news.com.com— It didn't take long for the idea of forcing Internet providers to retain records of their users' activities to gain traction in the U.S. Congress!
Apr 29, 2006View in Crawl 4
I am still watching, and though i am not entirely sure I believe the entire thing it seems clear that there is more there than meets the eye. Thanks for the link.
the second ammendment is there to allow the citizens the tools needed to overthrow a tyrannical government, if the need arises. i think encryption fits
Dis you know that there are all ready private companies that routinly scan your HD and upload all your files to their servers? If you or your children play online games you may already be compromised! Apparently a company called PunkBuster is scanning and upload files from users computers whenever games that subscribe to their services are played. Check it out, there is another post here on digg all about. This is a blatant betrayal of privacy.
Where have you been? PunkBuster checks the hash of game files to make sure you have not modified them to cheat in online play. I would know if all my files were being uploaded, especially while playing a game. I keep a close eye on my bandwidth (since I paid for it) and would notice latency in game if a significant amount of traffic was headed to punkbuster. What are you smoking? mod down.
>Data retention for 1 year? Wouldn't that take several terabytes of space for an ISP?ya, it is completely not doable. for starters most ISPs don't keep complete logs. you keep enough to jump back to and reference if you think you have a security problem then you turn up the detail for a short time to watch and plug a hole or whatever it takes. to keep detailed logs is simply huge. and there are mail logs and web logs... i've never counted but there are around 20 or more logs that could be kept. the next problem is what happens if i loose the logs. what if i have hardware failure. am i going to be a criminal or put out of business if that happens? pay fines? if there is any penelty then you need a backup. that doubles it. and if you are required to have in absolute terms then that means an off site back up in addition. you also would need to instituted some UNKNOWN FORM OF SECURITY that makes it not possible for a hacker to simply fix or delete the logs.so you have just cost an ISP a huge amount of expense. a fair amount of man power to keep it going and maintain security. all this to get a record that could and will likely have any criminal doings spoofed or deleted. how do i protect MY USERS from being mistaken for the guy spoofing his IP? they have some mistaken notion that logs are some concrete thing that are infallable. they are very far from that. i really can't think of a single instance where the logs actually pointed to a hacker or whatever. the best i've ever done is had it give me clues to then catch someone or more likely just plug a hole.--heres where this will end up. because of the legal question that it raises for the ISP... and the cost of equipment, personel and bandwidth for an offsite backup... THE ONLY PRACTICAL WAY THIS COULD BE IMPLIMENTED IS FOR THE US GOVERNMENT TO PAY FOR A DIRECT TAP INTO YOUR SYSTEMS SO THEY CAN WATCH IN REAL TIME. sounds familiar... huh...
logdenApr 30, 2006
I am still watching, and though i am not entirely sure I believe the entire thing it seems clear that there is more there than meets the eye. Thanks for the link.
Closed AccountApr 30, 2006
the second ammendment is there to allow the citizens the tools needed to overthrow a tyrannical government, if the need arises. i think encryption fits
Closed AccountApr 30, 2006
Dis you know that there are all ready private companies that routinly scan your HD and upload all your files to their servers? If you or your children play online games you may already be compromised! Apparently a company called PunkBuster is scanning and upload files from users computers whenever games that subscribe to their services are played. Check it out, there is another post here on digg all about. This is a blatant betrayal of privacy.
rhawk301Apr 30, 2006
@randal2k I just want to say that this was a good article. thanks.
osbjmgApr 30, 2006
Where have you been? PunkBuster checks the hash of game files to make sure you have not modified them to cheat in online play. I would know if all my files were being uploaded, especially while playing a game. I keep a close eye on my bandwidth (since I paid for it) and would notice latency in game if a significant amount of traffic was headed to punkbuster. What are you smoking? mod down.
starmanjonesApr 30, 2006
>Data retention for 1 year? Wouldn't that take several terabytes of space for an ISP?ya, it is completely not doable. for starters most ISPs don't keep complete logs. you keep enough to jump back to and reference if you think you have a security problem then you turn up the detail for a short time to watch and plug a hole or whatever it takes. to keep detailed logs is simply huge. and there are mail logs and web logs... i've never counted but there are around 20 or more logs that could be kept. the next problem is what happens if i loose the logs. what if i have hardware failure. am i going to be a criminal or put out of business if that happens? pay fines? if there is any penelty then you need a backup. that doubles it. and if you are required to have in absolute terms then that means an off site back up in addition. you also would need to instituted some UNKNOWN FORM OF SECURITY that makes it not possible for a hacker to simply fix or delete the logs.so you have just cost an ISP a huge amount of expense. a fair amount of man power to keep it going and maintain security. all this to get a record that could and will likely have any criminal doings spoofed or deleted. how do i protect MY USERS from being mistaken for the guy spoofing his IP? they have some mistaken notion that logs are some concrete thing that are infallable. they are very far from that. i really can't think of a single instance where the logs actually pointed to a hacker or whatever. the best i've ever done is had it give me clues to then catch someone or more likely just plug a hole.--heres where this will end up. because of the legal question that it raises for the ISP... and the cost of equipment, personel and bandwidth for an offsite backup... THE ONLY PRACTICAL WAY THIS COULD BE IMPLIMENTED IS FOR THE US GOVERNMENT TO PAY FOR A DIRECT TAP INTO YOUR SYSTEMS SO THEY CAN WATCH IN REAL TIME. sounds familiar... huh...