Update: So, here is the PR release. Obviously we’ll still have to wait for the draft Bill to flesh out some of the things mentioned here.
In a nutshell:
no warrant required for subscriber information and the ISP is required to provide “timely access” to anyone’s personal information (name, address, telephone number and Internet Protocol (IP) address, e-mail address, service provider identification and certain cell phone identifiers) by a select (but undefined) group of people only,
warrant required for surveillance,
Provider > 100,000 must have a “intercept capability in certain new equipment and software” and the providers have their choice of technology,
Provider < 100,000 have three years,
banks, private networks, and charities are excluded,
Assuming this is how the draft shakes out, I'm not nearly as against this one compared to the travesty the Liberals tried to foist on us in 2005. A couple of questions though that better be addressed by the Bill. 1) Define "technological solution" because that's vague. i.e a port on a switch to plug in a wireshark server?, actually have wireshark set up and running? set up a big pipe to forward every packet to the gov’t? 2) Does this require the service providers to maintain retroactive information or is it from point of presentation of the warrant?
One thing cracks me up though, Criminals and terrorists are aware of interception “safe havens” and exploit them to continue their criminal activities undetected. Yeah, criminals know where the supposed safe havens are but they don’t know about the encrypted alternatives HTTPS, IMAPS and POPS, gnupg, or steganography.
Original post below the fold.
Cheers,
lance
Flash back to 2005.
Flash forward to Thursday.
Remember wayyyyy back in November? The policy convention? I don’t remember anyone talking about Internet taps. I have found this (PDF, 53 pp.) though:
93. Organized Crime
The Conservative Party recognizes that organized crime is growing throughout Canada, that international criminal organizations are more and more active in Canada in money laundering and illicit drug trafficking and, finally, that this phenomenon crosses boundaries.
i) To fight against this curse and ensure the safety of Canadians in their communities, we encourage the government to:
a) adopt, in collaboration with the provinces, a national strategy on the fight against organized crime, including the creation of a joint national task force on security;
b) increase the financial resources allocated to the RCMP to help them to fight against those activities in all regions of the country;
c) propose an amendment to the Criminal Code to reverse the burden of proof, so that members of a criminal organization (and not the Crown) will have to prove at the time of seizure that the goods were not acquired through criminal acts committed for organized crime. Specific criteria will govern this measure to respect the principle of the presumption of innocence of the accused; and
d) strengthen the legislation to prosecute any person who knowingly engages in counterfeit activities by manufacturing, reproducing, and distributing, importing, or selling counterfeit goods.
Or is it only bad when Liberals propose it?
Bad guys make mistakes. If I physically tail 1 guy, and I can tail him in Cyberland when he gets his wireless from Starbucks, and I can see which account at what file server he is accessing. The cyber stakeout starts at that server (I also have the ips that accessed that account). Skype? then I have 2 accounts to monitor. etc. etc.
Don’t really need to get to the bit level.
Neither can the police, Gord. In fact, they don’t
even know where to look or listen for what I’m
saying, that is, when I don’t want them to.
Vit, 1 question, what is $data?
The transfer bit-stream you’re trying to key-
wise inject or exject the message bits to/from.
Thanks. That helps. I’d originally thought /dev/kbd or some such with the 64 bit stepping. Thus the encyption WAG.
I assume you’re either man in the middle or similar with this?
BTW, that’s some funky math in there, obfuscate much?
I’m doing a step by step. Twixt all the ords/maps/>>/& you realize you’re a bastard, right?
Let me know, anytime, Lance, and I’ll send to you via your CatPrint email account the whole Tk GUI package, which includes documentation, but I don’t want to do so at least as long as you are enjoying trying to figure it out, now that I’ve given you a handfull of clues 😉
Sorry, I should have said, a handfull of
clues including my comment to Gord 😉
Ural said “If I physically tail 1 guy, and I can tail him in Cyberland when he gets his wireless from Starbucks, and I can see which account at what file server he is accessing.”
That would work as long as you are physically tailing someone. If you’re trying to actually find someone it would be a different story. You wouldn’t have a starting point. Maybe Skype wasn’t the best example for me to use but the point I was trying to make was that these guys can actually work in a cloud where there is no Server tied down anywhere physically but they have multiple computers and no one actually has an Internet account. Then they utilize something like DropBox,Skype or Himachi (gotten through phony email addresses) to connect with one another. The computers the police are trying to find is constantly changing providers but to the people connecting to there is no change.
Now if the Police caught just one of the bad guys they would have a toe hold on the entire operation. But with telescopic antennas available the Police would no doubt be raiding the homes of people who had a wireless network that was compromised.
I have no doubt though that the computer forensic people are much smarter than me and have a lot of tricks I don’t know about.