Re: Wiretap Act Does Not Cover Message 'in Storage' For Short Period (was Re: BNA's Internet Law News (ILN) - 2/27/03)
At 01:39 PM 2/27/2003 -0500, R. A. Hettinga wrote: At 9:01 AM -0500 on 2/27/03, BNA Highlights wrote: WIRETAP ACT DOES NOT COVER MESSAGE 'IN STORAGE' FOR SHORT PERIOD BNA's Electronic Commerce Law Report reports that a federal court in Massachusetts has ruled that the federal Wiretap Act does not prohibit the improper acquisition of electronic communications that were in storage no matter how ephemeral that storage may be. The court relied on Konop v. Hawaiian Airlines Inc., which held that no Wiretap Act violation occurs when an electronic communication is accessed while in storage, even if the interception takes place during a nanosecond 'juncture' of storage along the path of transmission. Case name is U.S. v. Councilman. Article at http://pubs.bna.com/ip/BNA/eip.nsf/is/a0a6m6y1k8 For a free trial to source of this story, visit http://web.bna.com/products/ip/eplr.htm This would seem to imply to me that the wiretap act does not apply to any normal telephone conversation which is carried at any point in its transit by an electronic switch, including all cell phone calls and nearly all wireline calls, since any such switch places the data of the ongoing call in storage for a tiny fraction of a second. - Tim - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Applied Cryptography: question on skid3
I have a question on what seems to be a defect in the Applied Cryptography book, and I couldn't get an answer out of Schneier or the cypherpunks mailing list. Could any of you please clarify my issue? My question is regarding Schneier's write up of SKID3 on page 56. He states that the protocol is not secure against man-in-the-middle attacks because no secrets are involved. I'm finding this hard to accept, because SKID3 uses a MAC, which requires a shared secret key between the two parties. I played out the scenario, and cannot see how a man in the middle could attack w/out knowing the secret key used in the MAC. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: NSA being used to influence UN votes on Iraq
Why is this even newsworthy? It's the NSA's responsibility to provide sigint and comint. Furthermore, if the delegates are not US citizens, and at least one end of the communication is outside the US, they are not even breaking any laws in doing so. If the delegations can't be bothered to protect their own communications, it's their tough luck if they get intercepted. /ji PS: I assume the friendly foreign intelligence agency is GCHQ? - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
[Lucrative-L] extensive cryptanalysis of Lucre
--- begin forwarded text Status: RO From: Patrick [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: [Lucrative-L] extensive cryptanalysis of Lucre Date: Sun, 2 Mar 2003 11:28:13 -0600 Sender: [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] I'm looking for cryptanalysis resources for Lucre. If you know of any publications or unpublished papers, please share. Patrick The Lucrative Project: http://lucrative.thirdhost.com .. To subscribe or unsubscribe from this discussion list, write to [EMAIL PROTECTED] with just the word unsubscribe in the message body (or, of course, subscribe) --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire' - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Wiretap Act Does Not Cover Message 'in Storage' For Short Period
* Tim Dierks [EMAIL PROTECTED] [2003-03-02 12:27]: This would seem to imply to me that the wiretap act does not apply to any normal telephone conversation which is carried at any point in its transit by an electronic switch, including all cell phone calls and nearly all wireline calls, since any such switch places the data of the ongoing call in storage for a tiny fraction of a second. I believe the reason behind the 'in storage' rule is that someone could protect non-transmitted information under the Wiretap Act by transmitting it needlessly. Then they could say that because the information was transmitted, law enforcement now needs the more difficult to obtain wiretap permit just to search the premesis. Example: I heard of a case a while back where an office had fax printouts lying around. Because these fax printouts were not in transmission at the point of interception, there was no need for a wiretap permit. And I think that's reasonable. I'm not sure that your example is correct, because in the cases you mention the wiretap is not actually accessing stored information; it's accessing a transmission (which may be stored elsewhere). However, if the eavesdropper were able to access the data at the point of storage that you describe, then they probably could weasel out of the Wiretap Act. I would not think it's easy to read registers off a microprocessor externally. What annoys me is how the FBI got away with abusing this rule in the Scarfo case. They planted a keyboard logger on Scarfo's keyboard. Then they planted a bug on his serial port. The two bugs compared the keystroke to the data leaving the serial port, and if the keystroke didn't leave the serial port instantaneously, they captured it, and they were able to successfully argue that they didn't intercept a transmission. Obviously email is composed before being sent, so the slimey bastards use this to conduct a disclosure attack on information that would otherwise be protected by the wiretap laws. One might argue that they intercepted a transmission between the keyboard and the computer. Here's how they weasel out of that: Title 3 requires a wiretap warrent to intercept *electronic* transmissions. I believe the FBI uses a keyboard logger that detects the *mechanical* pushing of keys, probably specifically to circumvent the wiretap law. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]