lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
From: adam at hif.hu (Szilveszter Adam)
Subject: Wiretap or Magic Lantern?

Although this thread has now been more of a "full-discourse" :-) than 
anything else, let me add a few points here:

The fact that there is some advanced technology that we know (and may be 
some more that we don't know) about for text gathering and analysis and 
the fact that huge databases can be compiled of such information does 
not answer the question if it is feasible for a given task.

If all you are after is some general surveillance that is not directed 
at anybody in particular, but is more of the "keeping tabs on stuff as 
it happens" than sure, the tools are already there and there are several 
agencies around the world with the funding to use them. (This is like 
the radio surveillance that was very common during the Cold War: both 
sides had huge radio interception stations to monitor communictaions, 
both broadcasts and not. Those stations in many cases still exist btw, 
but we are not so sure what they are used for atm :-) This kind of 
operation is intended to call attention to activity that you might want 
to check out more closely, but in and of itself is not focused enough to 
gather info on say a particular individual or group. Btw this kind of op 
is a good supplement to other traditional methods like screening public 
and semi-public news channels and piecing together the "big picture" 
reading both the lines and between them. Big depts of your favourite 
spooking agencies do this everywhere.

If, on the other hand, you are after a specific person or group, you 
want to be more sure. For ex, if you want to get at all their phone 
calls or emails, your safest bet is still to sit right on their outgoing 
line (or at the first junction at the latest) in order not to miss out 
on anything. If the subject of your observation has several outgoing 
lines, well tough, you have to sit on them all. Otherwise, your subject 
might use for example Internet routes that do *not* cross the US, so 
your super spying equipment might not catch it. Today, the routing 
infrastructure is not as much dependent on the US as it used to be even 
a couple of years ago. For an example, try a traceroute from somewhere 
in Europe (I tried from Hungary) to say Irkutsk in the Russian 
Federation. While a couple of years ago your route would most certainly 
go through Frankfurt - London - New York - San Francisco and therefore 
would be very convenient for any US agencies, today it goes through eg 
Frankfurt - Stockholm - St. Petersburg - Moscow, bypassing the US 
entirely, which means that in the meantime our Russian friends have 
heavily inevested in the Trans-Siberian lines. Tough luck for any 
US-located spying equipment. And knowing that today even North Korea and 
Cuba have Internet access, we understand that inter-AS routing has 
become more of a politicum than ever before.

This is why traffic interception normally happens at the end provider 
level, because there you are much better situated to get all the info. 
In many (most?) countries the providers are obligated by law to allow 
this interception, install the necessary equipment and to not tell you 
about it. And quite often they must foot the bill too. If you look at 
the debates eg in Germany about the new Telecommunications Act this 
issue is very much in the news. Search for "preventive data interception 
and warehousing".

Regards:
Sz.


Powered by blists - more mailing lists