Re: Email tapping by ISPs, forwarder addresses, and crypto proxies
On Wed, 21 Jul 2004, Major Variola (ret) wrote: I'm following the Principle of not underestimating the adversary, Don't go overboard: remember that there is a difference between underestimating your adversary and unrealistically *over*estimating your adversary. who does plenty of RD, just look at their tech-transfer program, multiply by a few decades in capacity.. I (and I suspect you) live in the high tech world, so we have a pretty good grasp of the current state of the art. As a rule, Joe Sixpack thinks that the g'mint is a couple of trillion years ahead of Moore's Law (Shure they can break all that there commie crypto ssl hidden horsesheet!), while a large part of academia tends to believe that the USG is around ten years *behind* them (oh, to have such an ego!). In my personal experience, they tend to have roughly a five year lead on what my world considers bleeding edge. That said, I'm willing to cut them a few more years of slack when doing the necessary threat assessment, but I just do not believe they are 20, or even 10 years ahead. And that is not an idle belief, it's a considered, long formed opinion, based on an awful lot of input data. Perhaps that grants the Maryland trogdyltes too much, but again, conservatism rules in this game. Conservatism in the real world, unreasonable paranoia in the academic world (a necessary thing in that context). These are the right move. But in real-world assessment, if you use the academic paranoia model, you will never be able to engineer an appropriate solution (i.e., one that successfully balances current and expected lifetime threats, along with project expense and elegance of implementation. I truly think we are all addressing the very same thing - we are just approaching it from slightly different perspectives. I see these as real engineering problems, while you are looking at them as pure academic excersizes. We will obviously be reaching different endpoints this way, since we are assuming a different input set :-) Remember, Nortel is cost-bound. TLAs are not. Ahhh, but they are! That's why they went to COTS in the first place (they were forced). The scale of that cost binding may be difficult to ascertain since their outer cost limit is just astronomical (unless you are Shrub, who thinks he can just print more money when he runs out), but it does exist. They also get radioisotope power supplies, etc. This is actually a *very* good point. It would also address the off-shore splice vs power issue nicely. But we are still constrained by backhaul. In answer to the earlier question of how much dark fiber is there: roughly 12% of the fiber now in the ground is lit. Yes, there is a shitload of capacity sitting unused. Unfortunately, the people who buried all that glass were all competing in pretty much the same basic areas, so what we ended up with was orders of magnitude too much capacity around several large hub cities, while there is a critical shortage in other places. Yes, VA and DC have gluts of glass. In fact, that is one of the most concentrated glut areas. And unpublished tech made in unknown fabs. While this cannot be discounted in toto, the tech comes to them from academia (most of the time), so generally, if you are widely read, you'll have a pretty good idea of what's *possible*. You are likely dead-on accurate about the fabs though. Albeit, Nortel (even if Canadian, eh?) Yup. The Irony Meter is hanging out at the right of the scale again :-) etc are 0wn3d by the USG, so taps through COTS are not so hard, Undersea taps are hard. No matter how you figure it. Pressurized cables with PSI monitors and microsecond resolution monitoring is not something you can break into and splice without a great deal of care. For the record, yes, I believe it can be, and is being done. I would be surprised if it was on a large scale though - even with nukular poweer. and my dark fiber only means the physical capacity is there. Or not, depending on geographic location. And of course people are cheaper than tech. Always. And *this* is the lesson most often forgotten. Hell, the counter-intel folks seem to be real bargains, whether FBI or CIA. Man, you would not believe what these guys are [not] paid! A senior guy may naver break 100K in his lifetime (unless s/he (a) has a terminal degree, (b) swallows, and (c) decides to work a desk as an ASAC or somesuch. The actual intel/counterintel guys make shit for money. But if you prefer to believe they play on the same field as us, go ahead, I'll still read your posts, and appreciate the questioning. Thanks, I think :-) MV -- Yours, J.A. Terranson [EMAIL PROTECTED] 0xBD4A95BF ...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them. Osama Bin Laden - - - There aught to be limits to freedom!George Bush - - - Which one
Re: Email tapping by ISPs, forwarder addresses, and crypto proxies
At 10:09 AM 7/21/04 -0400, Tyler Durden wrote: Variola wrote... Dark fiber. Dark Fiber ain't a talisman you merely wave at data to get it to magically move to where you want it to.You've got to LIGHT that fiber, and to light that fiber you need LOTS and LOTS of power-hungry, space-occupying equipment. In other words, you'd need to duplicate a significant fraction of the current public transport network. With all due respect, you think Ft. Meade uses the same COTS crap as you are forced to deal with? Bwah hah hah. Gilmore et al used a bunch of old Sun Chassis for his Kocher's DEScracker. You think this is somehow more than 100 watts, in a diplo suitcase, nowadays? Just curious as to the depth of navite in the field
Re: Email tapping by ISPs, forwarder addresses, and crypto proxies
At 11:28 AM 7/21/04 -0400, Tyler Durden wrote: As for the cable landings, likewise I've never heard anyone mention that they saw any government equipment at the landings, so I suspect it's relatively minimal. I'm sorry but I have to puke at your cluelessness. Do you actually think the folks in the Know would let *your kind* know of their taps? Frankly, you trolls are too easy; but you're probably not, which is even more painful. Take it as a compliment, if there really is a TD.
