Re: latest Snowden docs show NSA intercepts all Google and Yahoo DC-to-DC traffic

["Mark Foster" <blakjak () blakjak net>]

On Sat, November 2, 2013 6:44 am, David Miller wrote:
> On 11/01/2013 01:08 PM, Gary Buhrmaster wrote:
> > On Fri, Nov 1, 2013 at 4:43 AM, Anthony Junk <anthonyrjunk () gmail com>
> > wrote:
> > ...
> > > It seems as if both Yahoo and Google assumed that since they were
> > > private
> > > circuits that they didn't have to encrypt.
> >
> > I actually cannot see them assuming that.  Google
> > and Yahoo engineers are smart, and taping fibres
> > has been well known for, well, "forever".  I can
> > see them making a business decision that the
> > costs would be excessive to mitigate against
> > taping(*) that would be allowed under the laws
> > in any event.
> >
> > Gary
> >
> > (*) "A" mitigation  was run the fibre through your
> > own pressured pipe which you monitored for loss
> > of pressure, so that even a "hot tap" on the pipe
> > itself would possibly be detected (and there are
> > countermeasures to countermeasures
> > to countermeasures of the various methods).
> > And even then, you had to have a someone walk
> > the path from time to time to verify its integrity.
> > And I am pretty sure there is even an NSA/DOD
> > doc on the requirements/implementation to do
> > those mitigations.
>
> Given what we now know about the breadth of the NSA operations, and the
> likelihood that this is still only the tip of the iceberg - would anyone
> still point to NSA guidance on avoiding monitoring with any sort of
> confidence?
>
> There has always been cognitive dissonance in the dual roles of the NSA:
> 1. The NSA monitors.
> 2. The NSA provides guidance on how to avoid being monitored.
>
> Conflict?

I don't think so. The folks who actually do it, are the ones who are going
to best know how to avoid it.  Plenty of TV shows bear this out. :-)

I think that failure to encrypt inter-DC traffic that is on dark fibre is
simply on the presumption that corporations are seeking to protect their
links from the actions of 'unauthorised' people.  The telco theyre
contracting presumably have some sort of privacy agreement with them. 
No-one else is supposed to be able to get on the wire.  A risk assessment
pre-Snowdon probably didn't make the performance hits, costs, etc of
high-speed rateable encryption, worthwhile - but the paradigm has shifted.
The government is using 'authorisation' to get access to that dark fibre
link (presumably) and that authority is at the heart of the problem.

When reviewing your risk assessment around the presence (or not) of
encryption on your inter-site links, also consider whether the methods of
encryption available to the private sector havn't also been cracked by the
NSA etc. They had the 'golden standard' for crypto, but one has to wonder
whether that standard includes an undocumented backdoor...

Mark.