Schneier- More on the NSA's Use of Traffic Shaping

Started by Netwörkheäd, July 18, 2017, 06:04:00 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

Netwörkheäd

July 18, 2017, 06:04:00 PM
More on the NSA's Use of Traffic Shaping

"Traffic shaping" -- the practice of tricking data to flow through a particular route on the Internet so it can be more easily surveiled -- is an NSA technique that has gotten much less attention than it deserves. It's a powerful technique that allows an eavesdropper to get access to communications channels it would otherwise not be able to monitor....
   
   

"Traffic shaping" -- the practice of tricking data to flow through a particular route on the Internet so it can be more easily surveiled -- is an NSA technique that has gotten much less attention than it deserves. It's a powerful technique that allows an eavesdropper to get access to communications channels it would otherwise not be able to monitor.



There's a new paper on this technique:



This report describes a novel and more disturbing set of risks. As a technical matter, the NSA does not have to wait for domestic communications to naturally turn up abroad. In fact, the agency has technical methods that can be used to deliberately reroute Internet communications. The NSA uses the term "traffic shaping" to describe any technical means the deliberately reroutes Internet traffic to a location that is better suited, operationally, to surveillance. Since it is hard to intercept Yemen's international communications from inside Yemen itself, the agency might try to "shape" the traffic so that it passes through communications cables located on friendlier territory. Think of it as diverting part of a river to a location from which it is easier (or more legal) to catch fish.

The NSA has clandestine means of diverting portions of the river of Internet traffic that travels on global communications cables.



Could the NSA use traffic shaping to redirect domestic Internet traffic -- ­emails and chat messages sent between Americans, say­ -- to foreign soil, where its surveillance can be conducted beyond the purview of Congress and the courts? It is impossible to categorically answer this question, due to the classified nature of many national-security surveillance programs, regulations and even of the legal decisions made by the surveillance courts. Nevertheless, this report explores a legal, technical, and operational landscape that suggests that traffic shaping could be exploited to sidestep legal restrictions imposed by Congress and the surveillance courts.



News article. NSA document detailing the technique with Yemen.



This work builds on previous research that I blogged about here.



The fundamental vulnerability is that routing information isn't authenticated.


Source: More on the NSA's Use of Traffic Shaping
Let's not argue. Let's network!

deanwebb

#1
July 18, 2017, 06:47:06 PM
I posted this link in another thread, but if you haven't read this yet, I urge you to do so.
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.
Print
Go Up Pages1
User actions