CRIME Seeking info about wiretapping threats and countermeasures

From: Tao, Greg (greg.tao@private)
Date: Fri Feb 01 2002 - 18:35:47 PST

  • Next message: Alan: "Re: CRIME Seeking info about wiretapping threats and countermeasures"

    I am conducting some research on threats to WAN traffic 
    in the USA and would appreciate your input in 2 areas:
    1) Do you have any anecdotes you can share with me that 
    substantiate the threat posed by persons seeking to 
    wiretap private high-speed data circuits?  Any 
    documented stories about spies wiretapping or insiders 
    at the telcos abusing their privileges?
    2) What methods have you seen used to mitigate the risk 
    posed by sensitive data in transit across public 
    circuits, and where have you seen this?
    With regards to #2, please be as specific as you can.  
    For example, some companies utilize bulk encryption to 
    secure leased circuits in addition to encryption at 
    various other layers such as session and application.  I 
    know of other ways to mitigate the risk, and so I'm 
    curious what you have seen.
    I specifically excluded foreign network links based on 
    the assumption that foreign intelligence services often 
    have unfettered access to local telecommunications 
    providers in their respective spheres of influence.
    Feel free to reply to me directly if you are not 
    comfortable sharing with the entire list.

    This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:38:48 PDT