Will DHS Border Search Logic Be Used To Allow Gov't Screening Of All Internet Traffic?
from the bad-potential-precedent dept
We’ve already explained how ridiculous it is for DHS to say that border patrol agents need to search laptops to prevent dangerous information from getting into the country. Obviously, if that was the intent of the individual, they’d just send the info electronically and not have to deal with any customs agents. Slashdot points us to a blog post by Steven M. Bellovin where he takes that same thought and flips it on its head, noting that, based on the DHS’s statements, DHS may believe that it also has the right to scan any data entering or leaving the country. On top of that, he points out that this could potentially mean that if you encrypt that data you send over a border (say, via a VPN), you could potentially be violating laws that bans “hiding” goods that you send over the border. While the courts have not at all ruled in this way, you could pretty easily see the government making this sort of case.
Filed Under: border searches, customs, data transfer, laptops
Comments on “Will DHS Border Search Logic Be Used To Allow Gov't Screening Of All Internet Traffic?”
You are assuming that DHS or another federal agency isn’t already doing this. and the big telecoms would be more than willing to bend over forward to let the Feds have their way.
Re: Re:
Already doing what? Surely you don’t mean decrypting your VPN traffic, because nobody claimed that, and besides it is impossible and preposterous.
Oh, man. There are still naive people out there
“impossible and preposterous” ???
As long as we have an Orwellian administration that will will not hesitate to burn down our civil rights village to save it, nothing is impossible and one thing that is most preposterous of all is that there are those who refuse to see that.
The Presidential initiative that is violating our law is grounds for impeachment. Impeach Him Now.
Re: Oh, man. There are still naive people out there
I totally agree with the impeachment statement; unfortunately, he’s already done the Country major damage! Freedom, what is that anymore? The enemy is becoming our own working government more than ever (just like the Roman Empire). Wake up America!
Re: Oh, man. There are still naive people out there
Seems you may be the one that is naive, or maybe just uninformed.
Someone’s already covered why it’s impossible. The preposterous part has to do with suggesting it was possible in the first place.
To reiterate, any decent encryptioni algorithim/schema is impossible to crack. And to those suggesting a “back door” in — there is no requirement to build in back doors for encryption. There will always be an option available to you if one or more of them become compromised in this way. Further, it’s counter-productive to build a back door into the encryption used by the government — if a back door exists, anyone can use it once it’s found.
Re: Re: Oh, man. There are still naive people out there
The claim is that using encryption in such a way could become illegal. From the article:
If you believe that such prosecution could never be possible then you are indeed naive.
Re: Oh, man. There are still naive people out there
“Orwellian administration”
So I guess that means Bush will not be stepping down in January, right? Your civil rights village? How about telling us how you have been affected by this? You and the rest of the morons that are apt to sling your slogans around with absolutely no idea of what the history of the country is, or the state of the “civil rights” you think have been trampled should just learn what the articles of impeachment consist of. What would be nice would be not needing to clean up after a lollipop and tsk tsk Dem. Presidency. Carter and Clinton. And the Dems wonder why it’s so difficult to get the party the big chair.
Re: Re: Oh, man. There are still naive people out there
Well, to you dear sir or ma’am, I can only say:
currently at least, you have the administration you obviously wished for, the administration you probably voted for, in short, you have the administration you deserve. Congratulations!
Re: Re: Oh, man. There are still naive people out there
Ah, yet another neo-con who becomes childish, and resorts to name calling. Please, since you’re such a genius, explain to us the history of this country, and explain to us our civil rights (there’s no quotes around those words here, because to us they actually have meaning), and then tell us about the Articles of Impeachment. Please, we’d like you to share your genius with us.
Fucktard.
Re: Oh, man. There are still naive people out there
The Presidential initiative that is violating our law is grounds for impeachment. Impeach Him Now.
He’s just one man and without all his supporters he wouldn’t have been able to do what he has. And after he’s gone his supporters will just find someone else to fill his role. It’s his supporters that really need to be dealt with.
