You mean your IP address?
Posted on 04/28/2007 7:30:35 PM PDT by The Watcher
I have posted several times in the past about this topic, this is just an update for you techheads who might be interesetd...oh, and anyone who uses the internet... which is...everyone.
Most people have no idea what CALEA is. It is a law to assist law enforcement's ability to intercept phone calls. It was written and passed and signed into law in 1994 by Congress. It mandated that digital switching equipment technology be required to have certain specific capabilities which would make tapping a person's phone calls, and making the call history easier to get. Congress ante'd up millions to pay the equipment makers and telephone companies to do this.
Fast forward to 2005. The DOJ and FBI are disgruntled because the advances in technology such as VOIP have made intercepting internet based phone calls a pain. In fact, it's nearly impossible. So, true to goverment form, the first resort is to demand that internet services provide a backdoor into ever device, router, etc, and the capability of extracting any traffic they want. That died, and so as a result of much mucking about, there's a new plan. This one is to take CALEA, which applied to phone companies, and apply it to your ISP.
There was one problem: There was no law written by Congress to authorize it. The FCC had consistently called ISP's information services, rather than telecommunications providers. So, under continuing demands from the DOJ and FBI, the FCC buckled, and in a feat of legal and verbal twisting that defies any intelligent mind to comprehend, the FCC has now defined ISP's as BOTH "information services" and "telecommuncations providers", all in one breath, but for different purposes. For purposes of law enforcement, your ISP is a phone company. For purposes of taxation and other mandates, it's an information service.
So, you ask, what's the issue? Well, it's not about wiretapping. Ever since the internet, BBS's, online services, and even computers in general, courts have issued Subpeonas to search or tap or otherwise dig into these things. I recently read that the DOJ has claimed it costs them on average of $60,000 to fully monitor a suspect's internet use, which includes law enforcement officers, technicians, analysts, consultants, and probably a few hackers to decrypt stuff. Oh, and to try to figure out what people are doing with their VOIP phones.
Along with this redefinition of what an ISP is, the FCC has issued new rules for ISP's. That is, they are required to comply with a set of rules designed to make your internet connection easily tappable. Not just easily... They demand that ISP's build, redesign, whatever it takes, to make their networks ready-made, complete with facilities - recording, encryption, transmission and inspection devices - to provide law enforcement whatever they want, pre-packaged and already broken down and transmitted to them in a designated format.
Oh, did I forget to mention, your ISP has to do all this for free? If your ISP ever gets a subpeona, he can charge the man-hours required to operate the intercept, but never for the equipoment and network redesign that may be necessary. Oh, and the ISP can't use redirecting your traffic through some device, since it's NOT ALLOWED to change the traffic path of the subject of LI. Nope, the suspect might question the traceroute change and suspect he's being spied on. Either eveyrone goes through a sniffer, or you use a transparent mechanism.
So, you say, what, exactly, are we talking about? Well, these rules apply to EVERY person, entity, organization, business, group of friends, or even hobbyist who connects EVEN ONE OTHER PERSON to the internet.
Yup. So your neighbor buys a commercial DSL line and connects you and him and the two other people on the block? Yup. He has to build federally mandated facilities, or face $10,000 a day fines for not complying. So he's never heard of CALEA and doesn't have a clue what's required? Doesn't matter. Across the nations, there are thousands of small networks, some are as simple as sharing of an overly pricy DSL line, some are just a few homes out of town which wirelessly bring in faster internet from town, some are whole small towns who have cooperative, or even hobby type networks, that bring broadband to places that aren't served by a telephone company or cable company. There are free community networks designed to foster the use of technology or just make it fun to spend a day in the park and still be able to check your email or do work at the office remotely. All of these are subject to the mandates, too.
So what DO they ahve to do?
1. LI (lawful intercept) is required to be done at whatever point your internet traffic can all be captured. Your cable company's traffic aggregation point or router or PPP or PPPOE server. DSL is required to be done at the DSLAM, or telephone company office.
2. Your specific traffic must be separated from any others. If you have an open access point, then all traffic must be captured and any presumed to be yours will be sent along, presumably, you'll have to prove that someone else broke the law or whatever, through your open access point. some states are trying to make unsecured ap's illegal.
3. All the traffic must be captured, and then analyzed and ONLY that which the subpeona requests must be extracted, reformatted, and then sent to the requesting law enforcement agency using a licensed (you must by a license, very, very expensive, or hire someone who is licensed - hundreds or thousands of dollars a month for such contracts) format. Yes, you must pay in order to format data in the format they request. Imagine that.
4. You must preserve the integrity of the data via a data verification method, and then store the verification data for as many years as Law enforcement requests. Oh, and it must be secure, too. Oh, and you must make sure that nobody can break in and look at the data you have intercepted, nor corrupt it, and if your equipment fails. ohhh, lordy, than $10 grand a day fine again.
5. You must provide 24 hour a day, 7 days a week, 365 days a year contact personell who can implement an "amber alert" type of intercept within 2 hours of request. If it's just a one man operated network, guess what? It's just plain illegal to do - he has to sleep sometime, and perhaps even vacation, or go to work for longer than 2 hours away from the network. Oh, and you have to make the intercept first, in those cases and hope the subpeona comes later, otherwise you did it for nothing.
6. Lastly, you must keep records of all the people you provide service to... their names, addresses, what type of network connection they have, and all relevant information about every intercept you make. You must also keep all of that confidential - and physically secure.
