August 04, 2007

National insecurity - all your packets are belong to US

A secret court ruled the US Government's wiretapping programme illegal, and the US Government claimed that revealing this fact released confidential activity. So illegality is OK if confidential? No, not before the courts, last I heard, but we'd need a lawyer to explain why the courts will not rely on illegality as a defence, and why we should not?

In similar news, it was revealed that then-Attorney General, Ashcroft, stated unequivocably that the programme was illegal, from his sickbed. He was immediately replaced with incumbent, Alberto Gonzalez, who some in Congress wonder if his testimony amounts to perjury.

Other news suggested that what was going on was the desire to start wiretapping (read: real-time direct feed to the NSA) of all the trans-US traffic. FISA, apparently, "requires a warrant to monitor calls intercepted in the United States, regardless of where the calls begin or end." A fair enough metric, 30 years ago.

Yet, if I call from Britain to Japan, chances are fair that the call is routed through the US, because that's where most of the fibre is. The hub & spoke effect is much more important for the Internet, where a much higher percentage of traffic is routed through the USA. Indeed, pretty much everything Internet-related is spoked around the US hub: Hosting, IP#s, startups, skills, etc.

Why not tap that, as it doesn't involve the inconvenience of US citizens? A good question, from an intelligence point of view, it's just another Black Chamber operation, updated for the 21st century, and it's easy pickings.

There are many reasons to oppose this, such as "We just can't suspend the Constitution for six months," but the one I like best is the simplest: if the NSA gets direct feeds of all fibre communications trans-shipping through the US, then two things will happen: Firstly, by laws of economics not Congress, this tapping will eventually include all US-terminated conversations.

Secondly, it might kick the rest of the world into gear and start responding to the basic threat of aggressive and persistent listening. Perversely, one might suggest that we shouldn't oppose the US, as we need a validated threat to focus our security efforts.

Indeed, if one surmises that the US government have been told their programmes are illegal, one can question whether the NSA is not already tapping all trans-shipped traffic, and is probably not adequately filtering the locally terminated traffic.

All your packets are belong to US. You have been warned: Deploy more crypto, guys.

Posted by iang at August 4, 2007 09:41 AM | TrackBack
Comments

MEASURE FOR MEASURE

George Bush signed a bill that authorises and expands the American government's ability to eavesdrop on its citizens. The WIRETAPPING PROGRAMME caused a furore when it came to light in late 2005, but the recent legislation passed the Senate with the support of 16 Democrats. Civil-liberty groups expressed outrage.

Posted by: The Economist at August 9, 2007 02:04 PM

Grant the NSA what it wants, and within 10 years the United States will be vulnerable to attacks from hackers across the globe, as well as the militaries of China, Russia and other nations.

Posted by: Washington Post... at August 10, 2007 11:06 AM

It seems that a large chunk (and probably relative soon nearly all) voice is now via VoIP. And to date, Skype not withstanding, this has all been cleartext traffic. Using router netflow records, etc., one can now pinpoint any phone conversation and then do a pcap dump. Many Tier 1 through Tier 3 internet carriers are now deploying this type of L7 deep packet inspection directed analysis. Currently they arelimited to about 10 Gbps (L4 DPI), but soon 40 Gbps will be available.

Posted by: Alex A. (seen on cryptography list) at August 14, 2007 03:17 PM
Post a comment









Remember personal info?






Hit preview to see your comment as it would be displayed.