Schneier on Security

This is nearly an off-topic, but I think we can draw some security-related conclusions from this piece of news:

http://www.washingtonpost.com/wp-dyn/content/article/2007/09/06/AR2007090602545.html

In shorth, Comcast has cut off their Internet service to customers who have been downloading "too much" information. Comcast decision and the way they try to explain it to the journalists are very similar to what politicians and bureaucrats often do when dealing with security issues. One great example:

"Companies have argued that if strict limits were disclosed, customers would use as much capacity as possible without tipping the scale, causing networks to slow to a crawl."

Oh, yes, I love that one. So, in order to prevent people from downloading "too much" data, they simply don't tell people what "too much" is.

Luckily, there are a few sensible people out there:

"Some AT&T customers use disproportionately high amounts of Internet capacity, "but we figure that's why they buy the service," said Michael Coe, a spokesman for the company."

Please remember that those guys at Comcast might one day be in charge of deciding whether to give your Internet usage records to the FBI. What will be their answer?

As far as I can see, the decision doesn't really hobble the present production of NSLs on an industrial scale. It just says that Congress did not have the power to put NSLs beyond judicial review. That's a step in the right direction, but it's a baby step at best.

The post-911 change in the law governing NSLs that turned them from a worry into a major civil rights menace was the streamlining of the authorization process. Prior to the Patriot Act, a senior FBI official -- the Director, or one of the Deputies -- had to sign off on each NSL. A field agent had no authority to write one, and had to go through extremely constricted channels to obtain one. The Patriot Act gave NSL rubber stamps to field agents, who have been busily beavering away ever since, generating NSLs for fun and profit --- about 48,000 per year between 2003 and 2005, which is an average of 5 NSLs/hour (counting evenings and weekends). Presumably there's a Word macro somewhere that streamlines the process to the one-keypress level.

No judge can fix this idiocy. At best the worst abuses can be curbed, or at least those inflicted upon ISPs and telcos that have the spine to appeal, rather than fold. Most will certainly fold. Under the current legal regime, that means that the Feds will be secretly poking through our communications at the unregulated whim of field agents at rates too high to effectively monitor them for legality.

If NSLs are to be tolerable at all in a democracy -- and I would dispute this -- at a minimum, the process for obtaining them has to be restored to the pre-2001 level of constriction. If a judge isn't going to sign off on what is, effectively, a warrant, then we should demand that accountability flow at a minimum to the Director of the FBI. Joe Field Agent should not have this scary level of power.

It seems that there is at least one US judge who has read and understood the constitution.

Patriotism is the last refuge of a scoundrel -- Samuel Johnson

"He said when "the judiciary lowers its guard on the Constitution, it opens the door to far-reaching invasions of liberty." "

So normally judges and justices are busy guarding our liberty, eh? Heh, that's rich. Which dozen or so of hundreds of thousands of example cases from years 1800 through 2006 shall we site as the most egregious affirmations of reductions in liberty?

Quis custodiet ipsos custodes? The answer is You.

@Eternal vigilance:

Pick one.

Judge Marrero held the same ruling for the original USA PATRIOT Act, and was asked to review its constitutionality after the 2005 revisions by the 2nd Circuit Court of Appeals.

"Patriotism is the last refuge of a scoundrel." -- Samuel Johnson

"I beg to submit that it is the first." -- Ambrose Bierce

Thank you Judge Marrero!

I'm glad to see we have at least one judge who is not asleep at the wheel.

I am glad some judge has shown some wisdom. It has been sad to witness the downfall of over 200 years of liberty and civil right within a couple of years.
See ya,
Rs

OT Just wondering, i am not American. So I am a bit confused: is this a satire?
http://www.bloomberg.com/apps/news?pid=newsarchive&sid=a5lhZkEauCu8

@Rob

http://en.wikipedia.org/wiki/Korematsu_v._United_States

@Rs - It sure is

"All Congresses and Parliaments have a kindly feeling for idiots, and a compassion for them, on account of personal experience and heredity."

"It could probably be shown by facts and figures that there is no distinctly native American criminal class except Congress."

- Mark Twain

@Rs: "is this a satire?"

Only the part about clown suits. I have no doubt that the author is very serious about the rest of it.

Deep down, Bush, Cheney, and Rove realize that the judiciary acts as a check on abuses in the other branches. That's why they have systematically packed the federal bench with appointees chosen in accordance with the only criterion they value-- unquestioning loyalty to the Unitary Executive, the Majority Party, and their favored donors.

Judge Marrero obviously was not a Bush appointee. But fear not-- this is only a temporary setback. When the time comes, Cheney will call his duck-hunting buddy Tony and outline an appropriate majority ruling for Chief Justice Roberts to deliver. Then America will be safe again. No liberal judge who hates America will ever surrender this country to terrorists!

Marrero was nominated by Pres. William J. Clinton and confirmed in October 1999.

I like that Mark Twain quote... fitting
01298519 59101924 021981256 23524373

Sadly, it is unlikely to do much good, when the same guys breaking the laws are the guys who are supposed to enforce them. All executive branch.