 knightmbEverybody Lies
join:2003-12-01
Franklin, TN
1 edit | FBI need to find more important things to do This coming from someone who runs two ISP, yeah, the last thing I want to do is setup yet another server that is going to have to record every URL for the next 2 years. I can understand the FBI doing an investigation where they bring in equipment and record something for some user using the courts to get the wiretap, that I'm fine with.
But 24/7 wiretap R' us, yeah, I'll make sure that server *accidental* becomes unplugged. 
Or better yet, all data on that server will be encrypted with a 1,000 character key and well, the key gets lost somehow?  |
|
|
|
| said by knightmb:I can understand the FBI doing an investigation where they bring in equipment and record something for some user using the courts to get the wiretap, that I'm fine with. CALEA already requires that US ISPs have snooping equipment in place to allow any law enforcement agency to view all your Internet traffic, not just your IP addresses and URLs.
This new thing with logs is just to get access to IP addresses and URLs for 2 yr old activity that they didn't have a subpoena for at the time. |
|
knightmbEverybody Lies
join:2003-12-01
Franklin, TN | said by Supervisor:said by knightmb:I can understand the FBI doing an investigation where they bring in equipment and record something for some user using the courts to get the wiretap, that I'm fine with. CALEA already requires that US ISPs have snooping equipment in place to allow any law enforcement agency to view all your Internet traffic, not just your IP addresses and URLs. This new thing with logs is just to get access to IP addresses and URLs for 2 yr old activity that they didn't have a subpoena for at the time. Already worked with the FCC about that, a lot didn't apply to us. Technically we do have snooping equipment, it's called a 5 port hub that sits in between everything, they are welcome to come plug in any equipment they want to snoop provided they have a court order to do so. 
--
Fight Insight Ready (Was NebuAD) and the like:
Click Here to pollute their data |
|
| You must not pass very much traffic. I sure as heck wouldn't let some dinky 5 port hub be my single point of failure. |
|
knightmbEverybody Lies
join:2003-12-01
Franklin, TN
1 edit | reply to knightmb
Fun with Math Here's another reason why this wouldn't be practical.
I've uploaded a simple text with 10 URLs recorded. It's the most basic info, time/date, IP, and URL
Now that is just 10 URL and the file is already 1,163 bytes
That won't included the URL for every other file that is accessed, because what good is it to record that you visit »somebadplace.gov/ without logging all the files you got from the site? Well that's additional "lines" in the log file.
Have you seen those *long* URL that you get with Google or other sites when you start going deep into them, yeah that's more space being burned up.
Ok, right now (I'm a small ISP), I see about 20 to 30 URL coming through a second from customers.
Ok, so I'm using about 3,000 bytes per second of recording, figured in more since I will also have to record every *other* place that URL goes (graphics, CSS, javascript, etc.)
So now I'm recording 5,000 bytes per second.
Doesn't sound too bad? 5,000 bytes X 60 seconds = 30,000 bytes per minute.
30,000 bytes per minute X 60 minutes = 1,800,000 bytes per hour
1,800,000 X 24 hours/day = 43,200,000 bytes per day
43,200,000 bytes per day X 365 days = 15,768,000,000 bytes per year
15,768,000,000 X 2 years = 31,536,000,000 bytes per 2 years
That's 30,075.0732 megabytes
29.37 gigabytes
That's being generated by 15 users (provided they are only visiting a few sites).
If you have people visiting e-bay, google, etc. They will generate a ton more URL data, but I'm trying to be fair.
So if 15 users can generate 29 gigabytes a year (very low estimate of course), then you can only imagine what hundreds or even thousands of users would generate.
I can see that Hard Drive companies that produce multi-terabyte drives will be getting a lot of business if this every passes.
--
Fight Insight Ready (Was NebuAD) and the like:
Click Here to pollute their data |
|
knightmbEverybody Lies
join:2003-12-01
Franklin, TN | reply to battleop
Re: FBI need to find more important things to do said by battleop:You must not pass very much traffic. I sure as heck wouldn't let some dinky 5 port hub be my single point of failure. Of course not, that's why we have 3
--
Fight Insight Ready (Was NebuAD) and the like:
Click Here to pollute their data |
|
| reply to knightmb
Re: Fun with Math Whats the name of your ISP company? |
|
 SLDPremium
join:2002-04-17
San Francisco, CA | reply to knightmb
One of my web servers generates 2-4GB of log files per day! |
|
Romney2012Defeat Obama 2012-Chg we can believe inPremium
join:2002-03-03
USA
kudos:4
1 edit | reply to knightmb
And what if you don't need URLs(since that isn't in the request to save for 2 years) and only have to collect date, time, and IP address? That would be much less data. |
|
Reviews:
 ·magicjack.com
| reply to knightmb
Re: FBI need to find more important things to do said by knightmb:But 24/7 wiretap R' us, yeah, It's not a wiretap is it? They aren't requiring recording and storing voice. It's just requiring ISPs to do what telcos already do for telephony (maintain point-to-point activity records to be used for forensic purposes).
That's not the same as capturing the content of every file transferred, every character entered into a web form. Just the URLs visited, email recipients sent/received to/from, IPs of people you chatted with or VoIPed.
It's just doing what we already expect from telephony. I agree it's much more information to store. But, that's the consequence of having much more flexibility (and individual power) of communication.
Mark |
|
patcat88
join:2002-04-05
Jamaica, NY
kudos:1 | reply to knightmb
Re: Fun with Math Well, with metered billing, you be paying for your ISP to buy a HD for data retention every month to store your traffic. It works perfectly. |
|
 RARPSL
join:1999-12-08
Suffern, NY | said by patcat88:Well, with metered billing, you be paying for your ISP to buy a HD for data retention every month to store your traffic. It works perfectly. Metered Billing only counts how much you use NOT what you are using it for. It just updates a counter associated with your account.
IOW: It is like the trip meter on you car's odometer - It shows how far you have driven since it was last reset, NOT where you were driving (which would need a "Black Box" with a GPS unit). |
|
RARPSL
join:1999-12-08
Suffern, NY | reply to amigo_boy
Re: FBI need to find more important things to do said by amigo_boy:said by knightmb:But 24/7 wiretap R' us, yeah, It's not a wiretap is it? They aren't requiring recording and storing voice. It's just requiring ISPs to do what telcos already do for telephony (maintain point-to-point activity records to be used for forensic purposes). The data that the telco is maintaining (and giving LEOs access to) is stuff that the telco must collect for billing purposes (ie: What Long Distance ["out of area/LATA"] calls you have made and [when message units were used] what local calls you have made ).
There is NO need for these types of detailed collection needed for billing purposes with the Internet except for VoIP and Capping of transmission volume (AKA: Metered Billing). With Metered Billing, you only need to collect how much data is transferred NOT tracking here the data is sent to or received from. |
|
Reviews:
·magicjack.com
| said by RARPSL:There is NO need for these types of detailed collection needed for billing purposes with the Internet except for VoIP and Capping of transmission volume (AKA: Metered Billing). With Metered Billing, you only need to collect how much data is transferred NOT tracking here the data is sent to or received from. Obviously the ISP doesn't need the info, or it would be available already. The problem is that this new technology creates a gap in forensic abilities compared to what's already accepted as standard practice (telco call records).
RFID technology could cause "no need" for serial numbers on guns. But, only a tiny fraction of society would say that should be allowed.
We're not talking about what's best for the ISP. But, what's best for society (while retaining the balance of power between the individual and society which has been accepted as normal in recent history).
I agree that it may not be feasible or constitutional to require ISPs to maintain such traditional records. In that case, we should expect the government to do it. If we don't want the government to do it, we should consider how to fund ISPs doing it.
But, just ignoring the loss of forensic capability isn't a solution.
Mark |
|
patcat88
join:2002-04-05
Jamaica, NY
kudos:1
1 edit | reply to RARPSL
Re: Fun with Math But when you pay $40 a month for 80 GB, $5 went to pay for HD that will the 80GB you moved that month, full packet capture. If you use less than your bucket, cheaper for the ISP to store your data traffic. If if you move 250GB a month, about $20 of your monthly bill went to buy HD space to store your 250GB for 2 years. |
|
chimera
join:2009-06-09
Washington, DC | reply to knightmb
Don't forget that for large ISPs most 1TB drives (which run at 7200 RPM) will be too slow to actually keep up with the data, and since they would need failure protection everything would need a RAID setup adding even more cost per GB. |
|
 KrKHeavy Artillery For The Little GuyPremium
join:2000-01-17
Tulsa, OK
 ·AT&T DSL Service
| reply to amigo_boy
Re: FBI need to find more important things to do Sorry Mark but the technology required would be expensive and the amount of storage required to do so would be astronomical. It's not economically feasible, would cause a jump in rates for users and simply shouldn't be done, period.
--
"Fascism should more properly be called corporatism because it is the merger of state and corporate power." -- Benito Mussolini
|
|
Reviews:
·magicjack.com
| said by KrK:Sorry Mark but the technology required would be expensive and the amount of storage required to do so would be astronomical. It's not economically feasible, would cause a jump in rates for users and simply shouldn't be done, period. I'm pretty sure someone's going to do it. It's just a question of whether it's the ISPs or the NSA. If it's done by the government, it won't be as simple as applying existing laws prohibiting telcos from revealing information except under well-defined circumstances. It will require oversight individual rights to access/view their data for integrity.
I don't think "it's not possible" will rule the day. Either the government will do it, or it will become an accepted cost of using the internet.
Like, when someone proposed licensing cars 100 years ago. I'm sure there were people who said "it's not feasible. It will cost too much." Today the cost of cars being uniquely identified, and states managing a database is just accepted as the cost of driving (even though it infringes on my perfect freedom of movement.).
It could be as simple as a paradigm shift such as that.
Mark |
|
 ReformCRTCSupport Your Independent ISP
join:2004-03-07
Canada | reply to knightmb
Zinnnngage! |
|
| reply to chimera
Re: Fun with Math that a moot point. they would never consider a non-raid like solution to begin with. i'm 90% sure that servers only use RAID. they aren't stupid enough to only store it on a couple 1TB hard drives with no backups.
also, don't underestimate the speed of high density drives. |
|
