Nsa/fbi Spying On Internet Traffic

[thohts]

(For a little background, read the Salon article reprinted here)

Now go to this Wired article here and read how to find out if traffic to a particular domain or mail exchanger is being re-routed through AT&T

Performing a tracert (in the Command Prompt window, which can be accessed from Start-Programs-Accessories in Windows) on several websites I own I discover that 1 is being rerouted through the AT&T substation in Dallas. I only use this domain email and it is the oldest of my domains. My other hosting accounts on the same server do not route through the AT&T substation. I've tried this about 10 times and that particular domain reaches the substation at about the 9-11th hop, while my other domains never do. Again, on the same server.

Yes, AT&T is a major internet backbone operator in the US. However, my webhost connects to the backbone after the AT&T substation for that domain. The other domains connect to the same backbone but skip the substation.

I happen to know that the AT&T/Bell surveillance substations in every region in the US is always in a building nextdoor to an FBI office. (I did some city work a few years ago, and we had to come up with contingency plans). I used to think this was just to make it easy for the FBI to communicate in case of an emergency, but now their relationship looks even more interesting because of these new developments.

(by the way, you can also type in "NETSTAT -P TCP" in the C prompt to see if your system is being monitored, by hackers, crackers, trojans, or otherwise)

[ThaiPauly]

So what's new?

We are ALL aware that BB is watching our every move, and keywords activate them even more.

Things will never be the same since 9/11.. We HAVE to accept this.

I have had transactions from my Bank Account Offshore in the CI scrutinised by the US Government.. and I am not American!!

What you gonna do about it?

Nadda

Edited due to spelling mistake.. sorry Dubya

Edited June 30, 2006 by ThaiPauly

[meom]

I'm accessing Thaivisa from Saudi so I did the tracer thing as mentioned in your link.

Apparently the route goes through 14 hops but none of them att.net.

I guess it's save to type a secret message now

Edited June 30, 2006 by meom

[Noel]

Edited June 30, 2006 by Noel

[britmaveric]

No biggie - not doing anything illegal so no worries.

[MarkBKK]

Things will never be the same since 9/11.. We HAVE to accept this.

You're right (not sure what any of this has to do with Thailand though) since 9/11 it seems that US citizens have a much harder time funding terrorists in NI.

[billd766]

quote thohts

I have just done a quick trace now and I have ended up at www.theplanet.com so I have sent them an email with a screenshot asking who they are.

[GuestHouse]

(not sure what any of this has to do with Thailand though)

I can see a very useful Thai link

What with spying on international money transfers AND emails, perhaps there is scope for an individual who having given all his life's savings to a Pattaya/BKK tart, might persue the NSA/CIA/GCHQ for damages on account that they have prior knowledge of the fact that the lady in question was scamming a number of guys.. and that they did not warn of this crime.

The hearing ought to be in public on account of high public entertainment, if not public interest.

[cclub75]

Things will never be the same since 9/11.. We HAVE to accept this.

Yes, we do accept it (?).

But it didn't start with 9/11. That's a common mistake to think this way.

States or public entities listening to private communications between people, friends or ennemies, must be as old as the "oldest profession" on Earth...

However, the change is the capabilities of technologies...

That's the main issue.

[kayo]

so if I write key words like Ñ

Terrorist. Bomb. US GoVt. Target. Kill.

Will they track me.

Bring ´em on. If they can´t find an old man on a kydney dialysis machine hiding in a cave, I´m really not worried.

[monochaser]

the OP is one paranoid mother

[udon]

Just don't say "bottom" or you will have the SS knocking on your door at 3a.m.

[thohts]

the OP is one paranoid mother

Hardly.

Your "paranoia" is a matter of perspective. (If I were paranoid, I wouldn't still be using that domain for all of my email, would I?)

However, it is interesting to me. Especially because others have written about it. (I suppose Wired news is paranoid, too. Or anyone else who considers it a strong possibility in the face of supporting evidence.)

The funny thing is, if I only mentioned that it was instead a hacker with a trojan on my system, you probably would have felt sorry for me, and offered your own advice.

