At 9:52 AM -0400 2002/08/15, Daniel Golding wrote:
Well, what's a "peering point"? Most traffic does not traverse public peering points, domestically. So, in order to look at enough traffic to make it worthwhile, the .gov would have to optically tap all the private peering x-connects between major carriers.
Nope. Just have them do the work for them. If they want to be more covert, they can just sniff the massive amounts of EMI that is radiated for miles around any major facility.
There are also numerous rules against doing this sort of thing domestically.
Google for "ECHELON" and read the lengthy report that was prepared for the EU. They don't do this domestically -- they ask the GCHQ to do it for them via the ECHELON network, and then pass them the data. They return the favour when the GCHQ wants data on some person in the UK.
Sniffing peering traffic internationally would actually be much easier, for both legal and technical reasons. Linx is the largest public exchange in the world, by traffic, for example. However, I doubt that equipment to sniff 17gb/sec of data actually exists at the moment.
You have no concept of the kind of systems that the NSA uses. First off, they use massive numbers of rather less powerful machines with a "watchlist". Each machine sniffs it's small part of the overall network, and anything matching the watchlist gets saved and sent up for further processing, collation, data reduction, etc.... Then things start to get interesting. ;-) -- Brad Knowles, <brad.knowles@skynet.be> "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin, Historical Review of Pennsylvania. GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E W+++(--) N+ !w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++) tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)