Category Archives: Content

NSA PRISM, Writs of Assistance, Rattlesnakes, and the Fourth Amendment

British Crown dragnets of information against smuggling led to the U.S. Fourth Amendment, and U.S. defense against those dragnets was the origin of the Gadsden rattlesnake flag. Those colonial Writs of Assistance were much like that FISA court order for Verizon call logs and the NSA PRISM wide-range domestic communications dragnet, while Senators Feinstein and Chambliss act like the colonial royal governors who issued those Writs.

The Fourth Amendment to the U.S. Constitution:

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

Senators Feinstein and Chambliss admit there is no probable cause, and no particular description of the place to be searched or the persons or things to be seized.

The Fourth Amendment was proposed because of things very like that FISA court order to Verizon back in colonial times, namely writs of assistance to stop smuggling:

In 1760, governor [Francis] Bernard of Massachusetts authorized the use by revenue officers of writs of assistance. Writs of assistance were Continue reading

Senators Feinstein and Chambliss shuffle their feet about FISA

Senators Dianne Feinstein (D-CA) and Saxby Chambliss (R-GA) lamely tried to defend the Verizon call log wiretapping, which they full well know is actually part of a dragnet of all U.S. communications. Ed O’Keefe wrote for the Washingtohn Post yesterday, Transcript: Dianne Feinstein, Saxby Chambliss explain, defend NSA phone records program,

Dianne Feinstein:

As far as I know, this is the exact three month renewal of what has been the case for the past seven years. This renewal is carried out by the FISA Court under the business records section of the Patriot Act. Therefore, it is lawful.

It has been briefed to Congress and the letters that we have distributed — and you’ll note on the dates, this is prior to the Patriot Act amendments coming before the body, each of those. As you know, this is just Continue reading

NSA domestic spying: we stopped it in 1977 and we can stop it again

After seven years or more, it’s good people are finally noticing the NSA spying program: now maybe enough people will do something about it like we did in 1977.

Don’t believe it’s just limited to who calls who: since at least 2005, AT&T (and most likely all the other telcos) has been sending all telecommunications to NSA. This stuff started after 9/11 and was legalized by the FISA Amendments Act of 2008. Before 9/11 NSA respected a rigorous wall between it and domestic spying. Time to put that wall back up. Bruce Schneier wrote 29 December 2005, Project Shamrock,

Decades before 9/11, and the subsequent Bush order that directed the NSA to eavesdrop on every phone call, e-mail message, and who-knows-what-else going into or out of the United States, U.S. citizens included, they did the same thing with telegrams. It was called Project Shamrock, and anyone who thinks this is new legal and technological terrain should read up on that program.

Project SHAMROCK…was an espionage exercise that involved the accumulation of all telegraphic data entering into or exiting from the United States. The Armed Forces Security Agency (AFSA) and its successor NSA were given direct access to daily microfilm copies of all incoming, outgoing, and transiting telegraphs via the Western Union and its associates RCA and ITT. Operation Shamrock lasted well into the 1960s when computerized operations (HARVEST) made it possible to search for keywords rather than read through all communications.

Project SHAMROCK became so successful that in 1966 Continue reading

Against SOPA and PIPA, for an open Internet

If you haven’t heard of SOPA and PIPA, you will today, as reddit, Wikipedia, Google, Craigslist, Free Software Foundation, and many other websites protest those Internet censorship bills today. The so-called Stop Online Piracy Act (SOPA) is a House bill (H.R.3261) and the so-called PROTECT IP Act (PIPA) is a Senate bill (S.968) (most recently renamed Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act of 2011). Both have nothing to do with promoting creativity and everything to do with giving a few large copyright holders priority over the Internet, requiring censorship of links to entire domains. Have you heard of the Great Firewall of China? That’s where the Chinese government censors entire domains such as facebook, youtube, and twitter because they contain some content that the Chinese government doesn’t want distributed. SOPA and PIPA would do the same thing, except putting Hollywood in charge of what would be censored. In a perfect example of the DC lobbying revolving door, former Senator Chris Dodd, now Chairman of the Motion Picture Association of America, called the anti-SOPA blackout an “abuse of power”. Funny how it’s only an abuse of power when we fight back.

If you don’t believe me, listen to Mythbuster Adam Savage.

Here’s a technical explanation. And here’s a letter of objection many of the engineers who built the Internet.

Here’s where the anti-SOPA blackout started: Continue reading

SOPA Could Destroy the Internet as We Know It —Adam Savage

Congress reconvenes in January and will take up the Internet censorship bills SOPA and PIPA again. The House only deferred SOPA because of widespread public outcry. Proponents of SOPA, funded by big corporate money, are probably just hoping opponents will be distracted by the holidays. Adam Savage reminds us why we need to be vigilant and keep flooding Congress with calls to vote down those bills or anything like them.

MythBuster Adam Savage wrote for Popular Mechanics 20 December 2011, SOPA Could Destroy the Internet as We Know It

Right now Congress is considering two bills—the Protect IP Act, and the Stop Online Piracy Act (SOPA)—that would be laughable if they weren’t in fact real. Honestly, if a friend wrote these into a piece of fiction about government oversight gone amok, I’d have to tell them that they were too one-dimensional, too obviously anticonstitutional.

Make no mistake: These bills aren’t simply unconstitutional, they are anticonstitutional. They would allow for the wholesale elimination of entire websites, domain names, and chunks of the DNS (the underlying structure of the whole Internet), based on nothing more than the “good faith” assertion by a single party that the website is infringing on a copyright of the complainant. The accused doesn’t even have to be aware that the complaint has been made.

I’m not kidding.

He goes on to correctly compare SOPA and PIPA unfavorably to the already bad Digital Millennium Copyright Act (DMCA) of 1998. You remember, the DMCA that big copyright holders used to sue pre-teen video and audio “pirates” and to take down websites on suspicion. Savage cites a case where somebody with no copyright still got YouTube vidoes taken down under DMCA. Yes, SOPA and PIPA are even worse.

If you like YouTube, twitter, facebook, blogs, etc., it’s time to speak up. Call your Senators and House members. Send them email. Write them paper letters. Petition them. Show up at their offices. Petition the White House to veto it if Congress passes it, and any other bills like it. Right now we still have the Internet to organize these things.


Stop Internet censorship —Internet Engineers

Parker Higgins and Peter Eckersley wrote for EFF 15 December 2011, An Open Letter From Internet Engineers to the U.S. Congress
Today, a group of 83 prominent Internet inventors and engineers sent an open letter to members of the United States Congress, stating their opposition to the SOPA and PIPA Internet blacklist bills that are under consideration in the House and Senate respectively.
The signatories are people such as Vint Cerf you may have heard of even if you know nothing about the technical details of Internet, and many other people who helped produce the network you are using now. I know many of them, and they are right. If you want a free and open Internet, call or write your Senators and Congress members today, and tell them to vote against PIPA and SOPA.

The full text of the letter is appended below.


We, the undersigned, have played various parts in building a network called the Internet. We wrote and debugged the software; we defined the standards and protocols that talk over that network. Many of us invented parts of it. We’re just a little proud of the social and economic benefits that our project, the Internet, has brought with it.

Last year, many of us wrote to you and your colleagues to warn about the proposed “COICA” copyright and censorship legislation. Today, we are writing again to reiterate our concerns about the SOPA and PIPA derivatives of last year’s bill, that are under consideration in the House and Senate. In many respects, these proposals are worse than the one we were alarmed to read last year.

If enacted, either of these bills will create an environment of tremendous fear and uncertainty for technological innovation, and seriously harm the credibility of the United States in its role as a steward of key Internet infrastructure. Regardless of recent amendments to SOPA, both bills will risk fragmenting the Internet’s global domain name system (DNS) and have other capricious technical consequences. In exchange for this, such legislation would engender censorship that will simultaneously be circumvented by deliberate infringers while hampering innocent parties’ right and ability to communicate and express themselves online.

All censorship schemes impact speech beyond the category they were intended to restrict, but these bills are particularly egregious in that regard because they cause entire domains to vanish from the Web, not just infringing pages or files. Worse, an incredible range of useful, law-abiding sites can be blacklisted under these proposals. In fact, it seems that this has already begun to happen under the nascent DHS/ICE seizures program.

Censorship of Internet infrastructure will inevitably cause network errors and security problems. This is true in China, Iran and other countries that censor the network today; it will be just as true of American censorship. It is also true regardless of whether censorship is implemented via the DNS, proxies, firewalls, or any other method. Types of network errors and insecurity that we wrestle with today will become more widespread, and will affect sites other than those blacklisted by the American government.

The current bills — SOPA explicitly and PIPA implicitly — also threaten engineers who build Internet systems or offer services that are not readily and automatically compliant with censorship actions by the U.S. government. When we designed the Internet the first time, our priorities were reliability, robustness and minimizing central points of failure or control. We are alarmed that Congress is so close to mandating censorship-compliance as a design requirement for new Internet innovations. This can only damage the security of the network, and give authoritarian governments more power over what their citizens can read and publish.

The US government has regularly claimed that it supports a free and open Internet, both domestically and abroad. We cannot have a free and open Internet unless its naming and routing systems sit above the political concerns and objectives of any one government or industry. To date, the leading role the US has played in this infrastructure has been fairly uncontroversial because America is seen as a trustworthy arbiter and a neutral bastion of free expression. If the US begins to use its central position in the network for censorship that advances its political and economic agenda, the consequences will be far-reaching and destructive.

Senators, Congressmen, we believe the Internet is too important and too valuable to be endangered in this way, and implore you to put these bills aside.