Re: Re: Oh, man. There are still naive people out there
“It’s his supporters that really need to be dealt with”
Couldn’t agree more but in cases like this I feel it’s best you go at it like a logger – lop off the branches at the top first
Its a damn sight harder to hide behind the president and whatever retrospective immunity he’ll allow for you if he’s not there to support you in the first place
Impeachment isn’t the end-game, it’s the first move…
Uhhh what?
#3 seems a little confused. Decrypting any reasonable-strength cryptography today is for all practical purposes ‘mathematically impossible.’ No doubt Bush would very much like to intercept encrypted communications, but he can’t. He could pass a law making the use of strong encryption illegal (again?) but he can’t simply ignore mathematical reality, or pass a law that changes it.
Re: Uhhh what?
So what happens when the DHS get access to the same sort of backdoors to VPN encryption the NSA already get for various systems?
Does that do anything to the maths?
I realise that the very idea the US Governmment would do this is as preposterous as the idea that they would set up secret detention centres, kidnap people illegally from around the world transporting them via secret flights to be tortured in a hidden base, but y’know – could happen ;0)
Just cos your paranoid doesn’t mean they aren’t out to get you
Re: Uhhh what?
#4;
There is one small flaw in your statement. Using encryption to transfer data across the border is also currently illegal. And if that level of encryption is above a certain point it could also be considered treason.
I might be wrong about this but an international company I used to work for was VERY adamant against using PGP or any other form of encryption for communications with our branches outside of the US. Their concerns were always based in the legalities of sending/receiving encrypted data over seas
Re: Re: Uhhh what?
You’re probably confused. Once upon a time many years ago strong encryption was classified as a military munition by the US government and exporting products containing it required government permission. Using it however was always legal.
Re: Re: Uhhh what?
Its not illegal to encrypt, it illegal to transfer encryption technology over the border.
Re: Uhhh what?
Not impossible unless you say “Decrypting any reasonable-strength cryptography today” in a useful time frame ” is for all practical purposes” impossible.
Any encryption can be brute forced, given enough cycles.
Real-time? highly unlikely.
In time for November elections? unlikely.
Within a couple of years? possible.
Within a decade? very possible.
In our lifetime? almost certainly.
Of course, brute forcing a decent volume VPN stream would just work for that one session and would require a dedicated machine to do in even in a non-useful time frame.
Re: Re: Uhhh what?
the thing a lot of people are forgetting is that there is a pattern and communication to the encryption. if someoen has the full conversation there are two possibilities that will make it very easy to crack the encryption.
the first is if the encryption used has to send the key to the other party, if you capture that you can decode the whole message.
the second and much more likely method is that each packet has a pattern because it was encrypted with the same formula. this means the more packets you get the easier it is to figure out the key. why do you think all forms of wireless encryption is so easy to crack? because when you have a few hundred thousand packets (that’s on the low end) that are all encrypted with the same technique it is easy to find a pattern.
Re: Re: Uhhh what?
It is possible to break (almost) any strength encryption between now and November. The trick is finding a machine powerful enough to do so. I’m willing to bet that any of the top super computers could crack most encryptions on software designed to work on that machine.
Re: Re: Re: Uhhh what?
“Almost” sure leaves a lot of wiggle room, doesn’t it? Ditto for “most”. Weasel words.
No, it was Al Gore who wanted the backdoor
No, it was Al Gore who wanted the backdoor decryption for police using the “Clipper Chip” technology and “Key Escrow”.
I am still amazed that Al Gore thought it was acceptable for regular citizens to hand over their keys to government officials for safe keeping. I do not trust them with money, I certainly do not trust them with my keys.
And for all of the Bush bashing, keep in mind that you are still safe in the US.
But…
The avalanche may have already started,
If so then it is too late for the pebbles to vote.
Re: No, it was Al Gore who wanted the backdoor
“And for all of the Bush bashing, keep in mind that you are still safe in the US.”
