Interesting People mailing list archives
Re: Proposed data retention law WAS Republicans propose data retention laws etc
From: David Farber <dave () farber net>
Date: Sat, 21 Feb 2009 16:36:16 -0500
Begin forwarded message: From: Phil Karn Jr KA9Q <karn () philkarn net> Date: February 20, 2009 5:15:42 PM EST To: dave () farber netSubject: Re: [IP] Re: Proposed data retention law WAS Republicans propose data retention laws etc
Reply-To: karn () ka9q net
If you're asking about this and similar DR legislation, the answer is yes. DR was part of what the House Republicans called their "law and order agenda" that was introduced as a bill in February 2007.
This is very, very worrisome. Can anything be done about it?Some people have beaten me to listing some of the things wrong with it. Let's see if I can summarize:
The invasion of privacy is staggering.IPv6 uses stateless autoconfiguration, not DHCP. (Well, it allows DHCP, but nobody uses it). As Steve pointed out, you can even generate the host part of your address randomly. It doesn't have to be your MAC address, which in any case is easily changed.
Users of public access points, in fact EVERY Internet user, would have to provide some sort of personal identification. What would that be, a credit card? Drivers' license number? Social security number? How would the individual operator of a free open access point verify that identification? Would they all have to become credit card merchants? Would you want to give your credit card number, D/L number or SSN to some random person for free WiFi? And what if you don't have a credit card or D/L?
Rampant viruses and worms have already organized millions of computers into botnets. The primary purpose of a botnet is to conceal the identities of those doing especially nefarious deeds such as sending spam or conducting denial of service attacks. Sadly, they continue to be quite effective.
Anonymity networks such as TOR are specifically designed to dissociate IP addresses from user identity for consensually anonymous communications (as opposed to botnets, which are designed for non- consensual, abusive communications). This legislation might effectively outlaw TOR in the United States, but what about TOR nodes overseas? Indeed, what about ISPs overseas, including email providers?
This is another example of technically ignorant politicians proposing what to them sounds like a simple motherhood and apple pie ("protect the children") measure but is actually technically extremely difficult or impossible to implement in any meaningful way. What do we do about it? Is the IAB going to get involved?
Phil ------------------------------------------- Archives: https://www.listbox.com/member/archive/247/=now RSS Feed: https://www.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- Re: Proposed data retention law WAS Republicans propose data retention laws etc David Farber (Feb 20)
- <Possible follow-ups>
- Re: Proposed data retention law WAS Republicans propose data retention laws etc David Farber (Feb 21)
- Re: Proposed data retention law WAS Republicans propose data retention laws etc David Farber (Feb 21)
- Re: Proposed data retention law WAS Republicans propose data retention laws etc David Farber (Feb 23)
- Re: Proposed data retention law WAS Republicans propose data retention laws etc David Farber (Feb 23)