On Wed, 21 Jul 2004, Major Variola (ret) wrote:
I'm following the Principle of not underestimating the adversary,
Don't go overboard: remember that there is a difference between underestimating your adversary and unrealistically *over*estimating your adversary.
who does plenty of R&D, just look at their tech-transfer program, multiply by a few decades in capacity..
I (and I suspect you) live in the "high tech" world, so we have a pretty good grasp of the current state of the art. As a rule, Joe Sixpack thinks that the g'mint is a couple of trillion years ahead of Moore's Law ("Shure they can break all that there commie crypto ssl hidden horsesheet!"), while a large part of academia tends to believe that the USG is around ten years *behind* them (oh, to have such an ego!). In my personal experience, they tend to have roughly a five year lead on what my world considers "bleeding edge". That said, I'm willing to cut them a few more years of slack when doing the necessary threat assessment, but I just do not believe they are 20, or even 10 years ahead. And that is not an "idle" belief, it's a considered, long formed opinion, based on an awful lot of input data.
Perhaps that grants the Maryland trogdyltes too much, but again, conservatism rules in this game.
Conservatism in the real world, unreasonable paranoia in the academic world (a necessary thing in that context). These are the right move. But in real-world assessment, if you use the academic paranoia model, you will never be able to engineer an appropriate solution (i.e., one that successfully balances current and expected lifetime threats, along with project expense and elegance of implementation. I truly think we are all addressing the very same thing - we are just approaching it from slightly different perspectives. I see these as "real" engineering problems, while you are looking at them as pure academic excersizes. We will obviously be reaching different endpoints this way, since we are assuming a different input set :-)
Remember, "Nortel" is cost-bound. TLAs are not.
Ahhh, but they are! That's why they went to COTS in the first place (they were forced). The scale of that cost binding may be difficult to ascertain since their outer cost limit is just astronomical (unless you are Shrub, who thinks he can just print more money when he runs out), but it does exist.
They also get radioisotope power supplies, etc.
This is actually a *very* good point. It would also address the off-shore splice vs power issue nicely. But we are still constrained by backhaul. In answer to the earlier question of how much dark fiber is there: roughly 12% of the fiber now in the ground is lit. Yes, there is a shitload of capacity sitting unused. Unfortunately, the people who buried all that glass were all competing in pretty much the same basic areas, so what we ended up with was orders of magnitude too much capacity around several large hub cities, while there is a critical shortage in other places. Yes, VA and DC have gluts of glass. In fact, that is one of the most concentrated glut areas.
And unpublished tech made in unknown fabs.
While this cannot be discounted in toto, the tech comes to them from academia (most of the time), so generally, if you are widely read, you'll have a pretty good idea of what's *possible*. You are likely dead-on accurate about the fabs though.
Albeit, "Nortel" (even if Canadian, eh?)
Yup. The Irony Meter is hanging out at the right of the scale again :-)
etc are 0wn3d by the USG, so taps through COTS are not so hard,
Undersea taps are hard. No matter how you figure it. Pressurized cables with PSI monitors and microsecond resolution monitoring is not something you can break into and splice without a great deal of care. For the record, yes, I believe it can be, and is being done. I would be surprised if it was on a large scale though - even with "nukular poweer".
and my "dark fiber" only means the physical capacity is there.
Or not, depending on geographic location.
And of course people are cheaper than tech.
Always. And *this* is the lesson most often forgotten.
Hell, the counter-intel folks seem to be real bargains, whether FBI or CIA.
Man, you would not believe what these guys are [not] paid! A senior guy may naver break 100K in his lifetime (unless s/he (a) has a terminal degree, (b) swallows, and (c) decides to work a desk as an ASAC or somesuch. The actual intel/counterintel guys make shit for money.
But if you prefer to believe they play on the same field as us, go ahead, I'll still read your posts, and appreciate the questioning.
Thanks, I think :-)
MV
-- Yours, J.A. Terranson sysadmin@mfn.org 0xBD4A95BF "...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them." Osama Bin Laden - - - "There aught to be limits to freedom!" George Bush - - - Which one scares you more?