Over night the US could be dead for MT.
That sounds like a workable solution except. Apparently the FCC and DOJ has dicatated how to do this. They want it in a standardized format with all providers. They have decided on T1.IAS and LAES.either enable sniffer on the mikrotik box, and save all packet data to some file ... or better - just get a switch that can mirror a port to another one. the second option is better, it won't overload your router.
Lets not forget about the 10k per day retroactive fine for non-compliance.
Matt
according to:
http://www.askcalea.net/docs/calea.pdf
103.b.1.a,
This title does not authorize any law enforcement agency or officer--
(A) to require any specific design of equipment, facilities, services, features, or system configurations to be adopted by any provider of a wire or electronic communication service, any manufacturer of telecommunications equipment, or any provider of telecommunications support services;
http://www.askcalea.net/docs/calea.pdf
103.b.1.a,
This title does not authorize any law enforcement agency or officer--
(A) to require any specific design of equipment, facilities, services, features, or system configurations to be adopted by any provider of a wire or electronic communication service, any manufacturer of telecommunications equipment, or any provider of telecommunications support services;
The streaming packet sniffer (tszp) would be probably be perfect for this. Why should Mikrotik support CALEA when they aren't even based in the US ? Our laws don't apply to other countries. Well, I'd ask myself the same question. My answer would be; because lots of my customers are in the US. : ) And if its only included in 3.0 I could see a ton of upgrades coming in the next few months.
Sam
Sam
Mikrotik, please support your US customers on CALEA issue!
The US WISPS MUST comply with CALEA! Cowboy attitudes and stamping one's feet about how "they will get the info over my dead body" are not going to cut it.
The other router vendors support it. Mikrotik has many, many customers in the USA who have chosen them as supplier for various reasons.
Because a requirement doesn't exist in Latvia is not a valid justification for not supporting what customers in another country are requesting. If it is a lack of understanding, or a language barrier, I'm quite sure we could get them some help on that front.
Bottom line is customer support. Without the support they need, customers will cease to be that.
Come on, Mikrotik- Please don't make your excellent product have a black eye among US customers because of something you can (but won't) address right in software.
The other router vendors support it. Mikrotik has many, many customers in the USA who have chosen them as supplier for various reasons.
Because a requirement doesn't exist in Latvia is not a valid justification for not supporting what customers in another country are requesting. If it is a lack of understanding, or a language barrier, I'm quite sure we could get them some help on that front.
Bottom line is customer support. Without the support they need, customers will cease to be that.
Come on, Mikrotik- Please don't make your excellent product have a black eye among US customers because of something you can (but won't) address right in software.
This might help some understand more.
http://www.educause.edu/content.asp?PAG ... 698&bhcp=1
my understanding here is, if you provide any public internet service fast enough for VoIP, whether you do VoIP or not, you must comply with CALEA
The timeline for implementing this is insane.
I am against the government spying on me or my customers, but.. if it is the law, i would provide them one of many methods (tcpdumps remotely or whatever), but making us conform to a standard that we can't even find any information on.. is insane.
I understand if Mikrotik doesn't get involved, but, I know there are alot of isp's and wisp's (mostly small) screaming for help now, and they only have until March to file the SSI (their plan) and then May to become compliant. and they are looking for someone with a cost effective way to meet these deadlines.
http://www.educause.edu/content.asp?PAG ... 698&bhcp=1
my understanding here is, if you provide any public internet service fast enough for VoIP, whether you do VoIP or not, you must comply with CALEA
The timeline for implementing this is insane.
I am against the government spying on me or my customers, but.. if it is the law, i would provide them one of many methods (tcpdumps remotely or whatever), but making us conform to a standard that we can't even find any information on.. is insane.
I understand if Mikrotik doesn't get involved, but, I know there are alot of isp's and wisp's (mostly small) screaming for help now, and they only have until March to file the SSI (their plan) and then May to become compliant. and they are looking for someone with a cost effective way to meet these deadlines.
