Schumer, Graham: Restrict electronics sales to Iran

Source: The Hill

A bipartisan pair of senators is pushing for international restrictions on electronic equipment sold to Iran, citing reports that the government has monitored citizens’ communications after the country’s disputed elections.

Sens. Charles Schumer (D-N.Y.) and Lindsey Graham (R-S.C.) on Friday called on Secretary of State Hillary Rodham Clinton to request that the European Union curb all telecommunications equipment German and Finnish companies, Siemens and Nokia, sell to Iran.

“Given Iran’s history of monitoring phone and Internet communications, the Iranian government’s despotic actions come as no surprise,” said Schumer and Graham in their letter to Clinton.

“What is surprising, however, is the European Union’s apparent failure to curb the export of technology that allowed the Iranian government to enhance its abilities to examine and

Read more: http://thehill.com/leading-the-news/schumer-graham-want-restrictions-on-electronics-sold-to-iran-2009-06-27.html

---

Good move by these senators. Countries that monitor their citizens' communications must be punished.

I think the Iatola Komani is already on it.

http://www.wired.com/threatlevel/2009/06/wsj-nokia-and-siemens-help-iran-spy-on-internet-users/

"According to a somewhat confusing Wall Street Journal story, Iran has adopted NSA-like techniques and installed equipment on its national telecommunication network last year that allows it to spy on the online activities and correspondence — including the content of e-mail and VoIP phone calls — of its internet users.

Nokia Siemens Networks, a joint venture between Germany’s Siemens and Finland’s Nokia, installed the monitoring equipment late last year in Iran’s government-controlled telecom network, Telecommunication Infrastructure Co., but authorities only recently engaged its full capabilities in response to recent protests that have broken out in the country over its presidential election....."

I respect Obama, but even he cannot fight the NSA and CIA. There has been a coup and they are in charge.

Its the cheap and simple way to get anonymity online, at the cost of speed albeit. If you choose to run the tor relay protocol, your computer will facilitate Iranian or Chinese citizens browsing the internet in a way that cannot be monitored.

From their website:
Tor protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location. Tor works with many of your existing applications, including web browsers, instant messaging clients, remote login, and other applications based on the TCP protocol.


http://www.torproject.org/

they'll be knocking at your door within half an hour. Even during WWII the resistance could use "ham radio" with extreme precaution and only by moving senders all the time.

and not monitor our phones and internet communications.

According to a NY Times article released last week and whose link I lost.

NY Times is wrong, or using a *very* limited definition, or *very* limited set of parameters.

That number might cover "snooped, found actionable, and archived, inappropriately, because it was a private citizen-to-citizen conversation, that stayed in the the US, that never touched a government network, and was captured without a warrant, or a private company voluntarily turning it over".

Think bigger. *Much* bigger.

Anyone with the money can buy just about any kind of electronic equipment from Chinese wholesalers. The manufacturing of much of the stuff sold buy euro and US companies has been off-shored to cheap-labor countries.

This is just another republican distraction.

We are just spewing hypocrisy.

eventually reduce the ability of PEOPLE communicating. It would make sense that they prohibit the sale of technology that lets them track cell phones etc - but not the cell phones themselves. It might be the Hill reporter, not the Senators - as some paragraphs refer to tracking technology and others to all equipment.

As to the tracking technology - they already have it - so isn't this too late?

what ya gona` do about them chuckie and lindy?

http://www.infoworld.com/d/security-central/us-lawmakers-scold-tech-companies-china-censorship-767

you guys ain`t going to do anything.......

You know how difficult it is to make this equipment?

I do....and have.

If you allow *any* modern computers into Iran, they can slap a copy of snort (or another sniffer) on one, and monitor any network traffic they please. Takes about a hour or two to turn your average laptop or desktop into a packet sniffer, setup inspection rules, and start mirroring all traffic on a switch to a monitoring port.

Since all Iranian internet traffic passes through official, state-owned, network links, there is no "embargo" that would work.

The better solution is actually the exact reverse of what they're proposing, they need to *lift* sanctions on shipping decent crypto equipment and software into Iran, that way, even when the traffic is inspected, immense amounts of CPU is required to be able to "read" more than the most rudimentary SIGINT. Of course, that also has the problem of *reducing* the intelligence we can get at our Iran listening points, because their private citizens could talk to other private citizens, without any government (including ours) listening in on a comprehensive level.

This is what happens when non-technical people try to make legislation about technical topics. :(

That uses an encryption key based on the CPU ID and The network card guid, and some data file on the system.

Then you could give the encoding key to someone, they would encode the message, and the decoder would get the other half of the key from the actual computer. So the message literally could only be read on one computer, the intended receiver.

There could be a problems that the intended receiving computer ID would be encoded in message. And their could be a way to rewrite api's that emulate that info, so although not 100%, for most messages they would be secure, and the system would be easy to use.

Person 1 creates half the key from a program that looks at unique parts of his computer. Person 1 sends his computer encoding key, that key is added to address book of person 2. Every time person 2 sends a email to person 1, the program looks up key, and encodes it before sending. When person 1 gets email, his system creates the other half of key from the actual hardware of the computer, and decodes message.

:shrug: Could be used for phones also, and would effectively eliminate all large scale eavesdropping on email or phone calls. To decrypt, an eavesdropper would have to know the computer it is sent to, so it would require a great deal of effort except in individual cases like with court warranted cases.

since they effectively work as the password, it would not be a full security, it would be security light, that with no user effort, would stop interception of messages without that added info. So email snooping could still be used in cases where it was important, but could not be used in every case due to computation load. With datafiles on the receiver side as part of the pass code, it would require more then knowing the IDs but also files on the computer, and at that point the message intercept would be irrelevant since it could be read when the user opens the email anyway.

Also the cracker would have to simulate the accessing of CPU IDs in an application which would require an emulator of the other computer, a well written program could run checks on the system to know if their were emulators at work.

The value of the program is not in its security, it is in a semisecurity at no user cost, the process is effectively automated, yet makes the emails encrypted to stop bulk reading.