Email tapping by ISPs, forwarder addresses, and crypto proxies

Tyler Durden camera_lumina at
Wed Jul 21 07:09:07 PDT 2004

Variola wrote...

Dark fiber.

"Dark Fiber" ain't a talisman you merely wave at data to get it to magically 
move to where you want it to.You've got to LIGHT that fiber, and to light 
that fiber you need LOTS and LOTS of power-hungry, space-occupying 
equipment. In other words, you'd need to duplicate a significant fraction of 
the current public transport network. And that can't be done in one 
location, you'd need this shadow network to have either it's own COs all 
over the country, or to have significant POPs in practically every CO in the 
country. And I can tell you unequivocally that neither are the case.

What this points to is CALEA + Grooming + Massive Optical Transport for 
offline sifting in a few centralized locations. And I strongly suspect that 
the recent GIG-BE contract is precisely the massive optical part.

What I get from what you've pointed out, however, is that processing power 
isn't the limitation any longer. If they COULD get it ALL, then they 
probably would. So perhaps that's just a matter of time (ULH systems can 
move lots of traffic very long distances these days, with only the 
occasional optical amplifier.)


>From: "Major Variola (ret)" <mv at>
>To: "cypherpunks at" <cypherpunks at>
>Subject: Re: Email tapping by ISPs, forwarder addresses, and crypto  
>Date: Tue, 20 Jul 2004 21:00:49 -0700
>At 10:12 AM 7/19/04 -0400, Tyler Durden wrote:
> >"Gimme an intel IXA network processor and no problem.  ATM is fixed
> >size data, not as tricky as IP decoding.  Predicatable bandwidth.
> >Stream all into megadisks, analyze later."
> >
> >I'm gonna have to challenge this bit here, Variola.
>Please.  Truth requires skepticism.  Be bold.
> >Let's back up. You've got an OC-48 or OC-192 fiber and you want to grab
> >of the data in this fiber. Now I'll grant that in real life there's
>going to
> >be a lot telephony circuit in there, but let's take a worst-case and
> >you need ALL the data.
>As cryptographers, we must assume this.
> >What's in this OC-192? Right now it definitely ain't 10Gb/s of packets.
> >going to have LOTS of DS1s, DS3s and, if you're lucky, and STS-3c or
>two. So
> >you'll need to first of all demux ALL of the tributaries.
>And how much *dark fiber* is there?  Lots and lots, thanks to irrational
>exuberance.   Guess what?  SiO2 doesn't care which direction the beam
>is pumped into.
> >Next, you've got to un-map any ATM in each of the DS1s, etc, and then
> >out the IP data from the ATM cells, remembering to reassemble
> >packets (and there will be plenty with ATM). And remember, you may have
> >do this for 5000 simultaneous DS1s.
>You underestimate the Adversary.  Never ever do that.  Isn't there some
>chink who wrote that?
> >Oh, and let's not forget pointer
> >adjustments.
>Oh no, not pointers!  What next, MPLS?
> >And that's just one fiber. How will you actually get all of this
> >back to HQ? Remember, it keeps coming and won't stop.
>Dark fiber.
> >No, I think I'm becomming convinced that they can't yet get ALL of it.
>Enjoy your childhood while it lasts.  Its a beautiful time.

Dont just search. Find. Check out the new MSN Search!

More information about the cypherpunks-legacy mailing list