

Mystery Cable Activated in Cuba - hazov
http://www.renesys.com/blog/2013/01/cuban-mystery-cable-activated.shtml

======
trotsky
This sounds like a counter-surveillance technique.

If you're an island nation with one cable for all your traffic you are very
susceptible to a variety of state actor attacks: traffic analysis, mitm,
protocol downgrades etc.

If your traffic goes out one way and back in via a totally divergent link
these kinds of techniques become significantly harder to pull off and much
easier to detect their use.

Passive undersea fiber monitoring is well within the means of more than a few
intelligence operations and quite popular. They're in international water,
unguarded, unrealistic to regularly inspect and they can be modified to leak
just enough light to see every bit while being pretty difficult to detect.

A cable strung between Venezuela and Cuba would be impossible to resist for
anyone in the region with a highly advanced signals intelligence program and
spent 40+ years defined by communism/socialism as public enemy number one.

A year delay in lighting at all suggests to me very strongly that they had
direct evidence or strong indicators that their cable had been split/bent or
their DWDM repeaters / inline terminals or other equipment came into question
- most of it is made by companies pretty cozy with large state actors.

After traffic snooping your second big intelligence concern these days is data
exfiltration. The classic radio bug is way more trouble and effort than
malware mics & cams, keyloggers and mobile phones. Even more popular is just
files - grab it all and see whats good. Mostly that's very hard to catch
leaving the country because there are so many paths and the data volume is so
large.

But if you've previously built a monitoring system for your only route out,
and it's slow enough you can do a credible job of traffic analysis then you're
probably loathe to give up on it. In comparison, the kind of gear needed to do
DPI, anomaly detection, key weakening etc. at a 100G+ is very pricey and
probably covered by export bans anyway.

Asymmetric internet works pretty well anyway. Most commercial service is tuned
that way because thats what the use looks like, way more in than out. Sat
latency ain't a ball of joy but for bulk data and web pages it's probably
pretty decent service especially when compared to what it's replacing.

~~~
Element_
"Passive undersea fiber monitoring is well within the means of more than a few
intelligence operations"

What kind of equipment/engineering would be required for that?

Has there been any documented cases of a government doing that in the past?

~~~
trotsky
Very roughly, you strip the casing and then bend the fiber until a small
amount of light begins escaping through the small gaps created by the bending.
Most of the light continues to travel through the cable unharmed aside from a
tiny decrease in intensity.

Here is a page with some pictures of something along those lines:

[http://www.techrepublic.com/blog/security/protect-your-
netwo...](http://www.techrepublic.com/blog/security/protect-your-network-
against-fiber-hacks/222)

Here is an article about a US sub equipped for this kind of job:

<http://defensetech.org/2005/02/21/jimmy-carter-super-spy/>

------
p_monk
About a year ago, the young people in Cuba already knew that the cable was
laid, but were already very skeptical that it would ever be in operation. It's
disheartening to read that they were right, for now. A number of positive
changes have taken place in Cuba over the last couple years, but none that
might be as consequential as offering low-cost internet. I believe that the
government overestimates the "danger" in this -- the people just want to use
facebook on their phones.

~~~
buster
That made me laugh. Seriously. Have you ever been in Cuba? I was there last
summer. Most people don't even have a mobile phone, let alone a smartphone.
Public phones are extremely common. Most likely many people never even heard
of facebook or twitter.

The last family i lived for a week got internet access from a friend who got
those coupons. So, from what i was told, basically people that need to have
access to the internet at work get a sort of coupons for some hours of
internet usage and there of course there's something like a black market for
it. Anyway, i don't think peoplein Cuba miss Facebook. They'd probably be more
then happy to have mobile phones in general and a good mobile/GPRS coverage
for now. In general, internet is so extremely slow over there that it feels
like the whole country is on an analog line from Fidels office.

~~~
p_monk
I have been several times and I have a lot of family there. Notice how I
started my comment with "young people." I'm not familiar with the eastern part
of the island, but in Havana, mobile phones are quite common amongst young
people. Furthermore, you're wrong, the young people in Cuba DO miss facebook.
This is because university students are allowed to use the (slow) internet
more or less freely. The censorship is not as comprehensive as that of the
chinese firewall. And after spending several years with access to gmail and
facebook, they're thrown into the regular society, where access to internet
more difficult to come by.

~~~
buster
Yes, there may be a mobile phone here and there. But the difference between
the usual european or american standard is so extreme, i'd say that before
they can dream about facebook they dream about easier/faster/better internet
access and widespread mobile (or even smartphone) usage. And no censorship of
facebook ;)

------
stephengillie
The cable isn't a mystery, the article states, but its fate was. Also, the
cable's not _in_ Cuba -- It was laid in 2007 between Cuba and Venezuela. They
just activated this undersea internet link, and the real mystery is 'how's it
misconfigured?' Slightly misleading title.

~~~
josh2600
Sorry, I can't tell if you're being facetious.

The article implies that the cubans are, for some reason, receiving packets
over fiber, but sending over satellite, which, for all intents and purposes,
is insane. It is a real mystery as to why anyone would configure a network to
operate in this manner.

It is akin to having a 10gigabit fiber line in your office and choosing to
have all outbound traffic routed over a 1.5megabit DSL line instead. Madness!

~~~
MichaelApproved
It's more like having a 10gigabit fiber line and choosing to have outbound
traffic routed via carrier pigeon. It's latency, not bandwidth, that makes a
satellite connection maddening.

~~~
bibinou
also, cost. Sending to a satellite is much more involved than receiving from
it.

~~~
rdl
Not once you get to the size of circuit here, and in general, receiving from
satellite is far cheaper than sending to it.

------
rplacd
_> Note: Round trip latencies for crossing the Atlantic and Pacific oceans are
approximately 60ms and 110ms, respectively._

Damn - just out of the reach of my intution.

