[liberationtech] PRISM: NSA/FBI Internet data mining project

Eugen Leitl eugen at leitl.org
Fri Jun 7 06:47:59 PDT 2013 

----- Forwarded message from Mark Seiden <mis at seiden.com> -----

Date: Thu, 6 Jun 2013 22:57:07 -0700
From: Mark Seiden <mis at seiden.com>
To: jamie rishaw <j at arpa.com>
Cc: goemon at anime.net, NANOG <nanog at nanog.org>
Subject: Re: PRISM: NSA/FBI Internet data mining project
X-Mailer: Apple Mail (2.1508)

On Jun 6, 2013, at 10:25 PM, jamie rishaw <j at arpa.com> wrote:

> <tinfoilhat>
> Just wait until we find out dark and lit private fiber is getting vampired.
> </tinfoilhat>
> 

well, that's exactly and the only thing what would not surprise me, given the eff suit 
and mark klein's testimony about room 421a full of narus taps.   mark klein is an
utterly convincing and credible guy on this subject of tapping transit traffic.

but the ability to assemble intelligence out of taps on providers' internal connections 
would require reverse engineering the ever changing protocols of all of those providers.  
and at least at one of the providers named, where i worked on security and abuse, 
it was hard for us, ourselves, to quickly mash up data from various internal services 
and lines of business that were almost completely siloed  -- 
data typically wasn't exposed widely and stayed  within a particular 
server or data center absent a logged in session by the user.  

were these guys scraping the screens of non-ssl sessions of interest in real time?
with asymmetric routing, it's hard to reassemble both sides of a conversation, say
in IM.  one side might come in via a vip and the other side go out through the default
route, shortest path. only *on* a specific internal server might you see the entire 
conversation.  typically only the engineers who worked on that application would
log on or even know what to look for.

and also, only $20m/year?  in my experience, the govt cannot do anything like this 
addressing even a single provider for that little money.

and pretty much denials all around.   so at the moment, i don't believe it.  

(and i hope it's not true, or i might have to leave this industry in utter disgust
because i didn't notice this going on in about 8 years at that provider and it was
utterly contrary to the expressed culture.   

take up beekeeping, or alcohol, or something.).

> 
> 
> -- 
> Jamie Rishaw // .com.arpa at j <- reverse it. ish.
> arpa / arpa labs



----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5

More information about the liberationtech mailing list