[IP] more on Wiretapping Technology vs. Wiretapping Laws

To: Ip Ip <ip@xxxxxxxxxxxxxx>
Subject: [IP] more on Wiretapping Technology vs. Wiretapping Laws
From: David Farber <dave@xxxxxxxxxx>
Date: Wed, 10 Aug 2005 16:58:03 -0400
List-help: <http://v2.listbox.com/doc/help_sub?list_name=ip@v2.listbox.com>
List-id: <ip@xxxxxxxxxxxxxx>
List-software: listbox.com v2.0
List-subscribe: <mailto:subscribe-ip@v2.listbox.com>, <http://v2.listbox.com/subscribe/?listname=ip@v2.listbox.com>
List-unsubscribe: <mailto:unsubscribe-ip@v2.listbox.com>, <http://v2.listbox.com/member/unsubscribe/?listname=ip@v2.listbox.com>
References: <200508102021.j7AKLMTx026251@xxxxxxxxxxxxxxxxx>
Reply-to: dave@xxxxxxxxxx

Begin forwarded message:

From: Lauren Weinstein <lauren@xxxxxxxxxx>
Date: August 10, 2005 4:21:21 PM EDT
To: Brad Templeton <btm@xxxxxxxxxxxxxx>
Cc: David Farber <dave@xxxxxxxxxx>, lauren@xxxxxxxxxx
Subject: Re: [IP] Wiretapping Technology vs. Wiretapping Laws

Brad,

My point is that from the aspect of legal taps and wiretapping
interfaces being ordered under CALEA, this is straightforward from
the government side.  If the order says it must be done, and the
service providers do not comply, then they will face the associated
sanctions.  That the service providers will frequently have to go
through a lot of hassle and expense is seemingly not part of that
equation.

As for third party PSTN termination services, they will either do
what is necessary so that the wiretaps will work, or the service
providers will no longer be able to legally use them.  Or perhaps
sanctions will be brought down on the third party termination
services themselves.  One way or another, the PSTN termination
points represent the place where calls can be tapped without
concerns about encrypted Internet VoIP data, which means as more and
more VoIP traffic is encrypted, increasing attention will be
directed at those termination points.

The fact that there are ways to make tapping of PSTN-terminated VoIP
calls more difficult really isn't the issue.  The businesses
that are providing VoIP<->PSTN will either do what the government
says, or they will be stomped on -- hard.

The government will do whatever it feels is necessary to protect
national security as currently defined by the powers-that-be, and if
that means hobbling the Internet in a draconian fashion that's where
we may eventually end up.

Only sane and reasonable policies (and politicians) can actually
improve the situation in the long run.

--Lauren--
Lauren Weinstein
lauren@xxxxxxxx or lauren@xxxxxxxxxx or lauren@xxxxxxxx
Tel: +1 (818) 225-2800
http://www.pfir.org/lauren
Co-Founder, PFIR
  - People For Internet Responsibility - http://www.pfir.org
Co-Founder, EEPI
  - Electronic Entertainment Policy Initiative - http://www.eepi.org
Moderator, PRIVACY Forum - http://www.vortex.com
Member, ACM Committee on Computers and Public Policy
Lauren's Blog: http://lauren.vortex.com
DayThink: http://daythink.vortex.com

 - - -

  1) VoIP call has at least one leg that terminates on the PSTN.
     The Internet portion of the call may or may not be encrypted
     (or strongly encrypted).  Result: Tapping is possible and
     relatively trivial for that call.  The tap can be located at
Much VoIP termination is done by routing the call over IP to a
local termination provider in the LATA or even phone CO of the target
PSTN number. In many cases, these termination providers areindependent
entities.  Larger VoIP companies have individual contracts with these
terminators, more rely on aggregators to have these contracts and
handle the settlements. Some VoIP companies manage their owngateways
to the PSTN through a small number of chokepoints (this gives you more
control over the quality) but almost all of them rely on 3rdparties and
aggregators to terminate the calls overseas.   There are even bidding
markets.

As such it is far from trivial to tap a person's calls to the PSTN
by listening at the interface, except for the companies which do all
their own terminations.   The requirement that it be possible puts
serious burdens on companies designing services.

Indeed, the only practical way to do it is to, for the target, reroute
all their voice streams through centralized switches which can forward
and record them, as is the case described below for IP to IP calls.
Ideally, these termination providers will eventually support end toendencryption, with a DHM key exchange so even this technique will notwork.
Rerouting the call to this switch is going to be visible to the target
in two ways. If they know enough to look at where their voice isbeingsent, they could see that it's going to a router rather than to thecitythey are calling. Worse, however, they will be able to hear this,in thatit will often increase the latency of the call -- the biggestcomplaint
people have about the quality of voip calls.

This also applies to IP to IP calls.
While it is not commonly done this way, I could build a VoIP telcothatterminated to the PSTN and had no central switches or means ofcontrolling
calls.  I would give you software that, given a number, looked up in
a static table downloaded with the software the IP address of thetermination
provider best for that number, and I could give you account codes to
get access to it.  Billing records would come back to the telco in the
end, most probably, but otherwise the telco would have no knowledge of
your calls or any way to interfere or tap them. They would need toplace
a tap at every termination provider you might call.

However, is this distributed architecture of telco now illegal?



-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

Prev by Date: [IP] Editors comment on Gas
Next by Date: [IP] more on Use of gasoline grades
Previous by thread: [IP] more on Wiretapping Technology vs. Wiretapping Laws
Next by thread: [IP] more on Use of gasoline grades
Index(es):
- Date
- Thread