". There is nothing in the law that prohibits the owner from modifying their scanner; but it must be "stock" if it is ever resold. (like I said loopholes; but listening to cell calls IS illegal)
The other odd phone that they never passed laws on is the AirPhone (airplanes). 400Mhz band. Nothing prohibiting listening in to/recording those phone calls based on the laws I have seen.
Now VoIP is new, and the laws have not caught up. There is nothing on the books for recording VoIP calls. If your server is based off US soil they (feds) can't touch you even if the laws are updated. Remember, VoIP's are simply data streams. They can be VoIP to VoIP and avoid the telephone network all together. Or you can go VoIP out to land line.
Intercepting VoIP calls would be the same as looking through your emails, or ghosting you to see what sites you go to. My theory is to make sure your provider has offshore servers!
-
by Dalkorian
January 17, 2008 9:11 AM PST
- Mikey boy here is just following bushit doctrine - lie lie lie and lie some more until we've finally turned this country into another evil communist nazi dictatorship. Papers please.
-
Reply to this comment
-
(6 Comments)(No, this has NOTHING WHATSOEVER to do with terrorists! Our fuhrer just wants to wiretap everyone without oversight or warrants so he can keep an eye out for "dissidents" and ship them to Gitmo as "terrorists". Anyone stupid enough to fall for this ploy should be deported to China.)