[iwar] Comments on the DoJ Requests

From: Fred Cohen (fc@all.net)
Date: 2001-09-20 20:16:01


Return-Path: <sentto-279987-2121-1001042154-fc=all.net@returns.onelist.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Thu, 20 Sep 2001 20:17:09 -0700 (PDT)
Received: (qmail 10323 invoked by uid 510); 21 Sep 2001 03:16:23 -0000
Received: from n12.groups.yahoo.com (216.115.96.62) by 204.181.12.215 with SMTP; 21 Sep 2001 03:16:23 -0000
X-eGroups-Return: sentto-279987-2121-1001042154-fc=all.net@returns.onelist.com
Received: from [10.1.1.223] by n12.onelist.org with NNFMP; 21 Sep 2001 03:15:59 -0000
X-Sender: fc@big.all.net
X-Apparently-To: iwar@yahoogroups.com
Received: (EGP: mail-7_3_2_2); 21 Sep 2001 03:15:54 -0000
Received: (qmail 20568 invoked from network); 21 Sep 2001 03:15:54 -0000
Received: from unknown (10.1.10.26) by 10.1.1.223 with QMQP; 21 Sep 2001 03:15:54 -0000
Received: from unknown (HELO big.all.net) (65.0.156.78) by mta1 with SMTP; 21 Sep 2001 03:16:01 -0000
Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id UAA05501 for iwar@yahoogroups.com; Thu, 20 Sep 2001 20:16:01 -0700
Message-Id: <200109210316.UAA05501@big.all.net>
To: iwar@yahoogroups.com
In-Reply-To: <200109210305.UAA05324@big.all.net> from "Fred Cohen" at Sep 20, 2001 08:05:17 PM
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen <fc@all.net>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Thu, 20 Sep 2001 20:16:01 -0700 (PDT)
Reply-To: iwar@yahoogroups.com
Subject: [iwar] Comments on the DoJ Requests
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

> Obtain student records from colleges and schools; the government
> said such information "could be important in the criminal investigation of
> the terrorist attack" against New York and Washington.

I think this is outrageous.  What specific records for what specific purpose?

> Give to the Central Intelligence Agency and others information
> uncovered through grand jury subpoenas, such as records of a suspect's
> telephones, computers and financial transactions. They also would allow the
> State Department to disclose visa information to foreign governments.

Grand juries are not supposed to act this way.  They are strictly
confidential.  Also, the CIA is NOT supposed to have information on US
citizens or be able to pursue them.

> Extend secret surveillance of foreign spies and terrorists for up to
> one year with a court's permission. Current limits are up to 90 days.

Who is a 'terrorist' under this definition?  Martin Luther King? Farakahn?
Me?

> Use a powerful 1978 anti-espionage law in investigations that aren't
> primarily focused on spying.

Why?

> More easily obtain a judge's permission to determine who a spy or
> terrorist may be calling or e-mailing.

To generic.  I think this means unlimited phone and Internet taps on a whim.

> Collect DNA samples from people convicted of a wide range of
> terrorist-type crimes.

I think this is probably legal and can be compelled already.

> Use a single search warrant from a federal judge or magistrate to
> obtain copies of e-mail anywhere in the United States. Current law requires
> police to obtain warrants in the jurisdiction where the Internet provider is
> located. The government said time saved by investigators would "further
> public safety" in crimes where speed is important, such as kidnappings or
> threats to public safety or the economy.

Absolutely.  A federal judge should be able to grant search and seizure
across all US jurisdictions.  But Bush was for States Rights before...

> Prosecute terrorists in court no matter how much time has passed
> since an attack.

No statute of limitation on murder or many other crimes already.  What
new non-stature crimes will be created and who are 'terrorists'?

> Eavesdrop on terrorists or criminals who use cable-modem Internet
> connections; the 1984 Cable Act, which limits types of subscriber
> information cable companies can turn over, had raised questions about
> whether that law also applied to Internet traffic over cable lines.

Only with a Title 3 search warrant I think.  This is way to broad if
it is an expansion of current search laws.

> Explicitly use information in U.S. criminal cases from wiretaps
> placed by foreign governments, unless those wiretaps were set up in
> violation of Constitutional protections with the "knowing participation" of
> U.S. prosecutors.

Why not be able to use legally obtained information?

> Obtain payment information, such as credit card numbers, from
> communications companies, such as Internet providers. The government said
> that, "remarkably," current laws allow police with a subpoena to obtain only
> a suspect's name, billing address and details about their service.

All ISP records should be subject to legally authorized subpoena.

> Monitor a company's computer networks, at the company's request, to
> detect hackers. Attackers "can target critical infrastructure and engage in
> cyberterrorism," the Justice Department said.

Already can do this - it's called a permission search - assuming the
company has done its job in policies... 

> Obtain subscriber records disclosed voluntarily by Internet
> providers in "emergencies that threaten death or serious bodily injury."

Sure - why not.  As long as the ISP has to reveal what was released and
the information remains the property of its original owner and the ISP
isn't violating other laws in doing so.

Only my view...

FC
--This communication is confidential to the parties it is intended to serve--
Fred Cohen		Fred Cohen & Associates.........tel/fax:925-454-0171
fc@all.net		The University of New Haven.....http://www.unhca.com/
http://all.net/		Sandia National Laboratories....tel:925-294-2087


------------------------ Yahoo! Groups Sponsor ---------------------~-->
Pinpoint the right security solution for your company- Learn how to add 128- bit encryption and to authenticate your web site with VeriSign's FREE guide!
http://us.click.yahoo.com/JNm9_D/33_CAA/yigFAA/kgFolB/TM
---------------------------------------------------------------------~->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 



This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:46 PDT