I would hope that the packet sniffer could be extended to support this. The streaming (TZSP) protocol is not exactly what is required, but I would think that a comparable streaming wrapper of this sort would work.
My thoughts...
1. Use existing packet sniffer with modified streaming function that complies with their format specification (if you can figure that part out)
2. Allow ability to use address-list to specify IPs for which to capture in addition to the 2 filter fields currently present.
3. Obtain thousands of new customers in the USA overnight because everyone is scrambling to find affordable equipment that can handle this.
Sam
My thoughts...
1. Use existing packet sniffer with modified streaming function that complies with their format specification (if you can figure that part out)
2. Allow ability to use address-list to specify IPs for which to capture in addition to the 2 filter fields currently present.
3. Obtain thousands of new customers in the USA overnight because everyone is scrambling to find affordable equipment that can handle this.
Sam
-
-
scurtis@acrsokc.com
just joined
- Posts: 13
- Joined:
- Location: Oklahoma City
- Contact:
Normis,
How about looking at T1.IAS for specifics?
Here's some info:
CALEA requires broadband service providers to have proper tools in place by May 14, 2007 to isolate, intercept, export and selectively monitor in real-time, a legally identified criminal suspect on the BSP's network, without compromising the constitutional right to privacy for the rest of the customers on the network.
When a Law Enforcement Agency issues a legal warrant to a BSP, the Caller Identifying Information (CII) or Call Content (CC), such as VoIP traffic, to and from a particular user is captured or redirected and sent to the Law Enforcement Agency for real-time forensic analysis. The warrant has to be very specific about the types of data traffic to be captured and distribution process to the Law Enforcement Agencies.
Besides VoIP, we also need to be able to capture info pertaining to e-mail or chats with the ability to separate session content and session header info (akin to CII and CC). The CALEA law itself is not clear enough. So, guys please provide all info that you know of (and hopefully valid information).
How about looking at T1.IAS for specifics?
Here's some info:
CALEA requires broadband service providers to have proper tools in place by May 14, 2007 to isolate, intercept, export and selectively monitor in real-time, a legally identified criminal suspect on the BSP's network, without compromising the constitutional right to privacy for the rest of the customers on the network.
When a Law Enforcement Agency issues a legal warrant to a BSP, the Caller Identifying Information (CII) or Call Content (CC), such as VoIP traffic, to and from a particular user is captured or redirected and sent to the Law Enforcement Agency for real-time forensic analysis. The warrant has to be very specific about the types of data traffic to be captured and distribution process to the Law Enforcement Agencies.
Besides VoIP, we also need to be able to capture info pertaining to e-mail or chats with the ability to separate session content and session header info (akin to CII and CC). The CALEA law itself is not clear enough. So, guys please provide all info that you know of (and hopefully valid information).
I contacted Parasun technologies today to look into implementing thier third party solution. We provide wireless broadband as well as cable modem services... here is their response from the initial engineer looking at how my network is setup:
http://www.apogee.net
(thier solution starts at approx $800-$1000 and up based on subs, and currently requires Cisco routers although Juniper support is coming soon. they were unsure how to proceed with the mikrotik part of it.)
http://www.neustar.biz/pressroom/datasheets/index.cfm
(I am still waiting for a call back from this company but my initial conversation with them seemed positive)
http://www.verisign.com/products-servic ... index.html
(Have not contacted them yet, but they are next on the list, with the history of verisign though i assume thier pricing will be high)
http://www.parasun.com/
(The quote above is from one of thier engineers. Thier solution requires them to install a server into your network which costs approx $3500-$4000 then requires you to pay monthly either $300 (under 1000 subs) or $700 (up to ?? subs) but it sounds like they may not even be able to help me due to the mikrotik, and it also sounds like they want full access to every device on my network... don't think i like this idea!)
