Education is where it all starts.

"Fourth" is spelled with a "u".

Maybe that post got disemvoweled by the Feds.

SSH tunnel your email all you want but it won't protect it. First of all it has to be sent by another server, then it goes across the network before arriving at your ISP and then onto their (or your own) mailserver.

You SSHing into the mailserver is like the windows of your car being tinted only when you drive up the driveway to your house, not during your time on the street or while shopping.

I'd also be interested in hearing whether it's necessary to have passwords when encrypting disks or communications. I.e., if I convince a family member it's worthwhile to encrypt their communications, what happens when they forget their password?

Not that I'm trying to defend this legislation, but don't you think it's a bit sensationalist to claim it scraps the fourth amendment?

From Wikipedia:

Specifically, the bill:[2]

* Prohibits the individual states from investigating, sanctioning of, or requiring disclosure by complicit telecoms or other persons.
* Permits the government not to keep records of searches, and destroy existing records (it requires them to only keep the records for a period of 10 years).
* Protects telecommunications companies from lawsuits for "'past or future cooperation' with federal law enforcement authorities and will assist the intelligence community in determining the plans of terrorists."
* Removes requirements for detailed descriptions of the nature of information or property targeted by the surveillance.
* Increased the time allowed for warrantless surveillance to continue from 48 hours to 7 days.
* Requires FISA court permission to wiretap Americans who are overseas.
* Prohibits targeting a foreigner to eavesdrop on an American's calls or e-mails without court approval.
* Allows the FISA court 30 days to review existing but expiring surveillance orders before renewing them.
* Allows eavesdropping in emergencies without court approval, provided the government files required papers within a week.
* Prohibits the government from invoking war powers or other authorities to supersede surveillance rules in the future.

[2] = http://ap.google.com/article/ALeqM5hJKgeE0Z-SivATjok-utYBdh9wDwD91DU0Q00

Specifically, it seems the prohibitions in place are specifically there to prevent violations of the fourth amendment.

I'd plug the Obfuscated TCP project currently under rapid development by a friend of mine:

http://code.google.com/p/obstcp/
http://code.google.com/p/obstcp/wiki/Reasoning
http://obstcp.blogspot.com/

It, or something like it (such as the Pirate Bay-sponsored system that got mentioned on Slashdot today) could significantly protect against wholesale eavesdropping and packet mangling by network operators -- or, at the very least, raise the cost of doing so by orders of magnitude.

- - -

Separately, if you can get your head around the use of OpenPGP (as implemented by GnuPG and friends), it can -- if used correctly! -- help secure sensitive documents and emails.

Human-usable frontends like Enigmail and Seahorse provide much friendlier interfaces than the standard command-line tools:

http://enigmail.mozdev.org/
http://www.gnome.org/projects/seahorse/

Just before I saw this article, actually, I submitted a link to an article about how The Pirate Bay wants people to encrypt all of their communications at an Operating System level:

http://newteevee.com/2008/07/09/the-pirate-bay-wants-to-encrypt-the-entire-internet/

While I think they're unlikely to actually finish that project, I would LOVE to see some open-source alternatives crop up.

Remember the days of modem handshaking? It works the same way, any data transfer request first asks if you can encrypt, and then downgrades to open communication, if not. Why hasn't this been done on a system-wide scale in the past?

Frankly, 90% of the time, I'm more than willing to sacrifice a little bit of speed for a bit of peace of mind.

Chryso, read bullet points 2-4, 5 and 9, and tell me those don't all sound like easy outs for past and future abuse of civil liberties.

and that's the watered down, safe sounding, publicly edited Wikipedia version. The actual letter of the law is no doubt so harrowing i'd rather not think about it!

-T

@ #4 The protections were already in place, and this bill excuses people for violating them, setting a precedent that such protections aren't to be taken seriously. Also "Allows eavesdropping in emargencies without court approval, provided the government files the required papers within a week" really means "Allows evesdropping in whatever the government calls an emergency as long as the paperwork is lost within a week."

Regarding privacy, I've been wondering if there's a practical way to encrypt cell phone calls. Anyone know?

So, the government illegally performs wiretaps on US citizens. After getting caught, they pass legislation that makes everything they did OK but says it's not OK to do more than that... Does anybody really trust that they wouldn't just exceed the law again and pass legislation to make it OK retroactively?

I also saw the Slashdot item on The Pirate Bay. They are working on massive deployment of zero-configuration traffic encryption. This will hide *what* you are sending. TOR will hide *who* you are sending it to.

While widespread deployment of these tools is good to protect privacy as a whole, none of them will prevent targeted surveillance of individuals. The main character from Cory's recent book does everything he can think of (including in-person key exchanges to establish a trust network), but it is still compromised by a mole.

While I do get the heebee-geebees from the new FISA law, I'm not too worried about Scroogled coming true. Our society is in a paranoid-delusional phase regarding terrorism. I fully expect that in ten years, we'll have sobered up and be making reasonable decisions again.

I'm more interested in laying the substrate for trust webs, spam mitigation, and Whuffie-style reputation economies.

P.S. Cory fiction reference hat-trick! Can I has jelli-baen now?