  • Vint Cerf, co-designer of TCP/IP, one of the “fathers of the Internet”, signing as private citizen
  • Paul Vixie, author of BIND, the most widely-used DNS server software, and President of the Internet Systems Consortium
  • Tony Li, co-author of BGP (the protocol used to arrange Internet routing); chair of the IRTF’s Routing Research Group; a Cisco Fellow; and architect for many of the systems that have actually been used to build the Internet
  • Steven Bellovin, invented the DNS cache contamination attack; co-authored the first book on Internet security; recipient of the 2007 NIST/NSA National Computer Systems Security Award and member of the DHS Science and Technology Advisory Committee
  • Jim Gettys, editor of the HTTP/1.1 protocol standards, which we use to do everything on the Web
  • Dave Kristol, co-author, RFCs 2109, 2965 (Web cookies); contributor, RFC 2616 (HTTP/1.1)
  • Steve Deering, Ph.D., invented the IP multicast feature of the Internet; lead designer of IPv6 (version 6 of the Internet Protocol)
  • David Ulevitch, David Ulevitch, CEO of OpenDNS, which offers alternative DNS services for enhanced security.
  • Elizabeth Feinler, director of the Network Information Center (NIC) at SRI International, administered the Internet Name Space from 1970 until 1989 and developed the naming conventions for the internet top level domains (TLDs) of .mil, .gov, .com, .org, etc. under contracts to DoD
  • Robert W. Taylor, founded and funded the beginning of the ARPAnet; founded and managed the Xerox PARC Computer Science Lab which designed and built the first networked personal computer (Alto), the Ethernet, the first internet protocol and internet, and desktop publishing
  • Fred Baker, former IETF chair, has written about 50 RFCs and contributed to about 150 more, regarding widely used Internet technology
  • Dan Kaminsky, Chief Scientist, DKH
  • Esther Dyson, EDventure; founding chairman, ICANN; former chairman, EFF; active investor in many start-ups that support commerce, news and advertising on the Internet; director, Sunlight Foundation
  • Walt Daniels, IBM’s contributor to MIME, the mechanism used to add attachments to emails
  • Nathaniel Borenstein, Chief Scientist, Mimecast; one of the two authors of the MIME protocol, and has worked on many other software systems and protocols, mostly related to e-mail and payments
  • Simon Higgs, designed the role of the stealth DNS server that protects; worked on all versions of Draft Postel for creating new TLDs and addressed trademark issues with a complimentary Internet Draft; ran the shared-TLD mailing list back in 1995 which defined the domain name registry/registrar relationship; was a root server operator for the Open Root Server Consortium; founded in 1994
  • John Bartas, was the technical lead on the first commercial IP/TCP software for IBM PCs in 1985-1987 at The Wollongong Group. As part of that work, developed the first tunneling RFC, rfc-1088
  • Nathan Eisenberg, Atlas Networks Senior System Administrator; manager of 25K sq. ft. of data centers which provide services to Starbucks, Oracle, and local state
  • Dave Crocker, author of Internet standards including email, DKIM anti-abuse, electronic data interchange and facsimile, developer of CSNet and MCI national email services, former IETF Area Director for network management, DNS and standards, recipient of IEEE Internet Award for contributions to email, and serial entrepreneur
  • Craig Partridge, architect of how email is routed through the Internet; designed the world’s fastest router in the mid 1990s
  • Doug Moeller, Chief Technology Officer at Autonet Mobile
  • John Todd, Lead Designer/Maintainer – Freenum Project (DNS-based, free telephony/chat pointer system),
  • Alia Atlas, designed software in a core router (Avici) and has various RFCs around resiliency, MPLS, and ICMP
  • Kelly Kane, shared web hosting network operator
  • Robert Rodgers, distinguished engineer, Juniper Networks
  • Anthony Lauck, helped design and standardize routing protocols and local area network protocols and served on the Internet Architecture Board
  • Ramaswamy Aditya, built various networks and web/mail content and application hosting providers including AS10368 (DNAI) which is now part of AS6079 (RCN); did network engineering and peering for that provider; did network engineering for AS25 (UC Berkeley); currently does network engineering for AS177-179 and others (UMich)
  • Blake Pfankuch, Connecting Point of Greeley, Network Engineer
  • Jon Loeliger, has implemented OSPF, one of the main routing protocols used to determine IP packet delivery; at other companies, has helped design and build the actual computers used to implement core routers or storage delivery systems; at another company, installed network services (T-1 lines and ISP service) into Hotels and Airports across the country
  • Jim Deleskie, internetMCI Sr. Network Engineer, Teleglobe Principal Network Architect
  • David Barrett, Founder and CEO, Expensify
  • Mikki Barry, VP Engineering of InterCon Systems Corp., creators of the first commercial applications software for the Macintosh platform and the first commercial Internet Service Provider in Japan
  • Peter Rubenstein,helped to design and build the AOL backbone network, ATDN.
  • David Farber, distinguished Professor CMU; Principal in development of CSNET, NSFNET, NREN, GIGABIT TESTBED, and the first operational distributed computer system; EFF board member
  • Bradford Chatterjee, Network Engineer, helped design and operate the backbone network for a nationwide ISP serving about 450,000 users
  • Gary E. Miller Network Engineer specializing in eCommerce
  • Jon Callas, worked on a number of Internet security standards including OpenPGP, ZRTP, DKIM, Signed Syslog, SPKI, and others; also participated in other standards for applications and network routing
  • John Kemp, Principal Software Architect, Nokia; helped build the distributed authorization protocol OAuth and its predecessors; former member of the W3C Technical Architecture Group
  • Christian Huitema, worked on building the Internet in France and Europe in the 80’s, and authored many Internet standards related to IPv6, RTP, and SIP; a former member of the Internet Architecture Board
  • Steve Goldstein, Program Officer for International Networking Coordination at the National Science Foundation 1989-2003, initiated several projects that spread Internet and advanced Internet capabilities globally
  • David Newman, 20 years’ experience in performance testing of Internet
