Slashdot Mirror
NSA Tapping Underwater Fiber Optics
An anonymous reader submitted an interesting story about the NSA
splicing fiber optics under water in order to eavesdrop on digital traffic. This happened years ago, so who knows what they're doing today. Not surprisingly, apparently actually getting the tap is relatively easy. Sifting through the zillions of bits and finding something useful is a little trickier.
Maybe NSA had something to do with this previous slashdot story about an optical fibres cable linking Europe, Asia and Australia, which was damaged on the ocean floor near Singapore.
A fiber optic cable is, at most, 40 mm thick, which means, in those brain-dead units "people" in the USA use, 1.5 inches.
Or they can do what they did and have a law passed which force the telcos to install equipment which allows them to grab whatever information they want right from the switch. National security, you know.
All one would have to crack into would be the repeater amplifiers that are placed probably every 160km in the cable. A college EE grad could design a sniffer that wouldn't incur a voltage drop or induce noise in the amplifiers. Done this way, the actual fiber strands wouldn't even be touched. It's anybody's guess how they get the resulting data out, but it's probably by wireless transmission, perhaps with a small subsurface bouy and a Naval patrol assignment.
Dear lord, it sounds to me like the NSA is some sort of spy agency! Does the United States government know about this?
--
"Don't trolls get tired?"
The US Navy is still doing this. At the end of Blind Man's Bluff - upstairs somewhere, the author talks about the fact that a couple (2-3) Navy subs that have been specially modified with diving chambers keep getting Presidental Unit Citations for classified missions, every year. Since the Subs that first tapped these lines were specially modified and got PUCs for classified missions...the author suspects it's still going on.
I think the Navy also did it in the Barrets Sea to the north of Murmansk as well.
It's really interesting how the Navy thought to tap into cable. A Navy Officer remebered boating with his dad on the Mississippi and seeing signs that marked cable runs under water, so he talked head of Naval Operations into sending subs in to see if the Russians had the same sort of signs. They did and the rest is history.
Carefully remove the shield on the optical fibre and put a light detecting device to read the traffic.
The very thing that makes fiber work (Total Internal Reflection (Refraction? I can never keep it straight)) prevents you from doing this. In order to see the light you must make some of it escape by bending the fiber such that some of the light escapes but not all of it, or else the remote end will detect the loss of signal.
Even with the fiber bent the remote end will see some loss of signal but should compensate without problem. Now if I were the NSA I'd make sure I could get away with very little bending so that hardly any loss would be detected, and simply rely on my advanced hardware to boost a very weak signal.
Wrong!
Yes there are isolators in the system but at each EDFA repeater there is a small internal tap that takes a signal from the eastward fibre and sends it back to base along the westward fibre.
This lets the cable operators diagnose cable fault positions very accurately.
You don't get 'average' telco companies in the undersea cable business. Submarine systems are the hardest game in this business and there are only about half a dozen companies that do this. Each transoceanic cable is something like a 10 figure contract.
And no, they don't use std OTDR, but the idea is the same. At each repeater (remember they are all optical nowadays) there is a tap from the 'eastward' fibre that sends a signal back along the 'westward' fibre of the pair. (And vice-versa) This lets the cable operators know exactly where any break/bend or power drop occurred, in real time.
In fact the terrestrial companies (like Terraworx) are starting to use this technology on land because they go coast-to-coast all optically and some of those repeater huts are hard to reach in winter. Hence a remote diagnosis tool is necessary.
>So the pulses spread out as they travel, and eventually you have to put in a repeater that extracts the digital data and outputs it as nicely shaped pulses again.
Old tech. They used to do hybrid stuff like this, several optical amp stages and then a regen stage but not any more. There is no electrical stage in a modern undersea cable. They use non-zero dispersion compensating fibre in certain stretches of the system. Typically 4 repeater hops of std fibre then one of the nzd fibre which has the _opposite_ effect and corrects it all. End effect is that at landfall the signals have minimal dispersion.
Present deployed undersea cables are pushing into the terrabits, you can't easily transmit more than 40Gb/s in one wavelength. Hence they do use DWDM tech for these cables.
One of the latest transatlantic cables that went down had 64 channels at 10Gig per channel. Future cables will (roughly) double the number of channels to 100ish and double the data rate per channel. After that the plans are to polarization combine two signals at the same wavelength, one signal horizontally polarized the other vertically polarized.
In this whole area the commercially deployed systems are catching up with lab tech at an alarming rate. The 'field' is now only about 2 years behind the 'lab'.
The US was doing this thing years and years ago to the Soviet Union. We snuck into harbors off of Siberia and put pods on their underwater cables to gather intelligence.
So what is the big surprise?
Have you compiled your kernel today??
The signal in optical fiber is amplitude modulated. Which means this is a signal easy to tap. :) . And pattern is pretty predictable. That is if you know where you put your tap. You will know how the header of the frame should look like.
For amplitude modulated signal in general (the least secure of them all) the only way you can notice if you are being taped is if the amplitude of the signal suddenly drops.
This is how, by the way German army dumped a lot of desinformation on Red army through their phone cables in the fields at the beginning of the Warld War II. You see, Sovied Union did not have good quality quartz crystals that time so the Red army tryed to tap german phone lines with the most primitive headphones (you know, based on coil and metal membrane) which consumed noticable amount of power. So as soon as Germans would notice that power in the line droped they'd start some lame conversation with pretty bad consequences for Soviet troops.(mind you, the situation changed by the middle of the WWII).
Now to tap long haul optical line is not big deal because the optical signal is regenerated anyway. You have to do it for many reasons. Amplitude dops due to propagation. About 30 dB per 100 km. You also need to do the correction of the signal that being distorted by dispersion.
If you regenerate signal with repeater then there you go. Because this thing first converts optical signal to electrical then amplifies it and converts back to optical. So in this case you can just tap electrical part.
If signal is being regenerated with EDFA (erbium doped fiber amplyfier) you still can tap it.