@ #4

I couldn't agree more. This is the biggest overhyped non-story of recent memory. It would seem everyone who writes for/reads this site thinks EVERYONE is being monitored as if the legislation specifies all communications are now monitored all willy-nilly. This is completely absurd. In order to eavesdrop ON A SPECIFIC PERSON for up to 7 days, the authorities have to come up with enough evidence for probable cause, establish that it warrants emergency action that cannot wait for a normal court order, and then submit the paperwork. How this translates to every idiot on the internet thinking they need to suddenly start using 1024-bit keys for their Gmail traffic completely and utterly baffles me. Get over yourselves. The NSA doesn't care about the email you got from your mom with pictures of her cat's new sweater.

@ #3, use a provider which supports StartTLS: http://help.riseup.net/security/measures/#what_is_starttls

FISA is bad.

However, the 4th Ammendment still stands just as strong as it ever did. The only way to repeal the 4th amendment is (wait for it.....) to appeal the 4th amendment with another amendment.

Thus far, this hasn't been done. Therefore the 4th still stands.

#8

"...really means "Allows evesdropping in whatever the government calls an emergency as long as the paperwork is lost within a week.'"

That is asinine. What causes you to think there is no accountability? Clearly you know nothing of the chain of evidence or any law enforcement procedure. If your paranoia was even in the realm of reality, any evidence gained from such a blatant disregard for the policy would be ruled illegally obtained and rendered inadmissible in court. Case closed.

@#8 - If Television has taught me anything - and it has - the best thing you can do to avoid your cell phone calls from being eavesdropped on is to use "burners" ala The Wire. Single-use phones which can be cheaply purchased at finer convienece stores.

I've also seen do-hickies on TV where you just snap an extra mouthpiece onto your phone and it will garble your speech, only understandable to someone with a special decrypter. I think that device might have been BS though.

the fourth amendment protects against all kinds of unreasonable search and seizure. As in the police searching and seizing your property without a warrant. While this bill and the spy program may possibly violate the fourth amendement, I don't see where the fourth amendment has been repealed.

And now that there's a bill, it can be brought before the supreme court.

There are ways to show concern without resorting to sensationalism. "fourth amendment" is such a convenient catch all, much like "terrorism".

Tor provides anonymous surfing but does *NOT* provide security, as the embassies for Iran, India, Japan, and Russia discovered:

http://www.theregister.co.uk/2007/09/10/misuse_of_tor_led_to_embassy_password_breach/

Not to hijack this thread, but:

"What causes you to think there is no accountability?"

The immunity part of the law. That, and just about any news out of the USA in the last 8 years.

If it violates the 4th Amendment then the Supreme Court will over turn it. You just have to take it to court and demonstrate that you are an impacted party to this law. Should be easy enough to do, right? All you have to do is show that the government's program is violating your rights, just take the telecom that carries your traffic to court to demonstrate that .... or something like that.

How about using darknets? Like this one, for instance: http://www.anonet.org

#17

Wrong. The immunity part has NOTHING to do with my statement or the comment I was replying to at all which was in reference to federal law enforcement following the policies in the bill. It simply protects the data carriers who are stuck in the middle. Why should they be mired in lawsuit after lawsuit for simply doing what they were court ordered to do?

"I use OSX 10.5 at home, and Windows 2003 behind a corporate network at work."

My condolences. Seriously. If you think that you're secure in your use of OS X 10.5 (or any thing else for that matter) stop reading now because you just don't get it. At all.

If you wish to protect your electronic communications between you and your friends you will need to use PGP for ALL of your e-mail. That means you AND anyone that you wish to e-mail -or that wants to e-mail you- must employ PGP on both the sending and receiving ends. Which requires that you exchange public keys with that person -and every person you wish to communicate with- in a secure and trusted fashion. Good luck getting that to work with the family and friends. If you want to communicate with people and don't want anyone to know what's being said, do it the old school way, face-to-face. If you need help here, watch some old mob/spy movies.

If you plan on traveling internationally, be prepared to securely wipe your laptop, phone, and music player prior to arriving at your destination and prior to your arrival back in the U.S. That means you have to setup or employ a trusted server somewhere with ssh access to allow you to securely retrieve all your data once you arrive at your destination and to upload all of your changed data prior to returning. You will also have to carry a DVD or CD with an installer or disk image of your laptop OS to be able to re-install the OS so you can startup the machine for the security droids at the airport to prove that it's a real, working, computer. That should waste the better part of day at the start and end of your trip.

Your best hope -our best hope- is that someone or some group, like the EFF, will have the testicular fortitude to challenge these laws on constitutional grounds in front of the Supreme Court and have them overturned, in their entirety.

"That is asinine. What causes you to think there is no accountability? Clearly you know nothing of the chain of evidence or any law enforcement procedure. If your paranoia was even in the realm of reality, any evidence gained from such a blatant disregard for the policy would be ruled illegally obtained and rendered inadmissible in court. Case closed."

You are making the assumption that the ill obtained information will be used directly in court. It can be used as a basis for targeting legal means of search, or used by means having nothing to do with the legal system at all. See J. Edgar Hoover for examples.

Wireless mesh net with household wireless routers. Sort of an updated FIDO net. You need sufficient density of users to blanket an area with signal and provide enough connectivity to relay data from each such network to a central server that in turn would use telephone lines to connect to other servers at a distance. This creates a network parallel to the internet but doesn't actually connect to it.

All of the software used must be open source, OS and apps, no exceptions. Also, make sure you compile the compiler from known-good source code. (And the assembler and the linker and the kernel and the loader.)