7. You must create and file a plan to gaurantee the privacy of all intercepted information. This plan must withstand the scrutiny of all relevant legal minds and of course, angry customers who hire legal sharks with bones to pick. You better have your own legal shark to defend you.
If you have been wondering why your cable internet has gone up lately, you might find this explanation of why to be relevant. A box to handle the traffic of a few hundred to a few thousand customers, and transparently intercept it is 20 to 100 thousand dollars. And someone has to be paid to be on call 24/7/365 with a maximum of two hours between call and intercept.
These mandates are all officially in place May 14. Thousands of ISP's risk being instantly put out of business should a subpeona arrive, or a friendly neighborhood cooperative network suddenly bankrupt the person who owns the contract for the internet connection, as he's fined $10,000 a day for not being in compliance and at the same time would be in jail in contempt of court if he shuts off the service.
This is what happens when government agencies run amok. The 5th amendment clearly states that if the goverment wants something from you, it MUST pay you. Yet, here it is, demanding that individual citizens, businesses, community networks, free networks, etc, bear the costs of implementing and conducting law enforcement duties... without hope of compensation.
There is an exemption you can apply for where you request financial hardship, and either the DOJ pays for whatever it wants you to do, or it doesn't, and you're relieved of the requirement. The fee to file the request is $5200. Right now, Rep. Bart Stupak of Michigan has formally requested the FCC to exempt smaller providers of these requirements permanently. Please support this. Your ability... maybe not yours, but hundreds of thousands of people's ability to have an internet connection is at stake, not to mention the absolutely unconstitutional mandates on countless thousands of small businesses nationwide that often provide the only services in town, and are at risk of simply going away, rather than face the wrath of the federal goverment.
So, are you trying to say that my neighbor who subscribes to a local wireless-provided high-speed internet service, and shares that same connection with me 300 feet or so away, again wirelessly (we share the cost - the provider knows this), my neighbor who has the receiver and the router would then be required to comply with what you posted?
Somehow, I just don’t see how that could apply or be enforced.
And the “bad guys” can simply connect through a satellite service sponsored by a foreign country.
I’m the CEO of a small VoIP company that has just expanded into wireless broadband.
We are fully CALEA compliant for our VoIP services and expect to be compliant for our broadband services shortly. Since we have a 24/7 NOC center, proper LEO requests can be complied with quickly. This is a major cost for our company and due to the competitive environment we absorb the cost out of profitability rather than pass through to the customer.
IMHO, the FCC is out of control on this and many other issues.
My ability to get high speed internet is already at risk.
I live in the country and can only get it with a satellite dish.
My brain is melting.
its over my head I just freak when I see on google an ISP # is there!
I wonder what that mean? is it something private open for
the public to access?
Bin Laden denied 911 involvement, Al Jazeera video now shows otherwisePosted on 09/08/2006 7:33:49 AM PDT by sevenbak ... To: se*****. He’s a Muslim so lying IS okay to advance the “religion” in its goal to sugjugate the ...
209.157.64.201/focus/f-news/1697800/posts - 36k - Cached - Similar pages
You noticed this number that looks like an ISP# 209.157.64.201
CALEA Communications Assistance for Law Enforcement Act
http://www.askcalea.net/
Details Reveal the Devil in CALEASolera appliance streams all data to disk, for tapping into later.
http://www.voip-news.com/feature/solera-calea-voip-packet-capture-
http://www.voip-news.com/feature/solera-calea-voip-packet-capture-031907/
There is no escape from the self-righteous.
It’ll be enforced if they come looking for you. There will be thousands of non-compliant networks, and some of them will be new / small / informal ISP’s who simply can’t even dream of doing this.
You mean your IP address?
The IP number only says reveals where the web http request came from. it could be a proxy, a custeomer’s own computer, a firewall, or even an infected machine taken over by someone else.
I run a small wireless ISP, and I have NO NOC of any kind. I outsource my web and mail services, and I don’t even have an office. I carry my information around on this laptop I post from and my cell phone is my business number.
We have about 80-90 customers (haven’t asked bookkeeping for the exact number lately), and no debt, but we put our network up 2 years and 9 months ago, and I have yet to collect a paycheck. This is purely a bootstrap business, where we use sales and a lot of annual subscriptions (quite discounted) to provide cash flow to pay bills and fund CPE. No way can I pay for a TTP, or even to hire an answering service 24/7. I have yet to file any of the CALEA paperwork, because I am absolutely at a loss as to what to say. This is my dream of 8 years, and we’re finally making headway and see light at the end of the long dark startup tunnel of a bazillion hours of free labor and self education.
My equipment is purely RF. Nowhere except at my bandwith provider’s is there any point where my traffic hits any physical medium. Even the AP’s and backhauls are totally integrated devices, using a closed linux based OS.
To sum it up, without totally re-thinking and physically re-building my network, I have no mechanism by which to comply with CALEA. I cannot tap the access points, backhauls, OR the CPE. None of it has intercept or mirroring, or any other capability.
I have 5 years of actual work (twho years of college and then network deployment and so on) into this. If you think I will abandon this without a fight, you’re sadly mistaken.
Stalin would've been proud...
WISP’s, or Wireless Internet Providers, are the only likely source for good internet service for you then. There are thousands of them spread around the country. One may even service your area and you don’t know it.
I can help you try to find someone if you like.
The biggest problem, is that the Solera “solution” is no different financially from buying a new truck.
Big Brother is watching you.
America, Land of the Free.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.