SoylentNews is people
SoylentNews
from the they-should-look-into-getting-some-artificial-intelligence dept.
One of the individuals who first brought the Internet to Australia, Geoff Huston, writes in his blog:
I recall from some years back, when we were debating in Australia some national Internet censorship proposal de jour, that if the Internet represented a new Global Village then Australia was trying very hard to position itself as the Global Village Idiot. And the current situation with Australia's new Data Retention laws may well support a case for reviving that sentiment. Between the various government agencies who pressed for this legislation, the lawyers who drafted the legislation, the politicians who advocated its adoption and the bureaucrats who are overseeing its implementation, then as far as I can tell none of them get it. They just don't understand the Internet and how it works, and they are acting on a somewhat misguided assumption that the Internet is nothing more than the telephone network for computers. And nothing could be further from the truth.
The intended aim of this legislation was to assist various law enforcement agencies to undertake forensic analysis of network transactions. As the government claims: "telecommunications companies are retaining less data and keeping it for a shorter time. This is degrading the investigative capabilities of law enforcement and security agencies and, in some cases, has prevented serious criminals from being brought to justice." ( https://www.ag.gov.au/dataretention ). So what the agencies wanted was a regulation to compel ISPs to hold a record of their address assignment details so that the question "who was using this IP address at this time" had a definitive answer based on the retention of so-called meta-data records of who had what IP address when.
[Also Covered By]: Australia the idiot in the global village, says Geoff Huston
(Score: 3, Insightful) by frojack on Friday September 04 2015, @05:20AM
When you read his whole blog, he vastly overstates the case.
He acts like IPs change every 6 miliseconds, and every page part download will generate a new IP assignment log entry.
The fact is that your IP address tends to stay stable for a rather long period of time, certainly for the duration of a page load, usually for the duration of your entire session. The IP might not be meaningful, it might be assigned to that particular coffee shop, with no way to pin it down to which customer's cellphone or laptop, because the coffee shop doesn't keep dhcp server logs.
So log each time Starbucks gets a new IP, (virtuall never) and let the government look at those to their hearts content. Once they figure out that isn't good enough they can come back and demand Starbucks keep dhcp server logs. Each level of the network can keep logs, and let the government search them all. Drowned them in data. Starbucks would tell them its impossible and offer them a latte.
There is no single end-to-end log, so give the government all the logs (that you have) or as many as you can cram down their throat before they say uncle. Let them go to the next NAT operator down the pike and get that guy's logs.
When we are all using ipv6, Maybe it all goes away and gets easier, or maybe there are still NATs (because nats have value beyond Ip sharing). But the carriers just need to stop bending over backward to help the government, and give the idiots what they have, and let them figure out its useless.
No, you are mistaken. I've always had this sig.
(Score: 0, Flamebait) by radu on Friday September 04 2015, @05:58AM
They won't ask for logs, they'll ask for analysis of the logs. They'll ask things like "who wrote X on forum Y around June? You have that piece of information because you have the logs, so if you don't tell us, ..."
(Score: 4, Insightful) by frojack on Friday September 04 2015, @06:04AM
You tell them exactly what you have in your logs.
A list of IPs connected there at that time. If you read the story, the government isn't asking who wrote what, just who was connected.
So most of the IPs will lead to some NAT somewhere, and they can go chase that. They will soon tire of chasing their tail.
No, you are mistaken. I've always had this sig.
(Score: 2) by bzipitidoo on Friday September 04 2015, @01:53PM
Will they tire? I doubt it. Law enforcers always want more surveillance. Too often they see their jobs as catching the "bad" guys no matter what. If they could, they would put cameras on every street corner and door, and feed the video to facial recognition algorithms. We'd all have to walk around with Guy Fawkes masks, until the next advance renders that insufficient. They'd do the same with logs, have algorithms do the searching. Some laws should not be enforced. I particularly resent the use of our police and courts, paid for by us, to enforce laws that are actually thinly disguised agendas of monopolistic businesses, things like having the border guards seizing prescription drugs from seniors and outlawing underserved communities from creating their own ISPs.
I think the better play is to nip this in the bud, make it clear that such logging constitutes Australia's equivalent to an unreasonable search. Kill such proposals in the legislative sessions, and any that make it past that can be shot down in the courts.
(Score: 2) by Anal Pumpernickel on Friday September 04 2015, @03:46PM
If they could, they would put cameras on every street corner and door, and feed the video to facial recognition algorithms.
Facial recognition algorithms are being developed right now. Whenever someone complains about surveillance in public places, people reply that you have no expectation of privacy in public places; this is despite the fact that mass surveillance is different from merely being seen by another human (with imperfect memory, no video feed being sent to a central organization, hiring humans to conduct surveillance would be prohibitively expensive, and normal humans are not nearly omnipresent), so it would be perfectly legitimate to have privacy from mass surveillance. Your fears are already coming to pass, and the situation will continue to get worse if it isn't stopped.
(Score: 2) by frojack on Friday September 04 2015, @07:20PM
Facial recognition algorithms are being developed right now.
That work has already been done. Your drivers license photo is stored with the pre-calculated reco numbers.
The point about no expectation of privacy is a good one.
We have a reasonable expectation of privacy as we go about our daily business in public, even if we might
fall into the sight line of John Q Public, John is unlikely to know who we are, where we live, where we work, and
have instant access to our banking records.
It is reasonable to be seen in public, by friends, foes, and even (occasionally) police officers. What is unreasonable
is for any of those people to have access to a full dossier, or to report that information to police, or to enter
that information into a computer for future use.
I suspect, in time, the GPS Tracking ruling [networkworld.com] will be expanded to require warrants for other means of tracking, via facial recognition, license plate readers, etc/ (Or at least it should).
Requiring a warrant to track a specific face, or license plate, would require the hardware/software to instantly discard any "non-hits" with no matching warrants. That's just about what every cop on the street does when they are looking for the Red Chevy Impala with Florida plates. Blue cars are pretty much ignored, unless they are doing something egregious. The Face Reco systems should do the same.
The argument is about the word "reasonable". Creating police databases of every person walking by a camera is not reasonable.
No, you are mistaken. I've always had this sig.
(Score: 5, Interesting) by Whoever on Friday September 04 2015, @06:33AM
No, you misunderstand his case. He points to the adoption of carrier-grade NAT. Imagine that you have the logs of a website and you want to associate a particular web query with a real user endpoint. The website has an IP address, but that is only the IP address of an ISP's carrier-grade NAT exit point. How do you find the real source of the query?
In order to find the real query, you have to be able to associate the NAT-ed packets with a user. For that, the ISPs need to record a history of NAT-ed transactions. In other words, the ISPs have to record which websites (at least by IP address if not the URL) each user behind the NAT exit-point visited. Or, to put it another way, the ISPs have to record partial information on every user's Internet history (including browsing, email, etc.).
You seem to be under the misapprehension that ISPs won't be required to collect the necessary information. He proposes that they will be required to collect this.
Again, you misunderstand. He is asserting that the coffee shop will be mandated to keep this information and make it available.