Re: Email tapping by ISPs, forwarder addresses, and crypto proxies
JA, ya' gotta good point here. Or at least, this sheds a lot of doubt on things. But then again, the purpose of GIG-BE may be precisely to move an optical copy (use a $100 splitter) back to processing centers where the traffic is stored. In this case, they won't even be trying to break it down to circuits prior to storage...they may instead dump the raw OC-Ns directly onto some kind of fast storage medium and then sift through it later. The idea of duplicating all optical traffic seems a little farfetched, though, but I bet everything from the cable landings may soon get swallowed whole, if it isn't already. I'm still thinking they must do some kind of "grooming" prior to mass backhauls of traffic. There are just too many fibers and too many transmission systems out there for them to duplicate all of it. Perhaps at the routers they sniff, and then CALEA whatever circuit that conversation came out of. -TD
From: "J.A. Terranson" <measl@mfn.org> To: Tyler Durden <camera_lumina@hotmail.com> CC: eugen@leitl.org, cypherpunks@al-qaeda.net Subject: Re: Email tapping by ISPs, forwarder addresses, and crypto proxies Date: Sun, 18 Jul 2004 13:07:10 -0500 (CDT)
On Sun, 18 Jul 2004, Tyler Durden wrote:
"I think it would be far easier if WAN protocols were plain GBit Ethernet."
WAN won't be 1GbE, but it will probably be 10GbE with SONET framing, or else OC-192c POS (ie, PPP-encapsulated HDLC-framed MPLS). In either case, I suspect it will be far cheaper in the long run to monitor a big fat pipe than to try to break out a zillion lil' tiny DS1s.
-TD
OK, so Tyler [apparently] works in the business :-)
Let me fill in what he left out. Yes, the industry is moving towards MPLS over POS. That's not where it is now though. At least not for most interfaces. Right now the industry is chock full of lagacy gear, mostly old fashioned ATM. You think you can just casually reassemble this crap in transit? Let's see it!
Besides that old fashioned transport diversity, we have the original problem: even if you could do it (maybe in three to five years), what are you going to do with the data you've snarfed? Backhaul it? Shove it into TB cassettes? Better keep a guy on staff to change the tray!!
None of the many obstacles curretly in the way will allow this to be done on the QT. Semi-openly would be another story, as would the scenario of a smaller, say regional, ISP.
-- Yours,
J.A. Terranson sysadmin@mfn.org 0xBD4A95BF
"...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them." Osama Bin Laden - - -
"There aught to be limits to freedom!" George Bush - - -
Which one scares you more?
_________________________________________________________________ Discover the best of the best at MSN Luxury Living. http://lexus.msn.com/
On Sun, 18 Jul 2004, Tyler Durden wrote:
JA, ya' gotta good point here. Or at least, this sheds a lot of doubt on things.
But then again, the purpose of GIG-BE may be precisely to move an optical copy (use a $100 splitter) back to processing centers where the traffic is stored. In this case, they won't even be trying to break it down to circuits prior to storage...they may instead dump the raw OC-Ns directly onto some kind of fast storage medium and then sift through it later.
The idea of duplicating all optical traffic seems a little farfetched, though, but I bet everything from the cable landings may soon get swallowed whole, if it isn't already.
Note that this is totally not the scenario we had under discussion (i.e., the intercepts being done at the ISP level). If you were to ask me if Mr. Fed. was currently capable of (a) intercepting offshore, say 3-4mi off the formal landings, (b) splice into transatlantic fibers and send the copy down their own fibers, all of it underwater, well, that would be a different discussion entirely. One we seriously discussed just after a pair of buildings became a pair of dust factories. I *firmly* believe this is possible, if not probable, at least on a large scale (although probably not on a complete scale). When the towers came down and the feds were asking everyone to volunteer to host carnivores, we all thought they gave up *way* too easily when turned away (at least the were turned away where I worked - my understanding is that this was not universal). Subsequently, we discussed, mostly as an academic excersize, whether we believed this was possible - and the consensus was a resounding yes. To listen offshore, just prior to making land, is *doable*. Completely. Now, three years and hundreds of hours of federal agencies interaction later, I'd be surprised if this wasn't at least part of the problem that NSA has with data saturation: Are we deaf, or is the volume too loud? Yes.
-TD
-- Yours, J.A. Terranson sysadmin@mfn.org 0xBD4A95BF "...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them." Osama Bin Laden - - - "There aught to be limits to freedom!" George Bush - - - Which one scares you more?
participants (2)
-
J.A. Terranson -
Tyler Durden