1 Telephone versus Internet Wiretaps A Technical and Legal Perspective Steven M. Bellovin AT&T Labs – Research

Slides:

Advertisements

Similar presentations

Key New Surveillance Provisions Professor Peter P. Swire Ohio State University Privacy 2001 Conference October 4, 2001.

Advertisements

Paul Ohm Associate Professor, CU Law Initiative Director, Silicon Flatirons December 4, 2009.

COS 461 Fall 1997 Networks and Protocols u networks and protocols –definitions –motivation –history u protocol hierarchy –reasons for layering –quick tour.

Packet Switching Vs Circuit Switching Packet-switched and circuit-switched networks use two different technologies for sending messages and data from one.

The Patriot Act And computing. /criminal/cybercrime/PatriotAct.htm US Department of Justice.

Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication.

Responding to Cybercrime in the Post-9/11 World Scott Eltringham Computer Crime and Intellectual Property Section U.S. Department of Justice (202)

How do Networks work – Really The purposes of set of slides is to show networks really work. Most people (including technical people) don’t know Many people.

Introduction to Networking & Telecommunications School of Business Eastern Illinois University © Abdou Illia, Spring 2007 (Week 1, Tuesday 1/9/2007)

1-1 Introduction to Computer Networks and Data Communications.

CS-3013 & CS-502, Summer 2006 Network Input & Output1 CS-3013 & CS-502, Summer 2006.

Scott Hoffpauir BroadSoft, Inc. Vice President, Engineering OPENSIG October 15, 1999 The Enhanced Services Layer in a Distributed Packet Network.

What’s the Internet: “nuts and bolts” view

Introduction to Networking & Telecommunications School of Business Eastern Illinois University © Abdou Illia, Spring 2015 (January 14, 2015)

Inside of a computer… What happens when you turn your computer on? What loads? Where are applications stored? How are do they run? In what form is information.

Lecture slides prepared for “Business Data Communications”, 7/e, by William Stallings and Tom Case, Chapter 8 “TCP/IP”.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

* The Internet’s genesis - Defense Department project to create a network that could survive a nuclear conflict * The first users - Government agencies.

1: Introduction1 Part I: Introduction Goal: r get context, overview, “feel” of networking r more depth, detail later in course r approach: m descriptive.

CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.

Teaching and Learning with Technology  Allyn and Bacon 2002 Networks and the Internet Chapter 7 Technology in Teaching and Learning.

Network Components 101 Travis Hill.

CMPTR Chapter 5.

Chapter 5 Networks Communicating and Sharing Resources

Chapter 4 Computer Networks – Part 1

CS448 Computer Networking Chapter 1 Introduction to Computer Networks Instructor: Li Ma Office: NBC 126 Phone: (713)

Lecture 2 TCP/IP Protocol Suite Reference: TCP/IP Protocol Suite, 4 th Edition (chapter 2) 1.

Chapter 4. After completion of this chapter, you should be able to: Explain “what is the Internet? And how we connect to the Internet using an ISP. Explain.

McGraw-Hill/Irwin © 2008 The McGraw-Hill Companies, All Rights Reserved Business Plug-In B5 Networks and Telecommunications.

1 NGN Issues - Numbering and Addressing Peter Darling ACIF NGN FOG No. 3.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Network Services Networking for Home and Small Businesses – Chapter.

Computers Are Your Future Tenth Edition Chapter 8: Networks: Communicating & Sharing Resources Copyright © 2009 Pearson Education, Inc. Publishing as Prentice.

1.1 What is the Internet What is the Internet? The Internet is a shared media (coaxial cable, copper wire, fiber optics, and radio spectrum) communication.

National Institute of Science & Technology Voice Over Digital Subscriber Line (VoDSL) Vinay TibrewalEE [1] VoDSL: Next Generation Voice Solution.

Networks – Network Architecture Network architecture is specification of design principles (including data formats and procedures) for creating a network.

Network Layer4-1 Chapter 4: Network Layer Chapter goals: r understand principles behind network layer services: m network layer service models m forwarding.

1 CALEA and VoIP: The Internet is not the PSTN Steven M. Bellovin

Basic Concepts and Principles Chapter 1 Copyright 2001 Panko.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Network Services Networking for Home and Small Businesses – Chapter 6.

