On Tue, 14 Nov 2000, Lin Nah wrote:
Where do people stand on each issue? For example I think it is one thing to track something the police have a warrent for than to act on their suspicions. I also don't believe in scanning emails for particular text strings to perhaps highlight possible problems (and I know this isn't effective especially with people being able to use pgp etc)
What if someone is using encrypted or securirty like ssh/ssl/pgp/ and whatever other encryption there is.
Where do you stand on port scanning? For example some say there's nothing wrong with portscanning - it is what they do with the information after they scan. Others say if they port scan they must be guilty or told off.
Do all IRC servers have to log their traffic? It is not unknown for people to work in groups. We often face this on Undernet. So some script kiddie is pissed off. He tells his mates in their channel and before you can blink you get attacks from all over the place. I am not active on this frontline but can introduce you to the ones that are.
See, my understanding of the whole issue was that the police and friends want the ability, with a warrant, to monitor the activity of specific users. There is no plans for big brother to be scanning your email for occurances of "Helen Clark" and "Kill". I personally have no problem with the police being able to collect information persuant to a warrant. This means the police bring a warrant and a box. The box gets set up to do it's thing (whatever that may be) for the time the warrant says. Then the box and the police go away. An important distinction is that this should not mean that ISPs have to maintain any traffic records for users to present at a later date. Of course the police would have to pay any costs incurred and there are issues surrounding their access to ISP's networks (ie they are only getting what they say they are, not any other data). Also, if they are going to use the internet to get data about 'real world' crimes I think they should also take the step of implimenting computer crime laws. There is also the issue of implied guilt, if I am being monitored and I receive a PGP email, which I can't (or won't) divulge the key for, what happens then? How is that handled? I personally would really like to hear from the DIA/Police about the specifics of exactly what it is they are proposing... -- Dylan Reeve - dylan(a)wibble.net "Um, yeah." --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog