[LINK] UK Govt 'Black boxes' to monitor and decrypt all internet and phone data

Frank O'Connor francisoconnor3 at bigpond.com
Sun Jul 1 02:53:55 AEST 2012 

Sounds like it's 'just' a simple packet header/traffic monitor.

Even on encrypted traffic packet headers can't be encrypted, else the data packets they describe wouldn't get to where they were supposed to get to.

IP packet headers can give you a fair bit of information about a given communication, without revealing the contents of the data packets themselves.  For example, if one intercepted a packet travelling on Port 443 between two different IP numbers one could be reasonably certain that a financial transaction was involved between parties with network addresses corresponding to the IP numbers.

So, I guess what I'm saying is that you would get a heap of data indicative of various relationships between transacting parties on the Internet which would require little in the way of processing power to extract from network traffic. (I mean, at its most basic this is already done by routers on a packet by packet basis, you'd simply be storing the data in the 'black box'.) That said, subsequently forwarding said data, and more importantly analysing it to give you some intelligible results and useful pattern analysis, would require some serious grunt and storage ... but that's an ex post facto problem.

That said, IPv4 packet headers are a lot more primitive and limited than IPv6 packet headers ... which may be something to watch out for in the future. It's possible that very sophisticated traffic analysis may become possible with IPv6 as it gains further acceptance across the network and dependent on the future uses various network, transport and application protocols the future Internet puts the much bigger and more capable IPv6 header to.

Just my 2 cents worth ...
---
On 30/06/2012, at 10:05 PM, Kim Holburn wrote:

> It'll be interesting to see how they could do this technically.  If it were possible (ie if the UK govt had access to trusted certs able to do this) it would undermine all trust in SSL.
> 
> http://www.channel4.com/news/black-boxes-to-monitor-all-internet-and-phone-data
> 
>> 'Black boxes' to monitor all internet and phone data
>> 
>> Friday 29 June 2012
>> Internet and phone firms are preparing to install "black boxes" to monitor UK internet and phone traffic, and decode encrypted messages - including Facebook and GMail messages.
>> 
>> As part of the Home Office's communications data bill, internet service providers (ISPs) and mobile phone companies will be obliged to collect communications records and keep them for a year.
>> 
>> The government has insisted that the actual content of messages won't be stored, but until now it has not been clear how communications companies will be able to separate content from "header data", such as the sender and recipient of a message, and the date it was sent.
>> 
>> It has now emerged that the Home Office has held meetings with the UK's largest ISPs and mobile network operators, and has given them information about the hardware which companies will have to use to monitor traffic flowing through their systems.
>> 
>> When an individual uses a webmail service such as Gmail, for example, the entire webpage is encrypted before it is sent. This makes it impossible for ISPs to distinguish the content of the message. Under the Home Office proposals, once the Gmail is sent, the ISPs would have to route the data via a government-approved "black box" which will decrypt the message, separate the content from the "header data", and pass the latter back to the ISP for storage.
>> 
>> Dominic Raab, a Conservative MP who has criticised the bill, said: "The use of data mining and black boxes to monitor everyone's phone, email and web-based communications is a sobering thought that would give Britain the most intrusive surveillance regime in the west. But, many technical experts are raising equally serious doubts about its feasibility and vulnerability to hacking and other abuse."
>> 
>> A representative of the ISPs Association said: "We understand that government wants to move with the times, and we want to work with them on that. But this is a massive project. We'd rather they told us what they want to achieve, then sit down with us to work out how."
>> 
>> "Our other main concern with this is speed. If you're having to route all traffic through one box, it's going to cut down on connection speeds. The hardware can only look at a certain amount of traffic per second - if lots of streams from the BBC iPlayer are going through it, for example, how is it going to handle the traffic?"
>> 
>> A Home Office spokesman said -
>> 
>> "We have not issued any hardware or software specifications.
>> 
>> "The communications data bill is designed to allow the police to maintain their capability to catch criminals and protect the public as technology changes and people use more modern communications. Under this programme the emphasis is to work with industry to determine the best way to achieve this.
>> 
>> "The legislation is currently being scrutinised by parliament. Once it has been passed will we work with companies on how to best collect and store communications data, but not the content."
> 
> 
> -- 
> Kim Holburn
> IT Network & Security Consultant
> T: +61 2 61402408  M: +61 404072753
> mailto:kim at holburn.net  aim://kimholburn
> skype://kholburn - PGP Public Key on request 
> 
> 
> 
> 
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link

More information about the Link mailing list