Created by, Nancy Harris, James Madison University, VA FLUENCY WITH INFORMATION TECNOLOGY Skills, Concepts, and Capabilities.

Firewalls Nathan Long Computer Science 481. What is a firewall? A firewall is a system or group of systems that enforces an access control policy between.

15-1 Networking Computer network A collection of computing devices that are connected in various ways in order to communicate and share resources.

ECEN “Internet Protocols and Modeling”, Spring 2012 Slide 2.

Communication, Networks, The internet and the Worldwide Web.

Ch 1. Computer Networks and the Internet Myungchul Kim

Chapter 15 – Part 2 Networks The Internal Operating System The Architecture of Computer Hardware and Systems Software: An Information Technology Approach.

Teaching and Learning with Technology ck to edit Master title style  Allyn and Bacon 2002 Teaching and Learning with Technology k to edit Master title.

Teaching and Learning with Technology Chapter 7 Networks and the Internet by La Tisha Jenkins.

1 The Broader Picture Laws Governing Hacking and Other Computer Crimes Consumer Privacy Employee Workplace Monitoring Government Surveillance Cyberwar.

October 10, 2007 Fenwick & West Conference Center EFF 2007 Bootcamp 2.0 Best Practices for OSPs: Law Enforcement Information Requests Kurt Opsahl, Senior.

John Morris 1 Hot Topic - IP Services Wiretapping the Internet EDUCAUSE Policy Conference May 20, 2004 John Morris, Center for Democracy and Technology.

May 11, 2009 Golden Gate University EFF 2009 Bootcamp 2.0 Best Practices for OSPs: Law Enforcement Information Requests Kurt Opsahl, Senior Staff Attorney.

NETWORKING FUNDAMENTALS. Network+ Guide to Networks, 4e2.

TCP/IP Model & How it Relates to Browsing the Internet Anonymously BY: HELEN LIN.

Chapter 19 - Congressional Authority for National Security Surveillance Part I.

Networks. Local area network (LAN( Wide-area network (WAN( Networks Topology.

NETWORK DEVICES Department of CE/IT.

Internet Flow By: Terry Hernandez. Getting from the customers computer onto the internet Internet Browser

The Internet Technological Background. Topic Objectives At the end of this topic, you should be able to do the following: Able to define the Internet.

By: Chasity, Jamon, Clifton.  Computer networks have lots of pathways that send information back and forth.  Networks can even send the information.

Computer Networks.  Which is the best definition of a circuit switched network?  An electric circuit where the connections get switched based on who.

Switching By, B. R. Chandavarkar, CSE Dept., NITK, Surathkal Ref: B. A. Forouzan, 5 th Edition.

Internet Basics. The Internet: Then and Now The Internet was created by the Advanced Research Projects Agency (ARPA) and the U.S. Department of Defense.

Networking for Home and Small Businesses – Chapter 6

Networking for Home and Small Businesses – Chapter 6

Steven M. Bellovin, Jason Healey, Matt Waxman Fall 2017

Computer Networking A computer network, often simply referred to as a network, is a collection of computers and devices connected by communications channels.

Computer Networking A computer network, often simply referred to as a network, is a collection of computers and devices connected by communications channels.

Networking for Home and Small Businesses – Chapter 6

Presentation transcript:

1 Telephone versus Internet Wiretaps A Technical and Legal Perspective Steven M. Bellovin AT&T Labs – Research

2 Legal Basis for Wiretaps Katz v. United States, 389 U.S. 347 (1967) Smith v. Maryland, 442 U.S. 735 (1979) 18 USC 2510 et seq. (“Title III”, as amended by the ECPA) –Complex procedure, many restrictions; a lot of justification is needed. 18 USC 3121 et seq. (pen registers and trap-and- trace devices) –Orders are easy to obtain; simple, unchecked assertion of relevance is all that’s needed. 50 USC 1800 (FISA)

3 Legal Principles Wiretaps are “searches” within the meaning of the 4 th Amendment (Katz). –Telephone users have a legitimate expectation of privacy. But dialed digits are not protected (Smith). –They are voluntarily “given” to the phone company. –People know that the phone company can and does record them, i.e., for billing. FISA: generally restricted to non-“U.S. persons”.

