data and national security final

Upload: jackmoe

Post on 30-May-2018

215 views

Category:

Documents


0 download

TRANSCRIPT

  • 8/9/2019 Data and National Security Final

    1/20

    Privacy and National Security in t

    Breen A

    e age of the Internet

    new | Jack Morrison

  • 8/9/2019 Data and National Security Final

    2/20

    Discussion

    1. Net Neutrality

    2. Deep Packet Ins

    3. Short Video

    4. Data and Nationa

    5. Case Study: AT&

    ection

    l Security

    and NSA

  • 8/9/2019 Data and National Security Final

    3/20

  • 8/9/2019 Data and National Security Final

    4/20

    Network Neutra

    Sources of Net

    Neutrality

    Infringement: Content Providers

    issuing licensing

    agreements to ISP's

    ISP's and Govt's with

    DPI technology

    Source:http://www.wired.com/epicenter/2009/02/espn-stands-fir/

    lity

  • 8/9/2019 Data and National Security Final

    5/20

    Deep Packet In

    Definition: Firewall techIDS, IPS, and Statefu

    Capabilities: Security

    Inspection

    Source: http://www.quickneasypcrepair.com/totalsecure-topology.gif

    pection

    nology that combinesFirewall.

    Advanced Packet

  • 8/9/2019 Data and National Security Final

    6/20

    Deep Packet In

    Typical DPI Vendor

    Solutions:

    Traffic Management

    Content Filtering

    Parental Controls

    Interception

    Source: http://www.bivio.net

    pection

  • 8/9/2019 Data and National Security Final

    7/20

    Deep Packet In

    Traffic Management:

    Optimizes network util

    Controls the flow of d

    Source:https://reader010.{domain}/reader010/html5/0601/5b1069e995e70/5b1069ed811c4.jpg

    pection

    ization.

    ta by protocol.

  • 8/9/2019 Data and National Security Final

    8/20

  • 8/9/2019 Data and National Security Final

    9/20

    Deep Packet In

    Parental Controls:

    Revenue Generation

    Sources:

    http://www.att.com

    htt ://eas techsource.com/securit /Com uterSecurit .

    pection

    Interception:

    Wiretapping

  • 8/9/2019 Data and National Security Final

    10/20

    Deep Packet Ins

    Market Projection

    Global Market

    Sources:

    http://www.marketresearchmedia.com/2010/02/17/deep-packet-inspectionmarket/

    htt ://www.cbc.ca/technolo /stor /2009/07/02/f-net-neutralit -fa .html

    ection

    s

    U.S Gov't Market

  • 8/9/2019 Data and National Security Final

    11/20

    Part 2: Natl Securit

    National Security andPolicies

    Pre and Post 9/11 Erand intelligence

    What do these agenci

    What's the big deal?

    and Spying

    Information Assurance

    in Information security

    es do?

  • 8/9/2019 Data and National Security Final

    12/20

    Short Clip The NS

    http://www.pbs.org/wgbh/pages

    ~5:08

    A and AT&T

    frontline/homefront/

  • 8/9/2019 Data and National Security Final

    13/20

    The NSA and CSE

    NSA - National Security Ageo November 4th, 1952o Mission: "...delivering responsive, reli

    Intelligence and Information AssuranNetwork Warfare operations..."

    CSE - Communications Securit To provide and protect information

    edge technology, in synergy with ou

    Canadian government's foreign intelliAdministered under the Departmento Formed 1946o Absolutely Forbidden to collect into You've probably driven past it...o Sir Leonard Tilley Building at 719 Her

    cy

    able, effective, and expert Signalse products and services, and enables

    y Establishmentf national interest through leading-r partners.

    gence and national cryptologic agency.f National Defence (DND)

    elligence on Canadian Citizens

    on Rd.

  • 8/9/2019 Data and National Security Final

    14/20

    Canada's National

    provide foreign intelligenCanada according to Cabi

    strengthen Canada's capcommunications

    protect its vital electronicinformation systems

    "CSEC is forbidden, by lacommunications. When intbetween a domestic and fo

    communications are destr

    ecurity Policy

    e to the Government ofnet-approved priorities

    city for secure

    information and

    , to intercept domesticrcepting communications

    reign source, the domestic

    yed or otherwise ignored

  • 8/9/2019 Data and National Security Final

    15/20

    The NSA and SIGIN

    Began to engage in unlawfuladministration;Warrant-lessSurveillance program

    SIGINT - Signals Intelligence FISA Court (Foreign Intellige

    o "Foreign Power; Agents ofo "knowingly engages in

    gathering activities for

    power, which activitiesviolation of the criminaStates;"

    Domestic Traffic Intercep

    Sources: http://www.law.cornell.edu/uscode/html/uscode50/usc_sup_01_50_1

    T - Post 9/11

    surveillance under the Bushurveillance or Terrorist

    ce Surveillance Act)a foreign power"clandestine intelligenceor on behalf of a foreign

    involve or may involve al statutes of the United

    ion

    0_36.html

  • 8/9/2019 Data and National Security Final

    16/20

    AT&T in trouble with

    AT&T ISP and Telecom provi

    Has lines running through Mo OC48 (Regional ISP Back

    EFF = Electronic Frontier Foo Class Action Lawsuit vs. A

    Photo: http://billboardliberation.com/HQ.htmlSources:http://info.ipinc.net/support/faqs/mae.html; http://www.eff.org/files/nsa

    the EFF

    er for millions

    e East and Mae Westbone @ 2488.32 Mbit/s)ndation&T (Hepting v. AT&T)

    /att.pdf

  • 8/9/2019 Data and National Security Final

    17/20

    A spy's tools

    AT&T IXP feeds intoWorldNet IXP

    Fiber Splittero Beam Splitter; major

    processo Exact duplicates of

    light particles Old days - CopperWire

    was easy Narus STA 6400 - DPI

    o Carrier Gradeo Semantic Network

    Traffic AnalyzerSources: The Shadow Factory

  • 8/9/2019 Data and National Security Final

    18/20

    Mark Klein and Roo

    AT&TWhistle Blowero Network Techniciano Noticed documents and rouo Expert testimony

    Brought Room 641a to publico Viewed splitter box and Nao Provided expert testimony

    "Dec. 10, 2002, manual titled "StudFrancisco," a Jan. 13, 2003, documProcedure" and a second "Cut-In a

    Source: http://www.wired.com/science/discoveries/news/2006/05/70944;Brief summary of the testimony of Mark Klein, a former AT&T technician, and of eScott Marcus, a former Senior Advisor for Internet Technology at the FCC.

    m 641a

    ter at AT&T facility

    ttentionus STA 6400nd supporting documents

    y Group 3, LGX/Splitter Wiring, Sannt titled "SIMS, Splitter Cut-In and Testd Test Procedure" dated Jan. 24, 2003.

    pert witness J.

  • 8/9/2019 Data and National Security Final

    19/20

    Today's Reality

    Other Splitter Cabinets at AT Many different provider hubs Drowning in Data

    o Cray Super computers an ECHELON

    o AUSCANZUKUS

    TIA (Total Information Aware

    T facillitiesand IXC's

    beyond

    ess)

  • 8/9/2019 Data and National Security Final

    20/20

    Questions? Comme

    http://www.wired.com/science/dihttp://www.wired.com/science/di http://en.wikipedia.org/wiki/Naruhttp://en.wikipedia.org/wiki/Naru http://www.wired.com/science/dihttp://www.wired.com/science/di http://www.eff.org/files/nsa/att.pdhttp://www.eff.org/files/nsa/att.pd

    http://en.wikipedia.org/wiki/MAEhttp://en.wikipedia.org/wiki/MAE http://info.ipinc.net/support/faqs/http://info.ipinc.net/support/faqs/ Bamford, James. The Shadow F

    9/11 to the Eavesdropping on APrint.

    Christensen, Chris. "Review ofSecretNSA from 9/11 to the EaBamford" Cryptologia 33.4 (200< http://www.informaworld.com/1

    www.ibm.com

    www.juniper.net www.narus.com

    nts?

    coveries/news/2006/05/70944coveries/news/2006/05/70944

    coveries/news/2006/05/70914coveries/news/2006/05/70914ff

    EastEastae.htmlae.htmlactory: the Ultra-secretNSA fromerica. New York: Doubleday, 2008.

    heS

    hadow Factory: TheUl

    tra-esdropping on America by James). 29 Mar. 20100.1080/01611190903115150 >