Re: PRISM Update: NYT says WaPo a bit credulous

On Jun 8, 2013, at 10:11 AM, Jay Ashworth wrote: > Well, ok, they don't actually *say* that, but it's the underlying idea behind > their own piece, which says that the listed companies didn't really give NSA > quite such unfettered access There's another potential explanation: from

PRISM Update: NYT says WaPo a bit credulous

Well, ok, they don't actually *say* that, but it's the underlying idea behind their own piece, which says that the listed companies didn't really give NSA quite such unfettered access: http://www.nytimes.com/2013/06/08/technology/tech-companies-bristling-concede-to-government-surveillance-efforts.

Re: Webcasting as a replacement for traditional broadcasting (was Re: Wackie 'ol Friday)

Jay Ashworth wrote: "He's at the 40... the 30... the 20... this is gonna be the Super Bowl, folks... the 10... [buffering]" Cheers, -- jra lol...tnx Jay!

Re: PRISM: NSA/FBI Internet data mining project

I think we know now, that they will know we are organizing. Sent from my Mobile Device. Original message From: Ishmael Rufus Date: 06/07/2013 6:32 PM (GMT-08:00) To: Owen DeLong Cc: NANOG Subject: Re: PRISM: NSA/FBI Internet data mining project Yeah... so when are we riot

Re: PRISM: NSA/FBI Internet data mining project

Yeah... so when are we rioting? Because they'll just continue to make laws that circumvent the constitution. On Fri, Jun 7, 2013 at 8:20 PM, Owen DeLong wrote: > Dan, > > While the government has no responsibility to protect my data, they do > have a responsibility to respect my privacy. While

Re: PRISM: NSA/FBI Internet data mining project

Dan, While the government has no responsibility to protect my data, they do have a responsibility to respect my privacy. While you are correct in that proper personal security procedures to protect my data from random crackers would, in fact, also protect it from the government, that's a far cr

Re: PRISM: NSA/FBI Internet data mining project

Server maintenance at 00 on my end.

Re: PRISM: NSA/FBI Internet data mining project

I'd love to, but American Idle is on in 5 minutes. Maybe next time? Nick On Fri, Jun 7, 2013 at 8:57 PM, Ishmael Rufus wrote: > So when are we rioting? > > > On Fri, Jun 7, 2013 at 7:14 PM, Nick Khamis wrote: > > > Tax payer money.. :) > > > > On 6/7/13, Mark Seiden wrote: > > > what a p

Re: PRISM: NSA/FBI Internet data mining project

So when are we rioting? On Fri, Jun 7, 2013 at 7:14 PM, Nick Khamis wrote: > Tax payer money.. :) > > On 6/7/13, Mark Seiden wrote: > > what a piece of crap this article is. > > > > the guy doesn't understand what sniffing can and can't do. obviously he > > doesn't understand peering or r

Re: PRISM: NSA/FBI Internet data mining project

Sorry for the top post

Re: PRISM: NSA/FBI Internet data mining project

Tax payer money.. :) On 6/7/13, Mark Seiden wrote: > what a piece of crap this article is. > > the guy doesn't understand what sniffing can and can't do. obviously he > doesn't understand peering or routing, and he doesn't understand what cdns > are for. > > he doesn't understand the EU safe

Re: PRISM: NSA/FBI Internet data mining project

what a piece of crap this article is. the guy doesn't understand what sniffing can and can't do. obviously he doesn't understand peering or routing, and he doesn't understand what cdns are for. he doesn't understand the EU safe harbor, saying it applies to govt entitites, when it's purely abo

Re: PRISM: NSA/FBI Internet data mining project

http://www.guardian.co.uk/world/2013/jun/07/obama-china-targets-cyber-overseas the headline may be misleading. Presidential Policy Directive 20 defines OCEO as "operations and related programs or activities … conducted by or on behalf of the United States Government, in or through cyberspace, tha

Re: PRISM: NSA/FBI Internet data mining project

the palantir financial product named prism is useless for intelligence analysis. it's for timeseries financial data. my understanding is it's a completely different product, code base and market from the connect-the-dots product they sell as a competitor to i2's Analyst's Notebook product. "th

Re: PRISM: NSA/FBI Internet data mining project

Also of interest: http://www.guardian.co.uk/world/2013/jun/07/nsa-prism-records-surveillance-questions - ferg On Fri, Jun 7, 2013 at 3:49 PM, Michael Hallgren wrote: > Le 07/06/2013 19:10, Warren Bailey a écrit : >> Five days ago anyone who would have talked about the government having this

Re: PRISM: NSA/FBI Internet data mining project

Le 07/06/2013 19:10, Warren Bailey a écrit : > Five days ago anyone who would have talked about the government having this > capability would have been issued another tin foil hat. We think we know the > truth now, but why hasn't echelon been brought up? I'm not calling anyone a > liar, but isn'

BGP Update Report

BGP Update Report Interval: 30-May-13 -to- 06-Jun-13 (7 days) Observation Point: BGP Peering with AS131072 TOP 20 Unstable Origin AS Rank ASNUpds % Upds/PfxAS-Name 1 - AS36998 180296 6.9% 269.1 -- SDN-MOBITEL 2 - AS4837 130901 5.0% 246.1 -- C

The Cidr Report

This report has been generated at Fri Jun 7 21:13:20 2013 AEST. The report analyses the BGP Routing Table of AS2.0 router and generates a report on aggregation potential within the table. Check http://www.cidr-report.org for a current version of this report. Recent Table History Date

Re: PGP/SSL/TLS really as secure as one thinks?

On 08/06/2013, Jeroen Massar wrote: > On 2013-06-07 06:50, Dan White wrote: > [..] > > A nice 'it is Friday' kind of thought Caring about secrecy (or obscurity) of algorithms is a fools errand. http://en.wikipedia.org/wiki/Kerckhoffs%27s_principle Taking Shannon's maxim "the enemy knows the

BGP filter issue -- need contact from Level3

NANOG folks, I have had a bug with Level3 bgp filters for over a week, and have not been able to get a call back from their NOC despite multiple phone calls, for what should be a trivial change, but is buggy (yes I've used their normal process to no avail.) Can someone from their NOC or having

Re: PRISM: NSA/FBI Internet data mining project

Wink wink http://www.forbes.com/sites/andygreenberg/2013/06/07/startup-palantir-denies-its-prism-software-is-the-nsas-prism-surveillance-system/ Sent from my Mobile Device. Original message From: "Jason L. Sparks" Date: 06/07/2013 1:31 PM (GMT-08:00) To: Warren Bailey Cc: J

Re: PRISM: NSA/FBI Internet data mining project

Lol.. I think the 20k hammer is probably a result of the contract vehicle. Firm fixed tend to have trouble with change orders so they bury costs within the project. The real cheap stuff comes from the indefinite quantity type of contracts, where they are buying consumables regularly at a discou

Re: PRISM: NSA/FBI Internet data mining project

I've been trying to find details to the contrary but as far as I see, there's no indication that the constitutional (or otherwise) rights of any US citizens (or anyone, anywhere, for that matter) are being overtly (or otherwise) trampled which would seem to be the pertinent objection. The somewhat

Re: PRISM: NSA/FBI Internet data mining project

On Jun 7, 2013, at 10:02 AM, Christopher Morrow wrote: > On Fri, Jun 7, 2013 at 1:57 AM, Mark Seiden wrote: > >> and also, only $20m/year? in my experience, the govt cannot do anything >> like this >> addressing even a single provider for that little money. > > agreed, that 20m seems extrao

Re: PRISM: NSA/FBI Internet data mining project

I assume the unclassified word "Prism" (which is found everywhere on IC resumes and open job descriptions) refers to Palantir's Prism suite. Could be wrong, but seems logical. On Fri, Jun 7, 2013 at 4:28 PM, Warren Bailey < wbai...@satelliteintelligencegroup.com> wrote: > Has anyone found out i