http://www.verint.com/communications_in ... l2a_id=200
(Supposedly have a cost effective product for rural broadband providers, I have requested more information)
Informational sites regarding CALEA:
http://en.wikipedia.org/wiki/Communicat ... cement_Act
http://www.askcalea.net/
http://chat.part-15.org/index.php
http://www.calea.org/
http://www.fcc.gov/calea/
http://www.eff.org/Privacy/Surveillance ... f=faq.html
http://www.opastco.org/tech/calea.htm MUST READ!!!!!
http://www.educause.edu/Browse/645?PARENT_ID=698 (has examples of the forms to file)
http://www.educause.edu/ (search for Keywords like CALEA LAES etc)
http://www.ntca.org
Link to DRAFT specs:
http://contributions.atis.org/UPLOAD/PT ... -014R2.doc
Hopefully this will help, I myself am still trying to get a grip on all of this so I do not know the technical requirements of the devices, however. maybe someone else can find somehting in this mound of reading..
From my point of view this whole thing seems unrealistic for small providers, it would almsot seem like they want to put us all out of business. There has got to be either a way around it, or a way to do this economically for the small guys....
Enjoy! IF I figure anything else out, ill let you all know here.
I will update this list as i aquire more information.
Here are some companies i have com across offering Third party solutions for providers:Regarding the switched end:
Switches need to be managed. This is a requirement for any access switch that connects to a user device. If unmanaged switches are used then port spanning cannot be implemented, and port-port traffic cannot be forwarded to the probe. There are unmanaged switches in the diagram.
Regarding the wireless RF end:
There are wireless routers missing from the bottom left of the diagram (not CPE, but infrastructural routers). I'll need detailed info on how they're connected. Wireless is a different kind of problem - our probe doesn't have a wirless interface. So the wireless router has to support LI, at the very least bridging. Bridging will require internal network renumbering, since the wireless network will spill over up to the primary Mikrotik router. A quick check of this companies LI/CALEA support position suggests these units may need replacement:
http://forum.mikrotik.com/viewtopic.php ... a470d3ec44
It may be possible to re-engineer this network by introducing tagged traffic port mirroring on the units. This requires a lot more info than that in the diagram, starting with vendor and software release on each device, free ports on each unit, VLAN's that have been configured on the switches, etc.
Many vendors don't implement full port mirroring - like SMC which allows mirroring of sent or received port traffic but not both - this may require replacement of the unit in such cases.
The cheapest solution for this customer may end up being the purchase of a replacement provisioning system from us.
My apologies for the number of issues and questions raised.
http://www.apogee.net
(thier solution starts at approx $800-$1000 and up based on subs, and currently requires Cisco routers although Juniper support is coming soon. they were unsure how to proceed with the mikrotik part of it.)
http://www.neustar.biz/pressroom/datasheets/index.cfm
(I am still waiting for a call back from this company but my initial conversation with them seemed positive)
http://www.verisign.com/products-servic ... index.html
(Have not contacted them yet, but they are next on the list, with the history of verisign though i assume thier pricing will be high)
http://www.parasun.com/
(The quote above is from one of thier engineers. Thier solution requires them to install a server into your network which costs approx $3500-$4000 then requires you to pay monthly either $300 (under 1000 subs) or $700 (up to ?? subs) but it sounds like they may not even be able to help me due to the mikrotik, and it also sounds like they want full access to every device on my network... don't think i like this idea!)
http://www.verint.com/communications_in ... l2a_id=200
(Supposedly have a cost effective product for rural broadband providers, I have requested more information)
Informational sites regarding CALEA:
http://en.wikipedia.org/wiki/Communicat ... cement_Act
http://www.askcalea.net/
http://chat.part-15.org/index.php
http://www.calea.org/
http://www.fcc.gov/calea/
http://www.eff.org/Privacy/Surveillance ... f=faq.html
http://www.opastco.org/tech/calea.htm MUST READ!!!!!
http://www.educause.edu/Browse/645?PARENT_ID=698 (has examples of the forms to file)
http://www.educause.edu/ (search for Keywords like CALEA LAES etc)
http://www.ntca.org
Link to DRAFT specs:
http://contributions.atis.org/UPLOAD/PT ... -014R2.doc
Hopefully this will help, I myself am still trying to get a grip on all of this so I do not know the technical requirements of the devices, however. maybe someone else can find somehting in this mound of reading..