Also, make sure the compiler you use to compiler the compiler was also compiled from known-good source code.

Why? Just ask Ken Thompson.

#22

Incorrect. See "Fruit of the Poisonous Tree" for examples. Anything that stems whatsoever from illegally obtained evidence will also be thrown out. The person would still walk.

I am still trying to find ways to encrypt my voice communication in an end-to-end manner with my cell phone, so even if my provider lets someone listen in I am protected. That is a bit problematic and I have have yet to find a good solution. For VoIP traffic I have been using Asterisk with a patch from the zphone project that encrypts voice traffic.
http://zfoneproject.com/docs/asterisk/man/html/index.html

@#4 and anyone else who thinks this law is no big deal.

I tend to side with George Washington University Constitutional Law Professor Jonathan Turley who says this law "evicerates" the Fourth Amendment.

Why does he think it is being done, "Political convenience" to cover up the Bush Administration's law breaking. The Democrats in Congress know he broke the law but they don't want to enforce the law, because it would be inconvenient for them. Sad, truely truely sad.

http://www.youtube.com/watch?v=wmot0aZy4MM

why do they bother? If they want to destroy someone, can't they just use the Patriot Act to declare them an enemy of the state and therefore exempt from any legal protections in the first place? Or lure them into a Black Zone like a military site or border area where no rights apply at all?

Made this comment yesterday in another bb thread about the new bill. This link came up when searching the phrase, "encrypted drive implies guilt".

Practical Approaches to Recovering Encrypted Digital Evidence
By Eoghan Casey, MA

http://www.dfrws.org/2002/papers/Papers/Eoghan_Casey.pdf

I know next to nothing about encryption, looking forward to everyone's responses.

FYI, if you also run a Tor node to help others, be aware that if someone uses, for example, Bittorrent through Tor and you end up as the exit node, it will look like you are downloading whatever it is they are.

I ran Tor for one weekend and got a DMCA take-down the following Monday (which is silly, because I am in Canada, but what can my ISP really do?) for downloading a Japanese Wii game via Bittorrent.

The problem? I would never download a Wii game because I'm not that kind of geek, and I wasn't running Bittorrent.

There are ways to control this (to a point) but I really has not immediate choice but to kill Tor and close up the port.

So, be careful out there.

@ #26

I watched the video. All I saw was an incredibly unprofessional bias on the part of the news anchor talking with a typical university leftist. Say what you will about its materialization or the current administration, but the truth is this bill doesn't affect people like you and me, unless of course you are actually an arms dealer or the like. The idea that it someday might and that it's a "slippery slope" is pretty far-fetched. The fact of the matter is that this has already saved lives (see: Rammstein AFB attack thwarted by eavesdropping intelligence shared with German authorities).

Zuzu does an excellent short course, I suggest you have a rummage though his comments

John in BBgadgets touched on Full Disk Encryption (FDE), though for a laptop the upcoming solution is the AES-256 FDE drive from Fujitsu (MHZ2 CJ).

I've found that I2P provides more collective bandwidth for moving heavy files than Tor has available. (Nothing prevents you from running both.)

Instead of allowing Google to monitor your web searches, you could use YaCy distributed search engine.

At home, you could install a router that does network intrustion detection, such as the Watchguard Firebox or build your own pfSense firewall. (c.f. m0n0wall, untangle)

And as others have already said, definitely generate and publish your GPG public key and cryptographically sign all of your emails as a kind of passive evangelism. (Some people will be curious enough to ask, "What's that cypher block at the end of your email?" and that provides an opportunity to explain that every email is like a postcard that everyone can read, or rewrite, at every hop along the way of delivery.) If you use Apple Mail.app, install the GPGmail bundle. (Though I find the best way to install the most current version of GPG is using MacPorts. $ sudo port install gnupg +idea )

Finally, Cory, I don't mean to be a jackass in pressing this point, but previously you've implied that encrypting all web connections (TLS/SSL) to BoingBoing would be cost-prohibitive. Too bad BB can't lead by example -- to protect privacy or net neutrality.

@ #20 posted by Bluesk1d , July 11, 2008 7:52 AM

"Why should they be mired in lawsuit after lawsuit for simply doing what they were court ordered to do?"

Because they broke the law; it really is that simple. Break the law, you should pay the consequence.

The only place the telecoms are stuck is between whether or not to continue to break the law at the govt request or not if the govt doesn't pay the bill.

It is quite depressing to see that if you have enough money you can ask congress to retroactively immunize from previous breaches of the law. Boy it sure would be nice the next time I get pulled over for speeding to just call up my Congress-woman and to clean that up and all previous ones. As the votes showed yesterday that is exactly how it works out if you have enough money. Whatever happened to equal justice under the law?

The absolutely baffling thing is that no one disputes that the telecoms broke the law; that and the fact that so few actually know what behavior they immunized. In the USA, our history tells us time and time again that we DO NOT TRUST those with power, so why would we continue to believe the "Trust Me" line?

Obviously the only solution is to remove those in power who no longer believe in the rule of law and the effort to do just that can be joined here:

http://accountabilitynowpac.com/

@ #18 You've hit the nail on the head. "All you have to do is show that the government's program is violating your rights." There's no way to prove that rights are being violated if the executive branch doesn't need to report to anyone else. They can just deny that anything is happening and protect the telecoms when they do the same.

how much? Is there a creative way to fund this?