Re: Email tapping by ISPs, forwarder addresses, and crypto proxies
At 10:12 PM 7/21/04 -0500, J.A. Terranson wrote: On Wed, 21 Jul 2004, Major Variola (ret) wrote: With all due respect, you think Ft. Meade uses the same COTS crap as you are forced to deal with? Bwah hah hah. Sorry Major, I'm gonna have to call you on that one. Yes, they are lighting that fiber on COTS. Likely on Nortel gear, which I can tell you from personal experience requires an incredible amount of power, cooling, and rackspace. Just curious as to the depth of navite in the field As we are curious of yours. Fair 'nuff. I'm following the Principle of not underestimating the adversary, who does plenty of RD, just look at their tech-transfer program, multiply by a few decades in capacity.. Perhaps that grants the Maryland trogdyltes too much, but again, conservatism rules in this game. Remember, Nortel is cost-bound. TLAs are not. They also get radioisotope power supplies, etc. And unpublished tech made in unknown fabs. Albeit, Nortel (even if Canadian, eh?) etc are 0wn3d by the USG, so taps through COTS are not so hard, and my dark fiber only means the physical capacity is there. And of course people are cheaper than tech. Hell, the counter-intel folks seem to be real bargains, whether FBI or CIA. But if you prefer to believe they play on the same field as us, go ahead, I'll still read your posts, and appreciate the questioning. MV
Re: Email tapping by ISPs, forwarder addresses, and crypto proxies
On Wed, 21 Jul 2004, Major Variola (ret) wrote: At 10:09 AM 7/21/04 -0400, Tyler Durden wrote: Variola wrote... Dark fiber. Dark Fiber ain't a talisman you merely wave at data to get it to magically move to where you want it to.You've got to LIGHT that fiber, and to light that fiber you need LOTS and LOTS of power-hungry, space-occupying equipment. In other words, you'd need to duplicate a significant fraction of the current public transport network. With all due respect, you think Ft. Meade uses the same COTS crap as you are forced to deal with? Bwah hah hah. Sorry Major, I'm gonna have to call you on that one. Yes, they are lighting that fiber on COTS. Likely on Nortel gear, which I can tell you from personal experience requires an incredible amount of power, cooling, and rackspace. Gilmore et al used a bunch of old Sun Chassis for his Kocher's DEScracker. You think this is somehow more than 100 watts, in a diplo suitcase, nowadays? Totally different animal. We are talking about lighting single mode fiber and doing so for long distances: likely to standard 60-per-hop rule. You can't send light out that kind of distances without BIG power inputs: lasers are not very efficient. Just curious as to the depth of navite in the field As we are curious of yours. -- Yours, J.A. Terranson [EMAIL PROTECTED] 0xBD4A95BF ...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them. Osama Bin Laden - - - There aught to be limits to freedom!George Bush - - - Which one scares you more?
