IP: NSA actively sniffing key Internet routers -- so claims

[Dave Farber <farber () central cis upenn edu>]

Article 1706 of alt.politics.datahighway:
Date: Tue, 16 Jan 1996
Subject: NSA SHORTCIRCUITING FUTURE CRYPTO CAPABILITIES


from Global Net News
===
   [Want to know the easiest way... Puzzle Palace coauthor Wayne Madsen, in
an article written for the June 1995 issue of Computer Fraud & Security
Bulletin (Elsevier Advanced Technology Publications), wrote that "according
to well-placed sources within the Federal Government and the Internet
service provider industry, the National Security Agency (NSA) is actively
sniffing several key Internet router and gateway hosts."


   Madsen says the NSA concentrates its surveillance on destination and
origination hosts, as well as "sniffing" for specific key words and phrases.
He claims his sources have confirmed that the NSA has contracted with an
unnamed private company to develop the software needed to capture Internet
data of interest to the agency.


   According to Madsen, the NSA monitors traffic primarily at two Internet
routers controlled by the National Aeronautics and Space Administration
(NASA), one in College Park, MD (dubbed "Fix East") and another at NASA Ames
Research Center in Sunnyvale, CA ("Fix West").


   Other NSA Internet sniffers, he said, operate at busy routers knows as
Mae East (an East Coast hub), Mae West (a West Coast hub), CIX (reportedly
based in San Jose), and SWAB (a northern Virginia router operated by Bell
Atlantic).


   Madsen says the NSA may also be monitoring traffic at network access
points, the large Internet gateways operated by regional and long-distance
service providers. The NAPs allegedly under surveillance are in Pennsauken,
NJ (operated by Sprint), Chicago (run by AmeriTech and Bell Communications
Research), and San Francisco (Pacific Bell).


   [Quote]
   "Madsen claims the NSA has deals with Microsoft, Lotus, and Netscape to
prevent anonymous email."
   [quote]


   "One senior Federal Government source has reported that NSA has been
particularly successful in convincing key members of the US software
industry to cooperate with it in producing software that makes Internet
messages easier for NSA to intercept, and if they are encrypted, to decode,"
Madsen wrote. "A knowledgeable government source claims that the NSA has
concluded agreements with Microsoft, Lotus and Netscape to permit the
introduction of the means to prevent the anonymity of Internet electronic
mail, the use of cryptographic key-escrow, as well as software industry
acceptance of the NSA-developed Digital Signature Standard (DSS)."


   Is the NSA really snooping on the Net? And if they are, would that
violate the agency's charter, which specifically prohibits it from spying
within the US?


   "Well, Net traffic is routed from God knows where to God knows where
around the world," says George Washington University Professor Lance
Hoffman, a professor of Communications and Telecommunications Systems Policy
at George Washington University. "So if the NSA is doing this, they could
say they are not violating their charter not to spy in the US. That's the
thing. Intelligent routers send stuff any which way."