Responding to orders which include a secrecy requirement

J.A. Terranson measl at mfn.org
Mon Sep 1 15:45:50 PDT 2003 

I wasn't even going to answer the absurd "hypothetical", but since it's now
in play...

On Mon, 1 Sep 2003, Sunder wrote:

> In that case, I would suspect the ISP itself would have incoming/outgoing
> feeds from other ISP's. 

Obviously, every ISP does.

> If that single moral objector ISP refuses to
> allow carnivores, the other, not quite as moral ISP's might be persuaded
> to allow it, in which case the fedZ get what they want, just one
> traceroute hop further up the chain.  Perhaps not all of them, but perhaps
> enough of them...  Duh!

Maybe I should have been clearer: the feds didn't show us at any of the small
guys (AFAIK), such as the regional or small nationals - they showed up at the
large multinationals (of which the one I work at was likely the smallest,
with a mere 48 countries of footprint).  They clearly understood that
sniffing my peering/transit pipes wasn't technically *possible* (yet) - what
they were interested in was sniffing my regional POPs, with [relatively] low
speed OC3/OC12 pipes.  To rephrase it: they were interested in *my*
customers, not the traffic from other companies (they had other field
officers at the other NSPs).

 
> That's the thing about the internet - your packets must travel through
> other ISP's (unless you're communicating with other nodes hosted by that
> single ISP which is unlikely).  

It's a lot more likely than you seem to realize.  The internet is a
collection of aggregation points (ISPs): get the individual aggregations, and
the rest is as visible as a reconstructed RAID5 stripe.

> From the fedZ point of view, you need not
> tap each and every single ISP.  You can tap upstream, and still get the
> data without tipping off the target, or his moral objector friends at her
> ISP.

This type of thing certainly goes on, but not in the vaccum cleaner world of
large pipes.  This is only technically feasible for targetted investigations.

> At some point every ISP goes through MCI, Sprint, and AT&T, and don't
> forget the local (phone company) loops.

The loops are too far out on the edge to be useful for anyone but the loop
owner themselves, and there are *way* too many [ever changing] paths out of
any individual ASN - the aggregation point is where this kind of action
*must* happen.

> 
> Assuming that such a moral objector ISP would exist,

As I noted: much to my amazement, many do exist.

> it would be foolish
> to assume that it would provide much of a measure of protection against
> tapping cleartext transmissions.
>  Hence, encryption is important.  Want
> privacy and security?  It's up to you to provide it: encrypt.

Agrred.  Encryption, properly implemented and executed, is the only real path
to privacy.

 
-- 
Yours, 
J.A. Terranson
sysadmin at mfn.org

	"Every living thing dies alone."
	Donnie Darko

More information about the cypherpunks-legacy mailing list