http://cryptome.org/cable-cuts.htm
10 February 2008
To: <cypherpunks@al-qaeda.net>
Subject: RE: undersea cable cuts
Date: Sun, 10 Feb 2008 06:12:38 -0500
Actually, tapping terrestrial fiber optic cable is easy: a 3db splitter will
do it, though that introduces a break (which isnt a big deal: sonet/sdh rings
will recover within 50 ms, in general).
Its also fairly easy to introduce a tap that doesnt introduce a break, and
this doesnt require spookish equipment at all:its kind of a
hand-grip-looking thing that clamps onto the fiber and pulls some of the
optical signal via cladding-mode coupling.
Either of these methods introduce at least a 3db loss, which in many cases
will just be assumed by the fibers owners to be some of the usual cultprits
that cause loss, or simply a poor splice by the truck guys.
Once you introduce optical amplification, however, its eavesdrop city and you
can tap out some signal without the loss being evident to even OTDRs.
Tapping an underwater cable is far, far harder, but the NSA is known by fiber
guys to have at least two of the very expensive and very specialized subs
necessary.
At Bellcore, I actually consulted on some undersea project by the defense
department, who were seeing intermittent losses on their underwater
something-or-other, which they never told us. But, it was obvious that they
were operating an OC-3 network via their own optical fibers, which I strongly
suspect sat alongside or even inside the underwater cable. They probably had
periodic stations to look for interesting chunks of traffic that they could
tap (or electronically copy) into their own network, which Ill take a wild
guess was probably ATM over OC-3, which would make sense for several reasons,
including reach, which is critical in that environment.
In this case, though, I dont think its us JbTs, just because theres too
much business at stake.
I suspect we have some new mode of fiber optic mujahadeen that are trying to
hurt or seriously fuck up money flows into the middle east, but dont quote me
on that. How did they do it? Dont know, but remember they were resourceful
enough to figure out how to turn a 727 into a very effective smart missile.
Date: Sat, 9 Feb 2008 12:04:33 -0500
To:
cypherpunks@al-qaeda.net
Subject: Re: undersea cable cuts
The Economist did little research, it seems, or it was fed disinfo, or
was induced to defuse speculation.
This list's archive, if no where else, would defuse most of the Economist's
defusing. That's not to say the cpunks archives exists in full, or not easily
located. [Selections below.]
For several years, if not from day one, transoceanic cables are pre-rigged
for tapping, aguably for repair and maintenance by firms like Global Marine,
but easily siphoned for less benign purposes. Moreover it is flat wrong that
fiber optic cable is hard to tap. It takes sophisticated equipment but none
that is beyond the spies and telecomms regular capability. Disinfo abounds
about this as with most classified-at-birth communications technology.
The spies regularly spout that fiber has made eavesdropping more difficult,
along with encryption, the out of control Internet, the ease of transborder
evasion of global laws on privacy and national security.
Top US spy McConnell is on automatic about these fairy tales.
Lying about interception capability is as old as communications. The
Economist is full of shit and shallowness, the silly quotes from discussion
lists, with only a small chance that the story was not planted by officials.
It sure reads like the usual DNI-MI-speak when an op is discovered or
deliberately leaked to divert attention from more covert derringdo.
Say, why tap when worldwide ISPs are jumping through hoops to get natsec
snooping business.
I'd say global spies are desperate to keep surveillance budgets out of this
world. Almost as desperate as news outlets whipsawing readers.
Nothing like that would ever happen here.
Selections from the Cypherpunks mail-list archives:
http://www.cypherpunks.to/faq/cyphernom ... ter18.html
Cyphernomicon by Tim May
18.13 - Physical Security
18.13.1. "Can fiber optical cables be tapped?"
+ Yes. Light can escape from the fiber in bends, and "near-
field" tapping is theoretically possible, at least under
lab conditions. Active measures for puncturing cable
shields and tapping fibers are also possible.
- "The Fed's want a cost effective F/O tap. My company was
approached to develop such a system, can be done but not
cheap like copper wire tapping." [
domonkos[at]access.digex.net (andy domonkos),
comp.org.eff.talk, 1994-06-29]
http://cryptome.org/conus-sigint.htm
6 June 2003
Modern cable companies use fiber optics to transmit the signals
from the headend where the satellite dishes and antennas are to
a neighborhood where they are converted from optical to rf on
copper and distributed locally.
And optical fiber does not radiate at all at radio frequencies.
The only source of rf radiation in fiber optic systems is the
electronics at either end which convert the light into electrical
signals for local use.
One problem that most naive paranoid types completely fail to
grasp is the titanic volume of modern communications. The flow
is so overwhelming that only a powerful God could possibly process
it all to find interesting material. The entire federal budget
could not pay enough humans to screen and analyze ALL the
electonic communications of even a medium size city in 2003.
So communications intercepts are necessarily targeted very narrowly,
even drag net fishing is likely done only in places where there is
a real likelihood that something important will turn up with finite
effort.
The notion that an all powerful big brother is listening to
everything and capturing everything just is not realistic, and
a very very high percentage of what does get captured is never
looked at or listened to or even stored for very long.
Which of course is why traffic analysis and transaction analysis
and social network discovery is far more important than flying
airplanes around trying to collect incidental radiation from
local copper T1 lines. Knowing who calls or emails who makes
it possible to find the needles which you want to monitor in
the vast haystacks. Thus there is a much greater probability
that records of your calls and IP traffic addresses are looked
at for patterns and association with known bad guys than that
someone is actually listening to or reading your traffic
looking for the word bomb.
http://jya.com/echelon-go.htm
07 Oct 1998
During the 1970s and 1980s, almost all Britain's long-distance
telephone calls were carried on the microwave network of which
Hunters Stones is part. The existence of the cables connecting
the network to [NSA's] Menwith Hill has been known since 1980,
but the authorities have always refused to comment. BT now
claims that the cables were connected directly to the United
States via undersea cable, and did not link to other parts of
the British system.
The system was upgraded in 1992, says BT, when a new high capacity
optical fibre cable was installed. This linked to a different part
of the BT network, but was also carried directly to the United
States via undersea cable. Since then, BT revealed, the capacity
of the system has been trebled by adding two more optical fibre
links. These could carry more than 100,000 simultaneous telephone
calls.
http://jya.com/rusigint.htm
16 Feb 1997
Even international communications from the US are less and less
routed via satellite as high capacity fiber trans-ocean cables are
installed. I have seen numbers on the order of less than 10%
satellite transmission of international traffic and as new optical
amplifier cables are installed (which one can assume the UK/USA
partners such as the US NSA get the entire bitstream from) this
number is also plunging. And most international satellite
communications can be monitored from the other end and do not
have to be monitored from near the US.
As a point of fact I would be more concerned that Russian submarines
have tapped the trans-Atlantic and trans-Pacific cables somewhere
than that the Russians pick up satellite communications. One hopes
that the bitstreams on those cables are really securely link
encrypted - doing so would seem to be a no-brainer - but I have
never seen any reference to this being the practice.
Of course all sigint yields information such as passwords and
encryption keys and spectral signatures of speakers and call
addressing and routing information (traffic analysis) that can
be used to good advantage in later active man-in-the-middle
attacks. And one can certainly assume that the Russians and many
other governments including the US have spent considerable effort
developing active penetration and disruption capability. It has
even been reported that the US has been using this to force
network traffic to be routed in Europe via facilities the US
can monitor.
http://cypherpunks.venona.com/date/1996 ... 02285.html
28 Nov 1996
Doug Barnes writes:
PS -- DO read Neal Stephenson's article in the same Wired; it's
a bit boosterish, but it's the funniest tract on fiber
optic cable you'll ever read. It gives a good idea of
where things are headed (deregulation, disintermediation
of cable laying services, cable as speculative investment
as opposed to guaranteed utility, etc.). I'd argue things
aren't headed that way as quickly as Neal indicates, but
certainly where FLAG is landing, it's acting as a catalyst
for change of this sort.
Wired, December 1996
Neal Stephenson
There is also the obvious threat of sabotage by a hostile government,
but, surprisingly, this almost never happens. When cypherpunk Doug
Barnes was researching his Caribbean project, he spent some time
looking into this, because it was exactly the kind of threat he
was worried about in the case of a data haven. Somewhat to his
own surprise and relief, he concluded that it simply wasn't going
to happen. "Cutting a submarine cable," Barnes says, "is like
starting a nuclear war. It's easy to do, the results are devastating,
and as soon as one country does it, all of the others will retaliate.
More of Stephenson's article:
http://www.wired.com/wired/archive/4.12/ffglass.html
Date: Sat, 9 Feb 2008 11:14:55 -0500
To:
cypherpunks@al-qaeda.net
Subject: Re: undersea cable cuts
I have read several posts on this both here and on other lists, the news
seems not to be reporting much about this and the conspiracy theories
abound. Today however, I read a rather interesting piece on The
Economist which I found interesting enough to post here for comment...
According to them, this is just a well publicized string of coincidences
and in one case, one cable was taken down by the operators themselves.
The assertion that these cables fail relatively often, yet go unreported
is also interesting to me. The other interesting statement is that this
did not have a massive impact on Iran's internet infrastructure. The
latter would have the impact of nullifying many theories, if true. What
do folks here think? --
http://www.economist.com/world/internat ... d=10653963
WHEN two undersea cables were damaged, apparently by ships' anchors,
five miles north of Alexandria on January 30th, it seemed like a
reminder of the fragility of the internet. The cablesbone owned by FLAG
Telecom, a subsidiary of India's Reliance Group, the other (SEA-ME-WE 4)
by a consortium of 16 telecoms firmsbcarry almost 90% of the data
traffic that goes through the Suez canal. When the connections failed,
they took with them almost all internet links between Europe and the
Gulf and South Asia.
Egypt lost 70% of its internet connectivity immediately. More than half
of western India's outbound capacity crashed, messing up the country's
outsourcing industry. Over the next few days, as cable operators sought
new routes, 75m people from Algeria to Bangladesh saw internet links
disrupted or cut off.
But when, on February 1st, another of FLAG Telecom's cables was
damaged, this time on the other side of the Arabian peninsula, west of
Dubai, the story started to change. As an internet user known as
spyd3rweb wrote on digg.com, b1 cable = an accident; 2 cables = a
possible accident; 3 cables = deliberately sabotaged.b The conspiracy
theories started to take wing.
bWe need to ponder the possibilityb, declared a posting on
defensetech.org, bthat these cable cuts were intentional malicious
acts. And even if the first incident was just an innocent but important
accident, the second could well be a terrorist copycat event.b Or
American villainy, said others. A user called Blakey Rat reported that
bthe US navy was at one point technically able to tap into undersea
fibre-optic cables using a special chamber mounted on a support
submarine.b A website called the Galloping Beaver asked, bwhere is the
USS Jimmy Carter?bba nuclear attack submarine which had apparently
vanished.
The notion that something spookier than ships' anchors was to blame
gained ground when Egypt's transport ministry said it had studied video
footage of the sea lanes where the cables had been, and no ships had
crossed the line of the breakage for 12 hours before and after the
accident (the area is, in fact, off limits to shipping). Suspicion
spread when yet another cable -- between Qatar and the United Arab
Emirates -- went down on February 3rd. "Beyond the realm of coincidence!"
said a user of ArabianBusiness.com.
In fact, the fourth break was unsuspicious: the network was taken down
by its operator because of a power failure. But by that time the
conspiracists were in overdrive. Slashdot.org, a discussion board, said
Iran had lost all internet access on February 1st. "A communications
disruption can mean only one thingbinvasion," said bigdavex, quoting a
line from a "Star Wars" film. Bloggers in Pakistan, having recovered
from their disruption, returned with a vengeance. The broken cables,
they said, forced a delay in the opening of an oil bourse in Tehran;
this would have led, claimed pkpolitics.com, to the mass selling of
dollars "which would have instantly crashed [the American] economy".
Marcus Salek of New World Order 101.com (nwo101.com) added that
"President Putin ordered the Russian air force to take immediate action
to protect the Russian nation's vital undersea cables."
There is just one small problem: Iran's internet connectivity was never
lost. Todd Underwood and Earl Zmijewski of Renesys, an
internet-monitoring firm, reported that four-fifths of the 695 networks
with connections in Iran were unaffected. Most of the other theories
dissolve under analysis, too. Perhaps the American navy can bug
fibre-optic cables but it's not clear how. A report for the European
Parliament found in 2000 that "optical-fibre cables do not leak radio
frequency signals and cannot be tapped using inductive loops.
[Intelligence agencies] have spent a great deal of money on research
into tapping optical fibres, reportedly with little success."
It may be rare for several cables to go down in a week, but it can
happen. Global Marine Systems, a firm that repairs marine cables, says
more than 50 cables were cut or damaged in the Atlantic last year; big
oceans are criss-crossed by so many cables that a single break has
little impact. What was unusual about the damage in the Suez canal was
that it took place at a point where two continents' traffic is borne
along only three cables. More are being laid. For the moment, there is
only one fair conclusion: the internet is vulnerable, in places, but
getting more robust.
by Seamus OBlimey » Wed Feb 06, 2008 5:12 pm 
