$400 million network upgrade for the Pentagon

Mailman List Mirror (Read Only)
1

Unnamed Administration sources reported that Brad Knowles said:

  I'm sure that they have all sorts of methods. On the other hand,
cellphones make devilishly difficult "bugs" to eliminate,

Not at all.

The entry guard says "No Cell Phones".. and [s]he has the gun.
You can whine and pout but [s]he still has the gun.

THAT is how you solve that issue. No shield rooms needed.

I had some bozo try to bring his pagers into my [1] SCIF once.
"But Man, I NEED my pagers.." {"I am SO important, in my eyes at
least, that you can not strip me of my status symbols.."}

I offered that he could keep the pager-pieces after I smashed
them.... and he decided he did not NEED them after all. They
stayed in the unclass area on someone's desk, someone who could
call me if they went off. They did not.

[1] I was the SCIF Security Officer; what a thankless role..

2

Ok, let's make this operation l for one second. This is something I've
always wondered and I have an idea but...

What is the real possibility that there is some sort of structured
monitoring system in place say on the backbone level. Bad fbi meat
eating programs asside I mean really something useful. Can the nsa for
example listen in somehow to eering points or other such common areas
and observe things that interest them? I know the answer in the voice
network is yes but that's technically easier. On the ip network that
would seem to be m uch more difficult.

3

Well, what's a "peering point"? Most traffic does not traverse public
peering points, domestically. So, in order to look at enough traffic to make
it worthwhile, the .gov would have to optically tap all the private peering
x-connects between major carriers. That is a major endevour, and would
surely be eventually discovered (probably sooner, rather than later). And,
of course, the equipment needed to actually look at that data, at line rate,
would be difficult to conceal.

There are also numerous rules against doing this sort of thing domestically.

Sniffing peering traffic internationally would actually be much easier, for
both legal and technical reasons. Linx is the largest public exchange in the
world, by traffic, for example. However, I doubt that equipment to sniff
17gb/sec of data actually exists at the moment.

It's much easier to get this sort of data, closer to the endpoints - the
subject's mail server, keyboard, monitor, a dialup RAS, or a span port off
of the provider's ethernet switch. The closer you get to the hypothetical
"center" of the internet, the more data there is to sort through,
complicating the task.

On the other hand, tapping undersea optical fibers is appearently no
problem, currently, and will get easier when the USS Jimmy Carter (SSN23), a
specially modified Seawolf sub, comes on line in a bit. It is alleged to
have a removable module that is specifically designed for tapping undersea
fiber optic cables without any interuption of current or light level.

- Daniel Golding

4

When I was there, they never searched anyone's purse, bag, or briefcase. So, just leave it inside while you briefly wave your badge at the guard while you walk briskly through, right along with the tens of thousands of other people doing the same.

5

                                                         Can the nsa for
example listen in somehow to eering points or other such common areas
and observe things that interest them?

  Yup. Google for "ECHELON" and read the lengthy report that was prepared for the government of the European Union.

                                      I know the answer in the voice
network is yes but that's technically easier. On the ip network that
would seem to be m uch more difficult.

  Not for the NSA. Indeed, voice has to be converted to data in order to go through the search algorithms, so it's actually a lot easier to just search data that doesn't have to first be converted.

6

Well, what's a "peering point"? Most traffic does not traverse public
peering points, domestically. So, in order to look at enough traffic to make
it worthwhile, the .gov would have to optically tap all the private peering
x-connects between major carriers.

  Nope. Just have them do the work for them. If they want to be more covert, they can just sniff the massive amounts of EMI that is radiated for miles around any major facility.

There are also numerous rules against doing this sort of thing domestically.

  Google for "ECHELON" and read the lengthy report that was prepared for the EU. They don't do this domestically -- they ask the GCHQ to do it for them via the ECHELON network, and then pass them the data. They return the favour when the GCHQ wants data on some person in the UK.

Sniffing peering traffic internationally would actually be much easier, for
both legal and technical reasons. Linx is the largest public exchange in the
world, by traffic, for example. However, I doubt that equipment to sniff
17gb/sec of data actually exists at the moment.

  You have no concept of the kind of systems that the NSA uses.

  First off, they use massive numbers of rather less powerful machines with a "watchlist". Each machine sniffs it's small part of the overall network, and anything matching the watchlist gets saved and sent up for further processing, collation, data reduction, etc....

  Then things start to get interesting. :wink: