Fiber cut - response in seconds?
deepak at ai.net
Tue Jun 2 15:27:06 CDT 2009
> Really? The US Military uses a whole lot of wireless (satellite, ground
> baed, surface to air) links. Those links can be sniffed (by people with
> sufficient motivation/funding/gear to do so). They rely on encryption
> protect them.
Which is why, if you have a satellite, you often position DIRECTLY over the antenna you are sending to, and using lasers (rather than other RF) to communicate with it. Likewise, if you want to maintain this kind of security (and reduce the ability to sniff) you do this in space as well. Highly columnated photons are your friend.
Encryption helps, but if it was sufficient in all cases, you wouldn't go to such extremes.
This (in a much more NANOG related way) has ramifications for those selling/operating Wi-Fi, WiMax, P2P and FSO wireless links and trying to do *commercially important things* -- like finance.
The idea here is that fiber is FAR more secure than copper because almost everything you want to do to fiber, you can do to copper, but from a further, less physically-in-contact distance.
Another idea is that commercially operated networks have lower standards for data security (but not necessarily data *integrity*) that intelligence *oriented* applications/networks.
The idea of installing a tap on an encrypted line to do traffic analysis is all very interesting, but no one mentioned the idea that at a critical time (such as an attack) you could easily DISRUPT vital communications links and prevent their function [and their protected paths]. Security cannot exist without a level of integrity. Most commercial networks only need to concern themselves with integrity and let their customers deal with the security of their own applications.
Commercial networks are a great study of "highly" (in the commercial sense) secure data traversing over LSAs (lower sensitivity areas) with lower control thresholds [think poles, manholes, etc]. The data is highly secure to any particular customer, but in the commercial sense, it's almost always lost in the noise. When a business entity crosses that threshold (e.g. the Federal Reserve banks or a transaction clearinghouse) where their data is *worth* getting at no matter how much sifting has to go on... you see extraordinary measures (e.g. properly implemented obfuscation, or what have you) implemented.
More information about the NANOG