How does NSA 'intercept' emails, etc.

meanoldman · January 15, 2014, 5:06pm

Not looking for a debate. And not sure if my search skills can adequately filter for this question. Just want my ignorance fought. So, here goes.
It is claimed that the NSA is ‘intercepting’ (for whatever definition of intercept you want to use) email and other electronic communications.

Given how the internet is laid out, with multiple paths, alternate paths, communication traffic bouncing around via authoritative domain servers and such…are they set up such that they are intercepting traffic at darned near every hop one can see on a tracert? If you get what I’m asking here. There are so many carriers, so many ISP’s, so much data going through gmail.com, yahoo.com, outlook.com and the cable ISP’s, and the Telco isp’s and all the .edu’s and such. How much traffic is realistically being captured? How would they read a private message between users here?

Duckster · January 15, 2014, 5:43pm

Wired article: Revealed: The Internet’s Biggest Security Hole (From 2008)
Sniffing Tutorial part 1 - Intercepting Network Traffic (From 2011)

meanoldman · January 15, 2014, 7:11pm

So, as per the “Wired” article, the NSA would need to BGP hijack/update fairly much all traffic?

That’s a lot of data.

Duckster · January 15, 2014, 7:51pm

Hence, the need for the NSA data center being built in Utah.
But that is the one we know about.

CurtC · January 15, 2014, 7:59pm

The speculation that I’ve seen is that the NSA intercepts all traffic going into and out of Google’s servers - not with the permission of Google, but by the authority of a National Security Letter to the company that provides the data pipes to Google. They may also have data intercept points at the other major Internet mail sites.

They can’t intercept your communication to Google that’s happening over an https connection, but once you send an email, it travels from one mail service to another in plain text.

buddha_david · January 15, 2014, 8:03pm

Carnivore, which has apparently been replaced by something far more sinister.

Nanoda · January 17, 2014, 2:42am

There have been occasional BGP hijacking issues - normally accidents, but sometimes (like the recent one with Iceland, apparently nefarious).

This is obvious when it happens though, and the NSA isn’t doing it that way. They intercept it with feeds directly from Google and Yahoo, or from the really big inet mains run by companies you haven’t heard of. There’s a lot of providers from you to your ISP to Chicago-Reader’s ISP to other people’s ISP again.

You ask about messages - they apparently have interesting ways of man-in-the-middle-ing your own router to redirect traffic via some secret exploits they’ve developed, either 'cause they’re interested in you, or just automatically 'cause you visited a website they think is suspicious…

Personally I think they should all be given raises and pizza parties.