House Panel Approves Bill Forcing ISPs to Log Users’ Web History

Source: CNet / Raw Story

House panel approves bill forcing ISPs to log users’ web history
Published on July 28th, 2011
Written by: Eric W. Dolan
Prev

The House Judiciary Committee approved legislation on Thursday that would require Internet service providers (ISPs) to collect and retain records about Internet users’ activity.

CNET reported the bill would require ISPs to retain customers’ names, addresses, phone numbers, credit card numbers, bank account numbers, and temporarily-assigned IP addresses for 12 months.

The bill passed by a vote of 19 to 10, and is aimed at helping law enforcement track down pedophiles.

“The bill is mislabeled,” Rep. John Conyers (D-MI), a senior member of the panel told CNET. “This is not protecting children from Internet pornography. It’s creating a database for everybody in this country for a lot of other purposes.”

Read more: http://www.rawstory.com/rs/2011/07/28/house-panel-approves-bill-forcing-isps-to-log-users-web-history

I am inately curious - even about things that may disgust and/or horrify me. No, I am not talking about porn but more sensational stories about bizarre people.

I would hate to think what my browsing history would look like plugged into some random data analyzer.

Note that it is the REPUBLICON house that is pushing this

Freaking Republicons

Major skankery (R) is afoot

depend upon it

http://www.govtrack.us/congress/bill.xpd?bill=h112-1981

"H.R. 1981: Protecting Children From Internet Pornographers Act of 2011"

Cosponsors:
Ken Calvert
Steven Chabot
Howard Coble
Mark Critz
Ted Deutch
Jo Ann Emerson
Bill Flores
Randy Forbes
Trent Franks
Elton Gallegly
Trey Gowdy
Sheila Jackson-Lee
Steven LaTourette
Cynthia Lummis
Daniel Lungren
Thomas Marino
Mike Quigley
Dutch Ruppersberger
Adam Schiff
Heath Shuler
Fortney Stark
Frederick Upton
Debbie Wasserman Schultz

Steven LaTourette
Cynthia Lummis
Daniel Lungren
Thomas Marino
Mike Quigley
Dutch Ruppersberger
Adam Schiff
Heath Shuler
Fortney Stark
Frederick Upton
Debbie Wasserman Schultz
Pedro Pierluisi

"The Protecting Children from Internet Pornographers Act of 2011 (H.R. 1981) was sponsored by House Judiciary Committee Chairman Lamar Smith (R-TX) and Congresswoman Debbie Wasserman Schultz (D-FL)"

Fuck Heath Schuler. He should just switch from DINO to full blown Tea Bagger and be done with it.

in a pretty covering. as if anyone wouldn't see thru that bullshit. :(

Republicons are the bad ones and the ONLY bad ones.

I'm guessing the RIAA/MPAA sunk to a new low using perverts instead...

I'm guessing the RIAA/MPAA sunk to a new low using perverts instead...

The, we are so lying to you, we don't give a damn about pedophilia, we just want your papers Act.

Debbie W-S? I lost respect for her a couple of years ago. She is on my 'disgust' list.

...found a BUNCH of porn links on my computer. Since I am the only one using this computer and I have *never* been to a porn site, what would they charge me with possessing? Fortunately I am a woman so perhaps that would save me?

No. And here is why:

I personally know a minister who was accused by his 15 year old daughter that he had molested her because he laid down the law and would not let her go out on a school night until after midnight. She thought it might be a way to get her way because she learned at school how "telling" worked. She then tried to retract it, but CPS, Title IV paid counselors, social workers and the courts would not listen to her retraction.

She is now in her late 20's and horribly regrets that ~ but this is after her entire family was destroyed, her parents divorced, her father spent time in prison, and his career ruined for life and their family decimated into poverty, her mother forced to raise all the kids alone with no help.

Worse, now the daughter's own children have been taken by CPS for "imminent danger" because she was supposedly a molested child and therefore a "risk" to her kids. Imminent danger means that something MIGHT happen in the future (not that it has ever happened) and it is thanks to laws like this. She is fighting to get them back and CPS admits nothing has ever happened to her kids, but this makes little difference to the courts and CPS.

If they had found the porn links I found on my computer on EITHER ONE OF THESE PEOPLE, it would be further "proof" both father and daughter are sexual predators.

I have to disclose here that I am an advocate for Family Preservation and hear stories like this all the time. I was inspired after being involved with the Wenatchee Witch Hunt in the 1980s. Things are no better today than it was then when they destroyed hundreds of kid's lives, sent dozens of innocents to prison for decades, and then were sued millions for false allegations. the minister I speak about is not one of these, but suffered as bad of consequences, almost 15 years later than this trial.