It is actually pretty cool idea and was proposed by the guy (as far as i remember) from BT about ten years ago. He and coworkers published about three papers on that subject in various journals including IEEE Journal of Quantum Electronics.
What you can do is insert semiconductor optical amplifier in the optical link. It's primary purpose would be to amplify the optical signal. If you really want to hide your presence you need to put it in zero loss regime when amount of the gain in it is equal to the amount of the loss it brings to the system. If you keep this semiconductor optical amplyfier at constant current then voltage drop acros it will be variable if any optical signal comes throug it. So basically you will get electrical signal as a byproduct.
The rest is easy. Everybody knows what SONET frame looks like
It is interesting that when it is was proposed this idea was discarded because semiconductor optical amplifiers were not that fast at all. Nowdays they can be used for 10 Gb/s optical links but not for 40 Gb/s which is not big deal yet because 40 Gb/s is not that widely implemented.
- Back off man. I am a scientist
Yes this is tricky part. You can probably do it only during upgrade/repare serivice. Because underwater fiber cable is actually pertty complex thing.
I don't know how modern cables look like but ther first cables that were put in 80's had cooper core and cooper shell with bunch of fibers in between (don't remember how many). Cooper shell and core were used to deliver power to the repeaters which during those times where basically photodiode+LED pair. Which was OK that time because fibers were multimode anyway.
- Back off man. I am a scientist
Now, I suppose, we *really* know why governments around the world want to eradicate music-swapping and "indecent" Internet imagery - they can't monitor what we're really up to through all the noise :)
Of course, you can take anything said in public about intelligence activities with several grains of salt. If the NSA *can* successfully and selectively monitor undersea cable traffic, they're not going to be so silly as to broadcast that fact to the world.
Go you big red fire engine!
Any sufficiently advanced technology is indistinguishable from a rigged demo
--Andy Finkel (J. Klass?)
I think over the last decade, and prehaps for another decade or so, the rate of data increase is greater then the rate that spy gear abilities increase. But eventualy, bandwidth requirements will increase in parallel with population. And when that happens, Moors law will quickly allow spy tech to catch up.
A modern fiber optic cable is probably using Erbium doped fiber amplifiers. These do not convert the light back into electrical signals. They directly amplify the light.
Mea navis aericumbens anguillis abundat
Assume that everyone uses PGP for their email, and that it is impractical for the NSA to crack PGP encrypted messages. The NSA will still want to tap every data communications link that they can get access to. The reason is traffic analysis. You can get a lot of useful information by analyzing the source, destination and volume of messages. This is already a common intelligence gathering and criminal investigation technique when applied to call logs from telephone switching systems.
Mea navis aericumbens anguillis abundat
This would be Echelon.
Funny they didn't mention it in the article. (but then again they rarely do.)
Read more at cryptome.org.
I know of one project at the local uni to do realtime monitoring of massive quantities of data. The twofold purpose is to monitor the communications of military personel to guard against accidental leaks, and to aid in identifying copyrighted material.
It more or less comes down to semi-dedicated hardware that can grep at insane speeds. Most of the parts necessary are comercially available (even some GPLed software components), needing just a little bit of glue to tie everything together. The professor heading the project was looking for somebody to help him do the implementation. He described how it works, and claimed that it should be trivially easy. And except for some problems with self-similarity in the data stream (finding "bb gun" in "bbb gun"), it has been. Even so, this problem can be trivially solved by throwing more hardware at it, or by putting just a little bit of effort into the software.
If an undergraduate research assistant can do a damn good job of it with 3 weeks coding and under $10K in hardware, just think about what the NSA could do. I'd rather put my trust into good crypto, rather than the firehose effect.
The reason for the high voltage running through the line is to power repeaters every 100 miles or so. Why not just tap into one of the repeaters, which convert the optical signal into electronic signals and then back again? Sounds pretty easy to me, given the right equipment. As for sorting the data the repeater is able to deal with it as is the router or whatever is on the receiving end so why wouldnt whatever technology the nsa has. The problem would be storage.
maken
Any data carrying signal must include a range of wavelengths
Fiber optics with current technology transmit all the data on a single optical wavelength. The technology to do multiple wavelengths has been in development for a while, but we haven't hit serious barriers with a single wavelength, so this technology hasn't been commercialized.
And the rate at which a light is pulsed doesn't affect its propogation rate. That would violate all sorts of laws of physics.
The real reason why you must do the electrical conversion and back is that several sources combine to cause slight variations in the time bits of light take to get from one end of the fiber to the next. Chaos and imperfections in the glass effectively blur the time dimension of the signal at the output end, so you must clean the signal periodically.
This has nothing to do with the fact that different wavelengths of light travel at different speeds through matter. That causes chromatic aberation in lenses, which is one of the reasons why big telescopes use only mirrors. But since there is on a single color of light going through the fiber, there cannot be any chromatic aberration.
-Matt
-Cheetah
Word to the wise, encrypt your critical traffic since a good deal of internet communications is vulnerable to being intercepted at NAPs (Network Access Points) as well at other major connection points. Private peering arrangements routed outside of NAP (ie. MAE-East, MAE-West, etc) facilities can reduce risk in some instances, but typically can't eliminate all risk since the majority of internet traffic travels through at least one major NAP; and the exact connections, etc are often unknown to all parties, even to the people who operate the NAP facilities.
:-)
In closing, governments, etc are typically years ahead of the media and common-knowledge in regards to intellegence gathering. NAP tapping is never mentioned in the media, but I'm sure it's happening. Be forewarned
I never condoned anything, I simply stated the two jobs of the NSA.
That said, deriding someone for thinking it okay to invade privacy for their own benefit while criticising socialism is kind of ironic. In a market economy (hint: the opposite of socialism) the only reason to do ANYTHING is for your own benefit. That's the whole point -- if I can tap into a transoceanic cable and make it profitable, the free market says I should be able to.
You apparently think I should not be able to (presumably by the use of police force or such to stop me?). Communist...
---------------------------------------------
Recursive: Adj. See Recursive.
Isn't it ironic that the NSA stands for the very thing thay, behind our backs and behind the scenes, they attempt, and perhaps succeed, to invade?
The NSA has two jobs -- one is to breach foreign information security, but their other is to keep US information secure. So it isn't ironic -- they just have to know security from both sides.
---------------------------------------------
Recursive: Adj. See Recursive.
Not even the NSA can tap fiberoptics inductively - laws of physics and all that. They would have to splice it, a much more difficult thing to do at the bottom of the ocean.
If a fiberoptic tap has really occurred - and as far as I can tell, the evidence is simply from unnamed sources according to ZDNet - it would be a very different animal from the Okhotsk tap. Okhotsk used high-capacity recorders to store the info for later retrieval by submarine. That would have been analog data. You couldn't save enough digital fiberoptic data in a recording pod to make it worthwhile. You'd have to drop a Cray on the seafloor to process some of the data in realtime and save only what you're interested in.
That's an operation for a l33t hax0r somewhere - hack into the NSA Cray that's sitting on the ocean bed somewhere off the Kamchatka pensinsula...
All the NSA would have to do would be arrange for a fishing boat to snag the cable they were planning to splice, to explain the interruption.
has anyone else wondered how the NSA is shipping the data? wouldn't you need the equivalent of another fibre-optic cable running alongside to transport the data back to virginia?
considering that laying an optical cable is somewhere O(1e9) $ and not trivial to lay undetected, it must be quite a feat...
Because in my MCSE stydy guide, Networking Essentials, it sais that Fiber Optics are impossible to tap.
So there.
> The only way I can see this happening is if the NSA installed their own undersea
> fiberoptic cable to send it back to themselves on.
Of course not!
They have specially trained teams of hyperintelligent octupi down there analysing the data in real time, then the brain waves of the octupi are picked up using a reverse feedback effect of the orbital mind control lasers, which then beam it back down to your brain, where it leaks out into your mobile phone (even when it's switched off and not in the room) and they recover the signal from there.
- How do you sort through all the data? Discard most of it.
- How do you get around detection of a tap?
- Put the tap in before the cable is finished. Or maybe...
- Use a method no one here knows about Or perhaps...
- Tap at the repeater & modify the reflection/check signals that it emits. Maybe? Maybe you could...
- You build the _special_ repeater into the cable during manufacturing.
- How do you get all that data to a supercomputer for sorting and decryption? Probably, you don't. You do traffic analysis and you transmit a very small amount of data to a buoy that transmits to your satellite. Or you remove/insert data in your dummy packets that go between NSA machines on several continents. Also, you put the supercomputer on the nuclear submarine so that any time you _really_ need to sort through some data your sub can link up with your special repeater.
- For what else might this be useful? How about inserting noise or false data into the "Enemy's" messages?
- This sounds like an awful lot of trouble to go through. Yea, but wouldn't it be fun to get paid to hack like this?
-RobThe use of an OTDR can find irregularities that woudl be cause by splices. If the cable companies do scans routinely for differentials against baseline (for preventative maintenance), the splices by No Such Agency will show up.
Buffalo buffalo Buffalo buffalo buffalo buffalo Buffalo buffalo! http://goo.gl/J9bkO
Just get a fishing boat to rip off a cable. The article implies that this happens quite often. Especially since fiber cables are tiny compared to mammoth old style copper cables.
That must give the NSA or whoever a couple days to splice the cable at another point. Service goes back online, all looks normal.
Am I missing something obvious? You don't even need to be discreet. Just provide a decoy.
Ten years ago, it took $20,000 worth of a van full of electronics. Now it probably only takes $5,000 and a suitcase. Of course, the problem with the van thing was that most people don't want their fiber optic cables tapped. It's just a thing with them -- a phase they're going through. They'll get over it.
-russ
Don't piss off The Angry Economist
According to economic theory, you should be able jack up interest rates, throw millions of people out of work, and within a year the economy will recover, but resume at a much lower inflation rate. As it turns out, Ronnie was right. But try explaining that to the people at the beginning of the recession who lost their jobs.
Actually, you have no choice once you start inflating your currency. It's recession now or depression later. Look at Turkey. The Turkish Lire is now 1,110,500 to the dollar. It was only 580,000 to the dollar when I was there a year ago. Eventually they'll be hauling lire around in wheelbarrows because they're so worthless.
-russ
Don't piss off The Angry Economist
"I'm not going to sit here and dissuade you from your views" - Air Force Lt. Gen. Michael Hayden
"Oh, Kent, I'd be lying if I said my men weren't committing crimes"- Homer J. Simpson
It isn't known whether the cable's operator detected the intrusion, though former NSA officials say they believe it went unnoticed.
When I was a freshman in college and had to take a class on telecommunications we had an engineer from Southwestern Bell come out and explain these new fangled fiber optics. One of the claims he made was that they would be nigh-impossible to tap because the splice could be detected at either end rather easily due to latency issues.
So my question is this: Anyone have any ideas how the heck they might have done this? Whatever the device was, it seems it'd have to be very, very fast at whatever it does. The only thing I can imagine is some sort of intelligent lens that reads signals while they pass through it.
Scary, whatever it is.
- Rev.Errr... wouldn't it just make sense for them to both tap the original cable, because tapping the tap wouldn't give them any more information!
So they're going to build a room to drop to the bottom of the ocean, splice a cable, and then hold a computer cluster to process the data? Unless they are interested in very targetted ip's or other easily sorted packets, it'll be huge and costly. Anything interesting will probably be encrypted anyway, so they have to add a couple orders of magnitude of computer power for that.
Or maybe they are going to run their own fiber bundle back to dry land? Govornment agencies don't have quite that kind of budget.
Even if they can get reasonable results right now, Bandwidth usage is growing faster than processing power. They won't be able to keep up for much longer. And then eventually they will be caught, causing all the cable companies to search their entire lines for more taps, pissing off innumerable foreign countries.
The spy business ain't what it used to be.
Without a reference or something, I'm inclined to believe that you placed your keyboard between you and the toilet in order to create your post.
I suppose what your suggesting could be true, without some sort of proof, it sounds awfully far-fetched (that, or your stretching the truth or leaving out a lot of important "details").
To whomever modded this up "Informative", I have one thing to say: "Gullible isn't in the dictionary. Go ahead, try to look it up, it's not there".
Why would they leave their name on it, if they were worried the russians would find it?
They just have to insert their analysed data on the cable being tapped... It's supposed to be able to transfer truckloads of it.
That could work. But there would have to be another tap to read it again, and (much harder) remove the added light before it reached the cable's normal destination, where anyone could see it.
If the NSA had access to the headends of the cable (say if one end was in the USA) it would be a much simpler matter of tapping or monitoring the data before it was multiplexed with a lot of other data and converted into light pulses. Or at worst tapping a land-based fiber by simply entering a manhole or digging down a few feet to the cable.
Erbium-Doped Fiber Amplifiers (EDFAs) were invented in 1987. Okay, let's check Google... it serves up this among other things...
So they've been in use a while too.
This must be expensive, having to upgrade their equipment at the bottom of the ocean whenever a new generation of transmitter/receiver/multiplexer comes out...
Unfortunately, the entire budget of the program was wasted due to my rentng a house that possesses $39.49 of cheap but aluminum-foil-backed cellulose insulation, which does little to keep heat out or in but blocked the final link in the chain.
As well as anyone else trying to call me on the cellphone while I'm in the house.
Good thing the Ex-Soviet Union didn't have the tech, apparently, or the NSA would have then found their own monitoring cable tapped, and have to install another tap and cable on the USSR's return cable, which would then be tapped by the Reds, and so on, and so on...
It has been a while since I read that, but let me plug it again, because it was a great book.
Blind Man's Bluff. If you liked u-571, das boot, red october, this is the real story.
Troll Like a Champion Today
I know that some time in the 70's or 80's the NSA tapped a huge copper cable in (I want to say) the Okhotsk Sea. Basically, they took a specially modified, highly-classified, sub down there and clamped a HUGE device that detected and recorded both audio and data transmissions through microwave or RFI. The device _never_ penetrated the cable because there was a possibility of damage and/or detection. The irony is that eventually the device was found. As far as fiber tapping is concerning, thinking back to my fiber-certification class, I don't think its possible. In order to adequately tap a fiber, you'd have to cleave it in half and put on all the tap connections by hand. You're going to be noticed for this, especially if its a bandwidth-saturated line. The NSA are very careful in choosing which cables to monitor. Also consider that an underwater "fiber" cable is actually going to be a huge cable filled with several (possibly hundreds) of actual single fiber cables. It would be rather stupid to attempt tap one of those. Remember, the NSA is a spy group; they _try_ to be rather clandestine in their operations and of course requires the ability to keep from being noticed. IMHO, tapping a fiber cable would be the _best_ way to let someone know they're being watched. -Bob BTW, if you're intereseted in these and more spy-sub stories, I read a fantastic book, "Blind Man's Bluff : The Untold Story of American Submarine Espionage ", see Amazon.com for info ;-)
The Wall Street Journal just ran this something similar.. (haven't checked the zdnet doc lagging on dl's) [mirror]
Anyways I doubt its impossible for the NSA to splice it, however when companies take the corrective measures to ensure this won't happen what are they going to do...
Example, say a company takes the time, and money to protect their fiber say inside inexpensive pvc pipes or something similar, who does the government expect to blame when a company finds out that 100 miles away from any shoreline, their casing has been breached? Certainly its not Joe Fisherman doing this.
Anyways aside from that nothing is going to help them when that fiber line is carrying IPSec data all the way through the connections, along with messages that have been encrypted before even being sent. So many people have little to worry about.
For those interested in Crypto Equipment and such (especially those working in the ISP segments) you can check out the Crypto Equipment Guide. Hopefully many companies will start looking at their clients (whether their employees, subscribers, etc.) more serious. I know Earthlink is taking that approach.
Want Root?
Submarine cable interception
Submarine cables now play a dominant role in international telecommunications, since - in contrast to the limited bandwidth available for space systems - optical media offer seemingly unlimited capacity. Save where cables terminate in countries where telecommunications operators provide Comint access (such as the UK and the US), submarine cables appear intrinsically secure because of the nature of the ocean environment. 49. In October 1971, this security was shown not to exist. A US submarine, Halibut, visited the Sea of Okhotsk off the eastern USSR and recorded communications passing on a military cable to the Khamchatka Peninsula Halibut was equipped with a deep diving chamber, fully in view on the submarine's stern. The chamber was described by the US Navy as a "deep submergence rescue vehicle". The truth was that the "rescue vehicle" was welded immovably to the submarine. Once submerged, deep-sea divers exited the submarine and wrapped tapping coils around the cable. Having proven the principle, USS Halibut returned in 1972 and laid a high capacity recording pod next to the cable. The technique involved no physical damage and was unlikely to have been readily detectable.
The Okhotsk cable tapping operation continued for ten years, involving routine trips by three different specially equipped submarines to collect old pods and lay new ones; sometimes, more than one pod at a time. New targets were added in 1979. That summer, a newly converted submarine called USS Parche travelled from San Francisco under the North Pole to the Barents Sea, and laid a new cable tap near Murmansk. Its crew received a presidential citation for their achievement. The Okhotsk cable tap ended in 1982, after its location was compromised by a former NSA employee who sold information about the tap, codenamed IVY BELLS, to the Soviet Union. One of the IVY BELLS pods is now on display in the Moscow museum of the former KGB. The cable tap in the Barents Sea continued in operation, undetected, until tapping stopped in 1992.
During 1985, cable-tapping operations were extended into the Mediterranean, to intercept cables linking Europe to West Africa. (30) After the cold war ended, the USS Parche was refitted with an extended section to accommodate larger cable tapping equipment and pods. Cable taps could be laid by remote control, using drones. USS Parche continues in operation to the present day, but the precise targets of its missions remain unknown. The Clinton administration evidently places high value on its achievements, Every year from 1994 to 1997, the submarine crew has been highly commended.(31) Likely targets may include the Middle East, Mediterranean, eastern Asia, and South America. The United States is the only naval power known to have deployed deep-sea technology for this purpose.
