On Tue, Jun 11, 2002 at 07:31:41PM +0100, Graeme Fowler wrote:
> On Tuesday, June 11, 2002, at 07:04 PM, Matthew Sackman wrote:
> > The RIP bill
> >does not in any way may the internet a government controlled system.
>
> Not in its' entirety, no, but it makes it a lot harder to operate than
> it is now. What it means for us as punters is that pretty much anyone
> has the right (I recommend that you acquaint yourself with the list of
> newly-appointed 'investigatory bodies' which makes a complete mockery of
> the word Regulation. It makes for interesting reading...) to view:
Yes, it certainly is pretty mind boggling.
>
> your email transactions (see below)
> sites you have visitied
> mobile phone *locations* to within 100 metres (whoa, Enemy of the State
> here we come)
Yes, I have read this stuff. (terrible film though IMO ;-)
> >They would probably have to spend the duration of a government in order
> >to construct anything that is going to be able to hold this amount of
> >data.
>
> Matthew, the whole point is that they won't have to - the onus will be
> on the ISP, telco, hosting provider, whatever. Absolutely nothing to do
> with the government. And if, when presented with a RIP S22 request (ha!)
> you have no logs but they have proof that the telecommunication (email,
> web page, phone call) traversed your system then you in trouble.
Sorry, there I didn't mean 'they' as in government, but 'they' as in the
ISP, whatever...
If, say, they wanted to see whether an ISP's logs contained information
about a particular email, who would actually do that checking? Would it
be the admins of the ISP (unlikely I would think), or would it be some
government body? If the latter then surely that's going to take a) some
time to get a body of people together to be able to actually work with
the vast number of systems that are available for the storage of this
kind of stuff and b) would take some time to actually get them out to
the ISP and be presented with the data.
From the claranet quote on the guardian site, it would look like the
admins actually do the searching. Hmm.
Are there any requirements on the way the data is stored? eg is it 'OK'
for an ISP to just create huge vaults of tapes? Surely with this kind of
volume of data, tapes are going to be the cheapest, so unless they have
some very fancy equipment, it would take an age to be able to search
through and find what they're looking for.
> >I realise that the RIP is only on email headers
>
> That's just so wrong. It covers almost every form of "consumer"
> electronic communication, bar Instant Messaging.
Sorry, what I meant was that in terms of emails, only the header is
required to be stored, not the entire email. At least that's what seems
to be being suggested.
Interesting that IM is excluded. It offers a 'nice' way out, especially
considering the flexibility of things like jabber: there's nothing to
stop me putting together a simple perl script, listening on 25 as
if it's an SMTP relay, but instead takes addresses as jabber ids, and
then simply dispatches the email as a simple jabber message. It's fairly
straight forward - probably less than 500 lines, and so you completely
switch from SMTP. With some imaginative programming, you could strip off
any remaining headers, and then who's to say that the 'message' was
originally an email anyway? Or am I being naieve again?
Matthew
--Matthew Sackman Nottingham England
BOFH Excuse Board: the curls in your keyboard cord are losing electricity. -------------------------------------------------------------------- http://www.lug.org.uk http://www.linuxportal.co.uk http://www.linuxjob.co.uk http://www.linuxshop.co.uk --------------------------------------------------------------------
This archive was generated by hypermail 2.1.3 : Tue 11 Jun 2002 - 20:28:57 BST