Email tapping by ISPs, forwarder addresses, and crypto proxies
Tyler Durden
camera_lumina at hotmail.com
Wed Jul 21 07:09:07 PDT 2004
Variola wrote...
Dark fiber.
"Dark Fiber" ain't a talisman you merely wave at data to get it to magically
move to where you want it to.You've got to LIGHT that fiber, and to light
that fiber you need LOTS and LOTS of power-hungry, space-occupying
equipment. In other words, you'd need to duplicate a significant fraction of
the current public transport network. And that can't be done in one
location, you'd need this shadow network to have either it's own COs all
over the country, or to have significant POPs in practically every CO in the
country. And I can tell you unequivocally that neither are the case.
What this points to is CALEA + Grooming + Massive Optical Transport for
offline sifting in a few centralized locations. And I strongly suspect that
the recent GIG-BE contract is precisely the massive optical part.
What I get from what you've pointed out, however, is that processing power
isn't the limitation any longer. If they COULD get it ALL, then they
probably would. So perhaps that's just a matter of time (ULH systems can
move lots of traffic very long distances these days, with only the
occasional optical amplifier.)
-TD
>From: "Major Variola (ret)" <mv at cdc.gov>
>To: "cypherpunks at al-qaeda.net" <cypherpunks at al-qaeda.net>
>Subject: Re: Email tapping by ISPs, forwarder addresses, and crypto
>proxies
>Date: Tue, 20 Jul 2004 21:00:49 -0700
>
>At 10:12 AM 7/19/04 -0400, Tyler Durden wrote:
> >"Gimme an intel IXA network processor and no problem. ATM is fixed
> >size data, not as tricky as IP decoding. Predicatable bandwidth.
> >Stream all into megadisks, analyze later."
> >
> >I'm gonna have to challenge this bit here, Variola.
>
>Please. Truth requires skepticism. Be bold.
>
> >Let's back up. You've got an OC-48 or OC-192 fiber and you want to grab
>ALL
> >of the data in this fiber. Now I'll grant that in real life there's
>going to
> >be a lot telephony circuit in there, but let's take a worst-case and
>assume
> >you need ALL the data.
>
>As cryptographers, we must assume this.
>
> >What's in this OC-192? Right now it definitely ain't 10Gb/s of packets.
>It's
> >going to have LOTS of DS1s, DS3s and, if you're lucky, and STS-3c or
>two. So
> >you'll need to first of all demux ALL of the tributaries.
>
>And how much *dark fiber* is there? Lots and lots, thanks to irrational
>
>exuberance. Guess what? SiO2 doesn't care which direction the beam
>is pumped into.
>
> >Next, you've got to un-map any ATM in each of the DS1s, etc, and then
>pull
> >out the IP data from the ATM cells, remembering to reassemble
>fragmented
> >packets (and there will be plenty with ATM). And remember, you may have
>to
> >do this for 5000 simultaneous DS1s.
>
>Yawn.
>
>You underestimate the Adversary. Never ever do that. Isn't there some
>chink who wrote that?
>
> >Oh, and let's not forget pointer
> >adjustments.
>
>Oh no, not pointers! What next, MPLS?
>
> >And that's just one fiber. How will you actually get all of this
>traffic
> >back to HQ? Remember, it keeps coming and won't stop.
>
>Dark fiber.
>
> >No, I think I'm becomming convinced that they can't yet get ALL of it.
>
>Enjoy your childhood while it lasts. Its a beautiful time.
>
>
>
>
>
_________________________________________________________________
Don�t just search. Find. Check out the new MSN Search!
http://search.msn.click-url.com/go/onm00200636ave/direct/01/
More information about the cypherpunks-legacy
mailing list