Electronic Surveillance in the Snowden Age
Download
Report
Transcript Electronic Surveillance in the Snowden Age
Prof. Stephen B. Wicker
School of ECE
Cornell University
Congressional committee investigating
real estate fraud seizes three-quarters of
a ton of telegraph messages from the
Atlantic and Pacific Telegraph Company
“Unconstitutional and indecent”!
◦ New York Times, June 24, 1876
◦ Cites potential for blackmail
The practice of wiretapping or listening-in
goes back as far as 1895. Originally it was
done in a loose way on verbal request, and no
record was made of it...
Two years ago I decided that there ought to
be some check to prevent its use becoming
wild … it would do irreparable damage to the
company.
1916 Testimony of John Swayze,
General Counsel of the New York
Telephone Company
The NSA collects “metadata” on calls of every
cellular subscriber in the United States
Edward Snowden: “the public needs to decide
whether these programs and policies are
right or wrong.”
Technical Issues
◦ Centralized vs. End-to-End Architecture
◦ Fateful Design Decisions
Legal Issues
◦ 3rd Party Doctrine
◦ Failure to account for new technology
Solutions
◦ End-to-End Architecture
◦ Unlicensed Spectrum
◦ Open Source Devices
The first
telephones
were very
simple
All of the
brains resided
in the network
Phones can dial
and ring
Services are
controlled by
the network
S
e
Brains at the endpoints
◦ A function or service should be carried out within a
given layer only if it is needed by all clients of that
layer, and it can be completely implemented in that
layer.
8
Telephone 800 numbers
◦ The network converts and connects
◦ The handset never knows the real number
Internet Domain Names
◦ The host uses DNS to resolve domain name
◦ The host gets the real IP address and connects
Barbara van Schewick, Internet Architecture and
Innovation
Centralized architecture
◦ Innovation is more difficult
◦ Can’t access equipment on which to run your
software/interconnect your hardware
Only recourse: Try to sell your idea to a service provider…
End-to-end architecture
◦ Easier to innovate
◦ Deployment, testing done on local machines
10
AT&T attempts to
block telephone
connection to
wireless modem
◦ Acoustic connection
FCC gets its right
(1968)
Opens door to FAX
machines and
modems
An old idea
(~1948), delayed
by the FCC
Innovative use of
spectrum
Add-on to
existing
infrastructure
~ 6 billion cell phones in
use today.
All major forms of
modern electronic
communication on one
platform.
◦ Texting (SMS), Email, WebBrowsing,
iPod/Podcasts/Music,
Games, Location-Based
Services…
Major platform for
speech of all types.
How do we route
incoming calls to
mobile users?
Cellular
registration
messages several
times a minute.
BSS
NMC
BTS
ADC
OMC
BSC
EIR
MSC
AuC
VLR
HLR
MSC
BSC
VLR
What kind of data?
Accounting
Inte rface
Metadata: data about data. Not very clear…
Let’s use content and context instead.
Postal mail analogy:
◦ Suppose you write and mail a letter to your Mother
◦ The information in the letter itself is the content.
◦ The information on the envelope is the context.
Your address
Mom’s address
Postmark
Location
Date
Context data is data about the context in which
communication takes place.
The facts:
◦ Miller was a modern-day bootlegger – didn’t pay his taxes!
◦ Bank records (checks, deposit slips) used to obtain warrant
No reasonable expectation of privacy in records held
by third party
◦ Applied Harlan test from Katz case
◦ Justice Powell: The checks are not confidential
communications, but negotiable instruments to be used in
commercial transactions. All of the documents obtained,
including financial statements and deposit slips, contain
only information voluntarily conveyed to the banks and
exposed to their employees in the ordinary course of
business.
[Emphasis
added]
The facts:
◦ Smith was harassing a woman whose home he had robbed
◦ Police placed a pen register at central office
Record numbers dialed by Smith
No violation of 4th amendment
◦ Justice Blackmun: First, we doubt that people in general
entertain any actual expectation of privacy in the numbers
they dial. All telephone users realize that they must
"convey" phone numbers to the telephone company, since it
is through telephone company switching equipment that
their calls are completed.
