The evidence from the Electronic Frontier Foundation's suit against AT&T indicates that the pen-register (phone call records) and call-graph analysis is really just the tip of the iceberg. The equipment that the NSA installed in AT&T's main switching and routing centers is known, it is made by Naurus Inc., and the frightening capabilities of the equipment are posted on that company's website.
Naurus' equipment is designed to do phone and Internet wiretapping on a massive scale. The company has extensive links to telecom, law enforcement, defence contractors, and intelligence agencies in the US as well as the old-boys club of major finance and consulting firms. Naurus also provides services to repressive regiemes such as Egypt and Saudi Arabia.
Here is a research dump of the evidence of these technical capabilities and business links I have found so far:
AT&T provided National Security Agency eavesdroppers with full access to its customers' phone calls, and shunted its customers' internet traffic to data-mining equipment installed in a secret room in its San Francisco switching center, according to a former AT&T worker cooperating in the Electronic Frontier Foundation's lawsuit against the company.
"While doing my job, I learned that fiber optic cables from the secret room were tapping into the Worldnet (AT&T's internet service) circuits by splitting off a portion of the light signal," Klein wrote.
The split circuits included traffic from peering links connecting to other internet backbone providers, meaning that AT&T was also diverting traffic routed from its network to or from other domestic and international providers, according to Klein's statement.
The secret room also included data-mining equipment called a Narus STA 6400, "known to be used particularly by government intelligence agencies because of its ability to sift through large amounts of data looking for preprogrammed targets," according to Klein's statement.
All About NSA's and AT&T's Big Brother Machine, the Narus 6400"
by bewert Fri Apr 07, 2006
Specifically, this equipment was the Narus ST-6400, a machine that was capable of monitoring over 622 Mbits/second in real time in May, 2000, and capturing anything that hits its' semantic (i.e. the meaning of the content) triggers. The latest generation is called NarusInsight, capable of monitoring 10 billion bits of data per second."
* Universal data collection from links, routers, soft switches, IDS/IPS, databases, etc. provides total network vew across the world's largest IP networks.
* Normalization, Correlation, Aggregation and Analysis provide a comprehensive and detailed model of user, element, protocol, application and network behaviors, in real time.
* Seven 9s reliability from data collection to data processing and analysis.
* Industry-leading packet processing performance that supports network speeds of up to OC-192 [10 Gbit/sec - internet backbone capacity] at layer 4 [the TCP or transport layer] and OC-48 [2.5 Gbit/s - often the largest lines in major regional carrier networks] at layer 7 [The application layer: web, email, VoIP, etc.] enabling carriers to monitor traffic at either the edge of the network or at the core.
* Unsurpassed and limitless scalability to support the world's largest, most complex IP networks.
* Unparalleled flexibility -- NarusInsight's functionality can easily be configured to meet any specific customer requirement (Narus Software Developer Kit -SDK).
* Unparalleled extensibility -- NarusInsight's functionality can easily be configured to feed a particular activity or IP service such as security, lawful intercept or even Skype detection and blocking."
"NarusInsight(TM) Intercept Suite (NIS)
* CALEA- and ETSI-compliant modules for lawful intercept featuring a robust warrant management system. Capabilities include playback of streaming media (for example, VoIP), rendering of Web pages, examination of e-mails and the ability to analyze the payload/attachments of e-mail or file transfer protocols.
* Proprietary directed analysis monitoring and surveillance module offering seamless integration with the NSS or other DDoS, intrusion or anomaly detection systems, securely providing analysts with real-time, surgical targeting of suspect information (from flow to application to full packets).
NarusInsight(TM) Discover Suite (NDS)
NDS supports detection of the following services and protocols for the purposes of billing, quality of service (QoS), planning, reporting, provisioning as well as blocking:
* VoIP (SIP, H.323, MGCP)
* Streaming media (RTP, RTCP, RTSP)
* Peer-to-peer (Gnutella, BitTorrent, KaZaa, eDonkey, etc.)