Heh. Sorry to politicise this thread, but you’re no safer than you were before 9/11 and you’ve given up large chunks of your rights just for that. Bush gets bashed because he’s the one who took those freedoms from you for false reasons, and is making many more enemies abroad while losing whatever respect allies used to have for you.
Re: No, it was Al Gore who wanted the backdoor
And I also remember Bill Clinton being a big supporter of the idea. One of the things they wanted to do though was to make banks exempt from the key escrow requirements. When asked why he thought banks should be exempted, Bill Clinton replied “Because bankers are good citizens”. I’ll never forget that one.
The american voters no longer hold any sway over their elected official, as long as we’re forced to choose between a $h!t sandwich and a turd burger we’re going to end up with crap in the white house. Wake up, people should not fear their government, a government should fear it’s people! I say don’t vote! do you really want to show them how dissatified you are with the way they are running things then don’t show up at the poles refuse to show your support for anything to do with authoritarian system. We have the power let’s take our country back!
yes.
OPs tense is all wrong . . .
Come on, we all know DHS already does this if they want too.
VPN decryption is off topic
I think the question of VPN decryption is off topic. The questions are:
1)Is the government intercepting internet traffic entering and exiting the country?
Certainly, to some extent at least. You have to know that traffic is at least arbitrarily spot checked under this government. So don’t email your European mistress, or lawyer….
2)Will you someday be prosecuted (it may be illegal already, I don’t know)for sending encrypted traffic over the boarder?
I would not be surprised in the least. I would not be surprised to hear mandatory body cavity searches proposed. Nothing they do surprises me anymore. Outraged, yes, surprised, no.
DHS is doing the right thing and the USA is safer post 9/11.
For everyone who wants to bash Bush or DHS, you have no clue what you are talking about. I am on the frontline, everyday, protecting this country. The ability to search all electronic devices for data is very important. It allows us to find child pornographers, industry secrets that have been stolen, economic damaging data, as well as possible terrorist related plans and YES we have seized all of those types of data. Please understand, this is not a law that President Bush created. This is a law that SCOTUS upheld. We have had this right since the beginning of Customs. It is called a border search and anything entering this country and at an established port of entry can be searched, period. You have limited rights at a port of entry. It has been this way since the early 1900’s. As for not being safer since post 9/11, I clearly beg to differ. Manpower for the Border Patrol, Customs, Coast Guard, and other agencies has more than doubled. That means at least twice as many people are patrolling our borders. Additionally, more infrastructure is available: fencing, cameras, electronic detection devices, etc. I have seen substantial growth in this area. Having been in the service prior to 9/11 and post, I can 100% tell you we are safer. I remember when we would come to work and not have trucks because they were broken down. Now we have the pick of the lot.
Finally, for most of those here complaining and stating that things are no different or that you know how to enforce border strategy without impeding peoples liberties, I ask you to come to the border and demonstrate it. When you are here, it is much much more difficult to accomplish the mission than you think. Please give credit to all of the men and women of DHS, my agency CBP, and all of the others for the work we tirelessly do day in and day out without appreciation of our fellow citizens. I work to protect you and your family so that you may never have to experience another 9/11 in all of your life and your children’s children’s lif.
Re: DHS is doing the right thing and the USA is safer post 9/11.
Ah, and you expect us to jump up and salute you, after you claim that we’re all clueless? Go fuck yourself.
Searching laptops at the border will do NOTHING to protect this country, except from people who are too stupid to send their child pornography and industry secrets through other means. And I would suggest that the intelligent ones have already done so, but thanks for catching the dumbshits.
Re: DHS is doing the right thing and the USA is safer post 9/11.
I’m sure that Americans appreciate that you are trying to keep America safe. Even this Canadian appreciates it.
However, I don’t think making Canadians wait up to two hours to go shopping in your country is a good use of resources, nor is pulling out, twice, a young child whose name matches the name of a 50-year old terrorist on a no-fly list.
