"Geoffrey S. Mendelson" <[EMAIL PROTECTED]> writes: > It's not just data mining email, one of the people on this list, and > I won't name them if they wish to remain out of the discussion, > around 4 years ago worked for a startup that almost produced a > product that data mined real time communicaitons.
I was going to stay out of the discussion, but I think you mean me, Geoff, right? If so, we were not such bad guys - we didn't mine the contents, nor were we actually interested in the values of any packet header fields. The purpose of the product was to distinguish between different types of traffic (e.g., between D?DoS and legitimate traffic) in real time, and differentiation was all that mattered. > The company failed before releasing their product beacuse the > vulture capital fund beind them failed "when the bubble burst", We got out starting capital after the bubble had burst and their bankruptcy was, as far as I can tell, due to other reasons. > but by now either the prinicpals behind the company or someone else > has probably produced a similar product. Certainly not us - the "principals". We are all into other things now... Over the last 5 years we got quite a few calls (including from the now recovered VC) saying "there is real need for the technology, where are you"? - "Elsewhere." Now, since Geoff invited me to the discussion on the topic in question... We all routinely use encryption in many situations: cell phones, ssh to remote hosts, secure web connections from Amazon to banks, you name it. So far I have had no run-ins with government agencies because of that. If I understand the article linked to by the OP, the proposed law does not authorize continuous data mining of everybody's communications. From the article, it looks to me that if the law is passed it will be much easier for the police to find out who the wiretapped suspect was talking to or sent an email (possibly encrypted) to at a specific time. For that, they want a "reverse map" of phone numbers (IP addresses, etc.) to names/IDs/addresses that can be easily queried without a court order. This is, in principle, worrying. I assume that today if the police wiretap someone's internet connection then to see who got the email sent at 20:47 on 2007/08/20 they will have to go to an ISP who, I hope, will want to see a court order. If anyone of us calls an ISP and complains about break-in attempts, spam, or whatever from am IP address the ISP may take action against the owner, but they won't tell you who it is. With this new law, at least the police won't have to ask ISP for the info. I don't like it, personally. Besides potential abuse by government agencies random people can draw attention if anyone, including criminals, decide to subvert the system. E.g., if you suspect that your email may be intercepted, encrypt every email and send it to N different IP addresses. It will only be decrypted by the intended recipient who has the key, but if the police decide to check who it was sent to they will be either swamped or start investigating innocents, depending on N. Or send the email to a permissive mailing list or newsgroup that won't ban you as quickly as linux-il moderators. Or get really inventive in some other way. Come to think of it, I don't know if our AI technology Geoff alluded to would be of any help to the police differentiating real recipients from bogus ones... Unfortunately, I suspect that our lawmakers don't get sufficient information or feedback from people who both understand the technical side of things and are sufficiently concerned about privacy. A couple of months ago I was invited to a session of the Science Committee of the Knesset. The topic was totally different, but there was only one person, representing an NGO, who asked the (sole) MK for guidance on related privacy issues. The overwhelming majority of the participants were shamelessly touting their products many of which subverted privacy in various ways. If this law has been discussed at a Knesset Committee I expect that the discussion was totally dominated by sales reps offering to build the DB in the "best" possible way. Oh, maybe I should go to the Knesset and offer our AI technology to support the proposed legislation?... -- Oleg Goldshmidt | [EMAIL PROTECTED] | http://www.goldshmidt.org ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