* Web browsing
* e-Mail (SMTP, POP3, IMAP)
* Messaging (IM, MMS)
* Push to talk
Lawful Intercept and Regulatory Compliance
Recent government regulations and the resulting standards referenced under CALEA in the United States and ETSI in Western Europe are designed to preserve law enforcement's ability to conduct authorized electronic surveillance while preserving public safety and the public's right to privacy. Moreover, as carriers migrate to next-generation networks (NGN), and deliver Services over IP (SoIP), the volume and complexity of the data required to deliver to law enforcement increases dramatically. NarusInsight's Intercept Suite of application modules enable carriers and service providers around the world to comply with these new regulations in the multi-faceted world of Service over IP.
With its patented technology and processes, Narus helps customers like AT&T, Brasil Telecom, Korea Telecom, KDDI, Telecom Egypt, Saudi Telecom, France Telecom and T-Mobile in areas of network security, traffic classification and monitoring.
Narus is headquartered in Mountain View, CA (USA) with offices throughout North America, EMEA (France, Germany, U.K.), Asia (Japan, Korea, China), and Brazil. Core product development is done in Mountain View with additional development facilities in Bangalore, India.
Naurus executives have past employment links to:
IBM Global Services
(and others less well-known)
Naurus Board of Directors:
William P. Crowell is an independent security consultant and holds several board positions with a variety of technology and technology-based security companies. Since 9/11 he has served on the Defense Advanced Research Projects Agency (DARPA) Task Force on Terrorism and Deterrence, the National Research Council Committee on Science and Technology for Countering Terrorism and the Markle Foundation Task Force on National Security in the Information Age. Bill's past positions have included President and Chief Executive Officer of Cylink, a leading provider of e-business security solutions as well as a series of senior positions at the National Security Agency, including Deputy Director of Operations and Deputy Director of the Agency. He has also served as chairman of the President's Export Council (PEC) Subcommittee on Encryption, which worked with the Administration, Congress and private industry to substantially loosen restrictions on the export of encryption products and technology.
Other Naurus board members have past employment links to:
Booz, Allen & Hamilton
GE Equity, a division of GE Capital
JPMorgan Partners, the private equity investment arm of J.P. Morgan Chase & Co.
Bankers Trust and Prudential Securities, Inc.
Naurus regional partners:
Carahsoft Technology Corp. is offering Narus' high performance IP security, monitoring and traffic classification solutions to government agencies on GSA schedule. Carahsoft Technology Corp. is a trusted government IT solutions provider delivering software and support solutions to Federal, State and Local government agencies. The Carahsoft Team has a proven history in helping government agencies find the best possible technology solution, at the best possible value. With a deep understanding of the technologies we provide, as well as thorough knowledge of the government procurement process, Carahsoft offers needs analysis, configuration support, ease of ordering and special government pricing. GSA Schedule # GS-35F-0131R. 888-662-2724
FITec Technology Innovations is making Narus' leading real-time traffic insight solutions accessible to telecommunications service providers in Brazil. FITec, a top technology innovator and integrator in Brazil, is using Narus' software to provide Brazilian carriers with security, analysis, monitoring and mediation applications, all based on Narus' ability to capture and analyze IP traffic in real time.
... Its main areas of expertise include IPTV, NGN and VoIP technologies.
Info Quest is the largest Greek IT company...
Naurus technology parners:
ManTech International Corporation
is a leading provider of innovative technologies and solutions for mission-critical national security programs for the Intelligence Community; and the Departments of Defense, State, Homeland Security, and Justice; the Space Community; and other U.S. federal government customers. ManTech's expertise includes systems engineering, systems integration, technology and software development, enterprise security architecture, information assurance, intelligence operations support, network and critical infrastructure protection, information technology, communications integration and engineering support.
ManTech Board members include:
Richard L. Armitage, former Deputy Secretary of State
Admiral David E. Jeremiah, USN Ret., also on boards of Wackenhut Services, Inc., advisory board Northrop Grumman, the President's Foreign Intelligence Advisory Board, the Defense Policy Board and the National Reconnaissance Office Advisory Panel.
Richard J. Kerr, former Deputy Director for Central Intelligence, Scientific Advisory Board of the National Security Agency and the Board of Visitors of the Joint Military Intelligence College and is currently on the advisory boards of the Los Alamos National Laboratory, the Sandia National Laboratory and the Lawrence Livermore Laboratory.
