Re: [privacy] AT&T 'Spy Room' Documents Unsealed

[Valdis.Kletnieks () vt edu]

On Wed, 13 Jun 2007 11:08:06 PDT, Matthew Murphy said:
> What I think Gadi means is that it's entirely reasonable for a
> surveillance infrastructure to exist, as AT&T would require one to
> comply with the law (CALEA, et al).

Note that usually, a CALEA tap is located somewhere network-topology near
the target, just so it can catch traffic from the target to other destinations
served out of the same CO (more likely than you'd expect, if you include things
like IM from one DSL line to another in the same town, to arrange a drug buy).
Right there in the CO at the other end of the target's copper (or fiber), is
where you're most guaranteed to get all the flows you're interested in for
that target, and lessen the chances that you intercept flows not covered
by your CALEA wiretap authorization.

On the other hand, colocating the tap at a major peering point is the sort of
thing you'd want to do if you're trying to sniff (possibly on a statistical
basis) all the traffic on multiple OC192s, without regard to whether there
exists the correct legal paperwork giving wiretap authority for that particular
flow.  (Bonus points for noticing that the ATT business unit that handles
that facility isn't, AFAICT, the same one that sells DSL/whatever to end users,
so that business unit shouldn't every be receiving CALEA requests).

So use your knowledge of network design - would *you* build a CALEA intercept
for users your business unit doesn't even have, the way this one was built?
And how would you design a Echelon-style data-hoover?

If it walks like a duck, and quacks like a duck, it's more likely a duck than
a very confused zebra.

Attachment: _bin
Description:

_______________________________________________
privacy mailing list
privacy () whitestar linuxbox org
http://www.whitestar.linuxbox.org/mailman/listinfo/privacy