CALEA and Me

Image credit: Jay Cuthrell

CALEA and Me ( 2007 )

#include <disclaimer.h>


May 14th is the official deadline for cable modem companies, DSL providers, broadband over powerline, satellite internet companies and some universities to finish wiring up their networks with FBI-friendly surveillance gear, to comply with the FCC’s expanded interpretation of the Communications Assistance for Law Enforcement Act

source: Wired

For the past 6 months I’ve been doing a lot of talking, travel, and geekercise related to this very topic. CALEA has taken me far and wide. One of the many problems I have with it is the ecosystem of fear, uncertainty, and doubt that preys upon my customer base. It is a subject I’ve stood in front of phone companies and stated that as a card carrying Libertarian and tax payer that the whole mess just makes me angrier each time I reflect upon it.

On the one hand, it’s “the law” now so you can’t just ignore it. On the other hand, the majority law enforcement wouldn’t know an IP address from a socket wrench.

There are two kinds of broadband CALEA intercepts and both are real time – as “it” happens: Trap and trace, and full content.

Trap and trace is basically this IP (person/machine) talked to this IP (person/machine). It’s like in the movies where they can see the calls happening in real time. This is real time call records for the Interweb. Example: Joe Target is surfing myspace right now! p0 n03s! Lock him up!

Bar Camp Rdu Calea Lawful Intercept

View more documents from Jay Cuthrell.

Full content is the nightmare scenario everyone chimes in about because it is whatever comes across the wire for this IP (person/machine). It’s like in the movies where they are listening to the calls in real time. Example: Joe Target has a Yahoo! Messenger pounce message set up for a hottie on myspace and Joe is clicking on the hottie profile on myspace right now! p0 n0ez! Lock him up!

The good news, if there is any, is that mediation is the process by which the provider keeps the law enforcement agency (LEA) at arms reach. Basically, mediation is accomplished by letting a box or collection of boxes

a) connect up to the physical network taps and/or manage the industry crafted backdoors in routers
b) specify the warrant/court order in question for a specific duration of time for an IP address or other identifier (MAC, ports, etc.)
c) reformat any/all collected data in a format easily digested by another LEA controlled system somewhere else

So, basically, the LEA asks for X at time T for duration Y and this is essentially sent to the LEA in near real time. The provider does the provisioning for the lawful intercept and the magic mediation platform -send- the LEA what they asked for and only what they asked for in the hopefully narrow definition and scope contained within the authorized court order, again in real time.

That said… some of these boxes fit in a carry on bag. Very powerful, highly portable… it’s a brave new world.

So, given the egregious abuses of National Security Letters and their chilling effects, I have to wonder if any of this infrastructure for broadband CALEA will be used as intended or if the powers requesting information will simply throw down the “exigent” card.

The “exigent” card? That’s like in the movies where the FBI hero gets to surf through mountains of real time data because the ends justify the means. In practical matters, it means that government is directly coupled to broadband plants and gains information by whatever means necessary. See also: get out of my way, I’m trying to save the world[tm]! your kung fu is weak! I will put in my own box and suck from the river of data and find the needle in the haystack!

Most folks have heard of carnivore, echelon, and other wide net applications for collecting data for governments. My issue with the exigent card is that there is a lot of haystack getting caught up in what should be a narrow scope. See also the unilateral wet dream monologue scene from “Enemy of the State”.

On the other hand, I’ve never seen government get anything right. Ever. In other words, if the frikking RIAA with all their high paid consultants can’t get it right when saying someone at an IP address was X — how will the government when they rely on those same consultants and contractors?


So, my only real fear in any of this is that people will resort to encryption and then the legislators will move focus to private industry that force backdoor keys for everything that eventually get compromised and we move back to private enterprise and organized crime having better tools than even a Dudley Dooright trying to make a difference.

All the folks I know at FBI (about a dozen or so) are quite data savvy make me feel better they are on our side… in that they know IP is not the end all be all of reality. Healthy disrespect of computers that do not make mistakes is a hallmark of someone I want thinking about these problems… but CALEA can and does extend as a concept to something a local police office and get involved with… yikes.

And in the end, record keeping and billing systems involve humans. Things can, do, and will continue to go wrong. It’s just I’ve heard of Dudley Dooright breaking down the wrong door far too many times.

It’s just that after reading a blog from a friend of mine that lives (reluctantly) in China now, it’s very apparent that we still have it pretty damn good over here.

In summary: What a load of horse shit.