Dr. Paul G. Stern, former CEO of Northern Telecom [Nortel] anf former President of Unisys, He currently serves on the Board of Directors of Whirlpool Corporation and Dow Chemical Company. Additionally, he is the Treasurer of the Board of Trustees of the John F. Kennedy Center for Performing Arts, serves on the Board of Trustees of the Library of Congress, and is a member of the Board of Directors of the Business Executives for National Security.
Over the past 20 years, Pen-Link Ltd has developed two core software products for telecommunications intelligence collection, recording, monitoring, analysis, and reporting: Pen-Link 8 and LINCOLN 2. Together, these two software technologies provide a complete system solution for any electronic surveillance (wire line, wireless, satellite, ISP or VoIP). Pen-Link clients include the State Department, Department of Homeland Security, US Marshals, US Secret Service, and hundreds of state and local law enforcement agencies.
[See the "products" link at the top of the Pen-Link site for information.]
Pen-Link v7.0 for Windows is the most complete law enforcement PC-based software system on the market.
The LINCOLN [Local Intercept Network Collection-On Line Network] System provides a complete data collection solution for telephonic intercepts. LINCOLN digitally records call content and call details from proprietary telecommunications switch formats.
Headline on Pen-link website:
SS8 Networks Partners with Pen-Link in Global Distribution Deal to Create Industry's Most Complete Lawful Intercept Solution
The partnership expands SS8 Networks' portfolio to include Pen-Link's LINCOLN® 2 collection server, a high-end data collection and monitoring platform that stores and tracks activity of specific targeted individuals. SS8 Networks' customers also now have access to the Pen-Link 8 analysis software as part of the portfolio. This software provides the ability to provide multi-dimensional analysis of target individual's telephone calls, emails, push-to-talk conversations and multimedia messaging -- critical capabilities for law enforcement officials as suspect individuals continue to leverage IP-based network architectures and mobile devices for voice and other communication services.
.... Through a series of extended relationships, lawful intercept solutions are now also available for government and law enforcement agencies worldwide. SS8 Networks' solutions are installed in global tier one wireless, wireline, VoIP and cable networks and are also available through a channel of major international switch vendors.
See SS8 Xcipio for details on SS8's intercept product.
... a clear need has emerged to create products and standards that can also enable interception of IP-based communications.
To address this need, SS8 Networks has combined its existing lawful intercept technology for voice and data networks into a single product called Xcipio(TM), a cost-effective solution for provisioning, delivery, and recording activities of lawful interception.
Xcipio's modular architecture supports lawful intercept requirements for both domestic and international markets as well as multiple delivery standards for traditional circuit-switched (wireless and wireline), next generation packet, ISP, and hybrid networks.
[SS8 is not a Naurus partner, but a partner of a partner.]
Naurus technology partner:
Visual Sciences, LLC is the leading provider of streaming data analysis software products and on-demand services to Fortune 1000 enterprises and government agencies. The most information-driven enterprises depend on Visual Sciences' real-time analysis platform -- Platform 4 -- and suite of applications built upon it to collect, process, analyze and visualize their data for decision making.
Visual Call delivers real-time intelligence about the usage and performance of large and complex interactive voice response, call management and computer telephony networks, systems and services. Visual Call provides the most complete solution available for interactive voice channel and call detail analytics, offering unrivaled flexibility and scalability. Visual Call is the only product in its market to offer a comprehensive view of the activity of the voice channel --including all caller activity at any and all levels of detail...
Visual Sciences' client base includes one or more of the world's largest retail banks, consumer credit companies, insurance companies, mortgage origination companies, global hospitality and lodging companies, global airlines, U.S. Government Agencies, business and consumer computer systems companies, security, transaction services and trust companies, networking products companies, global telecommunications service providers, global retailers, and newspaper and magazine publishing companies. Visual Sciences does not publicly disclose the names of our more than fifty (50) Fortune 1000 enterprise clients and U.S. Government agencies and more than five hundred (500) Internet and voice properties because of our privacy agreements with our clients.