The Ultimate Net Monitoring Tool? 293
Wired News is reporting that the equipment found in the "secret" NSA room at AT&T wasn't some elaborate device designed by Big Brother. Rather, it is a commercially available network-analysis product that any company could acquire. From the article: "'Anything that comes through (an IP network), we can record,' says Steve Bannerman, marketing vice president of Narus, a Mountain View, California, company. 'We can reconstruct all of their e-mails along with attachments, see what web pages they clicked on, we can reconstruct their VOIP calls.'"
Functional Spec and Deliverables (Score:5, Interesting)
From TFA, the deliverable:
We can reconstruct all of their e-mails along with attachments, see what web pages they clicked on, we can reconstruct their VOIP calls.
AT&T. Your world, delivered.
Hm. (Score:3, Interesting)
If enough large companies are purchasing these to the degree that a company manufactures this equipment...exclusively.. doesn't that strike an interesting chord?
One of the perks of living in Mt. View... (Score:2, Interesting)
Re:Hm. (Score:3, Interesting)
Does it make anybody else nervous that there is a market for these products? "off the shelf" products that can scale to this degree? If enough large companies are purchasing these to the degree that a company manufactures this equipment...exclusively.. doesn't that strike an interesting chord?
Supply and demand is somewhat elastic. Where I work right now we build fairly specialized traffic monitoring servers for the core and edge routers of ISPs. While we don't manufacture our own hardware, we do make use of hardware designed for traffic analysis like this and sold to numerous companies that create devices needing the same basic characteristics. Whether you are making a packet analyzer, a high-level forensic tool, a firewall, an IDS, a traffic shaper, or something else, you may very well need basically the same hardware. So maybe 50 customers want something as expensive as what Narus makes for the high end, that can handle that much throughput. If they are willing to pay enough, someone (like Narus) will build it. Regulation compliance budgets are pretty large this year.
Of course Narus probably did not start out selling a "snooping" device. Look at their customers. They are all major ISPs and telecoms. The smart money says they started as a way to track traffic for billing and expanded as their customers needed to comply with more government regulations.
And this is supposed to make me feel better? (Score:3, Interesting)
The equipment that former AT&T technician Ed Klein learned was installed in the NSA "secret room" in AT&T's San Francisco switching office isn't some sinister Big Brother box designed solely to help governments eavesdrop on citizens' internet communications."
Oh great - I feel so much better about that. I was just worried that the government might have EXCLUSIVE rights to spy on me! But, as long as it's all shared and everyone can do it, then I guess it's ok.
Thanks for the post - I'll sleep so much better now.
Damn - where's the sarcastic emoticon when you need it.
Bellyaching (Score:3, Interesting)
If they can't come up with anything specific that day, W. calls the RIAA and has them sue a dead woman. They want to make people so damn paranoid that one day they'll just turn around and say "Okay we're taking over your life, here is your itinerary for the day, don't alter this schedule. You have a bowel movement scheduled in 15 minutes". The vast majority will think its an awesome idea.
These stories are great to remind us what a wasteland this place has become, but they serve no real purpose if no one actually does anything about it.
Re:Encryption? (Score:3, Interesting)
Except, of course, that breaking encryption is the Holy Grail of Signal Intelligence. Sometimes, Traffic Analysis -- which is exactly what the NSA is doing here acording to the Wired article -- is just as interesting, and a lot easier to do.
Knowing that person A is talking to person B, and that the number of messages between the two is increasing, and where and when each message has been sent (not to mention what type of traffic is taking place) is also very informative. If you know A, a known terrorist, is exchanging a lot of messages with B, a PhD student in nuclear physics in a top-notch university, is enough to raise red flags all over the place, regardless of what kind of encryption is used to protect the messages themselves. Which is why NSA has illegally gone fishing in the first place.
Not just easily available, but free! (Score:3, Interesting)
Ethereal. Excellent tool, even for non black hats!