Mention 'government' and it becomes "paranoia". (Because we all know the US government would never do anything it shouldn't be doing - why would the thought cross anyone's mind?)

It doesn't matter who is doing it, unless you're a forgiving lamb who enjoys sucking on the teet of your big brother.

Edited July 1, 2006 by thohts

[thohts]

No biggie - not doing anything illegal so no worries.

So only those of us who are doing "illegal" things need to think about a national government (here, the US) doing illegal things?

It's okay for the NSA/FBI to spy on selected international internet traffic because you don't think you're doing anything wrong?

Try performing a tracert on etrade.com or any major online bank. (How about Thaivisa.com?)

Why not just send them a weekly digest of your personal and private dealings? (Really fun if you're not even a citizen of the US)

[johnh101]

Bring ´em on. If they can´t find an old man on a kydney dialysis machine hiding in a cave, I´m really not worried.

Brilliant !

[sbk]

Interesting topic but not particularly Thailand related and more relevant to the Internet/Computers section of the forum.

[calibanjr.]

Things will never be the same since 9/11.. We HAVE to accept this.

You're right (not sure what any of this has to do with Thailand though) since 9/11 it seems that US citizens have a much harder time funding terrorists in NI.

Thought that one was over.

[calibanjr.]

the OP is one paranoid mother

Hardly.

Your "paranoia" is a matter of perspective. (If I were paranoid, I wouldn't still be using that domain for all of my email, would I?)

However, it is interesting to me. Especially because others have written about it. (I suppose Wired news is paranoid, too. Or anyone else who considers it a strong possibility in the face of supporting evidence.)

The funny thing is, if I only mentioned that it was instead a hacker with a trojan on my system, you probably would have felt sorry for me, and offered your own advice.

Mention 'government' and it becomes "paranoia". (Because we all know the US government would never do anything it shouldn't be doing - why would the thought cross anyone's mind?)

It doesn't matter who is doing it, unless you're a forgiving lamb who enjoys sucking on the teet of your big brother.

I find your post interesting and not paranoid. Others can feel free to not give a ###### who's watching them, I'd like to know, just strange that way I guess.

When I find unknowns connected, what do you recommend?

[Kerryd]

It's been a well known fact that the US has been snooping on emails for years. I remember a lot of discussions (long before Thai Visa), when people were using programs such as PGP to encrypt their mail.

The government (US) was trying to block the use of such programs, and then they tried to prevent such programs from being exported and used in other countries. Not too many years ago, you couldn't get a browser with 128k encryption in Thailand (and therefore couldn't access certain sites like online banks ).

Then the government (US) came out with the "Clipper" chip. This was supposed to be a chip that was going to be placed in every communications device (modems, fax machines, ect) that would allow the "authorities" to get unencrypted, "clear copies" of data from those devices (with proper search warrants of course).

It is harder to monitor phone calls, especially cell phones that using various frequencies, and calls that could start/stop at any time. Email however, has to be routed through various computers/routers/servers. To get from point A to B, your email may go through a dozen or more computers. Too easy for a government to set up "sniffers" at various sites, looking for keywords that could trigger further investigation.

As for Kayo's post, yes, keywords like those would cause your email to be "flagged" by the sniffer program, if it went through one of the US servers connected to the program. After being flagged, a low-grade staffer would review the email and determine if it bears further investigation, or in Kayo's case, just result in having his email address added to every spam list in the country !

And finally, as for the "authorities" being unable to capture OBL, remember this. As long as he is out there, the US can use him as a justification to continue their "War on Terror".

Also remember, OBL is a Saudi, and the Bush family has close ties to his family in Saudi Arabia, and may in fact owe OSB's family a few "favours". OSB may be the "black sheep" of the family, but he is still family. I think you'll find as well, that OSB's "black sheep" status is just the "public" face of the matter. In private, I'll bet a lot of his family still support and encourage him.

That friendly relationship between GWB's family and OSB's family could end very quickly if GWB's boys whacked OSB.

Well, guess it's time to start shredding my papers, frying my hard drives, nuking my disks and erasing all traces of my presence here, as I expect I'll be getting visited by "certain" people soon, within a few minutes or hours of my hitting the "Add Reply" button.