4 Telephony in 1967 No enhanced services. –Touchtone phones barely existed! Anything dialed was a phone number. Most calls had exactly two parties. –Enhanced calls required manual assistance. No ambiguity about who was involved in the call. –Easy to tell where to serve warrants, as well. Mostly analog transmission technology, with in- band signaling, and (often) on dedicated wires.

5 Circuit-Switching Data path allocated at call setup time. Dedicated facilities (wire pairs, time slice interval, etc.) used only for that call. Any point along the path receives both directions of the entire call. But – no signaling information in the datapath after call setup.

6 Consequences Little ambiguity about who was being tapped. –Shared phones, party lines, pay phones, and Centrex did exist. All dialed digits intended for CO. Trap-and-trace was slow, painful, manual, and unreliable.

7 Telephones Today Digital transmission, many shared facilities, out- of-band signaling. Many services rely on post-dial signaling: prepaid phone cards, voice mail, conference services, information services, voice menus, etc. Some enhanced services don’t involve third-party gear (i.e., home answering machines).

8 Consequences Varied formats and signaling schemes led to CALEA. –Much debate about feasibility and meaning of some “punch list” requirements. Ambiguity about meaning of post-dial signals – on whom should warrants be served? –What type of court order is needed to listen to an answering machine’s PIN?

9 Tapping the Internet Packet-based. International. –No strong notion of real-world geography. Strongly layered architecture. –Fields at different layers may be intended for different parties. –One layer’s content is another layer’s signaling. Strictly in-band signaling. Ubiquitous shared facilities. Intelligence at the edges, not the middle.

10 Packet-Switching Messages broken up into individual packets. Each packet has source and destination address. –Source address may be forged with little effort. Packets are routed individually via shared media. –Different packets can take different paths, though they usually don’t over reasonably short time scales. –Return packets often take a different path through the backbone.

11 Consequences Easy to miss a few packets. –If address assignment packets are missed, subsequent collection is jeopardized. –Meaning of some packets is context-dependent. –Eavesdropper may have different view than communicants do. Unclear what packets are intended for whom, and hence what (legitimate) expectations of privacy there are. International nature makes matters murkier.

12 Scenarios Recipient Sender Sender’s ISP Recipient’s ISP

13 Who Receives What? Network-layer Path: –No expectation of privacy –May or may not be end-to-end for the underlying communication. To: and From: information: –Appears twice – in mail “envelope” protocol and mail header (the two can and do differ). –May or may not be end-to-end. –If not end-to-end, what if one ISP is in another country, with stronger privacy guarantees?

14 Web Scenarios Web Server Browser ISP Proxy

15 Who Receives What? User sees connection as end-to-end. –Probably expects privacy. Browser may be configured to use ISP’s proxy server. –Most users know nothing of this. –Never any per-URL billing. –Users probably see this as equivalent to end-to-end case. ISPs sometimes use “transparent proxies” –Violates knowledgeable users’ expectations.

16 Intelligence at the Edges In the telephone world, most intelligence is in the network. –But that’s slowly changing, with things like remote- control answering machines, etc. In the Internet, virtually all intelligence is on the end systems. –Any user can create a new service, without help from (or knowledge of) the ISPs. Hard to tap if you don’t know what it is, or what rational privacy expectations are.

17 What Do You Learn from Taps? Much interesting information is not end-to-end. –End-user IP addresses are generally transient. Higher-level information from log files can be more useful. This may change if and when peer-to-peer protocols become common. –But the bad guys will then have to solve the rendezvous problem, which provides another monitoring point. What kind of court orders are needed? Is the end-user a “U.S. person”? How do you know?

18 Conclusions The telephony wiretap model does not fit the Internet very well. –It’s fitting the telephone world less and less well, too. Much of the difficulty stems from the (possible) end-to-end nature of the Internet. Low-burden court orders for pen register analogs may not be constitutional. But full-content wiretap orders are overkill. I suggest that the standard for non-content Internet taps be similar to that for search warrants.