Edited by Alex Constantine
VeriSign has unveiled an outsourcing solution aimed at making it less expensive and easier for telecommunications companies to comply with court-ordered wiretaps, a move that has some privacy experts on edge.
Virginia-based VeriSign unveiled the NetDiscovery service at an Atlanta trade show earlier this week. The new product rolls out as a June 30 deadline approaches for phone companies to comply with the Assistance for Law Enforcement Act (CALEA).
Passed in 1994 and augmented after Sept. 11, CALEA establishes penalties of up to $10,000 a day for companies that cannot respond to court orders to intercept telephone content and underlying data.
Tony Rutkowski, VeriSign's VP of NetDiscovery Strategy, says the outsourcing option reduces capital costs and eliminates the need to hire
and train security experts who can fulfill court orders. In some cases, Rutkowski said these costs can exceed $150,000 a year for each switch.
Instead, VeriSign remotely accesses the telecom network and extracts the information in the format required by law enforcement.
"It makes sense to have someone in the middle," Rutkowski said. "You have literally thousands of phone companies and ISPs on one side and all the law enforcement agencies on the other. It's really an interesting problem to get those two sides together and an opportunity for us." ...
VeriSign Extends Executive Team as Part of Strategy to Pursue New Opportunities With Focus and Discipline
IT'S A "SAIC/CIA THING"
>> "ICANN is being moved by the big capital, because domains are a big game. The role of the smaller Registrars is to act as a decoration to the party. For this reason I'm not going to Melbourne. Those who will go, please send a post card with a view.
Subject: CIA knows what we google?
Here is an interesting thing that happened to me while searching the word Venezuela in Google through the search engine box on the upper right corner of Firefox.
I have Firefox 220.127.116.11 installed. When I got the search results Firefox warned me that it received an SSL server certificate concerning the site www.cia.gov. However, the certificate was coming from verisign.com and that is a potential threat.
Unfortunately, I cannot attach the screen capture because of this webmail form but if you give me an email address I could do so.
Of course, you can say that I was sent a certificate because in one of the results when searching for the word "Venezuela" you get the cia.gov site (the world fact book). Nevertheless, as long as CIA is sending me the certificate it means that CIA knows that my IP has searched for the word Venezuela, terrorism, bomb, communism, Bin Laden and I don't know what else. Why does CIA know what searches I am doing in Google? Does google keep statistics about the searches I am doing on google? I would certainly want google to answer these questions.
I've been using firefox since its firebird incarnation and it's the first time I come across such an issue. There might be a good explanation for this but I had to let someone know.
Heaquartered also in Mountain View, CA, Narus also has offices throughout North America, EMEA (France, Germany, U.K.), Asia (Japan, Korea, China), and Brazil.
One of their partners is VeriSign, a company which is specialised in security and traffic analysis.
Verisign created iDefense in May 1998 and is provider of security intelligence for the U.S. Government and other governments.
On Board of Narus is William P. Crowell, an independent security consultant.
After 9/11 Crowell has served on the Defense Advanced Research Projects Agency (DARPA) Task Force on Terrorism and Deterrence, the National Research Council Committee on Science and Technology for Countering Terrorism and the Markle Foundation Task Force on National Security in the Information Age. ...
Crowell actually had senior positions at the NSA, including Deputy Director of Operations and Deputy Director of the Agency. He was also director of RVison, a video surveillance technology company. Crowell also served as a vice president at Atlantic Aerospace Electronics Corporation, now a subsidiary of Titan Systems.
"The BBC is reporting that the World Association of Domain Name Developers (WADND) have filed suit against ICANN and Verisign for alleged violations of antitrust, conspiracy, monopolization and price fixing laws. The suit alleges that the two are entering an unlawful agreement that gives VeriSign a permanent monopoly over the all .com and .net domain name registrations, and the right to raise prices at 7% per annum forever. The text of the lawsuit is available as a .pdf from WADND."
By Ross Rader
November 21, 2005
The organizations claim the proposal clears the way for a "...new and productive public-private partnership" between VeriSign and ICANN "...for the benefit of the Internet community."
Not so fast. This deal is actually a signal that the end of the Internet community's role in determining its own future may be imminent. This is a $1.5 billion giveaway that proposes to permanently transfer important public infrastructure to VeriSign. The deal proposes to:
• Lock in domain registration price increases, adding significant cost increases to consumers over the next seven years--to the benefit of only ICANN and VeriSign;
• Allow for the expansion of VeriSign's natural monopoly, to the detriment of competitive segments of the market; and
• Grant VeriSign permanent control of the .com database.
VeriSign's role as a generic top-level domain administrator, as defined in RFC 1591, is to "perform a public service on behalf of the Internet community." (RFCs are documents that describe Net standards.) Implementing this relationship through ICANN has been a boon for all involved. VeriSign has supported the .com public infrastructure as a cornerstone of the digital economy; ICANN has been guaranteed a steady revenue stream via surcharges it receives from domain registrars; and VeriSign has captured $6 for every .com domain name registration or renewal.
VeriSign should be rewarded a fair commercial return on its investment as the administrator of .com, but the community cannot assign it irrevocable rights to the domain.
Despite this apparent "win-win-win," VeriSign has historically been unhappy with its role as a top-level domain administrator. VeriSign takes the position that the company can and should be able to cash in on the domain name system. VeriSign CEO Stratton Sclavos has said that "DNS response is an obligation we took on when we inherited (the .com administration contract).
This puts VeriSign directly at odds with the community it was designated to serve and has resulted in hefty legal fees and a flawed settlement proposal. Rather than reinforcing the relationship between the two parties, the proposed settlement agreement redefines it. VeriSign successfully leveraged the litigation into a complete renegotiation of its contract with ICANN staff who seemingly played right along to avoid further litigation.