nanog mailing list archives
RE: Fiber cut - response in seconds?
From: Deepak Jain <deepak () ai net>
Date: Tue, 2 Jun 2009 16:27:06 -0400
Really? The US Military uses a whole lot of wireless (satellite, ground baed, surface to air) links. Those links can be sniffed (by people with sufficient motivation/funding/gear to do so). They rely on encryption to protect them.
Which is why, if you have a satellite, you often position DIRECTLY over the antenna you are sending to, and using lasers (rather than other RF) to communicate with it. Likewise, if you want to maintain this kind of security (and reduce the ability to sniff) you do this in space as well. Highly columnated photons are your friend. Encryption helps, but if it was sufficient in all cases, you wouldn't go to such extremes. This (in a much more NANOG related way) has ramifications for those selling/operating Wi-Fi, WiMax, P2P and FSO wireless links and trying to do *commercially important things* -- like finance. The idea here is that fiber is FAR more secure than copper because almost everything you want to do to fiber, you can do to copper, but from a further, less physically-in-contact distance. Another idea is that commercially operated networks have lower standards for data security (but not necessarily data *integrity*) that intelligence *oriented* applications/networks. The idea of installing a tap on an encrypted line to do traffic analysis is all very interesting, but no one mentioned the idea that at a critical time (such as an attack) you could easily DISRUPT vital communications links and prevent their function [and their protected paths]. Security cannot exist without a level of integrity. Most commercial networks only need to concern themselves with integrity and let their customers deal with the security of their own applications. Commercial networks are a great study of "highly" (in the commercial sense) secure data traversing over LSAs (lower sensitivity areas) with lower control thresholds [think poles, manholes, etc]. The data is highly secure to any particular customer, but in the commercial sense, it's almost always lost in the noise. When a business entity crosses that threshold (e.g. the Federal Reserve banks or a transaction clearinghouse) where their data is *worth* getting at no matter how much sifting has to go on... you see extraordinary measures (e.g. properly implemented obfuscation, or what have you) implemented. Deepak Jain AiNET
Current thread:
- Re: Fiber cut - response in seconds?, (continued)
- Re: Fiber cut - response in seconds? Jared Mauch (Jun 02)
- Re: Fiber cut - response in seconds? Robert Bonomi (Jun 01)
- Re: Fiber cut - response in seconds? Warren Bailey (Jun 01)
- Re: Fiber cut - response in seconds? David Barak (Jun 02)
- Re: Fiber cut - response in seconds? Charles Wyble (Jun 02)
- RE: Fiber cut - response in seconds? Deepak Jain (Jun 02)
- Re: Fiber cut - response in seconds? Charles Wyble (Jun 02)
- Re: Fiber cut - response in seconds? David Barak (Jun 02)
- Re: Fiber cut - response in seconds? Charles Wyble (Jun 02)
- Re: Fiber cut - response in seconds? Marshall Eubanks (Jun 02)
- Re: Fiber cut - response in seconds? Michael Holstein (Jun 02)
- RE: Fiber cut - response in seconds? Deepak Jain (Jun 02)
- Re: Fiber cut - response in seconds? Chris Adams (Jun 02)
- RE: Fiber cut - response in seconds? Deepak Jain (Jun 02)
- Re: Fiber cut - response in seconds? Chris Adams (Jun 02)
- RE: Fiber cut - response in seconds? John van Oppen (Jun 02)
- Re: Fiber cut - response in seconds? Charles Wyble (Jun 02)
- Re: Fiber cut - response in seconds? Ryan Wilkins (Jun 02)