I cannot tell you enough how destructive these laws can be!

If anyone reading this thinks that this kind of "collateral damage" is necessary to protect REAL victims, think again. The truth is that if a predator is wealthy enough he can pay to defend himself, he will get away with it. Far more accused are innocent than guilty, but the fallout for being accused lasts for YEARS unless you can PAY for justice, and most cannot afford that.

Cat in Seattle

porn as a little income raising side contract. All the Mafia's won in this country. Our 'leaders' and their lobbyists and much of lobbying is 100% political.

Our country is a crime and criminal setting - citizens being sold out by their leaders.

Shit this is not, not, good.

They aren't tracking browsing history, they're tracking who had which DHCP address assigned, and when.

When tech meets sensationalism = bad reporting.

this is what wkipedia says about DHCP security:

Because the client has no way to validate the identity of a DHCP server, unauthorized DHCP servers can be operated on networks, providing incorrect information to DHCP clients. This can serve either as a denial-of-service attack, preventing the client from gaining access to network connectivity, or as a man-in-the-middle attack. Because the DHCP server provides the DHCP client with server IP addresses, such as the IP address of one or more DNS servers,<6> an attacker can convince a DHCP client to do its DNS lookups through its own DNS server, and can therefore provide its own answers to DNS queries from the client. This in turn allows the attacker to redirect network traffic through itself, allowing it to eavesdrop on connections between the client and network servers it contacts, or to simply replace those network servers with its own.
Because the DHCP server has no secure mechanism for authenticating the client, clients can gain unauthorized access to IP addresses by presenting credentials, such as client identifiers, that belong to other DHCP clients. This also allows DHCP clients to exhaust the DHCP server's store of IP addresses—by presenting new credentials each time it asks for an address, the client can consume all the available IP addresses on a particular network link, preventing other DHCP clients from getting service.

Doesn't that mean that the system can be gamed by anyone who actually wants to do something unscrupulous? If it can't be verified then how can any info be trusted? Only the stupid and the innocent will get "caught". Worse, anyone with the know-how can set someone up if they know their ip address. Am I wrong?

Yes, somebody can set you up.

As an analog comparison:
With no more equipment than a pair of wire-cutters and a spare phone, I can go near your house, access your phone lines from *outside* of your house, and use "your" phone to call in death threats and bomb threats...it would show up on your phone bill, and it would use your caller ID..... for that matter, I could even send paper mail from your house, from "your" mailbox.

All systems are game-able. The proposed bill removes one point of *really* easy gaming, which is to use ISP connections that change IP's every time you connect (kind of like if your phone number frequently changed when you used the phone).... but all systems are game-able.

Just find a pedestal and use a butt-set. Then again, there was a lineman caught doing something similar; making nasty calls. Not particularly bright, but some idiot will try it (again). Phone lines are the least secure thing going but most folks never consider the notion.

Most folks don't own a butt-set.

http://tools.ietf.org/html/rfc2131 is a good place to start.

This putative attacker has to be physically between you and the server, at which point if he wanted to set you up he could just pretend to be you instead. Adding a rogue DHCP server to a network:

A) is detectable (the ISP would know immediately)
B) most of the time just shuts the network down rather than allowing the attacker to insert false information
C) Ironically enough would render this legislation moot, since a rogue server would keep you from getting a lease from the real server, so what this attacker would be doing is preventing the ISP from recording the lease you had.

over the year.

1. Connect to your ISP (logged)
2. Connect to another server, we'll call it "mickey" (not logged)
3. Connect using mickey to a third server, call it minnie, and talk between "mickey and minnie" (not logged)

This is about logging last-mile connections.

I don't trust anyone on the internet. You are totally correct, this is not only misleading. It serves a purpose I believe in the manipulation of the public, to seem to excuse a supposed slide to fascism. Some "liberals" must have been beaten as children because as adults they cynically post crap that makes us all believe fascism is our future. I am an optimist and I think socialism is our future.

more data points to attach the web history to the ip-address. If you supposedly want to track a pedophile, then you have to know where he/she is going right?

child porn sites and then track back to the linked in ISPs (with attention being given to those ISPs which linked and stayed - to allow for accidental links)?

They can find child porn sites, and after seizing the equipment, view what addresses have been viewing them, but that only goes to the ISP. The ISP may not have tracked which users had which addresses, which is what the law is about: if a user with the address 192.168.41.23 was visiting the child porn site, it's trivial to find out which ISP that user was using, but it's not always trivial to determine which ISP customer had that specific address at a given point in time.

Since you "do this for a living", I assume you know that it's technically possible to add a snort box (or similar) and sniff all the traffic, then record all websites, emails, etc....

