lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 11 Aug 2013 19:39:57 -0500
From: Grandma Eubanks <>
To: Michal Purzynski <>
Cc: Full-Disclosure mailing list <>
Subject: Re: XKeyscore sees 'nearly EVERYTHING you do

On Sun, Aug 11, 2013 at 2:47 PM, Michal Purzynski <> wrote:

>  On 8/11/13 4:16 AM, Pedro Luis Karrasquillo wrote:
> TAPs are no longer physical devices a spy installs on a wire somewhere.
> NSA picks this up remotely via a very secret SNMP command. I explained
> this in detail here:
>   I been in networking since 1996...
> And never got my 5 minutes of fame, so decided to try here. Bad idea, I
> would say, too many smart people here.
> That's actualy a very laughable, so I enjoyed it!
> So, NSA throws a super secret black boxes everywhere. They have to be
> black, so the spy-climate is dense enough.
> You are in networking from so long, tell me than. In order to intercept a
> lot of traffic, would you rather do it like described and spent lots of
> money, do a lots of cabling (packets needs them, you know?) and maintain
> tons of the boxes, or just tap fibres and get the same packets wholesale?
> That would be a very, very bad design to do the number 1 design. Taping is
> just easier and there's less people involved.
> Also, that's even more funny, because we actualy know that SNMP and MIB
> are for and it just blowns your story. How do you monitor packets via SNMP?
> Say, you have your top secret command and the router/switch/firewall starts
> shipping packets to NSA... but WHERE? How do they appear on a target box?
> Magic? UFO? Mind reading?
> You would need a CABLE from MANY devices to your collecting server. Too
> many of them to make it possible. Kind of a span port I guess. But you
> would overflow it quickly, too. So you need many span ports from each of
> the devices... so many that next time I make a business plan and buy a new
> network gear, I will have to factor that in and add a "we need 10 more
> ports for NSA, but don't ask about it".
> BTW, I've figured out the Top Super Secret Umbra Venona key. It's
> described here, in plaintext.
> Now, NSA will have all of us killed. Too bad I'm in the car, might be able
> to escape. Let me turn off all my cellphones or even throw them away, just
> in case. Or maybe abandon my car, and walk - looking over my shoulder from
> time to time and taking a circular route.
> So, you don't need a secret SNMP command, you can just configure your span
> port / mirroring port. In order to intercept that amount of traffic you
> would need to span so many devices that it's impossible. See also the span
> port overflow remark.
> Oh and bad shoot with the "MIBs" too. They are just ... numbers
> representing what kind of info do you want (more or less). There's no magic
> either.
> Of course, because you need so many span ports, it's a worldwide
> conspiracy among most of the ISP network engineers - someone has to connect
> the cable, you know. Or is the cable translucent and invisible? And
> connected to the invisible port, too? Now I feel that all these years I've
> been working at ISP I was missing out a lot of crazy and fancy work!
> SURE they are intercepting lots of data, but doing it in a most smart and
> efficient way possible - they got some Big Brainz behind it, too.
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:
> Hosted and sponsored by Secunia -

Content of type "text/html" skipped

Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia -

Powered by blists - more mailing lists