The suggestion is that the two conencted parties will be using the SAME
frequency hopping algorithm, from the same starting point. This is regularly
used in both RF and Microwave military communications (and even a range of
higher-security commercial applications as well).
In the RF world, this is a well known, and (reasonably) easily acheived
process, that does provide a significant improvement to protection from
eavedropping. There is absolutely no reason why this cannot be used in IP
traffic. (And while I have not seen any documentation (open source or
otherwise) to suggest that agencies are _ACTUALLY_ using this, I can see no
reason why it would either fail, or degrade communications performance, and
thus cannot see a reason why it would not be used.
As for the argument of "Why bother": well why bother encrypting your
internet VPN's? No-one listens anyway?
Backbone sniffing is probably only really an issue if you data has:
- Commercial Significance
- Lives at stake
- Issues of National security
Regards,
Crispin Harris
> -----Original Message-----
> From: Paul Murphy [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, 14 June 2001 12:54 AM
> To: [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]
> Subject: Re: Has anyone heard of this?
>
>
>
> Yeah, but the packets need to route across the internet.
> That suggests a tunnel, with guaranteed endpoints.
>
> You could state that this already happens with VPNs, the
> packets are encapsulated and the actual IP addresses are
> scrambled through encryption.
>
>
>
>
> >>> Vitaly Osipov <[EMAIL PROTECTED]> 6/13/2001 03:02:26 pm >>>
>
>
> Probably it's for extranets - linking two network together with
> synchronized IP changes could make sense...
>
> regards,
> Vitaly.
>
>
> Paul Murphy wrote:
> >
> > Sounds... nonsense.
> >
> > If you have a service that the outside world needs to
> connect to, then you have to provide a way for that to
> happen. A "hacker" can connect by the same mechanism.
> >
> > If this is intended to make snooping more difficult, which
> is implied by the article, then so what really. Who sniffs anyway?
> >
> > >>> "Eric Johnson" <[EMAIL PROTECTED]> 6/13/2001 11:43:03 am >>>
> > From <http://news.zdnet.co.uk/story/0,,s2087257,00.html>:
> >
> > The new system can change the cyber-addresses
> > on a network faster than once a second, cloaking
> > them from all but authorized parties, said Victor
> > Sheymov -- founder, president, and chief executive
> > of Invicta Networks.
> >
> > ...
> >
> > Standard approaches to computer security rely on
> > encryption, or data scrambling, plus devices such
> > as firewalls aimed at screening out abnormal traffic
> > patterns that look threatening.
> >
> > But any network protected this way is a sitting duck
> > for a determined hacker, Invicta said. Instead, it
> > puts the network in cybermotion through a
> > continuous change of "Internet Protocol" addresses --
> > the chain of digits underlying the Web to route traffic
> > to its destination.
> >
> > The Invicta system uses special cards to link
> > protected computers to a central control unit. It lets
> > clients decide how often they wish to vary IP addresses
> > and specify which applications may be accessed on
> > their network. The number of IP addresses drawn on may
> > be in the billions thanks to an artificial increase in
> > cyberspace, Sheymov said.
> >
> > I've been pretty busy lately so this could have been discussed on
> > this mailing list and I could easily have missed it.
> >
> > Anyway, changing ip addresses once a second would seem to
> > make it pretty tough for DNS servers to keep up. And even tougher
> > on maintaining a connection to the host.
> >
> > Eric Johnson
> > -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
> >
> >
> --------------------------------------------------------------
> -------------------------------------------------------------
> > CRESTCo Ltd. The views expressed above are not
> necessarily those
> > 33 Cannon Street. held by CRESTCo Limited.
> > London EC4M 5SB (UK)
> > +44 (020) 7849 0000 http://www.crestco.co.uk
> >
> --------------------------------------------------------------
> -------------------------------------------------------------
> > -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