Noen,

I feel the same way. All these wireless routers showing up are just waiting to be linked together building a connect-the-dots encrypted, free, and independent wireless net. There is no reason for the telecoms to even exist.

#10

The legislation allows 7 days of individual surveilance without the court signing off on it. That much is true. However, there is no oversight as to what qualifies as an "emergency." Also, whereas under the old FISA law, the agency had to submit a 2 page form stating who they wanted to spy on and why, the oversight now is largely procedural. The court can see whether or not the agency has followed the correct process, but not the specifics (meaning "who they want to spy on and why).

I think, though, that the larger impact will be on the data-mining side. There is now a precedent that companies will be expected to turn over any data the government requests, in secret, regardless of whether or not they are violating privacy agreements or even the law. If phone companies are expected to turn over information without a warrant, why shouldn't ISPs or doctors or banks or...you get the idea.

In that environment, I don't think its especially paranoid to take a little personal interest in privacy.

#32

"There's no way to prove that rights are being violated if the executive branch doesn't need to report to anyone else. They can just deny that anything is happening and protect the telecoms when they do the same."

The only thing this statement would have to do with is a civil trial. Is it a big deal you can't sue them civilly for listening to you and then deciding not to charge you? How would you even know it happened? The executive branch never has to report to anyone else unless they want to actually prosecute you. The whole point of this discussion is having evidence gathered against you for criminal proceedings, not making money off the federal government.

I suppose everyone could learn Arabic. They have no staff to translate that.

@10 Blueskid

Yeah, it's not like they are copying all the internet traffic and phone calls.

http://www.eff.org/nsa/hepting

Well, I guess this is just anyone who uses the AT@T backbone.

#35

I like your rational respone but I think you may be oversimplifying how easy it is to fill out some meaningless form and get yourself a shiny emergency wiretap approval. This still has to stand up to later legal scrutiny if any criminal proceedings are to follow. Any court appointed attourney would get a shady approval thrown out before the trial even started.

"If phone companies are expected to turn over information without a warrant, why shouldn't ISPs or doctors or banks or...you get the idea."

Because this bill is for listening in on live (or recordings of live) transmissions, not arbitrarily seizing documents like your life history, web surfing habits, bank statements, and medical records from private entities.

"encrypted drive implies guilt"

Well of course it does. It's like carrying around a great big manila folder stamped with the words "Top Secret" on the cover. The ideal system would look like regular unformated or unused disk space.

To see what you're up against:

Microsoft Gives Government and Corporate Espionage the Green Light

Helix - Incident Response & Computer Forensics Live CD

The NSA has access to the internet backbone. There are no tricks to get around that. You can also be sure that all commercial software is compromised. The Microsoft Malicious Software Removal Tool has been used to break botnets and it reports back to MS without your knowledge. And boy there sure are a lot of transistors on IC chips these days. Who knows what's encoded in there. Is that how China broke into the Pentagon?

Wheels within wheels within wheels. Build your own software from trusted source.

#38

Yeah, it's not like they are copying all the internet traffic and phone calls.

http://www.eff.org/nsa/hepting

Well, I guess this is just anyone who uses the AT@T backbone.

That is great and all but that is outside the scope of this bill. If anything your point just illustrates that this has and will take place regardless of whatever bill is pass or not passed. Wouldn't you rather they at least follow the provisions and restrictions in this bill?

"* Protects telecommunications companies from lawsuits for "'past or future cooperation' with federal law enforcement authorities and will assist the intelligence community in determining the plans of terrorists."

#4 didn't read his own post.

"This still has to stand up to later legal scrutiny if any criminal proceedings are to follow. "

Because it's not like anyone would use the unlimited ability to spy on Americans for extralegal purposes like blackmailing political opponents or imprisoning people for years without trial or anything like that.

Blueskid, go read Glenn Greenwald on this subject and stop hijacking this thread. He is a constitutional lawyer and has extensively covered this subject.

http://www.salon.com/opinion/greenwald/

Otherwise, I request you go over there and discuss this.

"And then . . . they came for me . . . And by that time there was no one left to speak up."

The problem with erosions of privacy is that, even if they aren't targeting you now, they might later. How much would it take? Speaking out against the government? A prank phone call to the police? File-sharing? Just because they don't have a reason to watch you doesn't mean they won't find one later.

The need for a warrant and the explicit description of who and why are extremely important to judicial overview. How can you tell if powers are being abused if you don't know what was happening? The fact that they submitted the paperwork means nothing if the paperwork is blank (read: without details).

I have a friend who works in CSIS, and despite the fact that they are horribly understaffed, the truth is that they have a lot of information on a lot of people. It wouldn't take much to abuse this.

The problem with using litigation to combat abuse is that it's more difficult to prove abuse. If it's illegal to wiretap without a warrant, all you have to prove is that you were wiretapped and there was no warrant. If it's legal, but there are a bunch of conditions, you need to prove those various conditions. This is even more difficult when many things, such as who is tapped and why, are left out. How do you prove you were illegally wiretapped if there isn't even a paper with your name on?

These may sound like little details, but put together, it results in a vastly-weakened system of oversight, which is much easier to abuse.

Probably a good way to protect yourself is to stop visiting this site. It wouldn't surprise me one bit if it and others were on a list somewhere.

nice going Tim, now I have to kill you (again)

#41

This is the *point* Bluesk1d. The immunity provided in the bill was specifically engineered to prevent EFF and others from uncovering what was going on in the program. Do you think that they're going to stop warrantless wiretapping now that it (a) remains illegal, yet (b) there is no way anyone can defend themselves in the courts against it.

