[166604] in North American Network Operators' Group
Re: latest Snowden docs show NSA intercepts all Google and Yahoo
daemon@ATHENA.MIT.EDU (David Miller)
Fri Nov 1 13:44:41 2013
Date: Fri, 01 Nov 2013 13:44:18 -0400
From: David Miller <dmiller@tiggee.com>
To: Gary Buhrmaster <gary.buhrmaster@gmail.com>,
Anthony Junk <anthonyrjunk@gmail.com>
In-Reply-To: <CAMfXtQxCmzm+zn+ncn_LfCxwuWyB6pePF-Xd+Q50P7Cg4=Adxg@mail.gmail.com>
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--7jcbkhwRWUkS2PiHM53CRXCTffFPjtn6s
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
On 11/01/2013 01:08 PM, Gary Buhrmaster wrote:
> On Fri, Nov 1, 2013 at 4:43 AM, Anthony Junk <anthonyrjunk@gmail.com> w=
rote:
> ...
>> It seems as if both Yahoo and Google assumed that since they were priv=
ate
>> circuits that they didn't have to encrypt.
>=20
> I actually cannot see them assuming that. Google
> and Yahoo engineers are smart, and taping fibres
> has been well known for, well, "forever". I can
> see them making a business decision that the
> costs would be excessive to mitigate against
> taping(*) that would be allowed under the laws
> in any event.
>=20
> Gary
>=20
> (*) "A" mitigation was run the fibre through your
> own pressured pipe which you monitored for loss
> of pressure, so that even a "hot tap" on the pipe
> itself would possibly be detected (and there are
> countermeasures to countermeasures
> to countermeasures of the various methods).
> And even then, you had to have a someone walk
> the path from time to time to verify its integrity.
> And I am pretty sure there is even an NSA/DOD
> doc on the requirements/implementation to do
> those mitigations.
>=20
Given what we now know about the breadth of the NSA operations, and the
likelihood that this is still only the tip of the iceberg - would anyone
still point to NSA guidance on avoiding monitoring with any sort of
confidence?
There has always been cognitive dissonance in the dual roles of the NSA:
1. The NSA monitors.
2. The NSA provides guidance on how to avoid being monitored.
Conflict?
-DMM
--7jcbkhwRWUkS2PiHM53CRXCTffFPjtn6s
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQEcBAEBAgAGBQJSc+hyAAoJEGUsrwgrL4kdpIYH/i9F0mTmC0TJ6tLzXKBT4EcP
NShpiP3SmBduFhdmiIWscr90yo6MrAxxSYQ7DTs0paNXYVlWtE47TmC7lMdeWXne
Qt7jnegEXhrvojPgItlQXSOn8G3mN0KHfGvHqq2cqW0FUfO2jqW7VnVhVzYpFR9S
CcFR6ktNAQcdBn/H4CarZhAvxSF6Lf9KmK4Zz/2s2dzymS2QLwocZafve1sh8gX9
tlE3Mf3ap9+sYJLFr4xC7mFClFt7IBka6CQhZ7poel0hwqAy/f//TikhAmQftuD0
UgZ8M07U7z7PH94pH2bNABNq1Heh+vaQc+gBX8jmOXUE8kLAmiwc/aArUYLELjM=
=onhf
-----END PGP SIGNATURE-----
--7jcbkhwRWUkS2PiHM53CRXCTffFPjtn6s--
