On Tue, Oct 08, 2013 at 08:20:32AM -0400, Scott McEachern wrote: > I didn't want to bring this up before, but it might be an > interesting discussion, even though off-topic. Feel free to ignore > this part of the thread. > > After reading Theo's post, I wondered what effect an IX had on what > we now know about NSA surveillance. I don't know anything about it, > but I suspect it won't make any difference.
I have a colocated server in the same data center that the IX is being installed in. I live in Calgary and also have a home internet connection with a major ISP here, Shaw Cable. Traceroutes from my home to the data centre are pretty normal, enmax envision is a local commercial fibre carrier: traceroute to getaddrinfo.net (216.171.227.98), 64 hops max, 40 byte packets 1 192.168.1.1 (192.168.1.1) 6.809 ms 2.461 ms 14.730 ms 2 * * * 3 64.59.132.169 (64.59.132.169) 14.543 ms 10.710 ms 13.220 ms 4 66.163.71.102 (66.163.71.102) 13.731 ms ra2so-tge2-1.cg.shawcable.net (66.163.71.98) 14.216 ms 13.916 ms 5 rx0so-enmax.cg.bigpipeinc.com (66.244.207.158) 13.478 ms 10.950 ms 14.982 ms 6 a72-29-245-70.enmaxenvison.net (72.29.245.70) 12.979 ms 33.446 ms 9.483 ms 7 a72-29-245-66.enmaxenvison.net (72.29.245.66) 14.227 ms 13.917 ms 16.484 ms 8 216-171-224-253.datahive.ca (216.171.224.253) 9.981 ms 14.946 ms 25.484 ms 9 216-171-224-5.datahive.ca (216.171.224.5) 46.234 ms 29.974 ms 35.703 ms 10 216-171-227-98.datahive.ca (216.171.227.98) 36.741 ms 40.197 ms 41.490 ms Now here is where things get interesting, from the data centre to my home: traceroute to krwm.net (184.64.152.209), 64 hops max, 40 byte packets 1 216-171-227-97.datahive.ca (216.171.227.97) 0.636 ms 0.622 ms 0.411 ms 2 216-171-224-246.datahive.ca (216.171.224.246) 0.409 ms 0.505 ms 0.561 ms 3 gige-g2-7.core1.yyc1.he.net (72.52.101.149) 6.267 ms 0.823 ms 0.557 ms 4 10gigabitethernet3-2.core1.yvr1.he.net (184.105.223.218) 17.967 ms 11.860 ms 16.505 ms 5 10gigabitethernet12-3.core1.sea1.he.net (184.105.222.1) 35.960 ms 14.592 ms 20.456 ms 6 rc1wt-ge4-1.wa.shawcable.net (206.81.80.54) 27.318 ms 23.863 ms 23.819 ms 7 66.163.70.209 (66.163.70.209) 19.439 ms 20.140 ms 19.439 ms 8 dx6no-g1.cg.shawcable.net (64.59.132.170) 24.978 ms 20.165 ms 19.573 ms 9 krwm.net (184.64.152.209) 139.806 ms 33.179 ms 27.907 ms Take a look at the 5th and 6th hops, they are in the US. The data goes from Calgary to Vancouver down into the US to Seattle and then all the way back to Calgary. So long winded answer to your question: Canadian internet traffic will stay in Canada and won't make these ridiculous loops. I guess if the NSA has coerced with CSIS or whatever the Canadian equivalent is then there might be cause for worry there (quite likely as we parrot almost everything the US does). > Some of Snowden's leaked documents detail how the NSA has the > private keys for various US corporations, and they set up various > computers on the backbone links. Basically, the NSA can > imperceptibly vacuum up all data. Scary shit, really. > > A few people have suggested they are vacuuming /everything/, not > just "foreigners", while others counter that there's just too much > data, and it's infeasible for them to store it. > > I propose that not only is it possible, but quite likely. When > google mysteriously went offline for about 5 minutes a while back, > it was said that Internet traffic dropped by 40%. A shitload of > that is going to be YouTube, which the NSA can easily ignore. I've > also heard that something like 40% of Internet traffic is porn, so > they can ignore that, too. Another big chunk goes to people > downloading movies/TV by NetFlix, torrent or from the cable-type > companies themselves. Again, the actual content can be ignored, but > the metadata can be kept. Duplicate data can be ignored as well. > There's no need for the NSA to keep 10,000 copies of the same shit > Fox or CNN spews to 10,000 daily visitors. Just keep the metadata. > No need to keep advertisements, cool graphics/CSS stuff, or HTML. > That can all be stripped away. > > Whether those "40%" numbers are accurate or not -- and I doubt they > are -- isn't the point. The point is that a metric shitload of > content can be safely ignored. It wouldn't surprise me in the least > if it were to be revealed that all the NSA actually traps is maybe > 5% of total Internet traffic. Not because of a lack of capacity, > but a lack of interest in "crap". Now go look at the two big data > centres under construction. Everyone knows about the Utah data > centre, but there's another, slightly smaller one, under > construction on the East coast. (Sorry, I can't remember exactly > where.) > > But that's not the scariest thing. > > The scariest thing is when a friend of mine talked about how cool > his smartphone is. I replied with the standard stuff: "You're > being watched and recorded" (etc). He said he doesn't care. He > just doesn't care if the government watched the sex vids he shared > with some ladies online, or read his emails. Paraphrasing him, he > asked, When was the last time someone I knew had a government > official knock on their door? Never! And you'll never see it > happen in your lifetime, either! > > I did reply with a few thought-provoking ideas, but I know damn well > he won't think about it, because he just doesn't care, and no matter > what I say, he never will. (I did ask him, when /will/ it be too > much for you, and will it be too late? He didn't reply.) > > I would suggest that most of the general population shares his > apathy. Sure, a few people get riled up for a few minutes, but that > goes away when Miley does something stupid with her ass, a dancing > show comes on, or Michael Bay blows up a lot of stuff on the big > screen. > > Now we're finding out that the FBI and NSA own a whole lot of Tor > nodes. Some suspect half of them are government controlled, > especially the exit nodes. > > More scary? The likes of Bruce Schneier and Glenn Greenwald, both > privy to the compendium of Snowden's documents, are saying things > like "We haven't seen the half of it... It gets worse." I can't > wait.. > > A question for Theo and those in the know: Do these IXs in any way > deter or foil the NSA? Or do they "just" make for better > connectivity? Just curious. > > @Kevin Chadwick: About your comment "stopping kiddie porn", read my > sig. I think he said that in 2006. > > -- > Scott McEachern > > https://www.blackstaff.ca > > "Beware the Four Horsemen of the Information Apocalypse: terrorists, drug > dealers, kidnappers, and child pornographers. Seems like you can scare any > public into allowing the government to do anything with those four." -- > Bruce Schneier
