[Operational] Internet Police
Jack Bates
jbates at brightok.net
Thu Dec 9 18:44:38 UTC 2010
On 12/9/2010 12:31 PM, Michael Smith wrote:
> How is "what to block" identified? ...by content key words? ..traffic
> profiles / signatures? Deny all, unless flow (addresses/protocol/port)
> is pre-approved / registered?
>
CALEA doesn't provide block. It provides full data dumps to the
authorities. It's up to them to analyze, prove illegality, and seek
warrants.
A single CALEA tap on a bot, for example, could provide the government
with a bot controller, or with details of what a specific bot is doing.
A tap on the controller itself could show the large number of bots and
their location, or provide the next step in backtracking the connection
to the person using the controller.
On and On. Is it ideal? No. Is it possible to do within current law,
until it crosses international boundaries, but even then there is some
amount of recourse.
The law is designed to track down and prosecute people, not stop
malicious activity. In order for the law to try and stop malicious
activities (digital or real), it must place constraints on our freedoms.
See TSA/Airport Security.
Jack
More information about the NANOG
mailing list