(Note that (b) isn't necessarily true -- but it was damn well the intent of the FISA reform act)

@ #36 You're missing the big picture. The 4th amendment protects us from search and seizure from the federal government, regardless of whether it's part of a criminal trial. The executive branch *does* have to report to people, in this case the FISA court, for this exact reason. But there's a huge loop hole, if the executive branch can say "don't worry, we'll file the paperwork later, it's an emergency" it gives them plausible deniability later, meaning they can spy on us illegally without leaving any proof. Regarding "fruit of the poisonous tree" if you can't prove there's a poisonous tree, you can't prove the fruit came from it.

@ #42

"Blueskid, go read Glenn Greenwald on this subject and stop hijacking this thread. He is a constitutional lawyer and has extensively covered this subject.

http://www.salon.com/opinion/greenwald/

Otherwise, I request you go over there and discuss this."

Thank you. I will read the article. However, can you please explain how I am hijacking this thread when the title of the article states the senate has repealed the 4th amendment? I am simply arguing against that assertion which is directly related to the post.

"If phone companies are expected to turn over information without a warrant, why shouldn't ISPs or doctors or banks or...you get the idea."

They already do. Ever been to an IRS audit? They come with all your bank account statements and purchasing history already in their hands. Banks are required by law to report suspicious activity and are only to eager to help. That's how they got Eliot Spitzer. Your insurance company also knows everything your doctor knows and you can count on them to cooperate in the "the war on terror" too.

BTW, the government does surprisingly little intelligence on it's own any more. They purchase intelligence "products" from private corporations like Booze Allen.

@ #47
"You're missing the big picture. The 4th amendment protects us from search and seizure from the federal government, regardless of whether it's part of a criminal trial."

This is not correct. The 4th amendment ONLY applies to criminal proceedings.

"But there's a huge loop hole, if the executive branch can say "don't worry, we'll file the paperwork later, it's an emergency" it gives them plausible deniability later, meaning they can spy on us illegally without leaving any proof."

This nonchalant privilege is not one of the provisions of the bill. Probable cause and an expressed exigency are required for approval.

"If you can't prove there's a poisonous tree, you can't prove the fruit came from it."

You don't need to prove there is a poisonous tree. They will do that for you. As soon as they present it as evidence, its validity and legality can immediately be called into question.

The bill of rights was intended to render moot any suggestion of future American laws becoming repressive. Each individual element of our secular
"Ethical Decalogue" was intended to secure an inviolate protection for a part of freedom itself.
It was the capstone of our nation's ideological identity so to speak. Those rights were the soul of a republic that lives,fortunes and sacred honors had been pledged to. Sadly my use of *PAST TENSE* may yet become literally accurate if we allow it to.
As to the topical nature of this post? That WAS in a better vanished time an issue rendered moot by that fourth amendment we are hopefully calling dead prematurely . SO my answer to this thread's query is an order to all 3 branches of America's government.

Uphold your Oaths to protect the constitution or not even God will have mercy on your Oath Breaking souls

There was a question earlier about mobile call encryption. I helped write Scrambit last year that encrypts calls over a gsm csd line. The site is in Italian but it works anywhere the carrier supports the correct line.

bluesk1d, regarding "This is not correct. The 4th amendment ONLY applies to criminal proceedings."

So let's say a fictional current president want's to listen to Obama's phone conversations so he can leak any dirt he can find to the press. Let's say he asserts it's part of a terror investigation. 1. Are you saying that's not a 4th amendment issue? 2. How, with this law in place, can such a situation be prevented?

@ #53

"So let's say a fictional current president want's to listen to Obama's phone conversations so he can leak any dirt he can find to the press. Let's say he asserts it's part of a terror investigation. 1. Are you saying that's not a 4th amendment issue? 2. How, with this law in place, can such a situation be prevented?"

1. You are correct. The 4th amendment ONLY prevents criminal prosecution from evidence gathered. It does nothing to prevent the actual search from taking place. That seems to be a common misconception. Protection from the actual search or seizure comes from the same normal legislation that makes it illegal for Joe Shmo to listen in on your phone conversations or break into your house and take your property. They can be charged with a felony under federal law. Bills like this are just one of many exceptions for law enforcement (probable cause search, search incident to arrest, warrant searches, etc).

2. The current bill already prevents this situation. A normal request for a wiretap requires formal court approval after a review of evidence. The president does not have the power to simply declare him a terroris and begin listening in, bypassing the process this bill stipulates. Since there is no such evidence that Obama is a terrorist, the approval would not be granted due to lack of evidence.

Here's a response I got from Senator Feinsteins (D-CA) office regarding the content of the FISA bill and what it will acheive, (it's kind of long, sorry)

*************************************************

I write this in response to your communication indicating your concerns on the Foreign Intelligence Surveillance Act of 1978 (FISA) now before the Senate. This bill has passed the House of Representatives.

This legislation contains multiple sections, including one that deals specifically with liability for telecommunications companies. However, the primary intent of this new bill is to modernize our intelligence gathering capacity. The technology and communications industries have seen vast changes in the past thirty years since FISA was first written in 1978. This has changed the way surveillance is conducted, and the original law cannot adequately address these procedures. This is precisely why FISA needs to be modernized.

