Happy Big Brother Day

by on May 14, 2007 · 2 comments

Bob Hagen from Global Crossing reminds us that as of today, the ISPs are legally required to help the government spy on you, although (so far) only with a court order:

On March 10th, 2004, the Department of Justice, the Federal Bureau of Investigations, and the Drug Enforcement Agency submitted a petition to expand the scope of CALEA to include communications that traverse the Internet (again, at the carriers’ expense). The proposed changes to CALEA were approved in August 2005.

To those law abiding citizens that view this as an Orwellian infringement of their civil liberties, there are tools available that you can use to preserve your privacy and anonymity on the Internet. Since CALEA only addresses the interception of data, it does preclude the use of encryption to transform that data into gibberish. Here are some free tools that utilize strong encryption and are devoid of hierarchical trust models such as PKI:

  • GnuPG – An open source adaptation of Phil Zimmermann’s Pretty Good Privacy (PGP) tool. Perfect for encrypted and/or digitally signed email messages and files.
  • ZFone – A software client used in conjunction with SIP softphones to encrypt multimedia content between VoIP callers. The underlying cryptographic protocol, ZRTP, is currently an IETF draft.
  • TOR – The Onion Router is not a tool per se, but rather a network of routers using virtual tunnels and layered encryption to obfuscate the source of Internet traffic. This provides a very effective anonymizing capability.
  • TrueCrypt – Free open-source disk encryption software for Windows and Linux. This tool allows you to encrypt a disk partition, a mountable virtual disk, USB thumb drives, or even hidden disk partitions.

Each of these tools utilizes strong, open cryptographic algorithms and protocols that have been subjected to rigorous academic and government review. For those outside of the US, you should consult your local laws, as the use of strong cryptography may be prohibited. At the time of this writing, the use of such technologies in the US is not restricted.

I have to admit that while I’m a strong supporter of crypto in the abstract, I don’t really use crypto in my day-to-day life. These tools are certainly easier to use than they were a decade ago, but they still require a non-trivial amount of effort to set up and use. And obviously, you can’t use them unless both ends of the communication have done so, so for day-to-day emailing purposes, using them is impractical.

SHARE: 2 comments

Tim Lee / Timothy B. Lee (Contributor, 2004-2009) is an adjunct scholar at the Cato Institute. He is currently a PhD student and a member of the Center for Information Technology Policy at Princeton University. He contributes regularly to a variety of online publications, including Ars Technica, Techdirt, Cato @ Liberty, and The Angry Blog. He has been a Mac bigot since 1984, a Unix, vi, and Perl bigot since 1998, and a sworn enemy of HTML-formatted email for as long as certain companies have thought that was a good idea. You can reach him by email at leex1008@umn.edu.

Comments on this entry are closed.

Previous post:

Next post: