White House to Propose System for Wide Monitoring of Internet (fwd)

batz batsy at vapour.net
Mon Dec 23 20:58:00 UTC 2002

On Sat, 21 Dec 2002, Christopher L. Morrow wrote:

Regarding CenterTrack: 
:its not that they misinterpretted, its that its NOT EVER been implemented.

I am content to believe you. However, that CenterTrack has never been 
implemented does not mean that a system for collecting IP session data
has never been implemented. This further suggests that automated 
law enforcement access is also not impossible, which was my 
original point. 

:Ok, so lets say you wanted to IDS the 'internet' or 'any large ISP'
:(Verio/UU/AOL/ATT/Sprint... make your list) there is little gig-e to
:monitor, alot of oc-12/48/192. There isn't an IDS that can truely monitor
:a oc-12 yet, never mind multipath oc-12's (dual/tri/quad paths in the same

Anyone with that size link could be deemed "carrier class" and be 
compelled to install monitoring equipment within their network. 
Though admittedly I don't think it's useful to speculate on 
the legislative "could"'s. 

:Hmm, actually it is pretty darned simple, no-export+no-advertise do this
:for you quickly, then trigger when you want to watch paul vixie's hotmail
:activities... simple enough really. This gets back to distributing
:'sensors' to each pop, on each carrier and having dedicated ports on
:routers to support this... This seems like a very large cost to bear, more
:than 'cost of doing business'.

Those costs of doing business can be regulated, which it looks like
they just might be. Same as the whole PEN register thing for telcoms. 

Also, if you have an existing IDS infrastructure, it is not difficult
to add this kind of LEO-access to it. It is as simple as giving them 
a view of your security management console. 

:all of these vendors provide products capable of this kind of
:'surveillance', whether or not thats the touted talking point or not, each
:can provide this 'surveillance'.

At least one of the vendors you listed does in fact tout the products
surveillance features, at least during their sales pitch. 

The funny thing in my biz (IT security) is that I think it's the only 
one where people sell things by not saying what they can be used for. 
They nod meaningfully while saying that they can't really say just 
what it is that people use it for. Customers think "Wow, I've never 
even heard of this, and the sales guy won't even tell me what it 
does, it *must* be valuable beyond imagination!". To hear them tell 
it, it's as if they are selling a turnkey blackbox ROI Generator, 
which uses top secret military technology that "leverages dynamic 
security policies". 

Before there was carnivore, law enforcement got access to network
data, and I have a few anecdotal accounts of how this was done.  
There is no reason why LEA's couldn't ask ISP's to permanently 
integrate this access into their networks.  


More information about the NANOG mailing list