But it fills hard-drives *fast*, if it's done indiscriminately.

but I'm not familiar down to that level. What exactly does this give them the ability to do? Can they tell what IP addresses your IP address has contacted?

They give you an address to use.

The law is designed to record who got which address.

That is not a record of which addresses you have contacted.

Geez, it's like something you'd expect on Fox news. As you said, the bill says they will keep records of the IP address assigned to a customer. There's nothing about web history or credit card information.

Now, the feds *could* use that IP address to subpoena Google for a log of your searches, but that's not a complete log of "internet activity." They could also subpoena the ISP for the credit card you use to pay your bill. But that's a completely separate issue from this bill.

And yeah, I have no doubt the feds have "other ways" to track your internet activity, like the secret rooms in the basements of the telcos. But that's not the issue here.

As you said, the bill says they will keep records of the IP address assigned to a customer

...although "some committee members suggested" suggests our knowledge is limited to hearsay, and you and bopper are correct about RawStory getting the headline wrong since this has absolutely nothing to do with "Forcing ISPs to Log Users' Web History" according to their own summary of the story.

If these reports are true, I wouldn't be surprised if credit card companies opposed the CC provision of the proposed legislation since superfluous card number retention affects their bottom line, and ISPs will oppose it (for all the good that does) since this appears to work at cross purposes with industry best practices with regard to "Payment Card Industry Data Security Standards":






I think I'm with Lofgren on this one:

None of those other things are in the text of the bill currently made available via Thomas. So is it in the act of being rewritten? Where can one go to actually read the text of the "true" bill?

Here's a transcript of the hearing: http://judiciary.house.gov/hearings/pdf/7%2028%2011%20HR%201981%20HR%201433.pdf

And the text of the amendment: http://judiciary.house.gov/hearings/pdf/HR1981%20Managers%20Amendment.pdf

I'm not a lawyer but the key phrase appears to be "that enables the identification of the corresponding customer or subscriber information under subsection (c)(2) of this section":

Tons of stuff especially if it has been in the news...scary stuff indeed!

The electronic equivalent of "May I haff yawr papahs, pleas."

"if needed be"

When we are all so distracted with the debt crapola....they really know how to work the system.

What juicy targets for hackers.

Great idea (NOT!).

Don't let that stop people from freaking out, though.

I'm not in the habit of passing out my banking information to companies other than my bank.

Message removed by moderator. Click here to review the message board rules.

how on earth did you get your internet connection ?

They have my address, my name and my phone number. They send me bills, the quaint paper kind because I prefer them. I pay them in cash when I happen to be near their office, because I find it easy enough to do. I did not have to give them my bank account information, a credit card number, my blood type or tell them what role my mother played her senior class' play to set up an account.

if it's a check they have yr account info and if it's a credit card ...

maybe you have that new rush card

:shrug:

I see.

further most people have it debited.

Either way - everything you look at, search for, or anyone else searches for or looks at, hears, types is going to be logged straight back to you - every single thing. Not just legally, but they are legally obliged to log everything you do.

Awesome. What a day - keep on defending having your every single movement tracked.


I build the software that tracks you by the way - I know exactly what I can know about YOU. And it terrifies me beyond belief how much control they have over your life already - you have no idea.

I can assure you that it would not take me ten minutes to track down almost any of you, catch your packets, retrace access and then start storing my searches via your machine - someone could be building a terrorist attack from your machine while you are browsing democratic underground, and you would absolutely be ghosted before they realised you had squat to do with it.

Can you give us a summary of what you can know?

With warrants, and equipment installed:
1. Every phone call made is logged, and recorded.
2. Every website, email, and IM, and video chat (etc. etc. etc.) is logged, and recorded.
3. Every debit card, credit card, (etc.) transaction is logged, and recorded.
4. Every purchase made at a major retailer with cash, but with an "account" (think of "customer rewards" cards) is logged, and recorded.

Without a warrant, less information is available, but it's still a fairly large amount.

For example: Last I checked, on one web search alone, there are 71,800 pages of documents about me (and the one guy on the whole planet that I share a terribly obscure name with). Adding in emails, it's easily 300,000 pages of documents or more. Since I mostly live in cash, there isn't much of a bank trail, because my "customer rewards" cards point to somebody who doesn't exist.

I'm not terrified by it, however.

Yes, I watch porn, go to strip clubs, buy a lot of beer, have slept with men and women, struggle with drinking too much, and people who don't like me because of it.... can fuck off. I don't care if they think I'm immoral, or sinful, or whatever.

Blackmail only works on people who feel they have to hide something.

Your digital info is online because your bank and credit card company are.

Among many other things, online banking is one more way to take jobs away from human beings.