It is important to understand the consequences if the Senate does not pass this bill. We would either have to extend the temporary surveillance bill passed last August - which should not happen - or allow surveillance on certain foreign targets to expire which would lay the Nation bare and decrease our ability to identify and protect against terrorist threats. Neither of these options is acceptable.

I strongly believe that this bill is substantially better than the version the Senate passed in February 2008, which I opposed. It is also a major improvement from the Protect America Act that passed in August 2007, which had few privacy protections and was never intended to be a permanent solution. This bill:

Includes provisions I authored that make clear that FISA is the exclusive (or only) authority for conducting surveillance inside the United States. This is crucial as it requires that all future Presidents must act only within the law. FISA would be the only legal authority for conducting surveillance on Americans for intelligence purposes, and only legislation that specifically provides wiretapping authority in the future would be an exception to FISA.

Requires the government to obtain a warrant before surveillance can begin. This applies to all Americans - anywhere in the world. The Protect America Act allowed surveillance for up to six months before getting a warrant. This bill ends all warrantless surveillance of U.S. persons. In this sense it is precedent setting.

oBans reverse targeting, which was a concern under the Protect America Act. Reverse targeting would allow the government to collect the contents of telephone calls and e-mails of an American by conducting surveillance on the people with whom they communicate. This is prohibited in this bill.

oRequires that the government implement procedures approved by the Court for minimization. If an American's communication is incidentally caught up in electronic surveillance while the Government is targeting someone else, minimization protects that person's private information. This has been a hallmark of FISA for 30 years, but court review and approval of minimization procedures was not included in the Protect America Act. It is here.

oRequires the government to receive a warrant to conduct surveillance on an American outside of the United States. This means that Americans' privacy rights are protected everywhere around the world. A court warrant has never been required outside the United States before; this would be the strongest protection ever.

I understand your concern regarding Title II of this bill, which creates a process that may result in immunity for telecommunications companies that are alleged to have provided assistance to the Government. I agree that this is not the best approach to the current legal challenges to these companies. Earlier this year, I authored an amendment that would require court review of the legality of these companies' alleged actions. Under my proposal, cases against the companies would only be dismissed if the Court found that they acted legally. I continue to believe this is the right approach. I have joined as a co-sponsor on an amendment which accomplishes this, and will vote for it when it is able to come to the floor.

There may be amendments offered to the FISA legislation to strip or modify the telecom immunity provisions. Know that I will support any that I believe improve the current bill.

Bottom line: this FISA legislation, while not perfect, would bring intelligence activities back under U.S. law. It provides significant improvement in oversight and accountability of our intelligence collection programs while still giving the intelligence community the tools needed to keep our Nation safe. And, it provides the strongest privacy protections to U.S. persons in history.

In conclusion, I have served on the Intelligence Committee for seven years and I take the responsibility extremely seriously. If there is no bill, our Nation goes bare in mid-August, unless the Protect America Act, which does not offer, even remotely, the privacy protections for U.S. persons that are included in this bill, is extended. Additionally, the President - any President - cannot enact a program outside of this law in the future.

I hope this helps you understand my concerns.

Statement of Senator Dianne Feinstein

FISA Amendments Act of 2008

June 25, 2008

@#54 "Since there is no such evidence that Obama is a terrorist, the approval would not be granted due to lack of evidence. "

If the president claims an emergency, which requires *absolutely no review* by anyone else, the courts don't even get to consider the evidence until 7 days after the surveillance begins, what do they do, travel back in time to stop it? Do the telecoms have a way to ensure that the proper paperwork gets filed at all? Do the consumers have a way to ensure that the paperwork gets filed? The answer is clearly no.

@ #21

I'd check my assumptions if I were you. It's customary, when asking a technical question, to state one's current environment so he or she can receive relevant answer. The question itself implies Lee *doesn't* think he or she is secure!

Encrypting your communications will just make them look harder and longer at you-- because clearly "you have something to hide."

I have a better idea, I call it the "fat guy in the nude theory." Rather than hide anything, let ALL your dirty laundry hang out. Include photos of your rectum and bowel movements in all your email attachments, send long rambling Grampa-Simpson-esque diatribes about nothing at all, call a friend overseas and spend 15 minutes discussing the best way to pick your nose. Eventually the NSA will be so disgusted with you that they leave you alone.

Of course so will your friends and relatives, but that's a small price to pay for freedom.

@ #56

"If the president claims an emergency, which requires *absolutely no review* by anyone else, the courts don't even get to consider the evidence until 7 days after the surveillance begins, what do they do, travel back in time to stop it?"

You might want to check your facts. There IS a review, just not a formal warrant. To declare an emergency wiretap, the reason for the exigency as well as probable cause must be declared and documented.

"Do the telecoms have a way to ensure that the proper paperwork gets filed at all? Do the consumers have a way to ensure that the paperwork gets filed? The answer is clearly no."

This logic is fundamentally flawed. That is like saying a law on a highway speed limit is stupid because people will push the envelope and go faster anyway. Its a way to hold the people that DO act outside the scope of the law accountable. If you are talking about people ignoring the provisions of the bill, what makes you think they would magically behave themselves if no such bill existed? Using people who have no regard for the process is irrelevant when making an argument against the process itself.

