Re: CRIME Seeking info about wiretapping threats and countermeasures

From: Alan (alan@private)
Date: Fri Feb 01 2002 - 18:56:49 PST

Next message: Jimmy Sadri: "CRIME This time with a subject (Crime Archives?)"

Previous message: Tao, Greg: "CRIME Seeking info about wiretapping threats and countermeasures"
In reply to: Tao, Greg: "CRIME Seeking info about wiretapping threats and countermeasures"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Any time you are running proprietary and/or sensitive information over 
untrusted lines, the data should be encrypted.

Period.  (And not that phoney 40 bit crap or the "escrowed"/backdoored crypto 
either. 128 bit or higher symetrical with session keys discarded after a 
short window of use.)

On Friday 01 February 2002 18:35, Tao, Greg wrote:
> List,
>
> I am conducting some research on threats to WAN traffic
> in the USA and would appreciate your input in 2 areas:
>
> 1) Do you have any anecdotes you can share with me that
> substantiate the threat posed by persons seeking to
> wiretap private high-speed data circuits?  Any
> documented stories about spies wiretapping or insiders
> at the telcos abusing their privileges?

Other than Carnivore?

I have heard many stories of bored sysadmins installing sniffers on racks 
that may or not have belonged to them.  Amazing the sort of stuff that 
travels in the clear over such networks...

> 2) What methods have you seen used to mitigate the risk
> posed by sensitive data in transit across public
> circuits, and where have you seen this?

IPSec, SSH, prayer and ignorance. Mostly prayer and ignorance.  (If we don't 
see it, it can't hurt us.)

> With regards to #2, please be as specific as you can.
> For example, some companies utilize bulk encryption to
> secure leased circuits in addition to encryption at
> various other layers such as session and application.  I
> know of other ways to mitigate the risk, and so I'm
> curious what you have seen.
>
> I specifically excluded foreign network links based on
> the assumption that foreign intelligence services often
> have unfettered access to local telecommunications
> providers in their respective spheres of influence.

Do not assume that the US does not have similar taps. (Or that the data iwill 
stay in trustworthy hands. Your deinition of "trust" and theirs may differ 
widely.)

Actually CALEA ensures that they are able to tap over phone-based networks.  
I expect that recient events have extended that to just about everything 
except smoke signals and sign language.  (Those are next.)

> Feel free to reply to me directly if you are not
> comfortable sharing with the entire list.

Next message: Jimmy Sadri: "CRIME This time with a subject (Crime Archives?)"
Previous message: Tao, Greg: "CRIME Seeking info about wiretapping threats and countermeasures"
In reply to: Tao, Greg: "CRIME Seeking info about wiretapping threats and countermeasures"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:38:49 PDT