[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
latest Snowden docs show NSA intercepts all Google and Yahoo DC-to-DC traffic
- Subject: latest Snowden docs show NSA intercepts all Google and Yahoo DC-to-DC traffic
- From: dmiller at tiggee.com (David Miller)
- Date: Fri, 01 Nov 2013 13:44:18 -0400
- In-reply-to: <CAMfXtQxCmzm+zn+ncn_LfCxwuWyB6pePF-Xd+Q50P7Cg4=Adxg@mail.gmail.com>
- References: <[email protected]> <[email protected]> <CAL2Ut99z3YBB6i559zeWPY7=XXBPYaKN+MrqERP+KJHfci5u8g@mail.gmail.com> <CAMfXtQxCmzm+zn+ncn_LfCxwuWyB6pePF-Xd+Q50P7Cg4=Adxg@mail.gmail.com>
On 11/01/2013 01:08 PM, Gary Buhrmaster wrote:
> On Fri, Nov 1, 2013 at 4:43 AM, Anthony Junk <anthonyrjunk at gmail.com> wrote:
> ...
>> It seems as if both Yahoo and Google assumed that since they were private
>> circuits that they didn't have to encrypt.
>
> I actually cannot see them assuming that. Google
> and Yahoo engineers are smart, and taping fibres
> has been well known for, well, "forever". I can
> see them making a business decision that the
> costs would be excessive to mitigate against
> taping(*) that would be allowed under the laws
> in any event.
>
> Gary
>
> (*) "A" mitigation was run the fibre through your
> own pressured pipe which you monitored for loss
> of pressure, so that even a "hot tap" on the pipe
> itself would possibly be detected (and there are
> countermeasures to countermeasures
> to countermeasures of the various methods).
> And even then, you had to have a someone walk
> the path from time to time to verify its integrity.
> And I am pretty sure there is even an NSA/DOD
> doc on the requirements/implementation to do
> those mitigations.
>
Given what we now know about the breadth of the NSA operations, and the
likelihood that this is still only the tip of the iceberg - would anyone
still point to NSA guidance on avoiding monitoring with any sort of
confidence?
There has always been cognitive dissonance in the dual roles of the NSA:
1. The NSA monitors.
2. The NSA provides guidance on how to avoid being monitored.
Conflict?
-DMM
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 555 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20131101/718d90fd/attachment.bin>