For the same reason, I will often also wait through 43 menu prompts on an automated phone answering system in ordeer to speak to a human being.

I just keep pressing zero until someone comes on.

a person. especially when you really really want to talk to a person.

in this thread to say that:

I LOVE BIG BROTHER!

I just want to stay out of Room 101 for now.

Be SEEING you!

This,OTOH, is doubleplus good! Really!

What is room 101?

http://en.wikipedia.org/wiki/Room_101

Room 101 is a place introduced in the novel Nineteen Eighty-Four by George Orwell. It is a torture chamber in the Ministry of Love in which the Party attempts to subject a prisoner to his or her own worst nightmare, fear or phobia.

This was actually the first reference to the torture or retraining room, but many references have been made to 1984 in this thread because it is beyond apropos.

http://en.wikipedia.org/wiki/Room_641A

(Yes, it's real, I've seen it when I was in that data center).

You will be exposed like never before.

I'm terrified, I tell you. Terrified. :eyes:

Sensationalist low-information tech reporting is the bane of good policy...

“On coins, on stamps, on the covers of books, on banners, on posters, and on the wrappings of a cigarette Packet -- everywhere. Always the eyes watching you and the voice enveloping you. Asleep or awake, working or eating, indoors or out of doors, in the bath or in bed -- no escape. Nothing was your own except the few cubic centimetres inside your skull. “ – George Orwell “1984”

There are free, easy-to-use tools for hiding network traffic from 3rd parties (and at this point I'm much more worried about the Russian mob than the FBI). People who can't be bothered to protect their own privacy when the means are available garner little sympathy from me.

1) Not everyone knows how to use or where to find such tools.

2) Not all of those tools are legit. It's way too easy to drop some quiet, malign code into such programs.

3) Try spoofing your mac id. Point? It's illegal. How long will it be before it's illegal to use encryption programs?

Your 'I'm covered so screw everyone else' attitude makes it easy for you to ignore the simple fact that this legislation is bullshit. It reeks of the exact same 'I'm doing nothing wrong so I have nothing to fear' attitude people had toward the Patriot Act and Warrantless Wiretapping.

i can't seem to find anything but hearsay on that mac spoof being illegal

to include the july 19 2011
http://bits.blogs.nytimes.com/2011/07/19/reddit-co-founder-charged-with-data-theft/
even the full indictment

refered to from the simplistic
http://en.wikipedia.org/wiki/MAC_spoofing

doesn't have that he's going down for mac spoofing, he's going down for other things

the legislation is bovine fertilizer, that being said, people online and off will try to take your privacy away
it's a historical trend so...

for people in category 1, don't know where:
http://www.gnupg.org
http://www.truecrypt.org
https://www.torproject.org/projects/vidalia
is where
for people in category 1, don't know how: read the manuals and play around or ask online
it's not as hard as a lot of people, companies and agencies would like you to believe it is


for category 2
that goes for any and all programs online
with multipass compression and encryption (morphing) virii and trojans/malware
no program can be considered even he beginning of safe until sig checked, virus scanned and preferably sandbox tested
depends on how paranoid one wants to be...

most good security ware has SIGs
hence download gnupg first
http://gnupg.org/download/integrity_check.en.html
how to integrity check that

only tor/vidalia has anything with this to do, but gnupg allows you to check the sig on tor/vidalia
and i always mention 'the trinity' of crypts never just the one part

as a side issue spoofing mac only affects LAN traffic, doesn't go outside the network seg ((in general)broadcast area)

yes, it can help one get a different ip from the dhcp server, that ip would still be connected to digital subscriber ((cable modem mac usually), which incidentally is hardware hacking to change, and highly illegal) and you'd need a mac address from another subscriber since they are usually white listed, and often the router will block out MAC's not from the immediate area

as for why it won't help much past that, osi model layer 2 vs 3 aka bridges vs routers

As do home routers.... besides which, as you note, MAC is local only.

Happy SA day to you too, a day late! Always good to see more BOFH on DU!

Spoofing it certainly isn't illegal, though it conceivably could make your network stop working if you managed to repeat one already on it.

couldn't see how it could be illegal with as limited an effect as it has and as many legitimate uses
then again i've seen some strange laws

as for managing to make it stop
that's why a list of retired MAC addresses for use, and another list of addresses on the network already are good to have

The odds of a collision are low enough that you generally have better things to worry about; even if you do, there are reserved address ranges you can safely use for virtualization, etc.

NO JOKE

The mere thought is profoundly disturbing.

How very unconstitutional.

- entry into the private area which in this case is not so much your home as it is your 'information zone'.

- and search, because the gathering of this data can only be useful as input to a search process whereby information zone is to be analysed for specific but arbitrary search results.

If you use a 3rd party, you lose an expectation of privacy, unless that 3rd party is providing a reasonable expectation of privacy.

As it pertains to the internet, it's still being hammered out, so I'll explain it in terms of talking on the phone:
If you are in an enclosed phone booth (if you're old enough to remember those), you have an expectation of privacy. Even if they tap the call from *outside* the phone booth, since you have an expectation of privacy (a closed door), a warrant is required.

Now, if you're at a phone *bank*, with wooden partitions separating the phones, the rules change. They can hang a mic above the bank, in a public place, no warrant needed, because part of the conversation is in "public".

Now, where 3rd party comes in is that if the phone bank is in, say, a nightclub, they are allowed to hang a microphone, without a warrant, to listen.... (unless that microphone is hung to listen to an enclosed space). Since you are sharing information with a third party, it is not "private" anymore.

As far as your concept of "information zone", I haven't seen that legally defined. The courts have already held that if you are, for example, mixing public and private (talking loudly on a phone in a park), you have no expectation of privacy.

What's gob-smacking to me is the idea that billions of people started communicating on the internet without realizing that it is *not* private, unless you "close the phone booth door".

To repeat: The two most popular connection methods in the U.S. for consumers, cable broadband and WiFi, are NOT PRIVATE. You have to do things to "close the door".

I like pictures of voluptuous women and middle-age ladies.

There. DARPA can't blackmail me now!

a day. Make their data mining useless.

PS How will this track pedophiles? I thought child porn was illegal. Does the US Post Office plan to produce kiddie porn to set up internet sites to entrap? Is it legal and ethical for our government to exploit children in this way?

It creates a log at an ISP of when you had an address. It doesn't track what sites you visited (headline was not written by a techie, surf away on gay porn if you want).

Here's how it typically works in real life:
1. Cops find porn operator website, or sent an email with a death threat to the POTUS, etc.
2. Cops grab evidence of what *addresses* visited that site, or sent the email.
3. Cops can use that to trace what ISP "owns" that address (this information is already public).
Now, here is the reason for law:
4.a) If an ISP doesn't keep any records of which person's equipment had that address, at which time, cops are at a dead end. There's usually enough information to say "oh, that's from someone living in southern florida, and using XYZ ISP", but it may not provide enough information to say *which* person using that ISP.
4.b) If an ISP *does* keep records of who logged on, when they logged on, and what addresses they have been assigned (and when), the cops can track it back to some specific person's equipment.

Especially the author of the main article.

Still, it's essential we be vigilant so that methodical databasing of all user activity is *not* collected as a means to profile everyone. I have no problem with allowing them to work from a specific site backwards and requiring DHCP assignment *only* being kept for a maximum specified time. But not collecting all browsing history at the ISP. Google and other individual sites are already bad enough.

It also seems that if the bad guys know how to work around this stuff to go undetected, some of us good guys ought to come up with easy-to-use "anonymizers" to keep the playing field level. Because if tracking software, even if just at the ISP, abuses its role, then it should be treated like a virus. The virus may not reside on your local computer, but it does on the server.

Really, some core principles need to be clearly defined and made into policy and law if necessary. Leaving it up to site operators and ISP's leaves too much room for abuse. Allowing hysterical conservatives and fundamentalists to dictate regulations is also unacceptable. It seems the core principles are freedom, privacy, and respect. If any of these are abused, such as by pedophiles and other criminals, there should be some means to find out who they are. No easy answers for determining policy, and certainly nothing a republican could ever be trusted with since they have pissed away all their integrity and trustworthiness. But alas, this is the US where "special" interests dictate policy, not intelligence, thoughtfulness and foresight. Security is good only when it's in good measure - neither lacking, nor excessive.

Emphasis on 'emo'. Big on fits and drama, headlines and hyperbole.

As far as collecting *all* history, that's just a huge waste of CPU. It's been tried. It's pointless, other than in *very* sensitive environments, where it has to be tuned. (Disclaimer: I have tuned systems for such environments, I was paid well, but the stress levels sucked).

'It also seems that if the bad guys know how to work around this stuff to go undetected, some of us good guys ought to come up with easy-to-use "anonymizers" to keep the playing field level.'

Yeah, done, and it's in the field. The thing is, though, is if you let everybody decide if they are a "good guy", the whole thing breaks.

'Really, some core principles need to be clearly defined and made into policy and law if necessary.'

This was done years ago, because we saw the problems years ago. The people who actually *run* the internet (yes, they exist, but they don't have a "boss") have a hardcore code of ethics, and violations are not taken easily. Because there was no "internet jurisdiction", we made our own. Same with internet ethics.

We are SAGE. We are BOFH. We are (in the US) NANOG. We are IANA. We are ARIN. We run as an "anarchist collective meritocracy". Very few people know who we are individually..... and we kind of like that. (TINC)

'Leaving it up to site operators and ISP's leaves too much room for abuse.'

I disagree, as every US legislative action taken seems to be an effort take power away, and give it to others.... to abuse. Most have failed at the Supreme Court.

I think the geek system is better.

The creeping tide of fascism is nothing to ignore.

But no, instead it will remain a whack-a-mole drug-war-like war. I'm confused.

It's about internet chat death threats.
It's about abusive ex-spouses stalking people anonymously with fake email accounts.
It's about con men spamming from throw-away dial-up accounts.

It's about all kinds of crime, and making sure there's always an electronic evidence chain to follow.

meanwhile the same people who want to protect "the children" from internet pornography are the same assholes who get a hard on about gutting medicaid, food stamp programs, and any other social safety network which actually does protect "the children."

the little ones...

It does, however, shield which ISP and IP you have, so there's that.

A) that you dialed in at such and such a time
B) that you then started using tor.

right to privacy.

but your mileage may vary.

Although I don't always connect to them, I often do.

Disposable cell-phone-dial-in works too.

More expensive, but I guess that freedom really isn't free (or allowable) anymore. :-(

That's pretty hard to do.

All of those come to mind.

Fuck the two idiots who came up with this bill.

I'm eager to hear.

(For the peanut gallery, anonops is one of many co-ordination centers for Anonymous).

In addition, some hardware got seized.

Since most web servers log page views by address, any web servers involved will have those records.

So: web logs->IP address->ISP of user->recorded user.

as its pretty basic stuff that the government would need to find out whos who (after a warrant only of course has been served) but the part of keeping track of activity on websites you visit or emails you send or recieve bothers me a great deal, thats just not info that should be logged by an isp imo.

"keeping track of activity on websites you visit" is not in the bill.
"emails you send or recieve" is not in the bill... but what they're talking abut is the equivalent of a phone company keeping track of what phone numbers you called, and what phone numbers called you. It's called a PEN register on phones, and it doesn't require a warrant to request... and phone companies typically mail those out to people anyways (tracking usage/long distance charges).

and they list every call you make for month which if its like that would mean that the isp would have to record every url you visit also at the very least it would mean a list of emails sent and received.

Once there is a legal requirement to store IPs for a year, the ISPs will store IPs forever, in case they ever need to prove that they were in compliance during previous years.

Congress shouldn't pass an IP retention law.

but domestic surveillance gets fast-tracked?

On the other hand, I guess crap like this bill create jobs in Homeland Security and law enforcement. I guess both Parties can agree on the kind of "small" Government we read ahout in 1984, just not the kind that creats jobs or makes sure children and the disabled don't starve or die of exposure.

Ain't bipartisanship grand?

Fourth amendment: "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."

Fifth amendment: "nor shall be compelled in any criminal case to be a witness against himself"

The list of places I visit are my papers. They should need probable cause that I have committed a specific crime and if they get a warrant be able to only look for evidence of that one crime.

Just a picture in charter school iPods, listed under History.

Wait...

Will they be punished by not having up-to-the-minute backups?

...I'd imagine the sysadmins already have plenty of motivation to use redundant databases, or at least log shipping.

I use it, it just doesn't stop someone from seeing what sites you visit.

thinking a complete profiling database is not being made of them isn't paying attention. This is grandiose data mining.

This will be used for everything including nebulous predictive analysis. Analyze what sites you visit and poof, you're a criminal, right or wrong, you just have not done anything wrong yet, but you're guilty, a predictive criminal.

They always use child protection as a cover to rip through civil liberties.

This makes the Internet even more worthless IMO, who wants big brother over their shoulder 7x24.

:argh:

Why the Internet any more than other businesses? Why don't ALL businesses keep permanent records of EVERYTHING you buy, just in case the police need to know who bought that bottle of hot sauce they found at the cannibal killings site? I mean, you can never tell just what might be useful?

Why not a permanent GPS record of where everybody travels, from a chip imbedded in childhood? No one who isn't a criminal has any legitimate reason to not have this information be public, right?

Many do, to the best of their ability (What did you think those "shopper discount" cards were for?). Many are not, however, required to do so by law.

"Why the Internet any more than other businesses?"

Because huge amounts of crime is untraceable on the internet. The ISP's are being asked to keep records for the same reason phone companies do... they're a communications system.

balance anything or do something productive. All they can do is think of new ways to fuck over the working poor. Fuck them and all their privileged elite lifestyle. They will ALL be remembered as the biggest losers in our history when we default.

