

Ask HN: Is Surveillance without cooperation possible? - sathishmanohar

Google and Facebook has denied government access to servers and backdoors. What are all the possible ways for a Government with big pocket to obtain user data without co-operation of the service providers?<p>May be like, corrupting certificate authorities and being man in the middle.<p>Lets say I&#x27;m just curious.<p>So what are the Possible methods for mass surveillance without service provider cooperation?
======
dsl
The NSA has traffic sniffers covering all the major fiber routes. They get a
mole within a tech company that is properly placed to walk out with a copy of
the private key, and all SSL traffic is effectively plain text from that point
forward.

------
e3pi
Here's one, a box in the middle:

NARUS(R U NSA?) -See Clearly Act Quickly(tm)

(Wikipedia)

Narus was founded in 1997 by a team of Israelis led by Ori Cohen and Stas
Khirman, now a wholly owned subsidiary of Boeing, which provides real-time
network traffic and analytics software with enterprise class spyware
capabilities.

.Some features of NarusInsight include:

Scalability to support surveillance of large, complex IP networks (such as the
Internet) High-speed Packet processing performance, which enables it to sift
through the vast quantities of information that travel over the Internet.

Normalization, Correlation, Aggregation and Analysis provide a model of user,
element, protocol, application and network behaviors, in real-time. That is it
can track individual users, monitor which applications they are using (e.g.
web browsers, instant messaging applications, email) and what they are doing
with those applications (e.g. which web sites they have visited, what they
have written in their emails/IM conversations), and see how users' activities
are connected to each other (e.g. compiling lists of people who visit a
certain type of web site or use certain words or phrases in their emails).

High reliability from data collection to data processing and analysis.

NarusInsight's functionality can be configured to feed a particular activity
or IP service such as security lawful intercept or even Skype detection and
blocking.

Compliance with CALEA and ETSI. Certified by Telecommunication Engineering
Center (TEC) in India for lawful intercept and monitoring systems for ISPs.

The intercepted data flows into NarusInsight Intercept Suite. This data is
stored and analyzed for surveillance and forensic analysis purposes.

Other capabilities include playback of streaming media (i.e. VoIP), rendering
of web pages, examination of e-mail and the ability to analyze the
payload/attachments of e-mail or file transfer protocols. Narus partner
products, such as Pen-Link, offer the ability to quickly analyze information
collected by the Directed Analysis or Lawful Intercept modules.

A single NarusInsight machine can monitor traffic equal to the maximum
capacity (10 Gbit/s) of around 39,000 256k DSL lines or 195,000 56k telephone
modems. But, in practical terms, since individual internet connections are not
continually filled to capacity, the 10 Gbit/s capacity of one NarusInsight
installation enables it to monitor the combined traffic of several million
broadband users.

According to a year 2007 company press release, the latest version of
NarusInsight Intercept Suite (NIS) is "the industry's only network traffic
intelligence system that supports real-time precision targeting, capturing and
reconstruction of webmail traffic... including Google Gmail, MSN Hotmail and
Yahoo! Mail".[11] However, currently most webmail traffic can be HTTPS
encrypted, so the content of messages can only be monitored with the consent
of service providers.

It can also perform semantic analysis of the same traffic as it is happening,
in other words analyze the content, meaning, structure and significance of
traffic in real time. The exact use of this data is not fully documented, as
the public is not authorized to see what types of activities and ideas are
being monitored.

........................

I first learned of NARUS in James Bamford's 2008 title "Shadow Factory". Also
mentioned another similar big intel sniffer box. He goes into much more detail
than I recall.

