ISP compliance < LEAs - tech and logistics

> Wired posted what are suppossedly the docs Mark Klein
wrote 'bout the
> NSA sniffing project.  Interesting read...
> 
> 
http://blog.wired.com/27BStroke6/att_klein_wired.pdf
> 
> John

Indeed. To be honest, I am more interested in NANOG-related
operational
issues involved, which I am not sure many here will be able
to discuss in
case they had experience on the subject. So let us put
privacy and legal
issues aside for the purpose of this discussion.

How does a service provider handle the requirement to meet a
law
enforcement agency with their wiretapping needs? The
logistics and
technology can be exerting, annoying and business-wise, even
prohibiting.

As I just mentioned somewhere else, I should probably point
out that if I
was a major ISP often asked to answer the call of law
enforcement with
legal wiretaps, this could be very annoying as well as
technologically
a killer to my network architecture.
Just sticking some hub somewhere in my network may not cut
it, and will
certainly not cover all of the communication. What about
different lines
and locations?

As a large provider, AT&T probably had to find better
solutions to the
call of the law, or reply on the law's technology to not
kill their
business.

This indeed happened before. As some of you may remember,
according to one
NANOGer at the FBI's Carnivore presentation a few years
ago, "sticking"
just such a hub is what caused his network to break-down.

Creating a centralized wiretapping point under strict
security may be just
the thing to both comply and save costs, not to mention
staying on the
air.

I don't see how that _by_itself_ is wrong of AT&T.
There are other issues
here as well.

The Internet Infrastructure in a significant way sits in the
US. We all
know that. Is it really a surprise to anyone that the NSA,
which states it
listens to the Internet, is using a local resource such as
that on US
soil? They would be crazy not to.

They rivals and enemies in other countries certainly won't
think
twice.

There is the issue of separating domestic communication from
the rest, but
that's just something they have to deal with and US
citizens have to be
paranoid about. This whole situation will probably result in
better
supervision/monitoring of activities rather than stopping
any of them
(i.e. simply more people in-the-know of what the NSA is up
to).

That said, I am not a US citizen nor up-to-date on the
details of this
ATT/NSA issue or the privacy implications, and I am sure
enough of the US
folks here are.

	Gadi.

On Tue, May 23, 2006 at 05:39:26AM -0500, Gadi Evron wrote:
> 
> > Wired posted what are suppossedly the docs Mark
Klein wrote 'bout the
> > NSA sniffing project.  Interesting read...
> > 
> > 
http://blog.wired.com/27BStroke6/att_klein_wired.pdf
> > 
> > John
> 
> Indeed. To be honest, I am more interested in
NANOG-related operational
> issues involved, which I am not sure many here will be
able to discuss in
> case they had experience on the subject. So let us put
privacy and legal
> issues aside for the purpose of this discussion.
> 
> How does a service provider handle the requirement to
meet a law
> enforcement agency with their wiretapping needs? The
logistics and
> technology can be exerting, annoying and business-wise,
even prohibiting.

See RFC 3924, "Cisco Architecture for Lawful Intercept
in IP Networks."
 
-- 
Jim Lippard                         jlgblx.net
Global Security Organization, Information Security
Architecture
Global Crossing
GPG Key ID: 0xED3D63C0

On Tue, 23 May 2006 05:39:26 -0500 (CDT), Gadi Evron
<gelinuxbox.org>
wrote:

> 
> > Wired posted what are suppossedly the docs Mark
Klein wrote 'bout the
> > NSA sniffing project.  Interesting read...
> > 
> > 
http://blog.wired.com/27BStroke6/att_klein_wired.pdf
> > 
> > John
> 
> Indeed. To be honest, I am more interested in
NANOG-related operational
> issues involved, which I am not sure many here will be
able to discuss in
> case they had experience on the subject. So let us put
privacy and legal
> issues aside for the purpose of this discussion.
> 
> How does a service provider handle the requirement to
meet a law
> enforcement agency with their wiretapping needs? The
logistics and
> technology can be exerting, annoying and business-wise,
even prohibiting.
> 
In the US, see 18 USC 2518(4):

	Any provider of wire or electronic communication service,
	landlord, custodian or other person furnishing such
facilities or
	technical assistance shall be compensated therefor by the
	applicant for reasonable expenses incurred in providing
such
	facilities or assistance.