Re: Email tapping by ISPs, forwarder addresses, and crypto proxies
Variola: You say a lotta good shit here, but you're really out of your area in this case. You seem to miss the basic points, and then fill in your blindspot with pure theoretical conjecture. Let me point out some of the lil' flaws in your thinking With all due respect, you think Ft. Meade uses the same COTS crap as you are forced to deal with? Bwah hah hah. For some things, sure. Actually I know from first hand experience. (I've actually been in an NSA, DISA, and a few other experimental network nodes.) Lots of the equipment I saw was from the big vendors, most notably Lucent and Nortel. Somewhere deeper than I had access to, however, they almost certainly use special silicon. Gilmore et al used a bunch of old Sun Chassis for his Kocher's DEScracker. You think this is somehow more than 100 watts, in a diplo suitcase, nowadays? OK, so you're saying that this suitcase takes in say 10 OC-192s, demuxes all of them down to the DS1 level (we're at 50,000 DS1s), demaps and unpacks the ATM cells, and then reassembles all of the packets therein? Questions: 1) How does this majic box store all that data? 2) I've been in dozens of COs myself, and have worked extensively with people who have spent (collectively speaking) centuries in them. They never saw such a magic box a you describe, and indeed would certainly know about someone trying to install one. Or perhaps the NSA has developed a cloaking device making the box invisible? 2) What silicon does it use? Are you saying that the government can do a LOT better than 0.13 microns these days? Somehow I doubt it. Look at the off-the-shelf SONET chip architectures. Sure, there's lots of stuff onboard that you wouldn't need for what you're talking about, but getting rid of that stuff would still put the most advanced chip lightyears behyind what you're talking about. 3) If the majic box doesn't store the data, how does it get it back to HQ? Telepathy? Or, does it use a bank of lasers that somehow are several orders of magnitude more efficient that off-the-shelf lasers? (And let us remember that there's a fundamental constraint with bulk optics..an optical multiplexer or ciculator can't be an order of magnitude smaller than the wavelength it will support.) JA's comments about fiber exhaust are dead-on, and were not known to most of the Telecom Bubble participants. (Indicates the dude knows what he's talking about with respect to telecom.) But dark fibers aren't a real concern. It would be easy to develop a DWDM system that operated over the L or M bands, under the C-band wavelengths used by a carrier. So the problem isn't the fiber, it's lighting it. As for my comments about cable landings, I explicity stated that the splices back to VA were seen and known. And yes, I was in a position to know. (There's not a lot you can hide in a CO...it's not like they staff them with NSA agents or something.) As for trolling, well when I do it I do it with friggin' style m'friend. But sometimes, the truth is so mundane it looks fairly boring. Sorry to dissappoint you. I'm going to have to confiscate your copy of Deepness in the Sky... -TD _ MSN Toolbar provides one-click access to Hotmail from any Web page FREE download! http://toolbar.msn.click-url.com/go/onm00200413ave/direct/01/
Anonymity, ... - A Proposal for Terminology v 0.18
I've been sent the pdf and .doc versions of this. If you can't get this through the site or the author, ping me and I can send you what they sent me. Cheers, RAH --- begin forwarded text Delivered-To: [EMAIL PROTECTED] To: long list snipped From: Andreas Pfitzmann [EMAIL PROTECTED] Subject: Anonymity, ... - A Proposal for Terminology v 0.18 Sender: [EMAIL PROTECTED] List-Id: Primary NymIP discussion list nymip-res-group.nymip.org List-Post: mailto:[EMAIL PROTECTED] List-Help: mailto:[EMAIL PROTECTED] List-Subscribe: http://www.nymip.org/mailman/listinfo/nymip-res-group, mailto:[EMAIL PROTECTED] List-Archive: http://www.nymip.org/pipermail/nymip-res-group/ Date: Thu, 22 Jul 2004 09:21:49 +0200 Hi all, Marit Hansen and myself are happy to release herewith Anonymity, Unobservability, Pseudonymity, and Identity Management - A Proposal for Terminology v0.18 Since the beginning of this undertaking in 2000, it is joint work with many criticizing and contributing. Thanx a lot to them all. May I encourage you to make use of this document and help in its further development as well? To help you in this, I did put online at http://dud.inf.tu-dresden.de/Literatur_V1.shtml all older versions of this document (starting with v0.5) not only in .pdf, but in .doc as well. The latter you can use easily using, e.g. MS Word, to highlight any delta between versions, e.g. the differences between the last version you have read and the current version. Happy to hear from you Andreas -- Andreas Pfitzmann Dresden University of Technology Phone (mobile) +49 170 443 87 94 Department of Computer Science (office) +49 351 463 38277 Institute for System Architecture (secretary) +49 351 463 38247 01062 Dresden, Germany Fax +49 351 463 38255 http://dud.inf.tu-dresden.de e-mail[EMAIL PROTECTED] Content-Type: application/pdf; x-unix-mode=0644; name=Anon_Terminology_v0.18.pdf Content-Disposition: inline; filename=Anon_Terminology_v0.18.pdf Content-Type: application/msword; x-mac-type=5738424E; x-unix-mode=0644; x-mac-creator=4D535744; name=Anon_Terminology_v0.18.doc Content-Disposition: attachment; filename=Anon_Terminology_v0.18.doc --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'