Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: XKeyscore sees 'nearly EVERYTHING you do online

From: Joseph Jackson <jjackson () aninetworks net>
Date: Fri, 2 Aug 2013 05:09:46 -0700
I'm the NSA.  I want to capture a lot of traffic,  I don't need to go to all the Tier 1's.  I can go to a few and get 
them on board.  I could even go to the exchange points like AMS-IX and have them give me a tap.  The other carriers 
have no idea that AMS-IX is letting me sniff their traffic that transits the exchange.  (Not implying that AMS-IX does 
this just using them as an example).  Or I'm the NSA and I want to see the majority of traffic to google searches and 
gmail.  I only need to get google to allow me to interconnect.  Also there are credible reports that the NSA and other 
agencies have the ability to tap fiber optic cables without the knowledge of the carriers.  

http://defensetech.org/2005/02/21/jimmy-carter-super-spy/

If they have this tech why would they limit its use to just spying on foreign govts?


I don't know if any of it is true but I could easily see how it would be possible for them to do such things.

Joseph


 

From: Gary Baribault [mailto:gary () baribault net] 
Sent: Friday, August 02, 2013 6:22 AM
To: Joseph Jackson
Cc: XF; full-disclosure () lists grok org uk
Subject: Re: [Full-disclosure] XKeyscore sees 'nearly EVERYTHING you do online

Having access to the building is ok, but you still need to sniff the fibre, and in a centre like that any tap would be 
found quickly by one tech or another .. the guys from NANOG are good, so the deal must be with the carriers.

If it's a 'legit' connection then No Problèmo 

Gary B

 On 08/02/2013 07:04 AM, Joseph Jackson wrote:
Why would they need to peer with all tier 1s?  If you get access to the major exchange points (1 wilshire, 60 hudson, 
etc) you will get the majority of traffic. 
 
 
 
From: Full-Disclosure [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of XF
Sent: Thursday, August 01, 2013 3:47 PM
To: Gary Baribault
Cc: full-disclosure () lists grok org uk
Subject: Re: [Full-disclosure] XKeyscore sees 'nearly EVERYTHING you do online
 
So you think this is real ? All Tiers 1 would be partner with NSA ? Even in Europ ? This sound crazy 



Le 1 août 2013 à 22:19, Gary Baribault <gary () baribault net> a écrit :
Don't forget that they also have to back haul that data to their data centres !! They would have to have secret 
agreements with all of the Tier 1 carriers. Sure sounds far fetched!

Gary B


On 08/01/2013 03:51 PM, XF wrote:
Right. But where are their tap ? In Internet Exchange Point ? In AS ? And how can they do that ? "Hello, I'm NSA, can I 
get a TAP on your network" :-)  This would say that ISP agree and the amount of data to transfer would be so vast . How 
can they transfer all this amount of data into their system ??

Le 1 août 2013 à 20:56, Gary Baribault <gary () baribault net> a écrit :
Optically tapping ALL of the submarine cable going into and out of the U.S. would still not give them ALL of the 
claimed data. They have to be tapping all of the major traffic exchange sites in the U.S. to get this kind of data.

Gary B

 On 08/01/2013 11:31 AM, XF wrote:

Did you understood how

            they collect data ? This is not clear for me...ISP backdoor
            ? Optical tap on sub marine wire ? 


            >


            > Le 1 août 2013 à 16:26, Georgi Guninski <guninski () guninski com>
            a écrit :


            >


            >> it will be interesting to me what will remain of
            the nsa


            >> when the chinese comrades stop giving fresh money
            to the usa.


            >>


            >> Detroit news are not very pink.


            >>


            >> On Thu, Aug 01, 2013 at 11:20:27PM +1200, Hugh
            Davenport wrote:


            >>> meanwhile, in new zealand, prime minister
            suggests that we aren't


            >>> the slaves for nsa...


            >>>


            >>> On 2013-08-01 19:23, Georgi Guninski wrote:


            >>>> XKeyscore sees 'nearly EVERYTHING you do
            online


            >>>>


            >>>>
           http://www.theregister.co.uk/2013/07/31/prism_put_in_the_shade_by_leak_about_even_more_powerful_snoop_tool/


            >>>> New NSA tool exposed: XKeyscore sees
            'nearly EVERYTHING you do online'


            >>>>


            >>>> From the presentation:


            >>>> * Show me all the exploitable machines in
            country X


            >>>>


            >>>> * How do I find a cell of terrorust that
            has no


            >>>> connection to known strong-selectors


            >>>> **Anomalous events


            >>>> ***Someone who is using encryption


            >>>>


            >>>>
            _______________________________________________


            >>>> Full-Disclosure - We believe in it.


            >>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html


            >>>> Hosted and sponsored by Secunia - http://secunia.com/


            >>>


            >>> _______________________________________________


            >>> Full-Disclosure - We believe in it.


            >>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html


            >>> Hosted and sponsored by Secunia - http://secunia.com/


            >>


            >> _______________________________________________


            >> Full-Disclosure - We believe in it.


            >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html


            >> Hosted and sponsored by Secunia - http://secunia.com/


            >


            > _______________________________________________


            > Full-Disclosure - We believe in it.


            > Charter: http://lists.grok.org.uk/full-disclosure-charter.html


            > Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: