[IP] EFF: Secret Surveillance Evidence Unsealed in AT&T Spying Cas

Tyler Durden camera_lumina at hotmail.com
Thu Jun 14 03:03:18 PDT 2007 

Well, the need for optical amplifiers is not so much a power availability 
issue so much as a complexity issue. If one has dozens or hundreds of 
fibers, remember that each of these is going to be some random wavelength in 
the 1310nm or 1550nm band: You won't be able to use a single optical 
amplifier to amplifiy multiple wavelengths: You'll need one for each fiber.  
So now, you need the space and the manpower (not to mention electrical power 
and heat dissipation) to handle a lot of OFAs.
Now I wouldn't be suprised if there existed a VERY small in-line EDFA 
(erbium-doped fiber amplifier) that could operate on a smalll amount of 
power (perhaps battery?) and just hang off the end of a splitter. No, they 
would obviously incorporate the WDFA into a 'powered splitter' (such a thing 
has to eexist now that I think about it).
But the trick would be to lower the number of fibers needed to tap and then 
hope that most of those are operating more than 3dB above their floor, and 
then if you have to split and optically power such a fiber.
This implies a level of prioritization even prior to reaching the 'secret 
room'.

So what can that Narus box do? Layer 3/4 seems obvious. Layer 7? Can it 
detect the presence of encryption? Can it detect the type and strength of 
encryption? Can it detect the existence of jpegs, mpegs, mp3s and so on? 
Does it support routing protocols? So, could it handle an instruction like:

If the source of the packet is located in Brooklyn

If the destination is a cave in Aghanistan
If encryption = YES,
Then route to NSA...

If destination is Kebab King in Jackson Heights
If encryption=NO,
then route to Local Storage

etc...

-TD





>From: coderman <coderman at gmail.com>
>To: "Tyler Durden" <camera_lumina at hotmail.com>
>CC: cypherpunks at jfet.org
>Subject: Re: [IP] EFF: Secret Surveillance Evidence Unsealed in AT&T Spying 
>Cas
>Date: Wed, 13 Jun 2007 10:45:17 -0700
>
>On 6/13/07, Tyler Durden <camera_lumina at hotmail.com> wrote:
>>First of all, anyone have the latest word about Cryptome?
>
>what?
>
>
>>Second of all, I took a look at these and what's becomming quite clear is
>>that they don't really say that much. They basically just show how the 
>>LGXs
>>are connected and interface into and out of the "secret room" via
>>splitters.* It does say that a buttload of traffic is being split and sent
>>off to NSA equipmet ...
>
>right.  tap all the interesting fibers, feed to narus.
>
>
>>but the real missing piece is just how that traffic
>>gets back to NSA. I still believe that they just can't send back 
>>EVERYTHING,
>>and have to have several layers of prioritzation, so that only fairly
>>interesting traffic makes it back in real time (this is not to say that 
>>they
>>don't possibly route and store uninteresting local traffic for future
>>reference) but they can't get everything back to, for instance, DC in real
>>time.
>
>the narus is there specifically so they don't have to backhaul a
>mirror of the traffic.  it does all the inspection to isolate
>interesting information, then sends back that interesting information
>to aggregation points, before that in turn is sent on to NSA.
>
>the bridgeton center att noc is a good example.  there is a room
>controlled by multi-factor biometric authentication (print, retinal)
>with man trap doors.  this is probably the room used for distributing
>configuration to the remote monitoring points (it's unlikely they
>store much of interest at the remote sites, since the security is much
>lower at these places) as well as aggregation of the feeds for
>backhaul to NSA.
>
>see also the new NSA facilities being built in denver, CO.  this is an
>ideal place to aggregate traffic across the country...
>
>
>>Another question I've had for a while is how they get around the loss
>>budgets in certain cases. Dropping a 3dB splitter into an OC-48 signal
>>that's pushed to the limit will result in some signficant BER degredation.
>>Do they just avoid those signals? DO they put in some kind of in-line
>>optical amplifier? (That's not trivial, as they have to electrically power
>>such a device.)
>
>from the sounds of it, the taps did introduce some problems which were
>resolved quickly.  probably not from signal loss, but who knows.
>
>in any case, i don't think powering an optical amplifier is difficult
>in the facilities in question.  for transoceanic cables it becomes a
>bigger problem  :)
>
>best regards,

_________________________________________________________________
Picture this  share your photos and you could win big!  
http://www.GETREALPhotoContest.com?ocid=TXT_TAGHM&loc=us

More information about the cypherpunks-legacy mailing list