Of course you have seen growth in border infrastructure. Fear is a wonderful way to sell things and increase budgets. But don’t equate more gadgets and more manpower with a safer America. Plenty of illegals still cross from Mexico and it is still easy to climb into a boat on the Great Lakes.
Feeling safer is different than being safer.
Re: Re: DHS is doing the right thing and the USA is safer post 9/11.
Thank you for your thoughts and appreciation.
For everyone here that thinks they have the solution, I would love to hear it. If you don’t like the way things are right now, then voice your opinion here. Solve the border security issue. Tell me how you can keep this country safe – this includes economic safety as well as physical.
Please no flames and opinions on Bush. Lets hear your border security plan only.
Re: DHS is doing the right thing and the USA is safer post 9/11.
Two words: security theater
That’s what you are engaged in, no more, no less. The sooner you acknowledge this reality, the sooner we can all prevent the slippery slope of fascism that is already enveloping most national law enforcement agencies.
Let’s face it, the UK spend 30 years of in depth, highly oppressive and invasive operations trying to stop the IRA. In the end, what stopped the IRA was politics. And it’s no different with the threats to the US, and that’s been true for 60 years for almost every single threat the US has ever faced.
Re: DHS is doing the right thing and the USA is safer post 9/11.
So you have an economic interest.
And this is what people are starting question more and more, much to your apparent consternation.
Yes, we are spending a lot more money, that’s true, but there is no evidence that we are that much safer. Claims are not evidence.
Somehow I doubt that you are really authorized to make such offers.
And there it is. If all other arguments fail, just trot out “Think of the children!”.
Re: DHS is doing the right thing and the USA is safer post 9/11.
> For everyone who wants to bash Bush or DHS,
> you have no clue what you are talking about.
> I am on the frontline, everyday, protecting
> this country.
I also work for DHS, as a special agent in one of the department’s law enforcement components, and I have to take issue with your assertion that anyone who disagrees with this draconian no-holds-barred no-rights approach to border searches must be clueless is rather self-serving.
Does it make our job easier? Sure.
Is it in keeping with the fundamental principles of liberty upon which our country was founded? Not even close.
You say that your right to conduct unlimited searches at the border based on nothing more than your own personal suspicion is upheld by the Supreme Court. In that you are correct, however, the Court itself was not correct in making that ruling. There is no “except at the border” language in the text of the 4th Amendment. The Court made that up out of thin air and it’s nothing but an example of the government ignoring the Constitution for the sake of its own convenience. And just because a bad law was put into effect a long time ago doesn’t make it any less bad.
It’s been suggested by “experts” that requiring probable cuase for border searches like everywhere else would be impractical but having worked criminal cases both at the border in conjunction with Customs and non-border cases under my own jurisdiction, I disagree. A border checkpoint forces the subject into close interaction with law enforcement in a way that doesn’t happen in a normal investigation. Body language, demeanor, verbal responses, etc, are all on display in a way that most cops never see until they make an arrest. So a border agent has *more* opportunity to develop probable cause than the average cop, not less.
I’m not alone in my concern with the way more and more authority is being given to the police to ignore various constitutional guarantees. Many of my colleagues have voiced similar concerns. If the cops themselves are starting to worry, shouldn’t you be as well?
Re: Re: DHS is doing the right thing and the USA is safer post 9/11.
I just want to say, from a fellow citizen, thank you.
Thank you for not buying into the crap that governmental institutions keeping putting out in an effort to turn our society into a total surveillance regime.
Thank you for express your dedication to true American values in a public forum and for being a bulwark against these sorts of invasive practices.
And finally, thank you and your colleagues for looking out for the rest of us from the inside while still being true to core constitutional values as envisioned by our founders.
To bad there are not more people like you, but it’s people like you who will eventual save us from become paranoid, fascist society.
Re: DHS is doing the right thing and the USA is safer post 9/11.
“The ability to search all electronic devices for data is very important. It allows us to find child pornographers, industry secrets that have been stolen, economic damaging data, as well as possible terrorist related plans”
The first two I believe, the last one I doubt very very very much. On a side note, where can I buy some of these laptops you guys “confiscate”? Is there a special place at the airport or something, the parkinglot maybe? Or do you guys mainly sell those from home?