	--Steven M. Bellovin, http://www.cs.columbi
a.edu/~smb

On Tue, 23 May 2006, Steven M. Bellovin wrote:
> > Indeed. To be honest, I am more interested in
NANOG-related operational
> > issues involved, which I am not sure many here
will be able to discuss in
> > case they had experience on the subject. So let us
put privacy and legal
> > issues aside for the purpose of this discussion.
> >
> > How does a service provider handle the requirement
to meet a law
> > enforcement agency with their wiretapping needs?
The logistics and
> > technology can be exerting, annoying and
business-wise, even prohibiting.
>
> In the US, see 18 USC 2518(4):
>
> 	Any provider of wire or electronic communication
service,
> 	landlord, custodian or other person furnishing such
facilities or
> 	technical assistance shall be compensated therefor by
the
> 	applicant for reasonable expenses incurred in
providing such
> 	facilities or assistance.

The NANOG meeting archives are full of presentations as the
result
of very sophisticated network monitoring.  Like most
technology,
it can be used for good and evil.  You can't tell the
motivation
just from the technology.

At 09:48 PM 5/23/2006, Sean Donelan wrote:

>On Tue, 23 May 2006, Steven M. Bellovin wrote:
> > > Indeed. To be honest, I am more interested in
NANOG-related operational
> > > issues involved, which I am not sure many
here will be able to discuss in
> > > case they had experience on the subject. So
let us put privacy and legal
> > > issues aside for the purpose of this
discussion.
> > >
> > > How does a service provider handle the
requirement to meet a law
> > > enforcement agency with their wiretapping
needs? The logistics and
> > > technology can be exerting, annoying and
business-wise, even prohibiting.
> >
> > In the US, see 18 USC 2518(4):
> >
> >       Any provider of wire or electronic
communication service,
> >       landlord, custodian or other person
furnishing such facilities or
> >       technical assistance shall be compensated
therefor by the
> >       applicant for reasonable expenses incurred
in providing such
> >       facilities or assistance.
>
>The NANOG meeting archives are full of presentations as
the result
>of very sophisticated network monitoring.  Like most
technology,
>it can be used for good and evil.  You can't tell the
motivation
>just from the technology.


Sean, please drop this subject. You have no experience here
and it's
annoying that you keep making authoritative claims like you
have some
operational experience in this area. If you do, please do
elaborate
and correct me. From what I understand from the folks at
SBC, you
did not run harassing call, annoyance call, and LAES
services. I would
appreciate a correction.

-M<








--
Martin Hannigan                                (c)
617-388-2663
Renesys Corporation                            (w)
617-395-8574
Member of Technical Staff                      Network
Operations
                                                hanniganrenesys.com  

> >The NANOG meeting archives are full of
presentations as the result
> >of very sophisticated network monitoring.  Like
most technology,
> >it can be used for good and evil.  You can't tell
the motivation
> >just from the technology.

OK, so he says in a roundabout way that you are
already paying for some sophisticated network monitoring
and it probably won't cost you much to just give
some data to the "authorities".

> Sean, please drop this subject. You have no experience
here and it's
> annoying that you keep making authoritative claims like
you have some
> operational experience in this area. If you do, please
do elaborate
> and correct me. From what I understand from the folks
at SBC, you
> did not run harassing call, annoyance call, and LAES
services. I would
> appreciate a correction.

Huh!?!?!?
Are you saying that people should buzz off from 
the NANOG list if they change jobs and their latest
position isn't operational enough? Are you saying that
people should not be on the NANOG list unless they
have TELEPHONY operational experience?

What is the world coming to!?

--Michael Dillon