lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 1 Aug 2013 18:47:59 -0400
From: Jeffrey Walton <noloader@...il.com>
To: Gary Baribault <gary@...ibault.net>
Cc: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>
Subject: Re: XKeyscore sees 'nearly EVERYTHING you do
	online

On Thu, Aug 1, 2013 at 6:36 PM, Gary Baribault <gary@...ibault.net> wrote:
> I think the NSA could twist arms in the U.S. and I think that they could
> have a deal with the U.K. and maybe Canada, what I have HUGE doubts about is
> how they transport all of that data back to their data centres, unless they
> have a massive quantity of dark (private) fibre that no one knows about.
It does not appear to be a centralized architecture. According to
slides, they have servers situated all around the world. Per slide 5,
there are 500+ servers. According to slide 7, there are 700+ servers
at 150 sites throughout the world. The reason for the difference in
numbers of servers is not readily apparent.

When an analysts performs a query, the servers return the appropriate data.

Jeff

> On 08/01/2013 04:46 PM, XF wrote:
>
> So you think this is real ? All Tiers 1 would be partner with NSA ? Even in
> Europ ? This sound crazy
>
>
>
> Le 1 août 2013 à 22:19, Gary Baribault <gary@...ibault.net> a écrit :
>
> Don't forget that they also have to back haul that data to their data
> centres !! They would have to have secret agreements with all of the Tier 1
> carriers. Sure sounds far fetched!
>
> Gary B
>
>
> On 08/01/2013 03:51 PM, XF wrote:
>
> Right. But where are their tap ? In Internet Exchange Point ? In AS ? And
> how can they do that ? "Hello, I'm NSA, can I get a TAP on your network" :-)
> This would say that ISP agree and the amount of data to transfer would be so
> vast . How can they transfer all this amount of data into their system ??
>
>
> Le 1 août 2013 à 20:56, Gary Baribault <gary@...ibault.net> a écrit :
>
> Optically tapping ALL of the submarine cable going into and out of the U.S.
> would still not give them ALL of the claimed data. They have to be tapping
> all of the major traffic exchange sites in the U.S. to get this kind of
> data.
>
> Gary B
>
>  On 08/01/2013 11:31 AM, XF wrote:
>> Did you understood how they collect data ? This is not clear for me...ISP
>> backdoor ? Optical tap on sub marine wire ?
>>
>> Le 1 août 2013 à 16:26, Georgi Guninski <guninski@...inski.com> a écrit :
>>
>>> it will be interesting to me what will remain of the nsa
>>> when the chinese comrades stop giving fresh money to the usa.
>>>
>>> Detroit news are not very pink.
>>>
>>> On Thu, Aug 01, 2013 at 11:20:27PM +1200, Hugh Davenport wrote:
>>>> meanwhile, in new zealand, prime minister suggests that we aren't
>>>> the slaves for nsa...
>>>>
>>>> On 2013-08-01 19:23, Georgi Guninski wrote:
>>>>> XKeyscore sees 'nearly EVERYTHING you do online
>>>>>
>>>>>
>>>>> http://www.theregister.co.uk/2013/07/31/prism_put_in_the_shade_by_leak_about_even_more_powerful_snoop_tool/
>>>>> New NSA tool exposed: XKeyscore sees 'nearly EVERYTHING you do online'
>>>>>
>>>>> From the presentation:
>>>>> * Show me all the exploitable machines in country X
>>>>>
>>>>> * How do I find a cell of terrorust that has no
>>>>> connection to known strong-selectors
>>>>> **Anomalous events
>>>>> ***Someone who is using encryption

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists