NSA vacuuming down Internet traffic

Dave Emery die at pig.die.com
Fri Jan 19 18:42:52 PST 1996 

	Alan Horowitz asks ...
> 
> If I were standing in one of the places where NSA has it's taps of the 
> Net - what would I see? Alligator clips across terminal strips, leading 
> to a bunch of T3 lines?
> 

	I can't say I have a reliable answer to your question (although
I can say fairly confidently that it is unlikely to be done with alligator
clips at T3 and Sonet rates).

	In the past a good bit of this stuff was apparently done by
intercepting microwave tail circuits (such as on the older FDM type
undersea cables).  For some random reason all the traffic on the
undersea cable just happened to always be routed via a microwave link
(sometimes as a "backup" to a cable link sent to a satellite ground
station in case it had to carry the traffic if the cable failed).    
It is remarkable how many of the undersea cable terminals have microwave
links to the rest of the world.  

	Now with everything digital and almost always on fiber, one
would probably expect that the main Internet backbone Sonet or FDDI
rings have little diversions or bridges that feed undocumented fibers
going somewhere that nobody at the carriers quite knows where.  There is
a great deal of dark fiber installed (around the Beltway area
especially) for the spook agencies that was put in without any normal
cable records being kept by the carriers regarding where the fibers in
the bundle terminate or what they are used for or even where the actual
cables really go.  The amount of fiber going into some of the beltway
CIA sites is truly impressive (several major runs).

	The DACS digital crossconnect points (high speed space/time
division DS-1/DS-3 switches used for routing and and interconnecting digital
circuits from one fiber pipe to another) could certainly be programmed 
to route a copy of the traffic on some interesting backbone T3 line
out another port as well - and like all complex software driven devices
this capability could be covertly activated and controlled without notice to
the normal operators who certainly don't have source code or the 
expertise to vet it.

	As one might expect I've so far not met anyone at a carrier
who knows exactly where the NSA taps are, but other possibilities
certainly exist at repeater sites (where used) and even by optical
taps (bending the fiber to make it leak a little light) in some 
manhole somewhere.   And obviously buggering the firmware in central
routers to forward selected packets is available as a last ditch option.

						Dave

More information about the cypherpunks-legacy mailing list