There is no expectation of privacy in the
context of a communication
“… knowingly revealing information to a
third party relinquishes Fourth Amendment
protection in that information.”
Orin Kerr, “The Case for the ThirdParty Doctrine,” Michigan Law Review, 2009
The context information used by the
network to facilitate communication is
“knowingly revealed.”
◦ Phone numbers, e-mail addresses, cellular location
data (sort of), …
Title I: Electronic Communications in Transit
◦ Probable cause/Rule 41 Warrant
Title II: Stored Electronic Communication
◦ “Specific and articulable facts" showing that the
information is “relevant and material to an
ongoing investigation”
Title III: Pen Register/Trap and Trace Devices
◦ Certification that the information to be obtained is
“relevant to an ongoing criminal investigation.
Amends ECPA
The FBI may require:
◦ … the production of any tangible things (including
books, records, papers, documents, and other
items) for an investigation to protect against
international terrorism or clandestine intelligence
activities…
On this basis, the NSA collects all cellular
phone records generated in the United
States
◦ The detailed legal justification is a secret
By itself:
◦ Networks of friends, acquaintances, medical,
legal, supposedly anonymous sources…
◦ Location data particularly revealing
In conjunction with other data:
◦ Correlation attack: de-anonymize what would
otherwise be anonymous
Bob calls his wife on his cellphone.
◦ “I’ll be home in an hour”
Content requires a warrant
◦ Bob is calling from his mistress’ house
Context does not require a warrant
Which does Bob find the most revealing?
What’s the downside?
◦ Frequent response: I have nothing to hide…
Others have thought this through a bit more
deeply
English jurist, philosopher
Advocate of utilitarianism
Legal positivist –
considered natural rights
to be “nonsense on stilts”
Proposed the Panopticon as
a means for reforming
penal system.
“A new mode of obtaining power of
mind over mind, in a quantity hitherto
without example.”
Jeremy Bentham,
The Panopticon Writings
A proposed prison in which the cells were
arranged radially about a central tower.
The cells were backlit so that a guard in the
tower could always see the prisoners, but the
prisoners could never see the guards.
“Hence the major effect of the
Panopticon: to induce in the inmate a
state of conscious and permanent
visibility that assures the automatic
functioning of power. ”
Michel Foucault,
Discipline and Punish
Characterized the impact of the Panopticon's
pervasive and undetectable surveillance as
assuring “the automatic functioning of power”
◦ Results in “docile bodies” - ideal for the regimented
classrooms, factories, and military of the modern state
The cellphone is the greatest platform for
personal expression ever devised.
Surveillance channels the use of cellular
technology into the innocuous and mundane.
No public discussion of policy
◦ Secret legal interpretations
Exploitation of technologies developed
by others
◦ Just because they can…
Destroying faith in service providers,
Google, FaceBook, …
Surveillance-free cellular is attractive and
feasible:
◦
◦
◦
◦
Unlicensed Spectrum
End-to-End Architecture
Public Key Crypto
Open-Source Development
Cellular service providers already offload data
and voice through WiFi connections
◦ Unlicensed Mobile Access (UMA)/GAN
◦ Supports handoffs and incoming “calls”!
Can be exploited by unlicensed cellular
devices
Handset controls access, handoffs
◦ Listens to nearby access points and towers,
picks accordingly
◦ Session Initiation Protocol (SIP) signaling used
to request new IP addresses when needed
Handset controls channel selection
◦ Code/Time Slot/Frequency
◦ Contention resolution?
The individual controls his or her
personal information
Interesting problems remain to be solved
◦ End-to-end architecture leaves room for
many, many problem solvers
1983 - Richard Stallman and GNU
◦ General Public License (GPL)
1991 – Linus Torvalds and Linux
There are Linux-based cellular handsets
◦ They use Linux only for running application
software
◦ We need to get deeper (lower layers)
Complete open-source handset
development would prevent inclusion of
hidden software like Carrier IQ
There is a growing market for cellular
privacy
Technical solutions are available
Transparency and discussion can leave a
role for law enforcement…