From my point of view this whole thing seems unrealistic for small providers, it would almsot seem like they want to put us all out of business. There has got to be either a way around it, or a way to do this economically for the small guys....
Enjoy! IF I figure anything else out, ill let you all know here.
I will update this list as i aquire more information.
Last edited by jparsons on Thu Mar 08, 2007 3:55 am, edited 2 times in total.
I found some informatoin on the standard thanks to the guys at opencalea
http://contributions.atis.org/UPLOAD/PT ... -084R8.doc
http://contributions.atis.org/UPLOAD/PT ... -084R8.doc
one of the Third party companies i am working with to find a solution to this is telling me the following are requirements if you are to be CALEA compliant...
I contacted the homeland security about this in washington, basically they told me EVERY ISP from 1 to unlimited customers must comply, or if they are served a subpeona they will get fined $11K per day until they comply. I told the guy he is going to put every small ISP in the nation out of business trying to comply with this.. to which his response was, read section 109, if you cannot comply within reasonable means, you can basically be given a safe harbor, until you make any network changes, and then you will have to come into compliance.
why does this feel like uncle sam sticking it to the smaller ISP's?
(my understanding is that a tcpdump will not do)
I suggest those concerned contact :
David Ward, Senior Attorney, PSHSB Policy Division (202.418.2336)
Public Safety & Homeland Security Bureau (PSHSB) CALEA Team
and read this: (without crossing your eyes)
http://hraunfoss.fcc.gov/edocs_public/a ... 6-56A1.pdf
any suggestions anyone?
Is anyone else dealing with this? What are some of you other small ISP's out there in US doing about this?□ All switches - access, distribution, and core - must support complete port mirroring/port spanning
□ All routers, CMTS systems, and multilayer switches - must either support Lawful Intercept compliant Operating Systems (RFC3924 or equivalent), OR must support full transparent L2 bridging to the Orwell device (as with a bridge IRB/IEEE type configuration) and the transparently bridged end must constitute the only transit interface to other network devices (CPE gear not regarded as network devices for the purpose of interpretation of this section). Most devices in this category will support the first or second criterion.
□ All wireless devices must be in transparent bridging/AP mode, and the transparently bridged end must constitute the only transit interface to other devices. Any L3/IP assignment on a wireless unit must be for management purposes alone.
□ Smaller sites will require the OSS4 Intercept to be place within the direct traffic flow.
□ Larger sites will have OSS4 Intercept placed to allow Port replication VLAN for any subject within the site.
I contacted the homeland security about this in washington, basically they told me EVERY ISP from 1 to unlimited customers must comply, or if they are served a subpeona they will get fined $11K per day until they comply. I told the guy he is going to put every small ISP in the nation out of business trying to comply with this.. to which his response was, read section 109, if you cannot comply within reasonable means, you can basically be given a safe harbor, until you make any network changes, and then you will have to come into compliance.
why does this feel like uncle sam sticking it to the smaller ISP's?
(my understanding is that a tcpdump will not do)
I suggest those concerned contact :
David Ward, Senior Attorney, PSHSB Policy Division (202.418.2336)
Public Safety & Homeland Security Bureau (PSHSB) CALEA Team
and read this: (without crossing your eyes)
http://hraunfoss.fcc.gov/edocs_public/a ... 6-56A1.pdf
any suggestions anyone?
Ok I just recieved some possible good news.
I need some suggestions from all of you though.
I found a Third party provider with reasonable rates.
They will put a device in my network that will take the information and get it where it needs to go. It is up to me to get the information to their device.
The suggest doing it with port mirror or spanning.
here is what needs to be achieved.
I need to be able to capture and send everything that is coming in or going out of a single user. so for example If i have a user on a wireless interface, I need to be able to forward a copy of everything that user is doing to this third party device. much like if I where to put a hub in between the user and the AP with the third party device also connected to the hub. this would include any traffic that may go from one wireless user to another on the same interface, if that exists.
My first thoughts were to put a mikrotik routeros device connected to this third party device, on eth1 and then connect eth2 to my network.
Then create an EoIP tunnel between this router and the one any particular user exists on, and bridge the EoIP to the capture device on its end, and to the wireless interface on the users end, but.. will the device actually be able to see all the data on the wireless interface then?
another idea was to have the device create a vpn connection to the AP and have that bridged to the wireless interface... again though, will it actually see all the data from that users IP?
does anyone have any other ideas on how to create a senario where i can mirror all data in realtime from a given IP to this device, even data going to another wireless user on the same interface?
or... thier device will exist on a switch and i could create a vlan between the devices then send the mirrored data to the vlan. but then what is the best way to mirror the data to and from that users IP.
If any of this can be accomplished with a mikrotik router... i have found a solution that will work, and isn't too terrible on month cost.
I need some suggestions from all of you though.
I found a Third party provider with reasonable rates.
They will put a device in my network that will take the information and get it where it needs to go. It is up to me to get the information to their device.
The suggest doing it with port mirror or spanning.
here is what needs to be achieved.
I need to be able to capture and send everything that is coming in or going out of a single user. so for example If i have a user on a wireless interface, I need to be able to forward a copy of everything that user is doing to this third party device. much like if I where to put a hub in between the user and the AP with the third party device also connected to the hub. this would include any traffic that may go from one wireless user to another on the same interface, if that exists.
My first thoughts were to put a mikrotik routeros device connected to this third party device, on eth1 and then connect eth2 to my network.
Then create an EoIP tunnel between this router and the one any particular user exists on, and bridge the EoIP to the capture device on its end, and to the wireless interface on the users end, but.. will the device actually be able to see all the data on the wireless interface then?
another idea was to have the device create a vpn connection to the AP and have that bridged to the wireless interface... again though, will it actually see all the data from that users IP?
does anyone have any other ideas on how to create a senario where i can mirror all data in realtime from a given IP to this device, even data going to another wireless user on the same interface?
or... thier device will exist on a switch and i could create a vlan between the devices then send the mirrored data to the vlan. but then what is the best way to mirror the data to and from that users IP.
If any of this can be accomplished with a mikrotik router... i have found a solution that will work, and isn't too terrible on month cost.
Last edited by jparsons on Mon Mar 26, 2007 10:40 pm, edited 1 time in total.
I took this excerpt from another piece of hardware manual...
SLEM is supported in accordance with RFC 3924 which outlines the Cisco
proposed architecture for Lawful Intercept in IP Networks. This architecture
is becoming the standard to which companies are adhering. The
following diagram outlines the framework of RFC 3924.
thought this might warrant a look as well
basically with the above solution, the third party will handle everything except for the interception of the data. so ... just need to figure that out.
SLEM is supported in accordance with RFC 3924 which outlines the Cisco
proposed architecture for Lawful Intercept in IP Networks. This architecture
is becoming the standard to which companies are adhering. The
following diagram outlines the framework of RFC 3924.
thought this might warrant a look as well
basically with the above solution, the third party will handle everything except for the interception of the data. so ... just need to figure that out.
So...
Let me take the cammel under the tent approch here and see if it holds watter...
Scenerio..
1) Joe Shmoe has an open Linksys or other wireless router at his home.
2) Joe's neibor is a "bad guy" or just someone that the local sherif wants to harass... (FCC states that even local LEAs can trigger a CALEA trace)
Here we go...
The FCC states that ANY entity that provides IP based access via a non controled access point is an ISP. (and subject to all FCC regs and taxes / licenses as such)
Joe's local sherif has a judge in his pocket ... Hard to belive I know...
The sherif has a local IT pro figure out where the traffic is comming from
The ISP refers the traffic as one of its subscribers.