    infrastructure; author of three RFCs on measurement techniques (two on firewall performance, one on test traffic contents)
  • Justin Krejci, helped build and run the two biggest and most successful municipal wifi networks located in Minneapolis, MN and Riverside, CA; building and running a new FTTH network in Minneapolis
  • Christopher Liljenstolpe, was the chief architect for AS3561 (at the time about 30% of the Internet backbone by traffic), and AS1221 (Australia’s main Internet infrastructure)
  • Joe Hamelin, co-founder of Seattle Internet Exchange ( in 1997, and former peering engineer for Amazon in 2001
  • John Adams, operations engineer at Twitter, signing as a private citizen
  • David M. Miller, CTO / Exec VP for DNS Made Easy (IP Anycast Managed Enterprise DNS provider)
  • Seth Breidbart, helped build the Pluribus IMP/TIP for the ARPANET
  • Timothy McGinnis, co-chair of the African Network Information Center Policy Development Working Group, and active in various IETF Working Groups
  • Richard Kulawiec, 30 years designing/operating academic/commercial/ISP systems and networks
  • Larry Stewart, built the Etherphone at Xerox, the first telephone system working over a local area network; designed early e-commerce systems for the Internet at Open Market
  • John Pettitt, Internet commerce pioneer, online since 1983, CEO Free Range Content Inc.; founder/CTO CyberSource &; created online fraud protection software that processes over 2 billion transaction a year
  • Brandon Ross, Chief Network Architect and CEO of Network Utility Force LLC
  • Chris Boyd, runs a green hosting company and supports EFF-Austin as a board member
  • Dr. Richard Clayton, designer of Turnpike, widely used Windows-based Internet access suite; prominent Computer Security researcher at Cambridge University
  • Robert Bonomi, designed, built, and implemented, the Internet presence for a number of large corporations
  • Owen DeLong, member of the ARIN Advisory Council who has spent more than a decade developing better IP addressing policies for the internet in North America and around the world
  • Baudouin Schombe, blog design and content trainer
  • Lyndon Nerenberg, Creator of IMAP Binary extension (RFC 3516)
  • John Gilmore, co-designed BOOTP (RFC 951), which became DHCP, the way you get an IP address when you plug into an Ethernet or get on a WiFi access point; current EFF board member
  • John Bond, Systems Engineer at RIPE NCC maintaining AS25152 ( and AS197000 ( ,; signing as a private citizen
  • Stephen Farrell, co-author on about 15 RFCs
  • Samuel Moats, senior systems engineer for the Department of Defense; helps build and defend the networks that deliver data to Defense Department users
  • John Vittal, created the first full email client and the email standards still in use today
  • Ryan Rawdon, built out and maintains the network infrastructure for a rapidly growing company in our country’s bustling advertising industry; was on the technical operations team for one of our country’s largest residential ISPs
  • Brian Haberman, has been involved in the design of IPv6, IGMP/MLD, and NTP within the IETF for nearly 15 years
  • Eric Tykwinski, Network Engineer working for a small ISP based in the Philadelphia region; currently maintains the network as well as the DNS and server infrastructure
  • Noel Chiappa, has been working on the lowest level stuff (the IP protocol level) since 1977; name on the ‘Birth of the Internet’ plaque at Stanford); actively helping to develop new ‘plumbing’ at that level
  • Robert M. Hinden, worked on the gateways in the early Internet, author of many of the core IPv6 specifications, active in the IETF since the first IETF meeting, author of 37 RFCs, and current Internet Society Board of Trustee member
  • Alexander McKenzie, former member of the Network Working Group and participated in the design of the first ARPAnet Host protocols; was the manager of the ARPAnet Network Operation Center that kept the network running in the early 1970s; was a charter member of the International Network Working Group that developed the ideas used in TCP and IP
  • Keith Moore, was on the Internet Engineering Steering Group from 1996-2000, as one of two Area Directors for applications; wrote or co-wrote technical specification RFCs associated with email, WWW, and IPv6 transition
  • Guy Almes, led the connection of universities in Texas to the NSFnet during the late 1980s; served as Chief Engineer of Internet2 in the late 1990s
  • David Mercer, formerly of The River Internet, provided service to more of Arizona than any local or national ISP
  • Paul Timmins, designed and runs the multi-state network of a medium sized telephone and internet company in the Midwest
  • Stephen L. Casner, led the working group that designed the Real-time Transport Protocol that carries the voice signals in VoIP systems
  • Tim Rutherford, DNS and network administrator at C4
  • Mike Alexander, helped implement (on the Michigan Terminal System at the University of Michigan) one of the first EMail systems to be connected to the Internet (and to its predecessors such as Bitnet, Mailnet, and UUCP); helped with the basic work to connect MTS to the Internet; implemented various IP related drivers on early Macintosh systems: one allowed TCP/IP connections over ISDN lines and another made a TCP connection look like a serial port
  • John Klensin, Ph.D., early and ongoing role in the design of Internet applications and coordination and administrative policies
  • L. Jean Camp, former Senior Member of the Technical Staff at Sandia National Laboratories, focusing on computer security; eight years at Harvard’s Kennedy School; tenured Professor at Indiana Unviersity’s School of Informatics with research addressing security in society.
  • Louis Pouzin, designed and implemented the first computer network using datagrams (CYCLADES), from which TCP/IP was derived
  • Carl Page, helped found eGroups, the biggest social network
    of its day, 14 million users at the point of sale to Yahoo for around $430,000,000, at which point it became Yahoo Groups
  • Phil Lapsley, co-author of the Internet Network News Transfer Protocol (NNTP), RFC 977, and developer of the NNTP reference implementation
  • Jack Haverty (MSEE, BSEE MIT 1970), Principal Investigator for several DARPA projects including the first Internet development and operation; Corporate Network Architect for BBN; Founding member of the IAB/ICCB; Internet Architect and Corporate Founding Member of W3C for Oracle Corporation
  • Glenn Ricart, Managed the original (FIX) Internet interconnection point

Eyes on their lobbyists’ bank accounts

The plutocrats and their bought politicians don’t care about Internet free trade, but we should.

Scott Bradner almost gets it about the opposition to net neutrality in Eyes in their ankles: The congressional view of network neutrality:

If you work at a company that uses the Internet to sell to customers or to buy from suppliers you should care about the net neutrality discussion.
You should, but you probably don’t have the money to buy some politicians to do something about it, and unfortunately the biggest companies do, and they’re busy doing just that: Continue reading

NPRM Diagram 2: scope of rules

Here’s the diagram from the NPRM that the FCC folks mentioned frequently at the NANOG panel (The Regulators Meet the Operators, at NANOG 48, Austin, Texas, 22 Feb 2010) regarding scope of net neutrality rule making:


It does seem to clarify some of the points made by the panelists.

More Liveblogging from NANOG Net Neutrality Panel

The Regulators Meet the Operators, at NANOG 48, Austin, Texas, 22 Feb 2010. Notes continued from the previous post. See the pages 37-51 of the NPRM.

Question from a provider: VoIP traffic prioritization from essentially our own service?

Moderator: One thing that won’t be allowed is prioritizing your own service over someone else’s similar service; that’s almost the whole point. FCC person: This is contemplated in the document. Existing services wouldn’t have to be reworked rapidly. Seeking input. Reasons to be concerned. Monopoly over last mile has a position to differentially treat such a service. This is one of the core concerns.

Q: Giving the same priority to somebody else’s similar VoIP service is essentially creating a trust relationship; how much traffic will the other service provider send? Continue reading

Liveblogging from NANOG Net Neutrality Panel

The subtitle is The Regulators Meet the Operators, at NANOG 48, Austin, Texas, 22 Feb 2010. The ground rules of the panel are that it’s not about politics or policy. It assumes there will be net neutrality, and it’s about getting actual network engineers and architects involved in implementing it. Prior reading: pages 41-51 of the Notice of Proposed Rulemaking (NPRM). I’d actually recommend starting at page 37, which is where the NPRM discusses codifying the existing four Internet principles (see below).

A huge number of comments have been received already, by Jan 15 deadline. More comments are solicited. See also

The general idea is to take six proposed principles and turn them into rules that are enforceable and not unreasonable:

Proposed Rules: 6 Principles

  • Access to Content
  • Access to Applications and Services
  • Connect Devices to the Internet
  • Access to Competition
  • Nondiscrimination
  • Transparency
The first four principles have been around for several years. The last two, nondiscrimination and transparency, are the same as the ones Scott Bradner’s petition recommended back in June 2009. Back then I mentioned as I always do that the FCC could also stop talking about consumers and talk about participants. Interestingly, their slide at this talk did not use the word “consumer”, so maybe they’ve gotten to that point, too.

The FCC is also making a distinction between broadband and Internet. There are existing rules regarding “managed” vs. “specialized services” for broadband Internet access, but for net neutrality in general, maybe different rules are needed. Continue reading