Miniaturised inductive taps recorders have also been used to intercept underground cables.(32) Optical fibre cables, however, do not leak radio frequency signals and cannot be tapped using inductive loops. NSA and other Comint agencies have spent a great deal of money on research into tapping optical fibres, reportedly with little success. But long distance optical fibre cables are not invulnerable. The key means of access is by tampering with optoelectronic "repeaters" which boost signal levels over long distances. It follows that any submarine cable system using submerged optoelectronic repeaters cannot be considered secure from interception and communications intelligence activity.
Want Root?
Maybe the NSA knows how to use Google...
they tapped a line (not fiber) in the Sea of Okhotsk, to eavesdrop on Russian military ops. They tapped it by sending a sub in to Okhotsk - this is like the Russians putting a sub in the Chesapeake bay - then several years later, an ex-NSA agent told the Russians about it. The tapping device, with a large "Property of The US Government" seal on it, is now sitting in a Moscow museum.
I would be VERY surprised if they don't also have less secret hardware in place on the US ends of these links.
--Mike--
To avoid detection the NSA could simply have a "fishing" boat accidentally break the cable at the same time they're tapping into the fiber.
Sometimes a tap isn't a "tap". The type of kit that Shomiti sells is for use when the network admin knows about the tap, and "transparent" just means that it won't break the comms link, not that it's undetectable.
Simple TDR (time domain reflectometry) will discover one of these.
While reading the artical I started thinking about how to sort all that data.. If you we're looking for something specific from somewhere in paticular it doesn't *seem* like it would be that hard.
just filter for an ip/subnet and record that. then latter try to break the crypto or whatever.
-Jon
this is my sig.
I read on The Register that keywords don't work - they do n-gram comparisons to look for key patterns, which would ignore the above message. If you somehow managed to fit a bunch of those words into a couple of paragraphs about how you were going to do some terrorism then you might show up on their radar.
Alternatively, the context that she was using the words in could have been in a good enough pattern to tip off the system. Or whatever system was being used to monitor emails wasn't based on the same principles as Echelon (which is entirely possible if it's just a local authority employing a basic filter checking for keywords and skin-tones [pr0n]). Then again, these are just wild speculations and I could be talking out of my @$$....
-John
Cole's Law: Thinly sliced cabbage
PGP your email to mom asking for some new underwear. The thing is, if everything is encrypted, they wont be able to tell what is actually supposed to be encrypted
;-)
This is assuming, of course, that they can't already crack PGP encryption. If you get a package from the NSA, don't be surprised if it contains the underwear you asked for.
I thought it said NASA - I wondered why they were even bothering- -----------
--------------------------------------
There are some odd things afoot now, in the Villa Straylight.
Both were in copper wires, but, given the difference in technology, it would be about the same difficulty to do in fiber today.
I like that. It sounds like trolling, but it's only fair: someone has a cable with a lot of data going through, the cable is there, just waiting for someone to tap into it...
In the 1950's the US and British intelligence services tapped a subterranean cable in Berlin. They dug a tunnel under the border and spliced into a soviet telephone cable in East Berlin. There is a romanticized version of this true-life story in the film "The Innocent" with Isabella Rosellini and Anthony Hopkins.
Haven't you ever read the story about the philosophers' dinner? Knowing what the other guy knows is as important as knowing, er... where was I?
That was why, on the eve of D-day, the US armed forces enforced a strict silence on any radio communications. Just by listening to trivial chatter the Germans would be able to infer what was going on. With the silence, the Germans could deduce that something was being planned, but they couldn't guess the exact magnitude of the planned attack.
I replied here... I accidentally stuck it under my comments. And then when I replied again, I stuck it under my reply to my comments... They really need to put their "reply to this" links somewhere else. :-)
Really? Isn't it ironic that the NSA stands for the very thing thay, behind our backs and behind the scenes, they attempt, and perhaps succeed, to invade? (Hint: What's the S in NSA stand for?)
A little too ironic... And yeah I really do think.
So you're one of those people that condones such invasion of privacy, so long as it is for your benefit. You know, there's an entire political party dedicated to that sort of thing. In America, they call themselves Democrats, though they are certainly not the Democratic Party that I have read about in my history books. Oh no, their ideals are far from their origins, so much so that they resemble the Communist or Socialist Parties of Europe and Asia far more than the Democratic ideals for which the party was initially founded.
One should also consider the Ninth Amendment, or, as I call it, the "elastic clause for the people". It essentially guarantees certain rights beyond those specifically named in the Constitution to protect the people from intrusion and tyranny. While these rights may not simply be assumed, they are protected, and the prevailing code of morality generally decides which rights are protected and which rights are not.
While I am at it, perhaps we should take a peak at the Eighth Amendment as well, which provides that no one shall be subject to cruel or unusual punishment for a crime. Take, for instance, the high school honors graduate that was arrested and will not graduate with her class simply because she had a butter knife in her vehicle at school. Not a butcher's knife. Not a steak knife. A butter knife. She has never shown any violent tendencies, nor has anyone ever reached into a random vehicle for an ordinary household object to threaten the safety of other students. Is it just me, or is "Zero Tolerance" inciting brainless reaction to nothing? Way to go, America.
How the hell does Steve Case fit in there?
I/O Error G-17: Aborting Installation
- An anonymous reader submitted an interesting story about the NSA splicing fiber optics under water in order to eavesdrop on digital traffic
Anonymous, eh? Anyone got any conspiracy theories?I/O Error G-17: Aborting Installation
Waihopai, INFOSEC, Information Security, Information Warfare, IW, IS, Priavacy, Information Terrorism, Terrorism Defensive Information, Defense Information Warfare, Offensive Information, Offensive Information Warfare, National Information Infrastructure, InfoSec, Reno, Compsec, Computer Terrorism, Firewalls, Secure Internet Connections, ISS, Passwords, DefCon V, Hackers, Encryption, Espionage, White House, Undercover, NCCS, Mayfly, PGP, PEM, RSA, Perl-RSA, MSNBC, bet, AOL, AOL TOS, CIS, CBOT, AIMSX, STARLAN, 3B2, BITNET, COSMOS, DATTA, E911, FCIC, HTCIA, IACIS, UT/RUS, JANET, JICC, ReMOB, LEETAC, UTU, VNET, BRLO, BZ, CANSLO, CBNRC, CIDA, JAVA, Active X, Compsec 97, LLC, DERA, Mavricks, Meta-hackers, ^?, Steve Case, Tools, Telex, Military Intelligence, Scully, Flame, Infowar, Bubba, Freeh, Archives, Sundevil, jack, Investigation, ISACA, NCSA, spook words, Verisign, Secure, ASIO, Lebed, ICE, NRO, Lexis-Nexis, NSCT, SCIF, FLiR, Lacrosse, Flashbangs, Masuda, Forte, AT, GIGN, Exon Shell, CQB, CONUS, CTU, RCMP, GRU, SASR, GSG-9, 22nd SAS, GEOS, EADA, BBE, STEP, Echelon, Dictionary, MD2, MD4, MDA, MYK, 747,777, 767, MI5, 737, MI6, 757, Kh-11, Shayet-13, SADMS, Spetznaz, Recce, 707, CIO, NOCS, Halcon, Duress, RAID, Psyops, grom, D-11, SERT, VIP, ARC, S.E.T. Team, MP5k, DREC, DEVGRP, DF, DSD, FDM, GRU, LRTS, SIGDEV, NACSI, PSAC, PTT, RFI, SIGDASYS, TDM. SUKLO, SUSLO, TELINT, TEXTA. ELF, LF, MF, VHF, UHF, SHF, SASP, WANK, Colonel, domestic disruption, smuggle, 15kg, nitrate, Pretoria, M-14, enigma, Bletchley Park, Clandestine, nkvd, argus, afsatcom, CQB, NVD, Counter Terrorism Security, Rapid Reaction, Corporate Security, Police, sniper, PPS, ASIS, ASLET, TSCM.
There were two taps: one in the Okhotsk Sea (in the Pacific), and one in the Barents Sea (north of Scandinavia). The traitor only gave away the Okhotsk Sea tap.
(source, for those who are interested, is Blind Man's Bluff by Sherry Sontag and Christopher Drew, a truly excellent book about undersea espionage during the Cold War).
Ray
As for hyper-Democrat manuals, the fact that the major dip into recession was engineered during the Reagan administration (actually not by Reagan himself but rather Paul Volker, then chairman of the Federal Reserve) isn't entirely a bad thing. It was designed to stave off inflation by cutting the money supply back sharply, and it worked. It was the economic equivalent of ripping a banage off quickly. It may have been rough, but it turned things around the right way. Relax before you start seeing the *gasp* liberal propaganda force hiding in every shadow.
An interesting anagram of "BANACH TARSKI" is "BANACH TARSKI BANACH TARSKI"
and found that it was all pr0n.
Mode (3) smart-aleck mode. Press * to return to main menu.
yes, but have you ever seen the amount of equipment needed to do this? At FermiLab, the first stage of data processing is done in the detector circuitry, and occupies a good chunk of the detector's volume (a three story high by 50 meter long piece of equipment, I should mention). Then, an entire floor of a good sized building is filled with racks of mostly custom-built circuitry processes the output of the first stage filters for interesting events.
It's even worse at CERN. They're currently putting up a new building that will be entirely filled with computing hardware to manage the data produced by the experiments when LHC comes online.
Anyway, sure, it's possible to filter that sort of data stream. But could you do it on the seabed? No. I'm not even convinced the NSA could afford many such installations. The price tag for the current incarnation of CDF (one of the primary detectors at FermiLab): around $700 million. And that's using cheap grad student labor to build a good chunk of it.
Quantum mechanics: the dreams that stuff is made of.
ehhh, Fort Meade is in Maryland, last I checked. Drove by it last week on the Baltimore/Washington Parkway.
The pain was excruciating and the scarring is likely permanent, but that just means it's working.
Wake up. There's no privacy, democracy, or freedom as we know it. Everything is a joke. KGB, CIA, NSA and FBI have traditionally been above the law. They have the power and resources. We don't.
I recently watched a program about the NSA on a cable television station (I don't recall if it was History Channel, Discovery Channel, or TLC). The only NSA computer photos shown were some Cray and SGI Origin PR photos in what looked to be a small machine room. It was mentioned that the NSA currently has 11 acres of supercomputers and disk storage. Another comment suggested that they used up "10 years worth of storage" in only a few months after the datawarehouse was built.
Now I see how Cray turned a profit this past quarter and why EMC^2 is doing so well!
How hard would it be to tap a fiber line? I suppose you could just make a cut and then run it through a device that would splice it. Or would it be easier to dip the line in acid or something to take away the outer layer and then just look at the light passing through that way so it wouldn't create any delay or loss?
--
I read a similar article in the WSJ yesterday, and getting the tap on the cable was anything but "easy." The article was fairly speculative about exactly how the operation was done (since the NSA isn't about to divulge anything itself) but it required a submarine specially modified with either a special chamber on board or a detachable module to work on the cable (which is very sensitive to the elements when exposed, and on which interruptions and tampering are supposedly very easily detectable).
Now, relative to that, yes sifting through the mountain of data that travels over these wires is even harder.
I used to hate computers, but then a server went down on me.
.. why are people suprised about this. :)
Seriously though, this was back in the eailer 90s, tech as changed quite a bit since then. Still, with all of the new types of encryption over different ports using different types of transport. Its a hell of a thing to pick apart. Better them then me :)
until (succeed) try { again(); }
until (succeed) try { again(); }
Whats that about NSA tripping over fiberoptics?
I heard you can get fined for that.
Seems highly plausable when you consider the 'special modifications' that have been made to the USS Jimmy Carter - including the 'Dry Dock Shelter (DDS). Amazing.