Re: PRISM: NSA/FBI Internet data mining project

Has anyone found out if this system is actually based on Narus? I associated this program as a super version of the AT&T thing, and if I recall it was understood that was Narus and Co via NSA/FBI? Sent from my Mobile Device. Original message From: Jay Ashworth Date: 06/07/2

Re: PRISM: NSA/FBI Internet data mining project

I'm cool with technology to catch bad guys, I just don't know that catching everything for some kind of dragnet is the right approach. There will be a time where Americans realize they are actually not in control of their governence, perhaps that time is now? On the upside, Holder now has anothe

FIXED: Pen testing and white hats for mass consumption

Since one Whacky Weekend thread isn't enough on a post-NANOG weekend: Here's some coverage of pentesting and 'ethical' hacking packaged for a general audience. I only caught the first half of this the other day, but it seemed worth listening to. and that link is... http://www.thestory.org/stor

Re: Pen testing and white hats for mass consumption

- Original Message - > From: "Jay Ashworth" > To: "NANOG" > Sent: Friday, June 7, 2013 3:03:16 PM > Subject: Pen testing and white hats for mass consumption > Since one Whacky Weekend thread isn't enough on a post-NANOG weekend: > > Here's some coverage of pentesting and 'ethical' hack

Re: PRISM: NSA/FBI Internet data mining project

- Original Message - > From: "Valdis Kletnieks" > On Thu, 06 Jun 2013 22:57:07 -0700, Mark Seiden said: > > and also, only $20m/year? in my experience, the govt cannot do > > anything like this addressing even a single provider for that little money. > > Convince me the *real* number doe

Re: PRISM: NSA/FBI Internet data mining project

i have talked with a dozen people about this who ought to know if there were something more creepy than usual going on. and nobody in engineering knows of anything. but hm, people in compliance said "no comment". that, and the $20M annual number, suggests that what they actually did was set

Re: Pen testing and white hats for mass consumption

On Fri, Jun 07, 2013 at 03:03:16PM -0400, Jay Ashworth wrote: > Since one Whacky Weekend thread isn't enough on a post-NANOG weekend: > > Here's some coverage of pentesting and 'ethical' hacking packaged for a > general audience. I only caught the first half of this the other day, but > it seeme

Pen testing and white hats for mass consumption

Since one Whacky Weekend thread isn't enough on a post-NANOG weekend: Here's some coverage of pentesting and 'ethical' hacking packaged for a general audience. I only caught the first half of this the other day, but it seemed worth listening to. Cheers, -- jra -- Jay R. Ashworth

Weekly Routing Table Report

This is an automated weekly mailing describing the state of the Internet Routing Table as seen from APNIC's router in Japan. The posting is sent to APOPS, NANOG, AfNOG, AusNOG, SANOG, PacNOG, LacNOG, TRNOG, CaribNOG and the RIPE Routing Working Group. Daily listings are sent to bgp-st...@lists.ap

Re: PRISM: NSA/FBI Internet data mining project

On Thu, 06 Jun 2013 22:57:07 -0700, Mark Seiden said: > and also, only $20m/year? in my experience, the govt cannot do anything like > this > addressing even a single provider for that little money. Convince me the *real* number doesn't have another zero. Remember - the $20M number came from a

Re: PRISM: NSA/FBI Internet data mining project

Five days ago anyone who would have talked about the government having this capability would have been issued another tin foil hat. We think we know the truth now, but why hasn't echelon been brought up? I'm not calling anyone a liar, but isn't not speaking the truth the same thing? Sent from

Re: PRISM: NSA/FBI Internet data mining project

On 6/7/2013 11:58 AM, Jay Ashworth wrote: > With all due respect, Dr Mathews, I *know* Valdis[1]' reputation; he's a > regular participant here. > > Who are you again? > > Cheers, > -- jra > [1] Note proper spelling of his name[2]. > [2] Note that I spelled your name correctly as well. I am

Re: PRISM: NSA/FBI Internet data mining project

On Thu, Jun 6, 2013 at 5:04 PM, Matthew Petach wrote: > > > On Thu, Jun 6, 2013 at 4:35 PM, Jay Ashworth wrote: > >> Has fingers directly in servers of top Internet content companies, >> dates to 2007. Happily, none of the companies listed are transport >> networks: >> >> >> http://www.washingto

Re: PRISM: NSA/FBI Internet data mining project

On 6/7/13 8:28 AM, <<"tei''>>> wrote: > This is one of these "Save the forest by burning it" situations that > don't have any logic. > > To save a forest firefighters often cut a few tree. Don't cut all the > trees in a forest to save it from a fire. Seasonal work, many solar obits past. Well,

Re: PRISM: NSA/FBI Internet data mining project

- Original Message - > From: "Mark Seiden" > but the ability to assemble intelligence out of taps on providers' > internal connections > would require reverse engineering the ever changing protocols of all > of those providers. > and at least at one of the providers named, where i worked

Re: PRISM: NSA/FBI Internet data mining project

- Original Message - > From: "Robert Mathews (OSIA)" > Being an AGENT or AGENCY of Change is not an activity most are CAPABLE > of effectively thinking about, let alone acting upon. [ ... ] > Laziness aside, permit me to humbly note that emphasis on COMPLIANCE > (with sane or insane la

Re: PRISM: NSA/FBI Internet data mining project

- Original Message - > From: "Robert Mathews (OSIA)" > On 6/6/2013 9:22 PM, valdis.kletni...@vt.edu wrote: > > > Pay attention. None of the ones *listed* are transport networks. > > Doesn't mean they're not involved but unlisted (as of yet). > > *Vladis: * I thank you for waking me up

Re: PRISM: NSA/FBI Internet data mining project

- Original Message - > From: "Robert Mathews (OSIA)" > On 6/6/2013 7:35 PM, Jay Ashworth wrote: > > > [ . ] Happily, none of the companies listed are transport > > networks: > > > > [ ] > > > > Cheers, > > -- jra > > > Could you be certain that TWC, Comcast, Qwest/CenturyLink

Webcasting as a replacement for traditional broadcasting (was Re: Wackie 'ol Friday)

- Original Message - > From: "Michael Painter" > Anyone besides jra remember the last Super Bowl? > Better this year? Worse? > I'm sure whomever is listening in would like to know as well. > > http://www.multichannel.com/blogs/translation-please/multicast-unicast-and-super-bowl-problem

Re: PRISM: NSA/FBI Internet data mining project

On 6/7/2013 11:42 AM, Dan White wrote: > I believe it's your responsibility to protect your own data, not the > government's, and certainly not Facebook's. Dan, I agree with everything you said in your last post. Except this part misses the point. Yes, it may not be their job to protect the data,

Re: PRISM: NSA/FBI Internet data mining project

On 06/07/13 11:11 -0400, Rob McEwen wrote: On 6/7/2013 9:50 AM, Dan White wrote: OpenPGP and other end-to-end protocols protect against all nefarious actors, including state entities. I'll admit my first reaction yesterday after hearing this news was - so what? Network security by its nature pre

Re: PRISM: NSA/FBI Internet data mining project

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 07/06/2013 16:02, Christopher Morrow wrote: > On Fri, Jun 7, 2013 at 1:57 AM, Mark Seiden > wrote: > >> and also, only $20m/year? in my experience, the govt cannot do >> anything like this addressing even a single provider for that >> little mone

Re: PGP/SSL/TLS really as secure as one thinks?

