[IP] EFF: Secret Surveillance Evidence Unsealed in AT&T Spying Cas
Tyler Durden
camera_lumina at hotmail.com
Thu Jun 14 03:03:18 PDT 2007
Well, the need for optical amplifiers is not so much a power availability
issue so much as a complexity issue. If one has dozens or hundreds of
fibers, remember that each of these is going to be some random wavelength in
the 1310nm or 1550nm band: You won't be able to use a single optical
amplifier to amplifiy multiple wavelengths: You'll need one for each fiber.
So now, you need the space and the manpower (not to mention electrical power
and heat dissipation) to handle a lot of OFAs.
Now I wouldn't be suprised if there existed a VERY small in-line EDFA
(erbium-doped fiber amplifier) that could operate on a smalll amount of
power (perhaps battery?) and just hang off the end of a splitter. No, they
would obviously incorporate the WDFA into a 'powered splitter' (such a thing
has to eexist now that I think about it).
But the trick would be to lower the number of fibers needed to tap and then
hope that most of those are operating more than 3dB above their floor, and
then if you have to split and optically power such a fiber.
This implies a level of prioritization even prior to reaching the 'secret
room'.
So what can that Narus box do? Layer 3/4 seems obvious. Layer 7? Can it
detect the presence of encryption? Can it detect the type and strength of
encryption? Can it detect the existence of jpegs, mpegs, mp3s and so on?
Does it support routing protocols? So, could it handle an instruction like:
If the source of the packet is located in Brooklyn
If the destination is a cave in Aghanistan
If encryption = YES,
Then route to NSA...
If destination is Kebab King in Jackson Heights
If encryption=NO,
then route to Local Storage
etc...
-TD
>From: coderman <coderman at gmail.com>
>To: "Tyler Durden" <camera_lumina at hotmail.com>
>CC: cypherpunks at jfet.org
>Subject: Re: [IP] EFF: Secret Surveillance Evidence Unsealed in AT&T Spying
>Cas
>Date: Wed, 13 Jun 2007 10:45:17 -0700
>
>On 6/13/07, Tyler Durden <camera_lumina at hotmail.com> wrote:
>>First of all, anyone have the latest word about Cryptome?
>
>what?
>
>
>>Second of all, I took a look at these and what's becomming quite clear is
>>that they don't really say that much. They basically just show how the
>>LGXs
>>are connected and interface into and out of the "secret room" via
>>splitters.* It does say that a buttload of traffic is being split and sent
>>off to NSA equipmet ...
>
>right. tap all the interesting fibers, feed to narus.
>
>
>>but the real missing piece is just how that traffic
>>gets back to NSA. I still believe that they just can't send back
>>EVERYTHING,
>>and have to have several layers of prioritzation, so that only fairly
>>interesting traffic makes it back in real time (this is not to say that
>>they
>>don't possibly route and store uninteresting local traffic for future
>>reference) but they can't get everything back to, for instance, DC in real
>>time.
>
>the narus is there specifically so they don't have to backhaul a
>mirror of the traffic. it does all the inspection to isolate
>interesting information, then sends back that interesting information
>to aggregation points, before that in turn is sent on to NSA.
>
>the bridgeton center att noc is a good example. there is a room
>controlled by multi-factor biometric authentication (print, retinal)
>with man trap doors. this is probably the room used for distributing
>configuration to the remote monitoring points (it's unlikely they
>store much of interest at the remote sites, since the security is much
>lower at these places) as well as aggregation of the feeds for
>backhaul to NSA.
>
>see also the new NSA facilities being built in denver, CO. this is an
>ideal place to aggregate traffic across the country...
>
>
>>Another question I've had for a while is how they get around the loss
>>budgets in certain cases. Dropping a 3dB splitter into an OC-48 signal
>>that's pushed to the limit will result in some signficant BER degredation.
>>Do they just avoid those signals? DO they put in some kind of in-line
>>optical amplifier? (That's not trivial, as they have to electrically power
>>such a device.)
>
>from the sounds of it, the taps did introduce some problems which were
>resolved quickly. probably not from signal loss, but who knows.
>
>in any case, i don't think powering an optical amplifier is difficult
>in the facilities in question. for transoceanic cables it becomes a
>bigger problem :)
>
>best regards,
_________________________________________________________________
Picture this share your photos and you could win big!
http://www.GETREALPhotoContest.com?ocid=TXT_TAGHM&loc=us
More information about the cypherpunks-legacy
mailing list