On 11/01/2013 01:08 PM, Gary Buhrmaster wrote: > On Fri, Nov 1, 2013 at 4:43 AM, Anthony Junk <anthonyrj...@gmail.com> wrote: > ... >> It seems as if both Yahoo and Google assumed that since they were private >> circuits that they didn't have to encrypt. > > I actually cannot see them assuming that. Google > and Yahoo engineers are smart, and taping fibres > has been well known for, well, "forever". I can > see them making a business decision that the > costs would be excessive to mitigate against > taping(*) that would be allowed under the laws > in any event. > > Gary > > (*) "A" mitigation was run the fibre through your > own pressured pipe which you monitored for loss > of pressure, so that even a "hot tap" on the pipe > itself would possibly be detected (and there are > countermeasures to countermeasures > to countermeasures of the various methods). > And even then, you had to have a someone walk > the path from time to time to verify its integrity. > And I am pretty sure there is even an NSA/DOD > doc on the requirements/implementation to do > those mitigations. >
Given what we now know about the breadth of the NSA operations, and the likelihood that this is still only the tip of the iceberg - would anyone still point to NSA guidance on avoiding monitoring with any sort of confidence? There has always been cognitive dissonance in the dual roles of the NSA: 1. The NSA monitors. 2. The NSA provides guidance on how to avoid being monitored. Conflict? -DMM
signature.asc
Description: OpenPGP digital signature