To the people who think that this bill is somehow going to be "effective" or that the Fourth Amendment continues to be in effect:

Long before Sept 11th 2001, before the (illegal!) War, before the Patriot Act and the War Powers hooey, there were several recorded and reported incidents of Americans being surveilled - their personally identifiable information crossing the desk of the President of the United States - in violation of FISA law and the Fourth Amendment. Every single one was excused by the Justice Department as a "mistake", if not outright buried or denied confirmation under the Freedom of Information Act as being "National Security Interests".

FISA was just another way to legalise what the government was already doing in black ops. Now that Bush's black ops have been discovered AND they've been discovered to be illegal EVEN UNDER FISA LAW, this bill provides retroactive (illegally so) immunity (illegally so) to the infrastructure companies that cooperated (illegally so) with the (illegal) warrantless (illegal) wiretaps that (illegally) ignored the LAW requiring judicial review for EACH and EVERY instance. NOW, only the executive branch's PROCESSES are to be reviewed, and there's no method to hold the executive branch to actually following those processes, no balance of power, and the FISA court stops being an actual process (though one that nearly always approved the Executive's requests) to being a blind, powerless, masquerade.

This is Watergate, all over again, in every detail except that the people the President surveilled for political gain weren't rich and powerful.

When anyone says "This bill brings US intelligence activities back under US law", they are waving their hands over the fact that THE LAW WAS VIOLATED AND (nearly) NO-ONE INTENDS TO PROSECUTE.

Let me re-iterate:

THE LAW WAS VIOLATED. By the PRESIDENT. Who is NOT ABOVE THE LAW.

There are only a HANDFUL of people who are in a position to do so who intend to impeach and prosecute. Most of them are trying to make theatre that our civilisation can survive letting this slide.

When, in the course of human events, it becomes necessary ...

To the people who are claiming things about the Fourth Amendment of the Constitution: BLUESK1D, #50, I'm looking at you:

What part of

"The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized. "

do you fail to understand?

Nothing in there says "they can search all they want, but not use it in court unless they have a warrant.". We do not allow the fruits of the poisonous tree TO PREVENT searches from being made willy-nilly.

SHALL NOT BE VIOLATED.

All searches require a WARRANT or circumstances that WOULD produce a warrant - probable cause, an Oath or affirmation, and SPECIFIC DESCRIPTIONS. Warrants are ONLY ISSUED BY THE JUDICIARY. NEVER, EVER, EVER, EVER are they issued by the executive branch without the possibility of specific review by the judiciary.

The Executive has operated searches of Americans in their persons or effects without probable cause, without circumstances that would produce a warrant, without specific descriptions, and without an oath or affirmation to the truthfulness of the relation of the probable cause.

This bill makes it possible for the Executive branch to say "We promise to play by the rules, but you can't watch us to make sure we do."

What is this "Small price to pay for freedom" hooey?

LIBERTY IS A NATURAL RIGHT - NOT GRANTED BY EITHER MAN NOR GOVERNMENT. I OWE NO-ONE ANYTHING FOR MY LIBERTY. THAT IS WHAT THE CONSTITUTION OF THE UNITED STATES OF AMERICA SAYS. IT IS WHAT THE BILL OF RIGHTS FORCES THE GOVERNMENT TO RESPECT.

I - Just - Why?

Why do I live in a time when person after person after person fails to understand that IT IS NEVER THE GOVERNMENT'S PLACE TO CLAIM IT IS THE INTERMEDIARY BETWEEN PEOPLE AND THEIR LIBERTY?

"Freedom isn't free"? Horseshit. Government is a tradeoff of liberty for services. Government isn't free, neither as in beer nor as in speech.

Our laws exist to prevent our government from eating our lunch. Why? Why do I have to live with a bunch of high-school dropouts who are so very happy to hand over their lunch to the bully AND WANT TO FORCE EVERYONE ELSE TO? "Careful! The bully protects us from the XYZ gang!"

And the bully wants a SINECURE.

The WHOLE POINT of the FOURTH AMENDMENT is NOT that the government can be somehow trusted to do the right thing with our information, persons, or effects once they've performed the search, and that somehow the Fourth Amendment describes a way for the government to put down the truncheon and back away from the handcuffs and imprisonment.

IT FORBIDS. SEARCHES. AND. SEIZURES. BECAUSE. HUMAN. BEINGS. ARE. ENTITLED. TO. BE. SECURE.

The government is NEVER entitled to perform a search or seizure unless the circumstances VERIFIABLY and TRANSPARENTLY JUSTIFY IT.

This is no different than requiring a backdoor in your computer and claiming that "It's a secure backdoor and we promise to never abuse it."

NO.

NO BACKDOORS.

THE LINE. IT IS HERE. THEY HAVE CROSSED IT.

@ #61

For the people who don't understand the constitution, bardfinn I'm looking at you.

You need to do a little more resarch. You simply listed the provisions of the protection of private citizens against the state. When you were typing that up, didn't you wonder what the "or else" was? If the state does not follow said guidelines what happens? Their evidence will be thrown out. That's it. You, like mostly everyone else, believe the fourth amendment is a statute where someone can be charged with violating it like any other crime. It is NOT a criminal statute. It is simply protection from prosecution. Period.

BLUESK1D: I'm looking at you.

Oh, haha. Claiming I don't understand the Constitution.

I do not believe the Fourth Amendment is a statue. I believe it is a PART OF THE CONSTITUTION.

