Delivery-Date: Mon, 26 Jan 2015 01:45:49 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.8 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	RP_MATCHES_RCVD,URIBL_BLOCKED autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 4A36F1E0B1B
	for <archiver@seul.org>; Mon, 26 Jan 2015 01:45:47 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 416F33273D;
	Mon, 26 Jan 2015 06:45:42 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 793A532746
 for <tor-talk@lists.torproject.org>; Mon, 26 Jan 2015 06:45:39 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id 3b_7UJayhye3 for <tor-talk@lists.torproject.org>;
 Mon, 26 Jan 2015 06:45:39 +0000 (UTC)
Received: from mail-la0-f42.google.com (mail-la0-f42.google.com
 [209.85.215.42])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 1C66A325C2
 for <tor-talk@lists.torproject.org>; Mon, 26 Jan 2015 06:45:39 +0000 (UTC)
Received: by mail-la0-f42.google.com with SMTP id ms9so6096179lab.1
 for <tor-talk@lists.torproject.org>; Sun, 25 Jan 2015 22:45:35 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to
 :subject:content-type;
 bh=R+p6LyOgBsiJj62C2H3siebuxho+t31RO/xSd18v3F0=;
 b=dqT0ywc9vLqIeLO6KhTbAPrHzmVhl9C9N7g9RM6CbP1oFKpJJTLqVaukacL3Uk+1hj
 pRpGeib1Yb5+ckFRNc0t8SQ1wcpbsCtCkczby+LPzn5u8v92vYQ1EUvJ2HD/jgDQirqL
 NdZxNicRFP3iaaPxPct+Ue3v5w77//HL5Bg8ddSJ4OKsX/vvABZQi0eur4Ma7bU61ite
 BMNkRtlYcVB0CTs+KeMmxyHtR4RU4BsEb6m5oA/DGMcdpeKz9wQLSPGHCaAiB11em3Va
 x+obYW7fi4aosa9neCWfPh0zQMMugquZCvVcMJPnainO5vbVIknZhYs3L5h3AMQgCpyG
 7gQg==
X-Gm-Message-State: ALoCoQlO/zjvdUL4OpkjjcK1aiFYSfm4jzNudoIXQ13iAH0XyBtXY2kE4djgdyP4Ox2FCV0S2WCk
X-Received: by 10.112.181.106 with SMTP id dv10mr19551383lbc.88.1422254735554; 
 Sun, 25 Jan 2015 22:45:35 -0800 (PST)
Received: from [192.168.100.42] (91-158-110-210.elisa-laajakaista.fi.
 [91.158.110.210])
 by mx.google.com with ESMTPSA id 5sm97691lam.33.2015.01.25.22.45.34
 for <tor-talk@lists.torproject.org>
 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Sun, 25 Jan 2015 22:45:34 -0800 (PST)
Message-ID: <54C5E285.8020406@ahmia.fi>
Date: Mon, 26 Jan 2015 08:45:25 +0200
From: Juha Nurmi <juha.nurmi@ahmia.fi>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
 rv:31.0) Gecko/20100101 Thunderbird/31.4.0
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
Subject: [tor-talk] surveillance discussion in Finland
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============9176984562415543097=="
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============9176984562415543097==
Content-Type: multipart/signed; micalg=pgp-sha1;
 protocol="application/pgp-signature";
 boundary="FfwWoHjUIg2jRiPnA5O7jpwdptt07wAJx"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--FfwWoHjUIg2jRiPnA5O7jpwdptt07wAJx
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Hi,

Here is a very short summary of the surveillance discussion in Finland.

Ministry of Defence of Finland published a report that proposes internet
intelligence activities. The problem is that they also propose (Swedish
FRA style) MITM to cross-border communication.

In short, the report says:

"The existing legislation in Finland does not, however, address
intelligence. The Working Group therefore proposes that the Government
should initiate necessary measures to create a legal basis for
intelligence activities."

"The purpose would be to collect vital information to protect national
security against serious international threats. These could be military
or civilian in nature."

"Military and civilian authorities in charge of national security should
be granted powers to conduct cross-border intelligence to respond to
changes in the security environment."

"It is to be considered whether the Defence Forces and the Finnish
Security Intelligence Service should be given powers to conduct foreign
intelligence to gather information from individuals and on information
systems."

Ministry of Transport and Communications published their counter report
that very strongly points out that MITM attack to cross-border Internet
connections is technically problematic, unethical, ineffective and would
not necessarily yield the desired information.

With Electronic Frontier Finland we published our similar view:

My opinion and Electronic Frontier Finland opinion is that the MITM part
is problematic. The other parts of the report do not create that kind of
privacy or human right issues, are technically doable, not waste tax
money and do not break the Finnish Constitution.

There are a lot of good points in the intelligence report, for instance,
they clearly state that they do not want any encryption keys from the
companies nor want backdoors to any commercial systems. Furthermore,
there would be a strict guidelines and demand for the court warrant and
independent oversee.

MITM attach can be called a mass surveillance even if it tries to target
some traffic. The obvious problems are:

1) This is very ineffective surveillance. Real bad guys can secure and
hide their communication. Even HTTPS encrypted Facebook chat hides their
communication in this case!

2) Of course, the most problematic part is that this kind of
surveillance is unethical and illegal in any EU country. Moreover, it
would require a change to the Finnish Constitution where "The secrecy of
correspondence, telephony and other confidential communications is
inviolable.". Fortunately, it is hard to change the constitution.

3) A report promised to address how to solve a national level security
issues like large DDOS and spyware produced by another state. However,
mass surveillance is not an effective way to solve these problems.

4) Where are the options for this awkward MITM? Is this really a good
way to spend our tax money? Does it help to solve the problems?

5) Is it even technically possible to build this system? The report says
that it is still illegal to read any messages that are not related to
national level threads. How the hell they are going to just read the
communication of the bad guys? Not to mention again that basic HTTPS is
enough to secure communication.

I am optimistic. Don't worry, we will stop this nonsense. When another
ministry, mainstream media and the Constitution are against something it
is likely to fail.

References:

The report, page 5 English summary: Guidelines for developing Finnish
legislation on conducting intelligence -
http://www.defmin.fi/files/3016/Suomalaisen_tiedustelulainsaadannon_suunt=
aviivoja.pdf

Ministry of Transport and Communications demands more public debate on
efficiency and impact of online surveillance -
http://www.lvm.fi/topical/4430582/ministry-of-transport-and-communication=
s-demands-more-public-debate-on-efficiency-and-impact-of-online-surveilla=
nce

Electronic Frontier Finland pointing out the problems (Finnish) -
https://effi.org/blog/2015-01-19-verkkovalvonnasta.html

Greetings,
Juha



--FfwWoHjUIg2jRiPnA5O7jpwdptt07wAJx
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJUxeKMAAoJELGTs54GL8vAPyEH/32kKQoJOAkfJXljJ9AQBpDN
JTNkJ/qwEuBp2vl9D9jz8Di4+sHWqV8v9KylGYGYwhbEQkdUvMEUHAvYD1iL5xqh
2JCanTsOJp9CCCv127Tb/XYtVexzcbnRy8NMaNkAKIOCBPJMuVwrD0EJZI5rGBuj
BGwiUmcXWt5OxcZQgkKbPx8jxpSXR/ChER1p0sNUwC0afQ47IQJtalbkvNamq8Ep
RpS1ivj6n97xBhH2t4V2YVQ+BzxSeCzMrynkwsrGuZMFip4g5vb1tzx5H49M3hxx
f+sTP6Teln1v8jZ8NJrXDeyT2eTaQzUdzE6yinWBak9ntDIMMjYELFwdxrYdQSk=
=CCRG
-----END PGP SIGNATURE-----

--FfwWoHjUIg2jRiPnA5O7jpwdptt07wAJx--

--===============9176984562415543097==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

--===============9176984562415543097==--

