On 09/07/2013 07:32 PM, Brian Gladman wrote: > I don't have experience of how the FBI operates so my comments were > directed specifcally at NSA/GCHQ interests. I am doubtful that very > large organisations change their direction of travel very quickly so I > see the huge investments being made in data centres, in the tapping of > key commmunications cables and core network routers and 'above our > heads', as evidence that this approach still works well for NSA and > GCHQ. And I certainly don't think that volume is a problem yet since > they have been able to invest heavily to develop the techniques that > they use to see through lightweight protection and to pull out 'needles > from haystacks'. > > Of course, you might well be right about the future direction they will > have to travel because increasing volume in combination with better end > to end protection must be a nightmare scenario for them. But I don't > see this move happening all that soon because a surprisingly large > amount of the data in which they have an interest crosses our networks > with very little protection. And it seems even that which is protected > has been kept open to their eyes by one means or another. > > Brian > As a perennial optimist I would hope that global surveillance efforts were focused solely on core communication peering and network access points. Unfortunately, the realist (and technologist) in me says otherwise.
It is not possible to view or intercept local area network communications from a core network router. For example, if I wanted to catch some U.S. senator fornicating with his neighbor's wife for purposes of blackmail fodder, then access to a core network router wouldn't do me much good. However, if I had access to that senator's premise router by way of a "lawful intercept" backdoor, then perhaps I could for example observe that senator and his mistress' comings and goings by capturing a 720p video feed from the Xbox camera in his living room. Or by remotely enabling the speaker phone microphone on a Cisco VoIP device. Or maybe I could enable the microphone and video camera on a LAN-connected laptop to listen in on ambient conversations and to observe a live video feed from the room where the laptop is sleeping. Etc, etc. _______________________________________________ The cryptography mailing list email@example.com http://www.metzdowd.com/mailman/listinfo/cryptography