The sherif locates the Joes house / small buisness and slaps a CALEA warrant on his desk and says "you have 48 hrs" oh and by the way, you CAN'T just unplug... we want his data !!! and if you dont comply it will cost you 10K / day... (Have a nice day...)
I can see other issues of this type as well..
IE a user on a corp net installes a rouge AP and then uses it himself or a neibor uses it for god knows what and here comes the FCC...
I know that "enterprise" nets are supposed to be exempt, but see 1st example....
Are we ALL supposed to be ready to send Uncle Sam / Bill what ever he wants whenever he wants it ??
I hope MT can come up with something... I want to be ready when I get that knock on the door..... (Knock, Knock... FCC calling...)
Things that make you go Hmmmm....
Craig
Let me take the cammel under the tent approch here and see if it holds watter...
Scenerio..
1) Joe Shmoe has an open Linksys or other wireless router at his home.
2) Joe's neibor is a "bad guy" or just someone that the local sherif wants to harass... (FCC states that even local LEAs can trigger a CALEA trace)
Here we go...
The FCC states that ANY entity that provides IP based access via a non controled access point is an ISP. (and subject to all FCC regs and taxes / licenses as such)
Joe's local sherif has a judge in his pocket ... Hard to belive I know...
The sherif has a local IT pro figure out where the traffic is comming from
The ISP refers the traffic as one of its subscribers.
The sherif locates the Joes house / small buisness and slaps a CALEA warrant on his desk and says "you have 48 hrs" oh and by the way, you CAN'T just unplug... we want his data !!! and if you dont comply it will cost you 10K / day... (Have a nice day...)
I can see other issues of this type as well..
IE a user on a corp net installes a rouge AP and then uses it himself or a neibor uses it for god knows what and here comes the FCC...
I know that "enterprise" nets are supposed to be exempt, but see 1st example....
Are we ALL supposed to be ready to send Uncle Sam / Bill what ever he wants whenever he wants it ??
I hope MT can come up with something... I want to be ready when I get that knock on the door..... (Knock, Knock... FCC calling...)
Things that make you go Hmmmm....
Craig
Doing quite a bit of research, I have found that the CALEA laws apply only to telecommunications providers and what are considered to be "common carriers." ISP's are not considered either of those because they are providing "information services" and are therefore considered "enhanced service." (http://www.cybertelecom.org/ci/esp.htm)
Therefore, the only companies that this law should pertain to are companies like AT&T, Verizon, etc. The companies that are providing the fibre backbones. Those are the companies considered to be common carriers. At least that is what I understand from all the researching and such. The way I look at it, I will continue to operate the way I am until we get a subpeona, if that ever happens. There are just too many loopholes in these darn laws these days.
Therefore, the only companies that this law should pertain to are companies like AT&T, Verizon, etc. The companies that are providing the fibre backbones. Those are the companies considered to be common carriers. At least that is what I understand from all the researching and such. The way I look at it, I will continue to operate the way I am until we get a subpeona, if that ever happens. There are just too many loopholes in these darn laws these days.
unfortunately, I guess you only read older information, in 2006 it was decided by the FCC that ISP's would be classified as telecom providers i will try to find reference for you.
I was originally under the same assumption.. until i read further.
http://connect.educause.edu/blog/wwigen ... 1175040271
http://www.askcalea.net/
http://www.educause.edu/Browse/645?PARENT_ID=698
althought... i did come across this healine on the FCC site
3/22/2007
NEWS RELEASE
FCC Classifies Wireless Broadband Internet Access Service as an Information Service
http://wireless.fcc.gov
this might mean wireless is not included. i will research this further.