Totally agree on this one
I totally agree with the post. While I’m taking a wait and see position, we have been inching closer and closer to a time when everything we see, read, and hear will be monitor.
I also like to add the prevalence of tracking systems like cell towers and GPS on mobile devices make it easier for just about anyone to track us. I’m not just saying the government.
I’ll be keeping an eye on this myself. It’ll be cool if Techdirt can keep bring this up once in a while and update us. I did some searches and while they’re following the Hilton and McCain squabble, they’re letting this one drop.
I applaud the folks who are on the frontline protecting the United States. I think no one is questioning your dedication, sacrifice, and bravery so we can go on living with our lives.
I just believe this is an issue like no other that has confront us in a while. As for reading data, we know the Patriot Act provides cover for telecom companies on calls. does it already extend to data as well?
Re: Totally agree on this one
You are simply missing the point because techdirt is good at misconstruing information to suit its objective. The border search is only conducted on individuals whom the authorities view as suspicious.It’s not a sewrch on every person crossing the border: A New Approach to Cyber Defense(http://www.internetevolution.com/author.asp?section_id=628&doc_id=151762&F_src=flftwo)
Re: Re: Totally agree on this one
the laptop searches do NOTHING to protect people. hell, there is a loophole in the release they just made, they aren’t allowed to open sealed letter class mail from the USPS. that means you can mail a thumbdrive and know it can’t be searched/seized.
there is also the many types of secure communications that can be used to just send anything you need anywhere in the world. the searches for electronic nastiness does nothing to stop people with a bad intent and only inconveniences the rest
also while encryption is vulnerable to this type of man-in-the-middle surveillance, anything useful against the big bad guys who want to rape our kids (as some people would have you believe are lurking in the shadows waiting for every opportunity) would already have passed through to the destination by the time they realize it.
So will someone please explain how these kind of search/seizure/monitoring activities actually does us any good? yes customs searches can protect against someone trying to smuggle a bazooka, but against data it is worse than useless because it does nothing to slow/stop the dangerous ones and zeroes while doing everything to invade the privacy of the individual.
Time to crack...
For any reasonably strong encryption, the current estimate of how long it would take to crack is generally estimated as “not before the collapse of civilisation, using all of the computing power known to currently exist on the planet”. If you double the default key length, you can extend that out to the heat death of the universe.
Even allowing for Moore’s law and hidden banks of NSA supercomputers, I’m pretty confident that the stuff I’m encrypting today will never be cracked within my lifetime. I’d be a lot more concerned about keyboard logging and/or waterboarding than cryptographic attacks.
Backdoors? I use Open Source cryptography on an Open Source operating system. There could well be backdoors in the hardware. That takes us back to ‘keyloggers’. I don’t see this as a a particularly credible threat though, it would require a massive and well-concealed conspiracy. When you’re dealing in conspiracies, “massive” and “well concealed” just don’t go together.
To the person (#11) who says encryption is ILLEGAL accross borders.. you have GOT to be SHITTING me. https? ssh? VPNs? Skype? These are all widely and routinely used across many borders. A few places (like France) still have a problem with that, but the USA and most other marginally-sane countries gave up trying to control it years ago!
#40
Sorry, no.. it _used_ to be illegal to transfer encryption technology out of the USA, fifteen or twenty years ago IIRC.
Phil Zimmerman got around the export restriction by describing exactly how PGP worked in a technical paper. It was still legal to export published human readable descriptions of encryption technology at that time. A team of programmers then re-implemented PGP entirely outside the USA.
Eventually the US government figured out that if they continued to ban the export of encryption technology it wouldn’t ever stop anyone outside the USA from being able to use strong encryption. But it would result in most encryption research and programming being done outside the USA, putting the USA (both commercial encryption users and government agencies like the NSA) at a serious disadvantage.
