Nonviolence: Twenty-Five Lessons from the History of a Dangerous Idea
A Force More Powerful: A Century of Nonviolent Conflict
Waging Nonviolent Struggle: 20th Century Practice and 21st Century Potential
A Testament of Hope: The Essential Writings and Speeches of Martin Luther King, Jr.
The 35 Articles of Impeachment and the Case for Prosecuting George W. Bush
The Trial of Donald Rumsfeld
The Prosecution of George W. Bush for Murder
Cowboy Republic: Six Ways the Bush Gang Has Defied the Law
United States v. George W. Bush et al.
The Genius of Impeachment: The Founders' Cure for Royalism
Articles of Impeachment Against George W. Bush
The Impeachment of George W. Bush: A Practical Guide for Concerned Citizens
The Case for Impeachment
Impeach the President: The Case Against Bush and Cheney
George W. Bush versus the U.S. Constitution: The Downing Street Memos and Deception, Manipulation, Torture, Retribution, and Cover-ups in the Iraq War and Illegal Domestic Spying
Verdict and Findings of Fact
Impeach Bush: A Funny Li'l Graphical Novel About the Worstest Pres'dent in the History of Forevar
Pretensions to Empire: Notes on the Criminal Folly of the Bush Administration
The Twilight of Democracy: The Bush Plan for America
The Newbie's Guide to Detecting the NSA
It's not surprising that an expert hired by EFF should produce an analysis that supports the group's case against AT&T. But last week's public court filing of a redacted statement by J. Scott Marcus is still worth reading for the obvious expertise of its author, and the cunning insights he draws from the AT&T spy documents.
An internet pioneer and former FCC advisor who held a Top Secret security clearance, Marcus applies a Sherlock Holmes level of reasoning to his dissection of the evidence in the case: 120-pages of AT&T manuals that EFF filed under seal, and whistleblower Mark Klein's observations inside the company's San Francisco switching center.
If you've been following Wired News' coverage of the EFF case, you won't find many new hard revelations in Marcus' analysis -- at least, not in the censored version made public. But he connects the dots to draw some interesting conclusions:
The AT&T documents are authentic. That AT&T insists they remain under seal is evidence enough of this, but Marcus points out that the writing style is pure Bell System, with the "meticulous attention to detail that is typical of AT&T operations."
There may be dozens of surveillance rooms in AT&T offices around the country. Among other things, Marcus finds that portions of the documents are written to cover a number of different equipment rack configurations, "consistent with a deployment to 15 to 20" secret rooms.
The internet surveillance program covers domestic traffic, not just international traffic. Marcus notes that the AT&T spy rooms are "in far more locations than would be required to catch the majority of international traffic"; the configuration in the San Francisco office promiscuously sends all data into the secret room; and there's no reliable way an analysis could infer a user's physical location from their IP address. This, of course, directly contradicts President Bush's description of the "Terrorist Surveillance Program."
The system is capable of looking at content, not just addresses. The configuration described in the Klein documents -- presumably the Narus software in particular -- "exists primarily to conduct sophisticated rule-based analysis of content", Marcus concludes.
My bullet points don't come close to conveying the painstaking reasoning he lays out to back each of his conclusions.
Perhaps the most interesting -- and, in retrospect, obvious -- point Marcus makes is that AT&T customers aren't the only ones apparently being tapped. "Transit" traffic originating with one ISP and destined for another is also being sniffed if it crosses AT&T's network. Ironically, because the taps are installed at the point at which that network connects to the rest of the world, the safest web surfers are AT&T subscribers visiting websites hosted on AT&T's network. Their traffic doesn't pass through the splitters.
With that in mind, here's the 27B Stroke 6 guide to detecting if your traffic is being funneled into the secret room on San Francisco's Folsom street.
If you're a Windows user, fire up an MS-DOS command prompt. Now type tracert followed by the domain name of the website, e-mail host, VoIP switch, or whatever destination you're interested in. Watch as the program spits out your route, line by line.
C:\> tracert nsa.gov
1 2 ms 2 ms 2 ms 12.110.110.204
[...]
7 11 ms 14 ms 10 ms as-0-0.bbr2.SanJose1.Level3.net [64.159.0.218]
8 13 12 19 ms ae-23-56.car3.SanJose1.Level3.net [4.68.123.173]
9 18 ms 16 ms 16 ms 192.205.33.17
10 88 ms 92 ms 91 ms tbr2-p012201.sffca.ip.att.net [12.123.13.186]
11 88 ms 90 ms 88 ms tbr1-cl2.sl9mo.ip.att.net [12.122.10.41]
12 89 ms 97 ms 89 ms tbr1-cl4.wswdc.ip.att.net [12.122.10.29]
13 89 ms 88 ms 88 ms ar2-a3120s6.wswdc.ip.att.net [12.123.8.65]
14 102 ms 93 ms 112 ms 12.127.209.214
15 94 ms 94 ms 93 ms 12.110.110.13
16 * * *
17 * * *
18 * *
In the above example, my traffic is jumping from Level 3 Communications to AT&T's network in San Francisco, presumably over the OC-48 circuit that AT&T tapped on February 20th, 2003, according to the Klein docs.
The magic string you're looking for is sffca.ip.att.net. If it's present immediately above or below a non-att.net entry, then -- by Klein's allegations -- your packets are being copied into room 641A, and from there, illegally, to the NSA.
Of course, if Marcus is correct and AT&T has installed these secret rooms all around the country, then any att.net entry in your route is a bad sign.
http://blog.wired.com/27BStroke6/index.blog?entry_id=1510938
www.VelvetRevolution.us
Recent comments
10 min 9 sec ago
1 hour 32 min ago
2 hours 3 min ago
2 hours 8 min ago
2 hours 34 min ago
2 hours 38 min ago
2 hours 49 min ago
3 hours 43 min ago
4 hours 1 min ago
4 hours 5 min ago