I was originally under the same assumption.. until i read further.
http://connect.educause.edu/blog/wwigen ... 1175040271
http://www.askcalea.net/
http://www.educause.edu/Browse/645?PARENT_ID=698
althought... i did come across this healine on the FCC site
3/22/2007
NEWS RELEASE
FCC Classifies Wireless Broadband Internet Access Service as an Information Service
http://wireless.fcc.gov
this might mean wireless is not included. i will research this further.
ok so after reading the latest released FCC ruling on wireless, i came across this:
If I interpret this correctly, this means, the FCC considers wireless internet as an Information Service, but the Law Enforcement agencies, can determine it to be whatever they want basically, which sounds like they are saying.. yes... you need to comply with the CALEA laws.47. Nor does our interpretation of section 332 of the Communications Act and its
implementing regulations here alter either our decision in the CALEA proceeding to apply CALEA
obligations to all wireless broadband Internet access providers, including mobile wireless providers, or
our interpretations of the provisions of CALEA itself. As the Commission found, and the U.S. Court of
Appeals for the D.C. Circuit affirmed, the purposes and intent of CALEA are strikingly different than
those of the 1996 Telecommunications Act, which is embedded in the Communications Act. As the
Court noted, “CALEA--unlike the 1996 Act--is a law-enforcement statute . . . (requiring
telecommunications carriers to enable ‘the government’ to conduct electronic surveillance) . . . . The Communications Act (of which the Telecom Act is part), by contrast, was enacted ‘[f]or the purpose of
regulating interstate and foreign commerce in communication by wire and radio’ . . . . The Commission's
interpretation of CALEA reasonably differs from its interpretation of the 1996 Act, given the differences
between the two statutes.”121 Thus, our interpretation of the separate statutory provisions in section 332
of the Communications Act, whose purposes closely track those of the Telecommunications Act of 1996
and the Communications Act generally, in no way affects our determination that mobile wireless
broadband Internet access service providers are subject to the CALEA statute.122
I wasn't aware of that - Thanks
Anybody got OpenCALEA working yet? If so, what distro? I have gotten the TAP to compile and run, but the lea_collector is giving me compile errors...
I would think that MT might be looking into packaging/integrating with opencalea, rather than starting from scratch...
Anybody know of any other open-source CALEA solutions?
Anybody got OpenCALEA working yet? If so, what distro? I have gotten the TAP to compile and run, but the lea_collector is giving me compile errors...
I would think that MT might be looking into packaging/integrating with opencalea, rather than starting from scratch...
Anybody know of any other open-source CALEA solutions?
Well, there's no longer habeas corpus here, requirement for warrants for wiretaps, etc. So yeah, it's whatever they say it is. If you're all lawyered-up you'll be fine, or at least it'll be quite a while before actual jail time or fines. Big price for complacency, now the horse is out of the barn... but I guess this is really not the place to discuss those issues.ok so after reading the latest released FCC ruling on wireless, i came across this:If I interpret this correctly, this means, the FCC considers wireless internet as an Information Service, but the Law Enforcement agencies, can determine it to be whatever they want basically, which sounds like they are saying.. yes... you need to comply with the CALEA laws.47. Nor does our interpretation of section 332 of the Communications Act and its
implementing regulations here alter either our decision in the CALEA proceeding to apply CALEA
obligations to all wireless broadband Internet access providers, including mobile wireless providers, or
our interpretations of the provisions of CALEA itself. As the Commission found, and the U.S. Court of
Appeals for the D.C. Circuit affirmed, the purposes and intent of CALEA are strikingly different than
those of the 1996 Telecommunications Act, which is embedded in the Communications Act. As the
Court noted, “CALEA--unlike the 1996 Act--is a law-enforcement statute . . . (requiring
telecommunications carriers to enable ‘the government’ to conduct electronic surveillance) . . . . The Communications Act (of which the Telecom Act is part), by contrast, was enacted ‘[f]or the purpose of
regulating interstate and foreign commerce in communication by wire and radio’ . . . . The Commission's
interpretation of CALEA reasonably differs from its interpretation of the 1996 Act, given the differences
between the two statutes.”121 Thus, our interpretation of the separate statutory provisions in section 332
of the Communications Act, whose purposes closely track those of the Telecommunications Act of 1996
and the Communications Act generally, in no way affects our determination that mobile wireless
broadband Internet access service providers are subject to the CALEA statute.122