On Jun 7, 2013, at 10:14 AM, Jeroen Massar wrote: > If you can't trust the entities where your data is flowing through > because you are unsure if and where they are tapping you, why do you > trust any of the crypto out there that is allowed to exist? :) > > Think about it, the same organizatio

Re: PRISM: NSA/FBI Internet data mining project

This is one of these "Save the forest by burning it" situations that don't have any logic. To save a forest firefighters often cut a few tree. Don't cut all the trees in a forest to save it from a fire. Exceptions must be made for police forces to violate rights (like privacy). Exceptions can'

PGP/SSL/TLS really as secure as one thinks?

On 2013-06-07 06:50, Dan White wrote: [..] A nice 'it is Friday' kind of thought > OpenPGP and other end-to-end protocols protect against all nefarious > actors, including state entities. If you can't trust the entities where your data is flowing through because you are unsure if and where t

Re: PRISM: NSA/FBI Internet data mining project

On 6/7/2013 9:50 AM, Dan White wrote: > OpenPGP and other end-to-end protocols protect against all nefarious > actors, including state entities. I'll admit my first reaction yesterday > after hearing this news was - so what? Network security by its nature > presumes that an insecure channel is goin

Re: [NANOG 58] Final agenda posted and late registration - See you in New Orleans!

I echo the same sentiment and this meeting being my first in-person, I can say that if you can swing physically making it to a meeting, jump at the chance. The content was excellent, the "networking" in the hallways was priceless, and the evening activities that the sponsors put on were first-

Re: PRISM: NSA/FBI Internet data mining project

On Fri, Jun 7, 2013 at 1:57 AM, Mark Seiden wrote: > and also, only $20m/year? in my experience, the govt cannot do anything like > this > addressing even a single provider for that little money. agreed, that 20m seems extraordinarily low for such an effort... hell, for 6 yrs time transport co

Re: [NANOG 58] Final agenda posted and late registration - See you in New Orleans!

I just wanted to take a moment and say thank you to all you that put together NANOG. I'm pretty new to the list and 58 was the first NANOG that I followed, watched a few archive speakers in the past, but this was the first time I actually "stay tuned" and followed most speakers. Simply put, thank

RE: PRISM: NSA/FBI Internet data mining project

> > So, you are comfortable just giving up your right to privacy? It's just the > > way > it is? > > If you want to exercise your right to privacy, use end to end encryption and > onion remixing networks to hamper traffic analysis. Whoa. These are two completely separate issues. I concur with

Re: PRISM: NSA/FBI Internet data mining project

On 06/07/13 02:34 -0400, Rob McEwen wrote: The "oh well, it happens, who cares, guess you need PGP" comments on this thread are idiotic. Some of you would benefit from reading the text of the 4th Amendment: "The right of the people to be secure in their persons, houses, papers, and effects, agai

RE: PRISM: NSA/FBI Internet data mining project

> Approaches like > http://www.wired.com/science/discoveries/news/2006/04/70619 > obviously don't scale to small time operators. But if you can vaccuum up close > to the core at full wire speed (and there is no reason to think you can't, > since > there are switches which deal with that) you don't

Re: PRISM: NSA/FBI Internet data mining project

On Fri, Jun 07, 2013 at 12:25:35AM -0500, jamie rishaw wrote: > > Just wait until we find out dark and lit private fiber is getting vampired. > Approaches like http://www.wired.com/science/discoveries/news/2006/04/70619 obviously don't scale to small time operators. But if you can vaccuum up clo

Re: PRISM: NSA/FBI Internet data mining project

On Thu, Jun 06, 2013 at 08:07:57PM -0400, Alex Rubenstein wrote: > > > Has fingers directly in servers of top Internet content companies, > > > dates to 2007. Happily, none of the companies listed are transport > > > networks: > > > > I've always just assumed that if it's in electronic form, some

Re: IP4 address conservation method

Jimmy Hess writes: > The kernel has its defaults, but distribution vendors such as > Redhat/Ubuntu/Debian, are free to supply their own defaults through > sysctl.conf or their NetworkManager packages or network configuration > scripts... > > It's interesting to note they have so far chosen to