netflow in the core used for surveillance

jim deleskie deleskie at
Wed Aug 25 23:01:12 UTC 2021


  We all know many folks send their *flow to someone or somewhere.  In
exchange for pretty graphs for intelligence.  I suspect in many cases this
data is then reused in many cases for many purposes.  But let's not
overplay the risk here.  There would be much easier ways for rogue nations,
bad guys/good/in the middle nation to find out about dissidents, activists,
and journos than flow data. I think letting any of those people think ToR
is safe as being a much bigger risk.


Disclosures for those that don't know.  I've never worked with Team Cymru,
I do know them fairly well and believe them to be the good guys, I do
currently have a relationship with them, I do not currently work for a
large SP that sends them data.  I have worked A LOT with flow data over the
last 20 years, for large SPs, small vendors, and all things in between.

On Wed, Aug 25, 2021 at 6:15 PM Randy Bush <randy at> wrote:

> used to get dissidents, activists, and journos killed
> at&t, comcast, ... zayo, please tell us you do not do this.
> randy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the NANOG mailing list