*** I am the real stylewagon
When the US closed their bases in Bermuda, they pulled out all the interesting stuff, but lots of "infrastructure", including TEMPEST vaults and old computer rooms, nuclear decontamination showers, etc. remain...
"I figure you're here 'cause you need some whacko who's willing to stick his finger in the fan. So who are we helping?
How many cable failures are really just failed taps? They may have the right to tap, but does the law allow them to cause million's of dollar worth of damages in the process?
Sniffing my traffic is one thing, I never really had much trouble with the NSA (apart from the occasional international economically motivated espionage) but disrupting my game of Subspace is quite another issue. Evil NSA.
Well if you put those words in a sentence like say
"The PLO supplied me with marijuana to sell to get money to buy C-4 from the IRA for suicide bombs to take out the presidents body guards and hijack his plane" Im sure it will ring a couple more bells, still wont work... but at least it will be interesting to see if you get any men in suits staking out your front door if you say it somewhere it could be taken serious.
Seriously, though, this is a great book: Like a non-fiction version of some of the early Clancy stories such as The Hunt for Red October. Fun stuff.
"Biped! Good cranial development. Evidently considerable human ancestry."
Most undersea cables now typically contain eight such strands, or fibers. :-)
Isn't there more, if I was to put down my cable over the Atlantic, i'd prefer a couple of strands more than 8, now that I had been opening my hidden wallet
--------
Back in the day of the Red menace the cia had listening devices underneith russian copper thats run across the sea bed in the deepest areas where it wasent patroled or monitored. then the russians would take one off and soon after another new one would be in its place elsewhere. These devices dident even need to be spliced in.
--
...]
Cheers,
corvi42
-- Begin NSA Keyword Spam --
Bomb Cocaine President Nuclear Suitcase Bomb
[... you get the idea
Computer Terrorism, Firewalls, Secure Internet Connections, ISS, Passwords,Encryption, Espionage
-- End NSA Keyword Spam --
There are a thousand forms of subversion, but few can equal the convenience and immediacy of a cream pie -Noel Godin
I can see two ways of doing it without cutting the fiber. First, when you bend an optical fiber, some light gets out. You just have to find a detector sensible enough to detect this light. Second, you can place a fiber parrallel and really close (touching) to the transmission fiber and their will be some coupling of light in this second fiber. These two ways reduce a little bit the output of the fiber but could easily go unnoticed.
This is known as "Echelon", and I had its existance confirmed by my Senator, who also is a member of the Senate Government Oversight committee or something like that, and the Senate Intelligence Committee, and they had recently had a meeting on the issue. While he declined to state more, since it was classified, he pretty much said that yes, the NSA is watching, and no, we can't do anything about it.
Haven't we done this in the past? At least the People are sort of aware of it going on this time around. The NSA shouldn't be allowed to operate outside the law, effectively wiretapping the conversations of millions of people at a time without their explicit permission or a court order.
It's a felony punishable by explusion for a student to bring a tape recorder to school to record their teacher's lectures for replay at a later date, because if they don't expressly tell their teacher they are doing so and give them a chance to say no, they are violating federal wiretap laws. Shouldn't the NSA be held to the same standard, or either having to notify the people they are monitoring, or have a court order telling them it is acceptable to do so?
If a government agency suddenly becomes above the law, as the NSA pretty much is, we should be afraid. Monitoring electronic conversations is no more right then monitoring someone's telephone.
Let's all start sending e-mails with words like "C-4", "the President", "bodyguards", "suicide bomb", "PLO", "IRA", "marijuana", and "hijacking" in an effort to flood their computer system with meaningless messages, to force them to stop.
Ohh wait, its been tried before, and failed.
Check out this European Parliament report on COMINT of automated processing for intelligence purposes of intercepted broadband systems. The author, Duncan Campbell, believes that the key means of accessing long distance optical fibre cables is by tampering with optoelectronic "repeaters".
You can download the full study or others on civil liberties directly from the European Parliament STOA site.
One of my teachers (believe it or not, I am studying Business and management) actually used to work for the NSA, but quit after 5 years working for them. Now he is one of the most recogniced computer teachers in Norway.
Once when I talked to him about computer security he told me that it actually was quite simple to listen to fibre-optic signals, all you had to do was having a really sensitive sensor, and bend the fibre slightly, and maybe even cut a small crack in it, and a portion of the light would pass out, and right into your receiver.
Now if all communication used encryption you still would not get anything usefull. However you could get anything that passed unencrypted.
1. Research on supercomputing in universities will get grants from the government.
2. When you actually need to use encryption on something, they wont bother decrypting it.
I like meat helmets.
Gimme a break.
Like the NSA went out and glommed onto a fiber a mile underwater without first reading a book on how fiber telecoms work or testing their equipment in a lab. They knew how much data to expect, and a lousy gigabit SONET line isn't going to slow them down a tenth of a percent.
Other nonsense:
The bit about worrying about high voltage. On a sub. Where the water pressure from a pinhole leak can cut your arm off; where the acid-filled batteries weigh more than the conning tower; where a salsa fart can linger for a month; this guy's worried about a double-shielded power line?
The bit about worrying about being detected. The head ends might see a glitch of a few seconds in a fiber--one dropped call--hold their breath for half a minute waiting for it to happen again, then go back to reading their comic books when it doesn't. If a human even gets involved. If not, then the next day when the intern who refills the printer notices a couple of extra log messages on page 13482, he starts a conspiracy theory involving the Navy, the NSA, and sooper-seekrit spy subs. And the U.S. Intelligence Community would never fan a conspiracy theory (MJ-12), would they?
All this story proves is that the Wall Street Journal is still the same bunch of hack-writing, research-cribbing, blind-quoting, three-day-late reporting losers I told where to shove their overpriced subscription ten years ago.
--Blair
Scuse me.... but we were in a recession before Reagan was in office it was one of the deciding factors for him getting in. How you gather that Reagan was responsible for it I would dearly love to read. Some hyper-democrat manual I suppose.
This is a Sig, there are many like it but this one is mine! I wish I had more than 120 chars... whats a char?
