Friam

now that's the spirit!

Classic

List

Threaded

9 messages Options

Marcus G. Daniels

now that's the spirit!

http://arstechnica.com/information-technology/2013/11/googlers-say-f-you-to-nsa-company-encrypts-internal-network/

============================================================
FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com

Steve Smith

Re: now that's the spirit!

> http://arstechnica.com/information-technology/2013/11/googlers-say-f-you-to-nsa-company-encrypts-internal-network/
>
Were they any more (or less) surprised to find that the NSA had it's
finger on their internal pulse? I haven't followed the details of how
the NSA tapped them internally and/or how it was Google didn't know that
was happening.
> ============================================================
> FRIAM Applied Complexity Group listserv
> Meets Fridays 9a-11:30 at cafe at St. John's College
> to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com

============================================================
FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com

Owen Densmore

Re: now that's the spirit!

Administrator

I'm amazed the inter-data-center traffic *wasn't* encrypted.

I think the inter-mail-server hops are encrypted, or I certainly hope so! And the clients all support encryption or alternatively use https web-apps.

Wouldn't that make at least mail secure?

-- Owen

On Wed, Nov 6, 2013 at 5:13 PM, Steve Smith <[hidden email]> wrote:

http://arstechnica.com/information-technology/2013/11/googlers-say-f-you-to-nsa-company-encrypts-internal-network/

Were they any more (or less) surprised to find that the NSA had it's finger on their internal pulse? I haven't followed the details of how the NSA tapped them internally and/or how it was Google didn't know that was happening.

============================================================
FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com

============================================================
FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com

============================================================
FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com

Marcus G. Daniels

Re: now that's the spirit!

In reply to this post by Steve Smith

On 11/06/2013 05:13 PM, Steve Smith wrote:
> Were they any more (or less) surprised to find that the NSA had it's
> finger on their internal pulse? I haven't followed the details of how
> the NSA tapped them internally and/or how it was Google didn't know
> that was happening.
It sounds like Google and Yahoo should have been more suspicious and
acted on that suspicion. Apparently the NSA intercepted on the leased
fiber lines from companies like Level 3, which were not encrypted and
vulnerable to intervention without Google knowing it (just like a user
would not know that Google was handing over data via PRISM). Doing this
offshore with the help of GCHQ gave them less legal liability.

Marcus

============================================================
FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com

Marcus G. Daniels

Re: now that's the spirit!

In reply to this post by Owen Densmore

On 11/6/13, 5:30 PM, Owen Densmore wrote:

I think the inter-mail-server hops are encrypted, or I certainly hope so! And the clients all support encryption or alternatively use https web-apps.

Some providers use more lighter protocols like LMTPA (Local Mail Transfer Protocol) for internal transfers. The idea being that if the mail doesn't hit the internet then the physical security of the ISP is sufficient, even though the ISP switches over to TLS security for the delivery once the data is headed for the internet. And Google does the latter. But for Google their internal network is world spanning, and delegated off to other companies fiber infrastructure. Question is, does Google have a fastpath for gmail-to-gmail deliveries that does not use any encryption? According to the leaked slides, the NSA was busy deconstructing the Google and Yahoo internal protocols, so they must have thought it would be profitable. (And Google engineers say that the slides indeed reveal proprietary information.)

Marcus

============================================================
FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com

Joshua Thorp

Re: now that's the spirit!

Yes in case someone missed this, a very interesting little post from washington post titled:

How we know the NSA had access to internal Google and Yahoo cloud data

http://www.washingtonpost.com/blogs/the-switch/wp/2013/11/04/how-we-know-the-nsa-had-access-to-internal-google-and-yahoo-cloud-data/

--joshua

On Nov 6, 2013, at 5:52 PM, "Marcus G. Daniels" <[hidden email]> wrote:

On 11/6/13, 5:30 PM, Owen Densmore wrote:

I think the inter-mail-server hops are encrypted, or I certainly hope so! And the clients all support encryption or alternatively use https web-apps.

Some providers use more lighter protocols like LMTPA (Local Mail Transfer Protocol) for internal transfers. The idea being that if the mail doesn't hit the internet then the physical security of the ISP is sufficient, even though the ISP switches over to TLS security for the delivery once the data is headed for the internet. And Google does the latter. But for Google their internal network is world spanning, and delegated off to other companies fiber infrastructure. Question is, does Google have a fastpath for gmail-to-gmail deliveries that does not use any encryption? According to the leaked slides, the NSA was busy deconstructing the Google and Yahoo internal protocols, so they must have thought it would be profitable. (And Google engineers say that the slides indeed reveal proprietary information.)

Marcus

============================================================
FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com

Roger Critchlow-2

Re: now that's the spirit!

In reply to this post by Marcus G. Daniels

No more Mister Nice Google, it's all going to be random noise from here on out.

-- rec --

On Wed, Nov 6, 2013 at 5:52 PM, Marcus G. Daniels <[hidden email]> wrote:

On 11/6/13, 5:30 PM, Owen Densmore wrote:

I think the inter-mail-server hops are encrypted, or I certainly hope so! And the clients all support encryption or alternatively use https web-apps.

Some providers use more lighter protocols like LMTPA (Local Mail Transfer Protocol) for internal transfers. The idea being that if the mail doesn't hit the internet then the physical security of the ISP is sufficient, even though the ISP switches over to TLS security for the delivery once the data is headed for the internet. And Google does the latter. But for Google their internal network is world spanning, and delegated off to other companies fiber infrastructure. Question is, does Google have a fastpath for gmail-to-gmail deliveries that does not use any encryption? According to the leaked slides, the NSA was busy deconstructing the Google and Yahoo internal protocols, so they must have thought it would be profitable. (And Google engineers say that the slides indeed reveal proprietary information.)

Marcus

============================================================
FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com

Barry MacKichan

Re: now that's the spirit!

In reply to this post by Owen Densmore

I think it has been confirmed that NSA can crack https. And my understanding was that the inter-data-center pipes were “owned” by Google, but that seems to be wrong. They were leased; and even if owned, it would be very hard to guard, I would think.

—Barry

On Nov 6, 2013, at 5:30 PM, Owen Densmore <[hidden email]> wrote:

I'm amazed the inter-data-center traffic *wasn't* encrypted.

I think the inter-mail-server hops are encrypted, or I certainly hope so! And the clients all support encryption or alternatively use https web-apps.

Wouldn't that make at least mail secure?

-- Owen

signature.asc (859 bytes) Download Attachment

Jochen Fromm-5

Re: now that's the spirit!

In reply to this post by Marcus G. Daniels

Yes, right on. Did you read the new book from Eric Schmidt et al. about the digital age? There is a chapter where he says that states in the future will long for the old days when there were only physical countries and diplomacy was easy. Is this the start of a fight of a new digital & virtual empire vs. an old world physical one? But one can not deny there is also a certain overlap between both worlds..

-J.

Sent from Android

-------- Original message --------
From: "Marcus G. Daniels" <[hidden email]>
Date: 06/11/2013 22:31 (GMT+01:00)
To: [hidden email]
Subject: [FRIAM] now that's the spirit!

http://arstechnica.com/information-technology/2013/11/googlers-say-f-you-to-nsa-company-encrypts-internal-network/

============================================================
FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com

============================================================
FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com