They can pass all the laws they like at this point, but I don’t think they can ever jam this particular genie back into the bottle.
What do you think NSA has been doing for YEARS?
With all due respect you need to stop worrying about the DHS. NSA has been conducting “warrantless” searches of all internet and other digital and radiotelephone traffic for many years.
Do you actually think that when they come across unlawful domestic activity that they DO NOT notify the DEA or FBI or ATF?
Have you noticed unmarked cars sitting alongside the Interstate Highway System? When they pull over a vehicle “randomly” and find a million dollars in cash, or an equivalent amount in drugs, do you think that is a coincidence? What a “lucky” day those Narcotics Interdiction Team officers are having?
Or when a “confidential informant” snitches out a US fugitive hiding in another country and an special FBI team goes there and “snatches” him and returns back to the US on a jet that does not have to go through customs of any country, do you think the “informant” is really a human being?
Wake up. Our Big Brother is already hard at work. That is why it is important for us to elect officials we can actually trust NOT to LIE to us.
If they LIE about Iraq, and LIE about torture, and LIE about the health of our economy, and intercept our telephone and internet traffic, what makes you think they will not one day turn against US?
Who do you think Big Brother works for, the little guy or the millionaires wanting to become billionaires? Do you think former CIA Director George H.W. Bush did NOT use CIA assets and resources to help him acquire information useful to him in building his fortune?
Do you actually think that his son, our esteemed President, does NOT use intelligence gathered from the internet to ENRICH his friends?
Why do you think there is a law prohibiting monitoring of cell phone conversations? To keep US from using information gathered thereby for commercial purposes. Well, do you think the Bush Buddies who have access to ALL telephone and internet and radio traffic do not already profit from use of that information? Remember, the Bush Billionaires are NOT bound by the same rules of law that bind us lowlife citizens.
Encrypted communications are NO problem to the NSA’s many supercomputers. They are NOT restricted (in practice) to looking only for threats to national security, but under THIS President, have used these supercomputers for political and commercial purposes.
To believe otherwise is to deceive yourself. You probably would also contend that it has not been the policy of this administration to kidnap civilian non-combatants from their own country and hide them in a box in another country and give them NO trial or right to a lawyer, then to torture them.
Why would such an administration give one whit about the confidentiality of YOUR internet communications? And if in the course of their decryption of YOUR personal communications with your friends overseas on national security grounds, they find out that you have a good idea/concept/product/etc. that can be patented/put to use against you or sold, that they would be too moral and law abiding to steal your idea from you?
Oh, if you only knew the half of it. So you therefore would think that NSA and CIA clerks who have access to survey satellite information on the location of every undeveloped oil field, do NOT provide that information to their buddies in the oil industry?
That is like saying that when the Interstate Highway System was being designed in the 1950s, that certain US Senators did NOT use their “inside” information and power to buy certain tracts of land that the highways were later routed through, and suddenly land they bought for $500 an acre was worth $60,000. How do you think some government employees got so filthy rich on fixed salaries?
Oversight? Yeah, Buddy. That’s why most of the members of our Intelligence Committee did not know about the Bush/Cheney invasion plans, and why most members of the Banking Committee found out about the need for a Trillion Dollars to bail out Bush’s Buddies until it was too late.
Intercept and Decrypt internet traffic? You must still be living in the 1950s if you think that is not done around the clock by the HUNDREDS OF THOUSANDS OF NSA EMPLOYEES AROUND THE WORLD ALREADY.
Re: What do you think NSA has been doing for YEARS?
Look at the bright side Mark. Just the other day I accidentally deleted a voice mail message. For $25. and a call to NSA, the message was immediately restored. Talk about a bargain in governance.
NSA, Bush, Impeachment
Thanks for the tip, Bob. Now I know where to buy copies of all those email I deleted accidentally.
And Enrico, impeachment won’t work, ’cause then Cheney’d be King. I’m personally waiting for the World Court to indict Bush and his co-conspirators for War Crimes.