This is more police state bullshit.

For the parties that hate big government, they can't get enough BIG GOVERNMENT in you life!

Wake up America...

This is no different than it was in the '80s...opening people's mail, etc.

"It’s creating a database for everybody in this country for a lot of other purposes.” No shit. Marketers will use this info. We'll be put on FBI watch lists if we visit too many environmental, union or progressive sites. Enough of this Big Brother BS!!

All this bill does is add IP addresses to the existing list of data the government can request and must be saved. (Ignoring the non-ISP sections.)

...another nail in the coffin from the, "Well.. if you are not doing anything wrong it wont matter" crowd.

Then karma kicked his sorry ass.

I haven't read through the bill though...

Specifically, if you run a free WiFi spot, are you an ISP?

isn't any privacy on the web. This would just make it more un-private.

This law basically just recognizes what's already a nearly universal best practice in Internet service.

If you're on my network, you better believe I'm going to know who you are and keep track of what you're doing. I am responsible for everything that happens on that network. If you start spamming from my network and I don't keep track of that, shut you off, and report it, I'm responsible. I'm not even talking about legally responsible, I mean other sysadmins will start blocking all traffic from my network.

That includes the US Congress.

It probably doesn't help much that we spend most of our time quietly doing our work, without handing ourselves prizes and making our users aware of our activities and ethics.

Also doesn't help for a lot of SA the job is or was a hobby as well as a passion
and a lot of SA seem to take issue with 'unwillingness to inform/educate oneself'

SA NA and similar tend to group because there is a common language with a common culture
so even/especially on free time, a lot of SA tend to stay away from 'users'

Choose to sysadmin
Choose no life. Choose no career.

Choose no family.

Choose a fucking big computer,

Choose disk arrays the size of washing machines, modem racks, CD-ROM writers, and electrical cofee makers.

Choose no sleep, high caffeine and mental insurance.

Choose black jeans and matching combat boots.

Choose chairs for your use in a range of fucking fabrics.

Choose SMTP and wondering why the fuck you are logged on a Sunday morning.

Choose sitting in that swivel chair looking at mind-numbing, spirit-crushing websites, stuffing fucking junk food into your mouth.

Choose rotting away at the end of it all, pishing your last in some miserable newsgroup, nothing more than an embarrassment to the selfish, fucked up lusers Gates spawned to replace the computer literate.

Choose your future.

Choose to sysadmin.

I need to check and see if the EFF is on this. This is a huge loss for Internet freedom. And no, the pedophile excuse doesn't work any better than al Quada does. I know when I'm being lied to.

Electronic Frontier Foundation. On the front lines. Www.eff.org

Message removed by moderator. Click here to review the message board rules.

Message removed by moderator. Click here to review the message board rules.

Message removed by moderator. Click here to review the message board rules.

Message removed by moderator. Click here to review the message board rules.

to all of the veteran's information?

Unrealistic! Scum bag money grubbing storage vendors talked them into it...

this will be bigger than the entire combined Internet content within a few days...thousands of petabytes of storage will be required...

"The Internet is a Series of Tubes!"
that could be clogged with information.

The sort of data stored is actually very simple and doesn't take up much space. Maybe a few billion lines of data would be all that was stored.

What's that? Barely even 100 Gb?

Storing DHCP lease information is trivial.
Storing all websites visited is a magnitude larger.
Storing all URL's visited on those is another magnitude larger.

:sarcasm:

In return, can every Congressman be followed by a camera broadcasting to the Internet 24 hours a day every day of their term? Along with their every correspondence, every word they say and write while they're a public servant be transcribed? Like child pornography, a corrupt Congressman must be prevented and punished at all cost. We need to have evidence that none of them are taking bribes or proposition an intern. Or absolute damning evidence when they do. If we never have that, it will at least be good reality television in between. Think of the shows you can cut together from all that video!

Besides respecting them the way they respect our rights, let's give them all the dignity they give anyone on the public payroll.

This has got to be stopped.

Yes, for sure, the database has been created for a lot of other purposes.

Thank God she was *appointed* (not elected) as DNC head and will decide which Democratic congress people and governors get all that sweet DNC money for their campaigns (i.e. which ones are moderate enough to deserve to win) and what the party's 'platform' will be.

The game seems rigged before, even, the primaries sometimes.
Go figure.


Edit: Party's not 'Parties', der dee doo.
:D

Don't worry, I'm sure he'll share them with the other GOP perverts.

Fuck this!

They won't check out someone's search history only after suspicion of a crime is brought up. Instead, they will simply search everyone's histories a priori and used them for whatever purposes. I disagree with this bill.

