On Sat, 21 Dec 2002, Christopher L. Morrow wrote: Regarding CenterTrack: : :its not that they misinterpretted, its that its NOT EVER been implemented. I am content to believe you. However, that CenterTrack has never been implemented does not mean that a system for collecting IP session data has never been implemented. This further suggests that automated law enforcement access is also not impossible, which was my original point. :Ok, so lets say you wanted to IDS the 'internet' or 'any large ISP' :(Verio/UU/AOL/ATT/Sprint... make your list) there is little gig-e to :monitor, alot of oc-12/48/192. There isn't an IDS that can truely monitor :a oc-12 yet, never mind multipath oc-12's (dual/tri/quad paths in the same :box) Anyone with that size link could be deemed "carrier class" and be compelled to install monitoring equipment within their network. Though admittedly I don't think it's useful to speculate on the legislative "could"'s. :Hmm, actually it is pretty darned simple, no-export+no-advertise do this :for you quickly, then trigger when you want to watch paul vixie's hotmail :activities... simple enough really. This gets back to distributing :'sensors' to each pop, on each carrier and having dedicated ports on :routers to support this... This seems like a very large cost to bear, more :than 'cost of doing business'. Those costs of doing business can be regulated, which it looks like they just might be. Same as the whole PEN register thing for telcoms. Also, if you have an existing IDS infrastructure, it is not difficult to add this kind of LEO-access to it. It is as simple as giving them a view of your security management console. :all of these vendors provide products capable of this kind of :'surveillance', whether or not thats the touted talking point or not, each :can provide this 'surveillance'. At least one of the vendors you listed does in fact tout the products surveillance features, at least during their sales pitch. The funny thing in my biz (IT security) is that I think it's the only one where people sell things by not saying what they can be used for. They nod meaningfully while saying that they can't really say just what it is that people use it for. Customers think "Wow, I've never even heard of this, and the sales guy won't even tell me what it does, it *must* be valuable beyond imagination!". To hear them tell it, it's as if they are selling a turnkey blackbox ROI Generator, which uses top secret military technology that "leverages dynamic security policies". Before there was carnivore, law enforcement got access to network data, and I have a few anecdotal accounts of how this was done. There is no reason why LEA's couldn't ask ISP's to permanently integrate this access into their networks. -- batz