Start Stockpiling Cap’n Crunch
CNet has an excellent 2-parter on the mechanisms of the US domestic spying scandal, and the potential implications for global personal data security:
[…] a series of interviews of technical experts by CNET News.com during the last few weeks may shed some light on how the program–authorized by President Bush soon after Sept. 11, 2001–works in practice.
It’s hardly a secret that the NSA specializes in electronic surveillance, called communications intelligence in the vernacular of spies. Author James Bamford’s 1982 book, “The Puzzle Palace,” documented how the NSA created hundreds of “intercept stations”–ultrasophisticated, hypersensitive radio receivers designed to pluck both military signals and civilian telephone calls out of the air.
That worked well enough when the bulk of international communications were transmitted by bouncing them off satellites. Today, however, an undersea web of fiber-optic cables spans the globe–and those carry the vast majority of voice and data that leave the United States.
Jim Hayes, president of the Fiber Optic Association, a California-based professional organization, says 99 percent of the world’s long-distance communications travel through fiber links. The remaining 1 percent, he says, are satellite-based, mainly in places like Africa, South America and less developed parts of Asia.
It’s easiest to tap those underwater cables when they make landfall instead of trying to do it underwater, analysts say.
“On land, it’s not nearly as difficult,” said Tim Chovanak, a defense consultant who specializes in network taps and digital forensics. “The easiest thing to do would be to somehow get an agreement with a provider and just simply co-exist in a building, one of the main fiber stations, (peering) points or whatever. In other words, work out something with either a long-haul provider or with an employee.”
A survey conducted by CNET News.com and published Monday found not one provider willing to acknowledge participation, with backbone providers being among the most reticent. An article in USA Today on Monday said AT&T, MCI and Sprint were cooperating with the NSA. In addition, AT&T is facing a class action lawsuit filed this week that alleges cooperation with the NSA in violation of federal law.
If a backbone provider cooperated, it would be legally tricky. Under federal law, any person or company who helps someone “intercept any wire, oral, or electronic communication”–unless specifically authorized by law–could face criminal charges. Even if cooperation is found to be legal, it could be embarrassing to acknowledge opening up customers’ private communications to the perusal of a spy agency.
What I have found odd in much of this coverage is that the fact it’s not reported that the data traffic of many other countries is necessarily, given the nature of the net’s growth, routed through US backbones and hubs and this means that Bush’s spying is not just domestic. (A good primer on how the internet actually works can be found at The Educational Cyberplayground)
Any traffic from anywhere can have been and no doubt is being spied on. What are EU governments doing if anything, about this? Not a lot. The last bit of outrage I can recall is France getting all snitty about the use of Echelon to steal trade secrets.
The trouble is there’s not a lot EU governments can say or do, since they are all complicit, particularly the UK.