Good thing I didn't mention that I run a bar in a certain Central American country, and routinely use Kerryd's ID to post stuff that I don't want associated with my name. That could have been embarassing !

Kayo

[meom]

It's been a well known fact that the US has been snooping on emails for years. I remember a lot of discussions (long before Thai Visa), when people were using programs such as PGP to encrypt their mail.

The government (US) was trying to block the use of such programs, and then they tried to prevent such programs from being exported and used in other countries. Not too many years ago, you couldn't get a browser with 128k encryption in Thailand (and therefore couldn't access certain sites like online banks ).

When rumors surfaced that OBL/AQ used encrypted porn pictures posted on various websites in order to communicate with eachother the NSA/FBI office jocks had a field day with everybody pulling in overtime:D

Edited July 1, 2006 by meom

[CobraSnakeNecktie]

Back to the OP. These guys are not that stupid. If they were running the packets thru a secret facility they would not likely return a ICMP packet that resolved a reverse DNS record for that hop and it would only resolve as an IP. Or better yet just modify Cisco IOS etc or a packet filthering firewall to not return anything.

Back to the wired article the former AT&T worker hasn't worked there in 7 years and his story has substantially grown overtime and flourished over this period.

I am at all saying at authorities in most if not all significant countries are not filtering and recording packets. Most likely they are but these guys are not that slow witted to telegraph it.

Can a government turn a blind eye to whats happening on the internet? The Chinese government for example has been probing and infiltrating both US government and commericial sites. Isn't it the governenments job to indentify and stop that kind of activity?

They aren't going to be interested in what you and your bargirl have to say.

[cclub75]

Ah good old times ! Pretty Good Privacy... Struggle from Zimmerman against US... Mid of 90's. Great music too.

;-)

Sorry off topic.

I agree with your view : the history (and tentation) of spying is long.

And what's very funny is that we don't hear anymore about the encryption issue...

So 2 possibilities :

-the governments (US and other) backed down (they lost the fight against technologies, mai pen rai)

-or they don't need anymore to complain... because they can decypher everything.

Me too, I'm highly paranoid.

It's been a well known fact that the US has been snooping on emails for years. I remember a lot of discussions (long before Thai Visa), when people were using programs such as PGP to encrypt their mail.

The government (US) was trying to block the use of such programs, and then they tried to prevent such programs from being exported and used in other countries. Not too many years ago, you couldn't get a browser with 128k encryption in Thailand (and therefore couldn't access certain sites like online banks ).

Then the government (US) came out with the "Clipper" chip. This was supposed to be a chip that was going to be placed in every communications device (modems, fax machines, ect) that would allow the "authorities" to get unencrypted, "clear copies" of data from those devices (with proper search warrants of course).

Edited July 1, 2006 by cclub75

[Crushdepth]

Phil Zimmermann has a really interesting lecture on the history of PGP email encryption and the US government's attempts attempts to prosecute him for developing / distributing it available for download (MP3, 42 MB).

Quite an entertaining story, I love the way he screwed the government back. Smart guy.

[LivinLOS]

Things will never be the same since 9/11.. We HAVE to accept this.

You're right (not sure what any of this has to do with Thailand though) since 9/11 it seems that US citizens have a much harder time funding terrorists in NI.

Unless those 'terrorists' are Somali warlords, Isreali state army.. Etc etc etc

[Kerryd]

I remember the first time I encrptyed a 1024 bit key. I think I had a new 486 at the time, and it took forever to process !

I don't trust PGP anymore though. I heard/read something a couple years ago that sounded like the government had reached some deal with the programmers or something ? It was awhile ago, can't recall the details. What ever it was, it gave me the impression that PGP wasn't as secure as it once was, so I stopped using it (not that I really had any reason to use it in the first place)

I wonder how long it would take a high-end (government) computer to scan an email for certain keywords ? A micro-second ? Maybe the benchmark is how many emails can be scanned per second ? (like one of the CPU benchmarks, which used to be "xxx instructions per second", as in MiPS, Millions of Instructions Per Second). Maybe they use "TEMPS" (Thousands of Emails Per Second) ?

hmmmm, just googled the amount of emails sent per day. Berkley University estimates 60 BILLION per day. Sounds a little high, as that would be 10 emails for every single person on the entire earth.

