« Dozier Spam Bot Attacks tdaxp? | HomePage | The Genetics of Systems Administration »

Friday, February 01, 20081201905300

Occam's Razor

I don't think it's crazy to say that a more parsimonious explanation for Iran nearly dropping off the face of the internet

Router
Location
Current Index
Response Time (ms)
Packet Loss (%)
misschaos.chaos-studio.com
China (Shanghai)
81
181
0
gsrmum.vsnl.net.in
India (Mumbai)
72
270
0
core-mgl.cbn.net.id
Indonesia (Mangole)
79
205
0
router1.iust.ac.ir
Iran (Tehran)
0
0
100
cs1mr1.comsourceone.com
Japan (Tokyo)
85
146
0
gateway.ix.singtel.com
Singapore
68
217
12
tpnoc1-osr-transit.ix.giga.net.tw
Taiwan
74
149
12


is that we're installing the hardware and software to allow us to read every packet going in and out of south-west Asia, and we don't want them to know it.

(Chart from Internettrafficreport.com, story courtesy of Slashdot)

Related: New submarine can tap fiber-optic cables (hat-tip AC)
Related: Hackers cut cities' power (hat-tip Sharpr)
Must read: Don't Forget by Mike Tanji

Comments

I have my doubts. The US was tapping adversary lines, including undersea cables, for decades without causing a break in service. (See, for example, the Ivy Bells program).

My personal version of Occam's razor is this: If it's a choice between a very clever conspiracy and exceptional stupidity, bet on stupidity.

Posted by: Daniel McIntosh | Friday, February 01, 2008

I wonder if Aaron will comment, as he gave me the idea discussing the recent Skype outage...

My understanding is that fiber optics are untappable without breaking the signal, because transmission of information relies on minutely correct reflection of light. (A benefit that electromagnetic wires do not have.)

Nor do I think a "very clever conspiracy" would be needed -- merely use of tools we have to an end we would like.

Posted by: Dan tdaxp | Friday, February 01, 2008

Cables actually get cut quite more often than people think.

Presumes we've not masters fiber taps and have been using for some time. You'll have to scroll to find the right 'graph:

http://www.wired.com/science/discoveries/news/2006/05/70908

Posted by: Michael | Friday, February 01, 2008

I see from the updates you already have information on the USS Jimmy Carter (launched 2005). I'd just add that tapping the line is becoming increasing easy. A security newsletter [1] was reporting as early as 2003 that "Used nefariously, optical taps allow access to all voice and data communications transiting a fiber link. Modern commercial network equipment and network configurations cannot detect most types of optical taps…" and "Packet-sniffer software filters through the packet headers, only extracting those packets which match a specific telephone number, IP address or other characteristic." There's reason to believe the NSA was tapping fiber optic cables in the 1990s, but found it hard to process the torrents of data. [2] With improvements in software and increases in computng power (note the increasing power requirements for Ft. Meade), I suspect it's been going on for a few years now.

What I find more interesting is how easy it is to cut off some countries from the web. If it can be done by accident, what does that imply for war? And note the more a state tries to limit and control access points (for example, Saudi Arabia), the easier it becomes to cut it off, with all that implies for economic and military vulnerability.

[1]http://www.networkworld.com/newsletters/sec/2003/0303sec1.html?page=2
[2]http://news.zdnet.com/2100-9595_22-529826.html

Posted by: Dan McIntosh | Saturday, February 02, 2008

Thanks for the links -- the ZDNet piece was particularly interesting.

The hard part of tapping fiber-optics is not being noticed -- it's possible to repair broken connections, but unlike electromagnetic tapping, there has to be an interruption of service if one taps the fiberoptic cabling itself.

Perhaps the great majority of massive oceanic cuts are not being reported, but three very significant ones in a short time frame seems really out of place.

Catholicgauze also noted this [1]

[1] http://catholicgauze.blogspot.com/2008/02/internet-outages-between-egypt-and.html

Posted by: Dan tdaxp | Saturday, February 02, 2008

You see there might be a fourth cable out? And Egyptian authorities found no ships in the area of the first two cable breaks? Source: http://radar.oreilly.com/archives/2008/02/egypt_finds_no.html

Posted by: Munzenberg | Monday, February 04, 2008

The fourth cable was taken offline purposefully (no, really [1] ;-) )...

In a way, this discussion recalls HAARP [2], in which American desire for surveillance is combined with American technology capable of surveillance -- a "conspiracy" exactly as secret and menacing as military project (a new kind of tank, etc.)

[1] http://slashdot.org/
[2] http://en.wikipedia.org/wiki/High_Frequency_Active_Auroral_Research_Program

Posted by: Dan tdaxp | Monday, February 04, 2008

According to Schneier there is a fifth cable cut (well fourth to be technical).

UAE cable outage: http://www.khaleejtimes.com/DisplayArticle.asp?xfile=data/theuae/2008/February/theuae_February155.xml§ion=theuae
Schneier post: http://www.schneier.com/blog/archives/2008/02/fourth_undersea.html

Posted by: Munzenberg | Wednesday, February 06, 2008

I feel like I'm saying "You know, it may be HAARP" after a rush of news-stories about the ionosphere getting a bit warmer, or something.

We have the stated means, stated motive, clear opportunity, stated desire, etc., to do this. I'm not saying we are, but it's pretty likely that cyberbattleground (which perhaps was first tred on by Russians in Estonia [1]) is being layed.

[1] http://www.guardian.co.uk/russia/article/0,,2081438,00.html

Posted by: Dan tdaxp | Wednesday, February 06, 2008

Post a comment