Dropsafe

by Alec Muffett

#CCDP and #CloudComputing – some _really_ interesting new questions that I’ve not heard discussed #restraintOnBusiness

Dave posted a comment:

A further angle I’d like to see a considered view on: as well as ISPs, will UK-based IaaS providers also be compelled to install and maintain lawful metadata intercept infrastructures in case a customer stands a mail or other messaging server up on one of their nodes? If so, how will such infrastructures handle the tying-together of customer details, VM details and vSwitch port details, at all times and in the face of infrastructure flexing, to ensure that all data requiring intercept, gets intercept?

Dave Walker — 2012/04/04 @ 01:35 — Reply

In other words: If you’re a Communications Service Provider living atop a Cloud provider of IaaS (Infrastructure as a Service) – who is meant to be providing the interception layer for the Government snoops?

For instance, a small Amazon-EC2-based chat service: at which layer – your code, or your cloud host infrastructure – is CCDP capability required to exist?

Also: What happens if such provision is illegal cross-border snooping in the country in which your Cloud provider is based? Are you forbidden from using them? Can you claim that the ISP-level sniffing of traffic is sufficient and that you are exempt from providing interception or log-access capability for CCDP because your servers are in the Bailiwick of Icemany where such international snooping is frowned upon?

Comments

One response to “#CCDP and #CloudComputing – some _really_ interesting new questions that I’ve not heard discussed #restraintOnBusiness”

  1. Dave Walker

    Thanks for picking up on this, squire :-).

    Following up on this with a few more thoughts, IaaS makes it dramatically easier for anyone to become an almost-ISP, in that if you discount the provision of fundamental wired or wireless connectivity to the user’s home or handset, pretty much all you need to do is give some credit card details (not necessarily your own) to an IaaS provider, stand up an instance of a communications suite (mail, calendar, IM) on the virtual machines you’ve just bought time on, mint some crypto keys to drop into the right places in the config, and you’re in business (or, subverting Mitchell’s Law, terrorism or paedophilia).

    Granted, you’re not going to scale the way the big boys do, but if you’re a bad guy, you’re just running a little cell or ring, right?

    So, this means there’s a small number of big reasons why intercept needs to happen in the tier of the lowest-level provider where meaningful data is characterisable:

    1. Scale; there’s just too many little almost-ISPs out there for The Powers That Be to sensibly manage communications with, and the number of them will change daily, as IaaS makes it easy to create a new one. My guess is it wouldn’t be straightforward to bring a new almost-ISP’s intercept feed online, at the .gov.uk end – less straightforward, anyway, than just taking more data from their existing underpinning provider.

    2. Security; if the statement that The Powers That Be are really *not* going to snarf copy of all the metadata for all the messages that are in circulation, then it means the service providers will need to know (or be able to find out) whose data they need to be watching; in such a context, intercept can’t be a zero-knowledge exercise, from the perspective of the provider. That watch-list – and quite probably, even the individual names on that watch-list – will be security-sensitive. So, it’s not something anyone (except someone on the list) would want to see outside a secure facility, or give to any Johnny-come-lately, untrained and uncleared owner of an almost-ISP.

    3. To Be Continued, possibly…

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

More posts