Field Proven! (Score:2, Interesting)
Can reconstruct emails? Not this one. (Score:3, Interesting)
Dear Narus,
i PxHsoCwtOeytveJ H49A==
-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.4.1 (GNU/Linux)
jA0EAwMCiGG6wLlc/6tgyUeJGySx1Ccd8lGe3ugi35iwgMr2y
r8fdeb237gtWNHzaen4DpYF9ibJ4E6DCxm8+yGpYcoP7bgEnz
=BJEi
-----END PGP MESSAGE-----
(created with "gpg -a -c"). Just a reminder that if you don't like people reading your email, you and your recipient can rather easily make sure nobody can practically do so.
The NSA could probably break one PGP message's encryption in a matter of hours (or maybe even minutes), but they couldn't break one million. How about we all really press our friends to get PGP keys made+signed and the software installed...and ENCRYPT EVERY SINGLE PERSONAL EMAIL to them? Good luck to the NSA trying to sift through all that crap.
Re:Tor (Score:4, Interesting)
I remember reading about the Freenet Guy's planned changes (moving freenet to a friend-based system where you connect along lines of trust rather than completely anonymously, and immediately thought that the unstated goal was to cut *those* people out as much as possible rather (or in addition to) than the scalability reasons given.
Hmm, better post this anonymously...
Comment removed (Score:3, Interesting)
Comment removed (Score:3, Interesting)
Expectations (Score:3, Interesting)
If you send/receive packets of data over a public connection, i.e. the internet, somehow you are expecting privacy? Hmmm. (notice the thoughtful pause) If you want or need privacy over a public medium, it seems simple to me. Use encryption.
Don't get me wrong, I hate big government and big government's intrusion into my personal life. But, I also do not see my internet activity as a personal/private activity. There are just too many people involved. Webmasters see me visiting their site. My ISP knows where I go and what I do. So, I assume there will be others knowing that stuff too. There may be dozens of people 'knowing' what my internet activity looks like. No, I do not like big brother recording everything. It will, however take an amazing database to house all the data while waiting to be filtered and I am doubtful that the end result will accomplish what they are striving for.
Re:Time enough (Score:2, Interesting)
While some might want to fight reactionary and all-too-corporate-backed legal policies with pithy appeals to such things as the "rule of law" and "human rights", this method pits such reactionary, corporate-backed legal policy against (drum roll...) corporate-backed legal policy!
Turning the overlord's law against itself, however, is something that will only get you figuratively crushed, if you don't know what you're doing. Are you sure you know what you're doing?
Re:Encryption? Why decrypt later? (Score:3, Interesting)
Just call them up. Make up your own scenarios. But, if LINUX users DON'T need the damned CD, why do windoze and Mac users need it. If you posit that you rebuild your machine every 6 weeks and you always lose your ISPs disk, or broke it by mistake, do you still need it? some of them will say, well, no, not ALWAYS, or no you don't NEED it...
Why is there no lobby against this bald-face lying on the part of ISPs?
Re:Encryption? Why decrypt later? (Score:3, Interesting)
-- the ISPs are getting marketing dollars by deploying the disks, and when each one is installed, it calls back to mshaft to verify that the ISP is entitled to marketing dollars, which then enables mshaft to bolster their OS useage counts (which can be negated or deflated when users successfully log in without the disk ever being installed, which means an employee NOT pushing the disk installation might lose commissions or deprive the ISP of marketing dollars....)
or,
-- the ISPs use the disk to gain access to unwary users' machines, and then use the validated information or sell pieces or all of the information (maybe de-identified?) to "third party partners" and such
As for those damned disks, I say if you SHIP the modem to the subscriber, and it is logically assumed there is no cloning of the MAC address, and the machine is directly connected to the C/M or DSL modem, then WHY WHY WHY on Earth is it a **MUST** that the end user install that disk? WHY?
I guess gates and henchmen are going to put a full-on press against the ISP, now, or again... Sounds like ripe anti-trust/anti-competitive territory.
US Government: This is MORE fodder for you in your quest to put a clamp in ms ass. Use this for ALL it's worth!
Until Linux/Open Source is a genuine WMD or bigger threat to the world than windoze is, I will NOT give up my OS of choice, and nor should any other individual, company, or government....
(There are SOME people who think I'm anti-government, that I'm an evil threat; far from it. I say what I think is right, and I reFUSE to suffer political bullshit just because some politico is afraid of losing eminence or turf or whatever. I call it like I see it. I am anti-effing-stupid-government, not anti-government. But, I suppose someone will try to explain that the two distinctions are by definition functionally equal and therefore I am still "totally" anti-government. WHEW!!!!)
Now, where o-h hwhere are those rit, lith, umm, chlo, umm.... PILLS???!!!!
adjusts EM-shielded strontium-coated tin foil hat...
Re:Article Is Spin, Of Course (Score:5, Interesting)
This device as designed and built for spying, and was placed into telcos everywhere on the PRETEXT of being useful for traffic analysis. Then the NSA came calling and bulldozed the telcos into giving them everything that goes through it.
Well, sort of. This device is (I believe) a modified version of what the ISPs have been using for a long time to let them accurately bill people for the services they offer and negotiate peering agreements and QoS contracts.
The fact of the matters is that Narus the company is run by an "Israeli immigrant" and is financed by, among others, an Israeli investment company, one of the partners of whom happens to have worked for the Israeli government, including a stint developing optical devices for the Israeli military.
Whoa, whoa, whoa there cowboy! Now I like a good conspiracy theory as much as the next guy, but you're making some pretty big and likely unwarranted leaps here. A whole lot of the traffic shaping, modeling, and balancing technology came out of Israel. The university there had a top notch network engineering program with a lot of smart people and patents coming out of it. Most moved to the US, where they could make money off of the .com boom and the aftermath. I know because I work with one of the professors who came over here to do that and let me tell you, he giggles way to much to be a mossad agent. I imagine anyone working in high-tech in Israel probably did some work for the military, especially if they were in academia.
And one of the directors on the board happens to be an "ex-" NSA guy...
So? I'm sure it helped them get the contract, and maybe helped them decide on the feature set. This is very common in the security industry. The company I work for has ex Microsoft people and ex-Cisco people. Surprise, surprise we sell to both of them. Another company we do a lot business with has ex Naval intelligence and NSA people. Guess who two of their big customers are? That is just the way the industry works. If you know people, you have an in and and often an advocate who helps to make the sale.
The reality is that this device was designed and built for spying by the Mossad, in collaboration with the NSA, and then sold to the telcos under a pretext, which was then altered by arm-twisting or payment to the telcos to sell out the US Constitution.
The reality is, some people found a niche and they filled it. This same type of functionality is needed for billing services and compliance with a number of government acts regarding lawful intercept, financing, security, and privacy assurance. Now maybe the NSA or AT&T requested added features to make this sort of activity easier. Maybe Narus came up with them on its own and sold them on it.
I certainly think it is being misused and in a way that violates the founding principals of our government. That does not mean it is some grand conspiracy and running off half-cocked spouting this sort of unsupportable nonsense isn't helping anything. All it is doing is reducing the credibility of those who argue to have this sort of thing stopped and distracting people from the real issue.
..or is that your intention? You certainly do enough rabble rousing and insulting. If you really want to help, stick to the facts, not the wild speculation.
Nonsense! TIA is operated against the law. (Score:3, Interesting)
When informed of Total Information Awareness, Congress loudly and firmly killed it, but the NSA did it anyway in secret. [csoonline.com]
This is a scandal of first order. The goal is unconstitutional, the attitude is nuamerican and the means are illegal. This is the kind of shit we fought the Cold War to avoid. I'm furious and you should be too.
As the American Taliban tightens it's grip on your reading, conversations and whereabouts, the terrorists win. A few bandits flying into buildings, even the destruction of an entire American city is not an excuse to destroy the things this country stands for. A few more slips down the slope and you wont be able to tell the difference between the Axis of Evil and home.
Could the government log all postal activity? (Score:4, Interesting)
This got me thinking... according to this link: Handwritten address interpretation [buffalo.edu]:
(emphasis mine.)So, it's only a small step to record all that metadata for every letter sent within the USA. Just have postmasters general submit the day's scan logs to the gov't for review for possible terrorist links, and, by the way, archive all th information received. This information could include:
So, maybe you were just joking, but from what I've seen lately, I'd have to suspect that this may already in place... can anyone corroborate this?
Re:There is oversight ... (Score:3, Interesting)
Furthermore, Sen. Patrick Leahy (D-VT) wrote a hand-written letter to Cheney years ago saying he objected to the program when it was disclosed to him. The letter was, of course, ignored by the Adminstration.