lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <51FBA0E6.8050900@rsbac.org>
Date: Fri, 02 Aug 2013 14:07:02 +0200
From: Michal Purzynski <michal@...ac.org>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: XKeyscore sees 'nearly EVERYTHING you do
	online

On 8/2/13 1:21 PM, Gary Baribault wrote:
> Having access to the building is ok, but you still need to sniff the 
> fibre, and in a centre like that any tap would be found quickly by one 
> tech or another .. the guys from NANOG are good, so the deal must be 
> with the carriers.
>
The guys from NANOG are great indeed, but that's way above them :)

Deal with carrier is a one thing, silent deals with IX another. And 
surely they do both. You can also tap in many places when cable is going 
from/to the ocean (needs a carrier deal, so what? Easy.)

Also, there's a lot of carrier connectivity on wireless - think 
satellite, or directed micro waves links. It's much easier to use a 
satelite for say, a phone calls than connecting your XX islands with a 
fibre.

Guess what these guys are doing:
1. https://en.wikipedia.org/wiki/Special_Collection_Service
2. FORNSAT
3. SSO, which is the Special Source Operations division, the branch of 
NSA which taps cables, finds microwave paths, and otherwise collects 
data not generated by F6 or foreign satellites. (from Wikipedia)

I just wonder how many of the under water cable "repairs" were caused by 
a real incidents, and how many not really ;) There's no magic, you need 
to disconnect the cable for a while to tap it.
> If it's a 'legit' connection then No Problèmo
>
> Gary B
>
>  On 08/02/2013 07:04 AM, Joseph Jackson wrote:
>>
>> Why would they need to peer with all tier 1s?  If you get access to 
>> the major exchange points (1 wilshire, 60 hudson, etc) you will get 
>> the majority of traffic.
>>
>> *From:*Full-Disclosure 
>> [mailto:full-disclosure-bounces@...ts.grok.org.uk] *On Behalf Of *XF
>> *Sent:* Thursday, August 01, 2013 3:47 PM
>> *To:* Gary Baribault
>> *Cc:* full-disclosure@...ts.grok.org.uk
>> *Subject:* Re: [Full-disclosure] XKeyscore sees 'nearly EVERYTHING 
>> you do online
>>
>> So you think this is real ? All Tiers 1 would be partner with NSA ? 
>> Even in Europ ? This sound crazy
>>
>>
>> Le 1 août 2013 à 22:19, Gary Baribault <gary@...ibault.net 
>> <mailto:gary@...ibault.net>> a écrit :
>>
>>     Don't forget that they also have to back haul that data to their
>>     data centres !! They would have to have secret agreements with
>>     all of the Tier 1 carriers. Sure sounds far fetched!
>>
>>     Gary B
>>
>>
>>     On 08/01/2013 03:51 PM, XF wrote:
>>
>>         Right. But where are their tap ? In Internet Exchange Point ?
>>         In AS ? And how can they do that ? "Hello, I'm NSA, can I get
>>         a TAP on your network" :-)  This would say that ISP agree and
>>         the amount of data to transfer would be so vast . How can
>>         they transfer all this amount of data into their system ??
>>
>>
>>         Le 1 août 2013 à 20:56, Gary Baribault <gary@...ibault.net
>>         <mailto:gary@...ibault.net>> a écrit :
>>
>>             Optically tapping ALL of the submarine cable going into
>>             and out of the U.S. would still not give them ALL of the
>>             claimed data. They have to be tapping all of the major
>>             traffic exchange sites in the U.S. to get this kind of data.
>>
>>             Gary B
>>
>>              On 08/01/2013 11:31 AM, XF wrote:
>>             > Did you understood how
>>
>>                         they collect data ? This is not clear for
>>             me...ISP backdoor
>>
>>                         ? Optical tap on sub marine wire ?
>>
>>                         >
>>
>>                         > Le 1 août 2013 à 16:26, Georgi Guninski
>>             <guninski@...inski.com> <mailto:guninski@...inski.com>
>>
>>                         a écrit :
>>
>>                         >
>>
>>                         >> it will be interesting to me what will
>>             remain of
>>
>>                         the nsa
>>
>>                         >> when the chinese comrades stop giving
>>             fresh money
>>
>>                         to the usa.
>>
>>                         >>
>>
>>                         >> Detroit news are not very pink.
>>
>>                         >>
>>
>>                         >> On Thu, Aug 01, 2013 at 11:20:27PM +1200, Hugh
>>
>>                         Davenport wrote:
>>
>>                         >>> meanwhile, in new zealand, prime minister
>>
>>                         suggests that we aren't
>>
>>                         >>> the slaves for nsa...
>>
>>                         >>>
>>
>>                         >>> On 2013-08-01 19:23, Georgi Guninski wrote:
>>
>>                         >>>> XKeyscore sees 'nearly EVERYTHING you do
>>
>>                         online
>>
>>                         >>>>
>>
>>                         >>>>
>>
>>             http://www.theregister.co.uk/2013/07/31/prism_put_in_the_shade_by_leak_about_even_more_powerful_snoop_tool/
>>
>>                         >>>> New NSA tool exposed: XKeyscore sees
>>
>>                         'nearly EVERYTHING you do online'
>>
>>                         >>>>
>>
>>                         >>>> From the presentation:
>>
>>                         >>>> * Show me all the exploitable machines in
>>
>>                         country X
>>
>>                         >>>>
>>
>>                         >>>> * How do I find a cell of terrorust that
>>
>>                         has no
>>
>>                         >>>> connection to known strong-selectors
>>
>>                         >>>> **Anomalous events
>>
>>                         >>>> ***Someone who is using encryption
>>
>>                         >>>>
>>
>>                         >>>>
>>
>>                   _______________________________________________
>>
>>                         >>>> Full-Disclosure - We believe in it.
>>
>>                         >>>> Charter:
>>             http://lists.grok.org.uk/full-disclosure-charter.html
>>
>>                         >>>> Hosted and sponsored by Secunia -
>>             http://secunia.com/
>>
>>                         >>>
>>
>>                         >>>
>>             _______________________________________________
>>
>>                         >>> Full-Disclosure - We believe in it.
>>
>>                         >>> Charter:
>>             http://lists.grok.org.uk/full-disclosure-charter.html
>>
>>                         >>> Hosted and sponsored by Secunia -
>>             http://secunia.com/
>>
>>                         >>
>>
>>                         >>
>>             _______________________________________________
>>
>>                         >> Full-Disclosure - We believe in it.
>>
>>                         >> Charter:
>>             http://lists.grok.org.uk/full-disclosure-charter.html
>>
>>                         >> Hosted and sponsored by Secunia -
>>             http://secunia.com/
>>
>>                         >
>>
>>                         > _______________________________________________
>>
>>                         > Full-Disclosure - We believe in it.
>>
>>                         > Charter:
>>             http://lists.grok.org.uk/full-disclosure-charter.html
>>
>>             > Hosted and sponsored by Secunia - http://secunia.com/
>>
>>             _______________________________________________
>>             Full-Disclosure - We believe in it.
>>             Charter:
>>             http://lists.grok.org.uk/full-disclosure-charter.html
>>             Hosted and sponsored by Secunia - http://secunia.com/
>>
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/


Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