Virginia?
I work for a company that builds telco equipment. A tap could be easily installed by splicing in a coupler. Sometimes you want to monitor things like SONET overhead or optical power, so it is reasonable to do this.
One question: how do you splice underwater? A fusion splicer produces the best splice, but every fusion splicer I've used is a large box that sits on a bench. I wouldn't want to use it outside a lab, so beneath the ocean is right out!
I also can't think of a way that the tap could be installed without interrupting service. I am curious whether it is possible to detect infrared light that refracts out of a single-mode fiber through a bend and whether a receiver can still make sense of the signal and frame up.
If the American people (dear God, I sound like Bush!) knew about half of the crap the NSA and the government in general does, there would be an immense public outcry. Sadly, the only way for Americans to become aware of these things is through the news. CNN did a story on this but let's face it, Jo Shmoe doesn't get his news from CNN or NPR. Fox news and other such concentrations of stupidity in the media are dumbing us down and keeping us unaware of important goings on. The number of people I know that don't follow the news or get it from, "Fox News Special Reports," is appalling. Not only that, media monopolies, the worst type of a monopoly, have come into existance and are stamping out news sources that compete with them and therefore knocking out journalists and reporters with agendas that differ from their own. *cough AOL Time Warner cough* Back on topic... I think what the NSA does and what it stands for is disgusting. Something has to be done to protect the rights of the individual. The NSA is the antithesis of what I stand for politically and philosophically. The NSA cannot be allowed to continue on in this fashion. It's almost a good thing that I can't really do too much about it, I'm sure that I'd disappear from society within the next few days if I could. Oh and I declare shenanigans of the most serious order.
"A witty saying proves nothing." - Voltaire
These trans-continental fibre optic cables don't just get laid overnight and become live the next day. This takes quite a while. One way they could have tapped the fibre optic cable(s) that would not be noticed by the cable operator by splicing, would be for example, on a new line going from Australia to the USA would be to tap the line close to the USA while they're still laying fibre half way accross the Pacific Ocean. This way they could avoid detection because there would be no drop in traffic over the cable...because there isn't any as of yet. Although the other theories suggested here about getting a fishing boat to *accidentaly* cut the cable to buy time, I think that my theory would raise less suspicion, assuming they're splicing the cable and not tapping the repeaters. The next main problem is to get all that data back to the NSA. Another fibre optic cable going from the trans-continental cable would be discovered pretty quickly. You can't hide something that big easily. The US Navy uses a system known as HAARP to communicate with submarines at sea using ELF (Extremely Low Frequency). The spy sub could attatch a buoy of some sort that communicates with HAARP (if it can recieve as well as transmit.) Well that's my main theory
I think it was CNN that did a whole documentry on the story. The ZDNet article seems to leave out one small detail -- a Russian double agent at the NSA gave the project away to the Soviets, and billions of dollars were lost on the project. Cool article though, at least they touched on some technical theories behind it.
we are being monitored.
We knew this.
I am more curious as to how they sift through the data than how they tap the pipeline.
All communications (fiber, microwave, copper, data, VoIP...) are monitored by a network of advanced servers with a combination of voice recognition hardware and data filtering technologies. This technology is years ahead of current commercially available related products.
"There ought to be limits to freedom"
I've found in life that paranoids dream of fantasies that are much more interesting than real life, whether it's big business, big government, CIA, FBI, NSA, etc. At the same time, it doesn't mean the paranoids aren't right after a fashion.
:)
For example, Ronald Reagon in the early 1980's purposefully caused the recession at that time. Inflation was at 14% and getting worse. According to economic theory, you should be able jack up interest rates, throw millions of people out of work, and within a year the economy will recover, but resume at a much lower inflation rate.
As it turns out, Ronnie was right. But try explaining that to the people at the beginning of the recession who lost their jobs. I'm sure if they really understood how much control the government has over whether or not to force the country into a recession, they would be majorly pissed off.
Likewise, consider US cryptographic export restrictions. While its theoretical purpose is to make it easier for the NSA to spy on foreigners, it has the weird effect of reducing encryption within the United States. The average person in the US uses 40-bit encryption. Lots of products (such as the new AirPort wireless LAN) use 40-bit encryption because of this, even within the US. I think the government really does understand that export restrictions really have an effect on the encryption used by their own population.
On the other hand, I like low-inflation, and I also like the fact that I personally have easy access to 128-bit encryption but that the average stupid criminal doesn't. In other words, I think I like conspiracies.
The fish are all that are left for the NSA to spy on. I never those gills could say so much...
----------What the Chiquita banana?
If they're successful at this, perhaps they can then help me with my inbox. My friends and coworkers keeping clogging up my mailbox, keeping me from the messages about "Making $5 mil in 30 days working from home on the Internet" and "Sexy Co-eds want you!"
Don't my friends understand that I could extremely wealthy *and* have bodacious nymphs at my side ... if only I could get to reading their messages! *Sigh*
could this be why the NSA wants to spend 150 million dollars on that new teta tera whatever the fuck flop computer? hmmmm
I don't think that it's stupid to link a story a couple of days ago about Smart Routers in a discussion of how the NSA might deal with the barrage of information. With computing power increasing slower than bandwidth, the only way the NSA is going to even come close to being able to know what's going on (espescially when/if that 5,000 TB line that another reader was talking about comes on-line) is by prioritizing. what better way than by skimming the subject of the packet off? "this packet is just streaming audio from www.realnetworks.com, but this is an email from the russian prime minister to china. better keep that one." don't routers already do this? (*cue x-files music*)
I've heard of a case here in New Zealand of all places where this counselor was sending e-mail about an abused child (keywords "abuse" "violent" "potential to murder" etc) and it was intercepted and she was monitored for weeks before it was leaked to the media.
Stupid, really cause it sounds so made-up, but it happened.
I think most of the new amps are run on power cells from light rather than copper... Think of the power loss accross the Atlantic, and all the brownouts in California, enough to make you cry...
"I have done some good, that is my best work..." --Voltaire