Re: Spy Agency Mined Vast Data Trove

[Michael Tewner <tewner () jct ac il>]

All of Israel's inter-provider traffic goes through a central switching 
center. This PoP also contains much of Israel's backbones and external 
links.

getting to the point:
It's pretty obvious that the government here taps the 'net. It should be 
no surprise that the US listens in on traffic; they've been doing it for 
years - ECHELON (as mentioned below). I have a few ideas of my own that 
might even make it simpler for them. The moral of the story is to use 
encryption wherever necessary. Telnet, non-anon ftp, and rsh don't get 
used anymore. Hell, why not try sniffing for CVS passwords? Public WiFi 
access? Only through an encrypted tunnel.

With the "free enterprise of data," if the data is out there, anyone has 
the complete right to access it.



Bipin Gautam wrote:
> hello list;
>
> story: http://www.securityfocus.com/brief/85
> ----[snip]-----
> At issue are the broad, sweeping powers the NSA now have to eavesdrop
> on Americans without their knowledge. Commentary from Ars technical
> speculates on the technology behind the massive eavesdropping. Bruce
> Schneier has a long commentary on historical abuses as well as the
> NSA's use of Echelon, a massive initiative that monitors voice, fax,
> and data communications and is used for data mining of perhaps 3
> billion communications per day.
> ----[/snip]-----
>
> My concern is... (I'm from Nepal) not all ISP in my region go through
> the Nepal's Internet exchange point. so even the local traffic might
> have routed through USA if our ISP'z backbone providr is in USA. I
> don't have very good idea about ledal stuff but my basic assumption is
> BUYING SERVICE FROM A DIFFERENT COUNTRY DOESN'T MEAN WE ARE
> NECESSARILY SUBJECTED TO THEIR LOCAL RULES. (though depends on country
> foreign policy)
>
> Have our network traffic been spyed/sniffed too without our knowledge?
> Don't we have right of protection in the law to check such thing if
> any???
>
> just willing to hear your views on what are the rules to check/tackle
> such issues in other foreign countries???
>
> regards,
> -bipint
>
>
> story: http://www.securityfocus.com/brief/85
> ----[snip]-----
> At issue are the broad, sweeping powers the NSA now have to eavesdrop
> on Americans without their knowledge. Commentary from Ars technical
> speculates on the technology behind the massive eavesdropping. Bruce
> Schneier has a long commentary on historical abuses as well as the
> NSA's use of Echelon, a massive initiative that monitors voice, fax,
> and data communications and is used for data mining of perhaps 3
> billion communications per day.
> ----[/snip]-----
>
> My concern is... (I'm from Nepal) not all ISP in my region go through
> the Nepal's Internet exchange point. so even the local traffic might
> have routed through USA if our ISP'z backbone providr is in USA. I
> don't have very good idea about ledal stuff but my basic assumption is
> BUYING SERVICE FROM A DIFFERENT COUNTRY DOESN'T MEAN WE ARE
> NECESSARILY SUBJECTED TO THEIR LOCAL RULES. (though depends on country
> foreign policy)
>
> Have our network traffic been spyed/sniffed too without our knowledge?
> Don't we have right of protection in the law to check such thing if
> any???
>
> just willing to hear your views on what are the rules to check/tackle
> such issues in other foreign countries???
>
> regards,
> -bipin
> --
>
> Bipin Gautam
>
> Zeroth law of security: The possibility of poking a system from lower
> privilege is zero unless & until there is possibility of direct,
> indirect or consequential communication between the two...
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/