Ex AT&T Tech Says NSA Monitors All Web Traffic

← Back to Stories (view on slashdot.org)

Ex AT&T Tech Says NSA Monitors All Web Traffic

Posted by Zonk on Friday November 9, 2007 @09:05AM from the tinfoil-hats-engaged dept.

Sir Tandeth writes "A former technician at AT&T, who alleges that the telecom giant forwards virtually all of its internet traffic into a 'secret room' to facilitate government spying, says the whole operation reminds him of something out of Orwell's 1984. Appearing on MSNBC's Countdown program, whistleblower Mark Klein told Keith Olbermann that all Internet traffic passing over AT&T lines was copied into a locked room at the company's San Francisco office — to which only employees with National Security Agency clearance had access. 'Klein was on Capitol Hill Wednesday attempting to convince lawmakers not to give a blanket, retroactive immunity to telecom companies for their secret cooperation with the government. He said that as an AT&T technician overseeing Internet operations in San Francisco, he helped maintain optical splitters that diverted data en route to and from AT&T customers. '"

5 of 566 comments (clear)

Min score:

Reason:

Sort:

Anything about this in AT&T Privacy Statement? by StefanJ · 2007-11-09 09:15 · Score: 5, Interesting

You know, those little pamphlets full of fine print that get shoved in your bill and promptly thrown away because they're purposely made to be obscure and hard to read?

If there's no "we allow an obscure government agency look at everything you read, write, say and listen to without court order or accountability" clause, can we sue the fuckers?
Re:I've read about this before. by Threni · 2007-11-09 09:30 · Score: 5, Interesting

> What's worse is that this will be justified under the guise of anti-terrorism.

http://en.wikipedia.org/wiki/Project_SHAMROCK

I'm not sure it's any worse than when it's justified by whatever the current bogeyman is. Could be terrorism, drugs, child porn, communism etc - it's always just a cover. Follow the money. Who gains from a powerful military, full prisons, terrible education and a fat, lazy corrupt police force?
Credentials?! by yhetti · 2007-11-09 10:00 · Score: 5, Interesting

I'm not going to claim it's not happening, but this is not the guy to listen to. I don't want to be a dick about this, but he's not a network engineer, he's not a network admin, he's not a data specialist...he's a cable splicer. He does VDV work for AT&T. Is it possible, if not likely, that he maybe doesn't have a complete understanding of how all the tubes work past Layer 1? (And just to really be a dick about it, every VDV person I've met claims to be a data network expert because they lay the wires. Ask one why Ethernet is limited to 100M by spec and watch the fun.)

With only 20 of those facilities, and just in AT&T locations, the fibertaps wouldn't even have a significant percentage of traffic going through them. Do some traceroutes; do some ping tests; Try it from different providers. They would have to be routing all traffic through those points. Your ping times would know, and the global BGP tables would know.

I have a comfortable tinfoil hat. What I *could* be easily convinced of is that the NSA has taps on all oceanic fiber. That's much easier to do, since there's not all that many. And...frankly, they should be. We pay them a lot of money to keep us safe. A *lot* of money. But I don't think this is the guy to listen to regarding something this big and damning.
1. Re:Credentials?! by nehumanuscrede · 2007-11-09 11:06 · Score: 5, Interesting
  
  Considering I WORK for AT&T, I would give him far more credit than any engineer
  or planner this company employs. They are engineers in title only. If you want
  to know how things work within a Central Office, go ask the folks who work in it.
  They have far better insight than the planners do.
  
  The ONLY other possible explanation for having a room full of equipment locked up
  would be a co-located company. It's not uncommon for other carriers to have
  equipment in the office that's unaccessible to AT&T and vice versa.
  
  However, none of them require a government clearance to gain entry. Just a
  simple key. Nor are they usually hidden from view. They simply put up wire cages
  to restrict access to the rooms in question.
  
  All it will take is an audit of the fibers in question and the splitters. If the
  splitters actually exist on the backbone fibers and they route into that room, then
  AT&T will have some explaining to do. Simple as that.
  
  The theory I've kicked around is this type of equipment will have a specific eqpt
  code in the databases AT&T uses. ( Assuming it's inventoried at all. Though the
  word document produced indicates that it might be ) Shouldn't be all that tough to run
  an eqpt scan against a Central Office CLLI code to see if it shows up in the
  inventory. . . .
  
  Just a theory mind you ;)
  
  Now as to the percentage of the internet comment I saw earlier.
  
  Do you actually believe this is the ONLY office this type of setup is installed in ?
  Please. If this gear is what we all think it is, then the major Toll buildings
  ( read that the major hubs ) will likely ALL have this gear installed in it. It's
  just a matter of figuring out which offices have been compromised. Probably easy to
  spot. Find the biggest serving office in any given city and start your search there.
  
  It's also doubtful they are saving the Internet in real time. It's more than likely
  a scan and flag type setup. It's likely not even done on site. It's far more probable
  that the redirected traffic is shipped out another fiber that is directly connected to
  an NSA office in the region.
  
  For the encryption comment:
  
  The day we start encrypting everything on the net will be the day you see the bills
  popping back up to keep those ' terrorist tools ' out of the hands of the average
  citizen.
Re:I've read about this before. by cheezus_es_lard · 2007-11-09 10:47 · Score: 5, Interesting

A couple of notes. AT&T is one carrier- it's likely the other US carriers, such as Qwest, Verizon, etc. are all doing the same thing. CALEA has done a lot for voice in the auto-intercept arena, and they're all compliant with it- hence the presence of automatically-receptive departments at the telcos who _already deal with these people_. Installing splitters and a 'secret room' isn't that far fetched, considering that most CO facilities already use 10% splitters on their fiber backbones for testing purposes, installing another set to route to the NSA doesn't seem that hard. In the dark room, have yourself a bunch of fiber gear designed to recreate the incoming signal and coupled with packet re-assemblers which reconstitute the data streams and mine those that are tagged interesting, and route them directly over DS-3, OC-3 or better (who knows how much dark fiber NSA's got in use?? 49 billion buys a lot...) into the NSA's intercept facility. All of a sudden diverse paths, multihoming, even Tor seem less capable of obfuscating your data's origins- your different paths are all re-constituted at NSA, and then mined for intel. Combine this with a broader-scale mining of data focused on terrorism, drugs, any topic of interest, and you have a massively broad filter capable of doing heuristics on national trends on any different topic, as well as a tool for law enforcement to gather intel for both domestic (warrantless wiretaps, anyone) and foreign surveillance- large portions of Internet transit the USA.

People used to talk about the acres of computing facilities at the NSA. They're on the bleeding edge in all their tech- and you think they can't reconstitute some diversely-pathed packet data? Encryption? Please. If it's electronic, it's insecure. Get it through your heads.

love and peace.
-cheez