[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [declan@well.com: [Politech] E.U. Parliament votes to force "data retention" on telecom, Net firms [priv]]



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thursday 15 December 2005 02:49 am, David Benfell wrote:
> On Thu, 15 Dec 2005 01:20:19 -0500, Jeffrey F. Bloss wrote:
>
> > With this new logging in place XYZ might be able to force law enforcement
> > to perform a simple query of the data to discover exactly who is posting
> > the information. It's a simple (?) matter of searching for connection
> > times to the blog, and comparing them to times that "Joe" makes
> > connections to a Tor node. If Joe builds a new circuit at 2PM and the
> > blog is updated at 2:00:01 PM, and this relationship can be demonstrated
> > for some period of time, it's pretty clear that it won't take 6 months of
> > data to prove beyond any reasonable doubt Joe is the blog owner.
>
> Suppose the blog is hosted outside Europe, and the blog software
> introduces a random delay before actually posting Joe's entry?

Sure, anything that removes influence or power from an "attacker" is a 
generally good thing, but...

Jurisdictional borders aren't the panacea they use to be, if they ever really 
were. Treaties and agreements between nations can make collecting information 
from foreign sources a matter of an attorney filing the proper form in 
triplicate. In some number of places that depends completely on specific laws 
governing each jurisdiction, this is even an advantage for some attackers 
because getting around local laws and/or security is more difficult than 
simply asking a foreign official to collect the information for you.

There's a depressingly increasing number of jurisdictions where some appointed 
official can walk through the door and confiscate, log, back door, etc any 
system on nothing more than a whim. It's theorized that this is why things 
like ECHELON were deployed outside US borders... to circumvent requirements 
like showing cause and obtaining warrants.

This isn't to say that there's no jurisdictions that might make you safer, 
just that they're few, far between, and not near as safe as they once were. 
In fact, I don't believe mandatory logging is anything new even within EU 
Member Nations. I believe for some of them this is a step backwards if 
they're somehow restricted to the 6/12 month and "connection only" logging 
dictated by this new policy. The *real* threat is in the organization and 
broad scope of the thing. It will effectively transform all of Europe and 
then some, into one big surveillance tool. :(

Anyway, the latency thing probably wouldn't make much difference at all 
either. It might fool a casual observer who is assessing the published 
content, but with these sweeping logging requirements there's no need to wait 
for the page to change when you hit the [refresh] button. ;-) The blog owner 
logging in to make the changes is what's being automagically logged, or what 
can be "force" logged from outside a jurisdiction. And half the puzzle is 
already relatively trivial to solve due to the forced connection logging. You 
have to assume that an attacker will absolutely know either the origin, or 
the destination of every packet, and have the ability to do what they will 
with that data.

It's also important to note that blogging was just an out-of-thin-air example, 
and other types of communications can't be subject to any similar sort of 
latency.

That's my semi-literate layperson's take on things. This EU logging policy is 
a problem of great concern as I see it. In theory at least, it could make Tor 
and any other similar distributed "anonymous" network completely and utterly 
useless for serious users in that jurisdiction, and far less secure for 
people who cross those jurisdictional lines in either direction.

- -- 
Hand crafted on December 15, 2005 at 12:09:56 -0500

Outside of a dog, a book is a man's best friend.
Inside of a dog, it's too dark to read.
                                  -Groucho Marx
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDoa80RHqalLqKnCkRAmBfAJ40LDCQWPe7+Qn/BiTDXnPpTQBNGQCdHXvo
o11JZbb9ft0AuBvclLnNW9I=
=0Oh3
-----END PGP SIGNATURE-----