Re: Email tapping by ISPs, forwarder addresses, and crypto proxies
At 01:07 PM 7/18/04 -0500, J.A. Terranson wrote:
Let me fill in what he left out. Yes, the industry is moving towards MPLS over POS. That's not where it is now though. At least not for most interfaces. Right now the industry is chock full of lagacy gear, mostly old fashioned ATM. You think you can just casually reassemble this crap in transit? Let's see it!
Gimme an intel IXA network processor and no problem. ATM is fixed size data, not as tricky as IP decoding. Predicatable bandwidth. Stream all into megadisks, analyze later. You need to tap the MPLS label assignment service (or watch all the egress ports and correlate to endpoints) too to know which ATM chunks went where.
Besides that old fashioned transport diversity, we have the original problem: even if you could do it (maybe in three to five years), what are you going to do with the data you've snarfed? Backhaul it? Shove it into TB cassettes? Better keep a guy on staff to change the tray!!
You don't know about tape robots, or offline indexing, eh?
On Sun, 18 Jul 2004, Major Variola (ret) wrote:
Besides that old fashioned transport diversity, we have the original problem: even if you could do it (maybe in three to five years), what are you going to do with the data you've snarfed? Backhaul it? Shove it into TB cassettes? Better keep a guy on staff to change the tray!!
You don't know about tape robots, or offline indexing, eh?
None of which qualify here - remember, the discussion was based upon a "quiet" implementation. -- Yours, J.A. Terranson sysadmin@mfn.org 0xBD4A95BF "...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them." Osama Bin Laden - - - "There aught to be limits to freedom!" George Bush - - - Which one scares you more?
On Mon, Jul 19, 2004 at 07:56:05AM -0500, J.A. Terranson wrote:
None of which qualify here - remember, the discussion was based upon a "quiet" implementation.
A VPN link from a *nivore box streaming filtered info is pretty quiet. There are plenty of dedicated network processors for packet filtering purposes: http://leitl.org/ct/2004.1/01/160/art.htm As suggested, tapping oversea fibres in shallow waters is probably the Way To Do It. No way to store the entire traffic, and expect to still be able to mine it. What is interesting is how they do VoIP voice recognition, if at all. Too mancy simultaneous channels to screen them all, or are they? -- Eugen* Leitl <a href="http://leitl.org">leitl</a> ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 1.01d removed an attachment of type application/pgp-signature]
On Sun, Jul 18, 2004 at 10:35:19PM -0700, Major Variola (ret) wrote:
You don't know about tape robots, or offline indexing, eh?
FYI from a recent trip to the NSA crypto museum: http://www.mccullagh.org/image/10d-15/storagetek-automated-cartridge-system.... http://www.mccullagh.org/image/10d-15/robot-arm-tape-cartridge.html I think that was circa 1994 (I'd have to look at the high-res image to see the date on the brass plaque to be sure). -Declan
On Sun, 25 Jul 2004, Declan McCullagh wrote:
On Sun, Jul 18, 2004 at 10:35:19PM -0700, Major Variola (ret) wrote:
You don't know about tape robots, or offline indexing, eh?
FYI from a recent trip to the NSA crypto museum: http://www.mccullagh.org/image/10d-15/storagetek-automated-cartridge-system.... http://www.mccullagh.org/image/10d-15/robot-arm-tape-cartridge.html
I think that was circa 1994 (I'd have to look at the high-res image to see the date on the brass plaque to be sure).
-Declan
I've actually worked with slightly more recent tech from the same company. Note the limited size of the library (300tb), and also note that seek time to any one sector on any one tape is *incredibly* long. This is strictly a near-line bulk solution - useless for anything but permanent archives with an occasional pull. -- Yours, J.A. Terranson sysadmin@mfn.org 0xBD4A95BF "...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them." Osama Bin Laden - - - "There aught to be limits to freedom!" George Bush - - - Which one scares you more?
participants (4)
-
Declan McCullagh -
Eugen Leitl -
J.A. Terranson -
Major Variola (ret)