Keep it focused, GOP!


:eyes:

As many commenters already noted, this is alarmism. Raw Story is notorious for posting "big brother" crap to grab the gullible's attention. Stop posting from that site. Voted unrecommended.

They're the original source.

And didn't act like ISPs will be recording every single thing we do.

(Note: I trust corporations less than government. ISPs are corporations. I already assume they read anything I send or receive in cleartext. You should too.)

FWIW, I already tried to lobby DU for https. They had other priorities.

Can you imagine? All of anybodies web history for a kiss! Roger must be pissing himself in anticipation. :eyes:

than why did they do nothing about those catholic priests?

and so should (Ayn) Rand Paul. They went apoplectic over a card to get health insurance. Now every web site you visit is going to have a permanent record for the government to comb through. Let's see how our "small government" wing nuts like this

That's not new. Been that way since, well, at least 1995 or so.

The new part is tying your visit to *you*, or at least your internet connection, at a given moment.

Oh, and the repuke is Lamar smith..ring a bell? He is the one holding back the bill by frank and Paul to decriminalize cannabis.

to squelch free speech or the political opposition.......

This would greatly simplify their drive to disenfranchise Dem-leaning individuals.

:eyes:

This is easy to kill. Just tell the NRA members that any time they discuss firearms on line a record will be kept by their ISP and the government, and it will be used to track gun ownership.

Otherwise most will never see it.

This bill is so unnecessary. They can already trace someone now without keeping anymore records. They just have to work a little harder.
This isn't to protect children, it is for the rogh-wing paranoids, so it is easier for them to put people on a list for later midnight knocks and visits.

"They can already trace someone now without keeping anymore records." Is accurate, for an ISP with decent logging, which is a large number of them.

However, a dial-up or similar ISP, who throws away IP->MAC records, or (more to the point) IP->Customer records, cannot be traced.

I am amused by your argument. It's blatantly false, as are most gun arguments, but that never stopped the NRA.

Seriously. I so want out of here.

...they will store it permanently, in order to be prepared to show the government that they were in compliance in previous years.

Wow, just wow. If anyone thinks this is all about pedophiles they need to think again. I would like to think this won't pass in the senate but who knows - but I do know we have to fight this.

This is the worst thing to come down on the American people. This is our last bastion of free speech. It will also drive small ISPs out of business, due to the extended work and costs.

In the best case scenario, the gubmint would simply seize the proxy server's logs and connect the dots. The worst case is that most of these proxy servers are generously provided by malicious entities like identity thieves or Big Brother himself:


Tor offers some advantages over simply trusting a random third party, but it has similar limitations:

But go ahead and keep believing that Dems are different, lol.

These guys can look themselves in the face without the use of a mirror.

Imagine AOL tracking all http requests on their subscribers, the logistics alone would cripple them. That includes Comcast too. And that's not getting into the Tier 1 service providers selling directly to businesses, who consume way more bandwidth than home users.

There's a difference.

Going by the original, but false, headline, it's doable (tracking all browser history), but it would require daily shipments of hard drives to all ISP's.

Never tell a geek something is impossible. It's like trying to win a land-war in Asia.

:evilgrin:

remove the pretext, and go ahead and start installing the telescreens?

heck, if they want to "stop pedos," perhaps they should investigate churches??? Wayyy too many pedophiles in the churches, but nothing will be done about that.

This bill is horrible and will force ISPs to invest a huge amount of money in storage solutions, passing off the costs to consumers, of course. Not to mention the huge breaches of privacy! I called a couple of the congresspeople who introduced this bill and gave them a piece of my mind.

Sad to see so many Democrats join in with Republicans on this kind of stuff, but it doesn't surprise me one bit. Glad I left the party.

everybody must call, email congressmen to kill this bill.

recommended!!

Take for example 9/11. Or this Norway murdering fool who had been followed by police. He was on a list. They knew his threat potential.

My point is, the information does little unless it's acted upon BEFORE some kind of crime has been committed. And that just doesn't happen. Well, it does, but usually in cases that end up being fraudulently pursued. Or at least that has been my experience.

Utter bullshit. But as a sleeping nation of idiots, I doubt very much this will be resisted.

If you gather the data ahead of time, you can trace a crime quicker.

This bill is like using an ocean-wide net to go after a couple of fish. They should increase penalties and make it easier to catch the sickos but without using an enormous dragnet that keeps track of everything and everyone.

Systems can be hacked into. People can steal information from a bank, credit card or retailer---this bill would make it possible to do the same with your internet history.

That's none of their business and won't solve the problem!

How often does viewing a web site kill somebody?

I'm not sure what point you're trying to make here.