When police repeatedly and egregiously violate the Fourth Amendment, they are removed from office and prosecuted. Normally judges see mistakes as mistakes and give enforcement officers of the law the benefit of the doubt - because no matter how well-trained police are, they are not lawyers nor judges.

EXCEPT

When the law is plain and obvious and it is clearly apparent that the person wearing the badge knew it and knew they were violating it.

Because not even the police are above the law.

The Executive took an Oath to uphold and defend the Constitution. He broke that Oath. He should be removed from office and prosecuted. We will not charge him with violating the Fourth Amendment - we will charge him with egregiously and knowingly committing Treason by reason of undertaking a conspiracy to knowingly make the Fourth Amendment moot.

The Oath. Breaking it in the pursuit of a criminal conspiracy is treason.

So, Sen. Feinstein's statement says, we have made a long series of stupid mistakes, which have ended up putting us between a rock and a hard place. In the interim we allowed illegal surveillance of American citizens. Now in an effort to mitigate these stupid, shortsighted, incompetent mistakes, and keep things from getting worse, we are forced to pass a marginally better piece of legislation that continues the surveillance and attempts to close the book on the past. Oh, and please vote for my esteemed colleague Sen. Obama who helped us. I have a question; why was Nixon impeached?

P.S. I may have written discreet when I needed discrete, but I ain't that fkin stupid!

Wait, Takuan @30, Zuzu here isn't the same Zuzu that blogs at Shakespeare's Sister? Because that Zuzu is "she." Here I've been totally convinced that they were the same person this whole time. Will have to reorient mental landscape.

BTW - Bardfin, you are the MAN! Thanks for writing what I could not even hope to say, much less write. My hat is off to you.

@YAMARA, Right On.

Without education and respect for how intimidated people are by their set-top-boxes, any project to re-assert the right to privacy around techno issue is doomed either for failure or to stay preached to converted.

The type of education needed requires a teacher's humility and sustained involvement, which is hard to find among over-networked techno activists.

Cory inspired a group of undergrads at USC, which itself was inspiring to see, but these efforts need to sustained by larger communities/networks, not individuals.

has anyone else noticed that bluesk1d has never commented on anything else but this thread and seems as if he is spreading rightest propaganda. He doesn't seem all that "real" or perhaps I'm just paranoid about spying.

I feel the same way. All these wireless routers showing up are just waiting to be linked together building a connect-the-dots encrypted, free, and independent wireless net. There is no reason for the telecoms to even exist.

At any rate:

Backdoors. They make your privacy moot wherever they exist.

Case in Point: Microsoft Windows.

If you wish to ensure your privacy, specifically /do not/ use Microsoft Windows.

The encryption framework - the part of the operating system that handles encryption calls, installs various encryption modules, and so forth - is set up so that anyone who can gain access to one of the keys Microsoft holds to use to sign the framework and the modules - can replace any encryption module and even the framework itself with any code they so desire. This allows them to then hook the encryption module into any and all calls to read to or write from the disk or memory.

Microsoft is beholden to the US government for its' existence - in the same way that Verizon, Sprint, AT&T, and the telecoms now are. One of the keys is even called _NSAKEY.

If you're using a Microsoft Windows product (At least windows 2000, XP, and above) - no other steps that you take, including using GPG or PGP, will secure your effects and information from the United States Government.

That, is for certain.

Thanks to "steamed punk" for linking to the viewpoints of a constitutional law professor and to "druidbros" for linking us to the viewpoints of a constitutional lawyer. And Bardfin for some great arguments. I think they have you beat Bluesk1d, but that's just my opinion.

bardfinn,

Less caps lock, please.

@#65 posted by bardfinn

*sigh*

"Oh, haha. Claiming I don't understand the Constitution.
I do not believe the Fourth Amendment is a statue. I believe it is a PART OF THE CONSTITUTION."

Everything you have said has illustrated that you do not understand.

"When police repeatedly and egregiously violate the Fourth Amendment, they are removed from office and prosecuted. Normally judges see mistakes as mistakes and give enforcement officers of the law the benefit of the doubt - because no matter how well-trained police are, they are not lawyers nor judges."

Here you completely contradict yourself, demonstrating your ignorance on the subject. You previously state you realize the 4th amendment is not a statute yet here you claim some rogue officers have been prosecuted for numerous violations. Ummm if you agree this is not a statute then how exactly were they prosecuted for violating it? You can only be prosecuted for CRIMINAL STATUTES.

I personally don't know or know of any officers who have repeatedly violated people's civil rights either (and I know a lot of them). This would result in case after case being dismissed. What would be the point? This is completely counter productive (as their goal is to remove criminals from the street, not send them to court for 5 minutes to have the case dismissed). I imagine (since I've never heard of any officer that is this much of an epic fail) their employers would not be happy about the total waste of man hours either.

I just hope someone reads my posts and realizes that this is only a personal privacy debate where people can certainly have their own opionion but unless you are CHARGED WITH A CRIME, the Fourth Amendment is COMPLETELY IRRELEVANT.

Not to worry everyone. You won't have to endure me any longer. This will be my last post and visit to this site. You will believe what you want in order to justify your warped, paranoid views about "the man" and no amount of explanation will change that.

@ #72 posted by germpan

Hey and you are definitely entitled to it, my friend. Just try to remember just because arguments sound convincing, doesn't mean they are true or correct =) Cheers.