Email tapping by ISPs, forwarder addresses, and crypto proxies

Major Variola (ret) mv at cdc.gov
Tue Jul 20 21:00:49 PDT 2004


At 10:12 AM 7/19/04 -0400, Tyler Durden wrote:
>"Gimme an intel IXA network processor and no problem.  ATM is fixed
>size data, not as tricky as IP decoding.  Predicatable bandwidth.
>Stream all into megadisks, analyze later."
>
>I'm gonna have to challenge this bit here, Variola.

Please.  Truth requires skepticism.  Be bold.

>Let's back up. You've got an OC-48 or OC-192 fiber and you want to grab
ALL
>of the data in this fiber. Now I'll grant that in real life there's
going to
>be a lot telephony circuit in there, but let's take a worst-case and
assume
>you need ALL the data.

As cryptographers, we must assume this.

>What's in this OC-192? Right now it definitely ain't 10Gb/s of packets.
It's
>going to have LOTS of DS1s, DS3s and, if you're lucky, and STS-3c or
two. So
>you'll need to first of all demux ALL of the tributaries.

And how much *dark fiber* is there?  Lots and lots, thanks to irrational

exuberance.   Guess what?  SiO2 doesn't care which direction the beam
is pumped into.

>Next, you've got to un-map any ATM in each of the DS1s, etc, and then
pull
>out the IP data from the ATM cells, remembering to reassemble
fragmented
>packets (and there will be plenty with ATM). And remember, you may have
to
>do this for 5000 simultaneous DS1s.

Yawn.

You underestimate the Adversary.  Never ever do that.  Isn't there some
chink who wrote that?

>Oh, and let's not forget pointer
>adjustments.

Oh no, not pointers!  What next, MPLS?

>And that's just one fiber. How will you actually get all of this
traffic
>back to HQ? Remember, it keeps coming and won't stop.

Dark fiber.

>No, I think I'm becomming convinced that they can't yet get ALL of it.

Enjoy your childhood while it lasts.  Its a beautiful time.





More information about the cypherpunks-legacy mailing list