And can you talk me through how NSA is doing it, then? Assume they're taking every node that FBI or a friendly doesn't run.
-
-
Replying to @emptywheel @puellavulnerata
1/ Well,
@puellavulnerata would have a lot of insights I don't have, but I'll give the stuff I know about.1 reply 0 retweets 0 likes -
2/ The bulk of their monitoring is just "connection" metadata: traffic from an exit node going to an IP address.
1 reply 0 retweets 1 like -
3/ They'll also have connection records going into an entrance node. They can then match up entrance with exit records.
2 replies 0 retweets 1 like -
Replying to @ErrataRob @puellavulnerata
Note they've also redefined DRAS (from PRTT) to include stuff further down the packet.
1 reply 0 retweets 0 likes -
Replying to @emptywheel @puellavulnerata
Yes, email, HTTP, and SSL headers are almost certainly covered by DRAS. It's not an unreasonable view.
1 reply 0 retweets 0 likes -
Replying to @ErrataRob @puellavulnerata
No no no. FISC expanded def of DRAS to include non-content content. HJC bill codifies that, SSCI is silent but beyond caring.
1 reply 0 retweets 0 likes -
Replying to @emptywheel @puellavulnerata
I'm not sure what you are saying "no" to. An HTTP header is content as far lower layers care, but DRAS as far as upper layers.
1 reply 0 retweets 0 likes -
In other words, HTTP URLs and email addresses (in email headers) are "dialing, routing, or signaling" information, ...
1 reply 0 retweets 0 likes -
...despite being "content" as far as the Internet routers care.
1 reply 0 retweets 0 likes
We agree then. This is not approved by law, but since 2012, they've been collecting this as content so ...
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.