Their same graph shows 5 billion emails per day, back in 1995 !!!

They also estimate that 30 billion emails per day are pure spam.

As for the "encrypted porn pictures", it is being done, but I doubt it is by terrorists though. I know that certain people are using that technology to track child porn on the internet, and a couple of child-porn rings have been busted in the past couple of years as a result.

[Crushdepth]

I don't trust PGP anymore though. I heard/read something a couple years ago that sounded like the government had reached some deal with the programmers or something ? It was awhile ago, can't recall the details. What ever it was, it gave me the impression that PGP wasn't as secure as it once was, so I stopped using it

Well, who knows! Phil Zimmermann is pretty emphatic that there isn't a back door and that he doesn't believe PGP's staff would allow one. His website has a page devoted to clarifying his position on no back doors.

The lecture I linked above also contains a section where he talks frankly about how he has had to face user paranoia about back doors every day since he released it - particularly when the government withdrew its case against him.

There is still the open source version of PGP for people that have the time, inclination and ability to scrutinise the source code and compile their own. I have to take that sort of thing on faith but I assume that there are such people out there, and that if the code had been tampered with some geek would have achieved instant fame by declaring it to the world.

Just noticed that Zimmerman has released the beta of an encrypted VOIP internet phone (Zfone).

[thohts]

I'd be more willing to trust open-source encryption than some proprietary encryption methods from a firm like Micrsoft (who already has FBI-approved backdoors built into their Office suite of products). At least with open source many programmers can take a look at it and see what's inside.

When I think of projects like these, all the missing government funds and $200 hammer purchases make sense. Making out a straight "domestic spy budget" wouldn't pass congress.

[PMK]

The code is in the public domain. Anyone, and I have no doubt that 100s if not 1,000s of programmers, and I mean programmers that can understand it, have gone through the code line by line. There are no back doors.

The problem is that using it makes you stand out in a crowd -same as using a sealed envelope when almost everyone else is sending postcards.

Peter

I don't trust PGP anymore though. I heard/read something a couple years ago that sounded like the government had reached some deal with the programmers or something ? It was awhile ago, can't recall the details. What ever it was, it gave me the impression that PGP wasn't as secure as it once was, so I stopped using it (not that I really had any reason to use it in the first place)

[Kerryd]

The problem is that using it makes you stand out in a crowd -same as using a sealed envelope when almost everyone else is sending postcards.

True, Back then I liked doing that jsut to make them burn a lot of computer time trying to decipher meaningless emails (if they even bothered looking at them way back then).

I'd do it nowadays just to see if I could get a reaction (not that I'd actually know if there was a reaction or not).

[melus]

(For a little background, read the Salon article reprinted here)

Now go to this Wired article here and read how to find out if traffic to a particular domain or mail exchanger is being re-routed through AT&T

Performing a tracert (in the Command Prompt window, which can be accessed from Start-Programs-Accessories in Windows) on several websites I own I discover that 1 is being rerouted through the AT&T substation in Dallas. I only use this domain email and it is the oldest of my domains. My other hosting accounts on the same server do not route through the AT&T substation. I've tried this about 10 times and that particular domain reaches the substation at about the 9-11th hop, while my other domains never do. Again, on the same server.

Yes, AT&T is a major internet backbone operator in the US. However, my webhost connects to the backbone after the AT&T substation for that domain. The other domains connect to the same backbone but skip the substation.

I happen to know that the AT&T/Bell surveillance substations in every region in the US is always in a building nextdoor to an FBI office. (I did some city work a few years ago, and we had to come up with contingency plans). I used to think this was just to make it easy for the FBI to communicate in case of an emergency, but now their relationship looks even more interesting because of these new developments.

(by the way, you can also type in "NETSTAT -P TCP" in the C prompt to see if your system is being monitored, by hackers, crackers, trojans, or otherwise)

So, your point is?