I am not a fan of absolutes... They can make me a little nuts... some of you may think I'm always nuts. ;) [NSA Captures Every Phone Call]
I was watching a video on Youtube today where Ex-CIA Robert David Steele was a guest. In the interview he stated that the NSA captures "Every Phone Call and Every Email". My pet peeve kicked in. That word EVERY makes that an absolute. There is something about absolutes. They are ALMOST always false. Why? It only takes a single exception for the statement to be false.
I responded that this was a myth and I explained why. This was youtube.
His only response was "You don't know as much as you think you do."
Well in this particular case I know a bit more than he apparently does. You see, I build and deploy SIP based phone systems, trunks, etc. I have also setup and maintained the email servers, the DNS servers, and the MX Records for my company and many others. So I actually know this technology quite well.
Before I go into the details on why BOTH of these are a myth I want to say that it is likely that had he said the NSA captures "MOST Phone calls, and MOST email" that very well may be true. I can guarantee you they do not capture ALL of either of those things.
So if that is the case I need to be able to show you are least one exception. I can do that.
If I make a phone call in my office it goes out to my PBX system. The PBX sees I was calling NXX-XXX-XXXX where you can replace those with a phone number. It looks at that number. If it is outside of the office it sends that out over our phone trunk to whomever our provider is. However, if I am calling another office that is also connected to that PBX it never leaves the premise. In fact those calls will WORK even without a trunk to the outside world. The NSA does not capture these calls. Therefore it is an exception and disproves the absolute.
This same exact scenario also applies to how email works. You send your email and it first goes to whatever email server you are connected to. If that server is local it looks and makes a determination of whether it needs to reach out over the internet.
These could be done inside a house, or with a cable run between houses in a neighborhood and those would not be captured. So that disproves the absolute.
However, most calls that are not ON NET (Local to the PBX or Carrier Network) will actually go out on the internet and very possibly go through some pretty big centralized locations. These would be the places the NSA taps into. It is very likely that they do capture every cell phone call, and that would qualify as MOST calls these days.
When I referred to the carrier for PBX trunks. In my case I am a Senior Network Engineer for such a carrier. We then reach out to other carriers if the calls are not on our network. Otherwise some calls if they are between different clients of ours could in theory never actually leave our network.
To further back this up. We recently had to work on getting our company CALEA certified. This is the certification that puts a device onsite that can be used to TAP a call. We have not completed this process and are only now working on it. This means at this time we have no mechanism in place for them to TAP within our network.
Furthermore, that does not cover ALL calls even when we do it. A SIP call in the protocol we use takes 88Kbps in bandwidth per call though we typically round up to 100Kbps when we are doing math. So we'll say with a 1Mbps internet connection we can do 10 calls simultaneously.
If we have a call center client (many of our clients are such) with a T1 or PRI then that is a 1.544Mbps circuit. So it can be safely said to carry 15 calls at a time.
Why does this matter?
When CALEA is tapping a call it needs to send a duplicate of the call to a remote location. This means it will take 100Kbps to go to its intended destination AND it takes 100Kbps to send the call to the remote tap.
This is not a big deal when they do a couple calls in our data center at a time.
Yet let's say we had 1000 calls going on with clients. That would amount to a 100Mbps circuit being required.
So if our internet was 100Mbps we could handle those 1000 calls. IF the NSA was tapping all of our calls we would need to double that bandwidth and it would take 200Mbps which is not supported by the physical infrastructure of the circuit. Thus, it is impossible.
This scenario would be required IF they were also recording all ON NET calls.
Once they leave our network and are out there somewhere on the world passing through big internet back bone hubs those locations could easily have a device or large circuit on them that duplicates data. So this is likely where the majority of calls are recorded.
Is there a way they could record our ON NET calls? Sure if they contact me or someone and we work with them to hook some more circuits into our network to carry duplicates of the calls they could do it. In our network no such circuits exist. I know because I configured them, I ran the cables, and I frequently physically look at these cables.
So it is a MYTH that they record all calls.
All of this also applies to EMAIL. However, once it transits the public internet in some way then it is very possible they are captured and recorded.
A thing about voice protocols. They are created by groups such as IEEE that creates the standards. That doesn't mean people cannot make non-standard versions of calls either, or even on ramps. It also doesn't stop people from making calls over a VPN. In fact sometimes they do. VPN calls they wouldn't capture either.
So while yes, I agree with Robert David Steele that I very likely don't know as much as I think I do. In this particular case I suspect I know a bit more than he does.
People really need to stop trying to use Appeals To Authority to make people blindly agree with what they say.
I didn't disagree with the other things he was talking about for the most part, but this MYTH. I disagree with this MYTH.
If he wants to not use an absolute and say MOST instead of EVERY then I'd say he could be right in that case.
Agreed. Black and white thinking is mostly unhelpful when trying to find the facts of a matter.
Great post!
Most people have no idea of the intracacies of telephony or network computing.
That being said, I don't believe that having a healthy level of paranoia is a bad thing! :)
The only sure thing is that absolutes will absolutely fail to exist eventually.
Yeah. I think ASSUMING your call or email is recorded is NOT a bad idea to have.
I just have a problem with people stating absolutes as FACT. Especially if it is something I know well enough to call them out on it. :) Like I said. I have a pet peeve with absolutes. They can make me nuttier than I normally am. I get like a dog with a bone when I encounter absolutes.
It gets really tedious when you have to change the sentences you would normally use because someone wants "every" to mean 100% and not 97%.
And, your disproofs are flawed. Outlook server, used in most corporate offices has back doors built into it. Thus, even if it is an internal email, it still may be sucked up. Same with the phone PBX.
Now, I know of people who send email not using a standard carrier or standard encryption and these may not be recorded. Its hard to record something that you don't know is there.
I can verify that there are black boxes sitting on the nodes of the internet. And yes, they are black.
So, to get down to changing this into useful information, we can just assume that our phone calls are being recorded, and that at any time, we may have eyes looking into what we are talking about. But, there is 300 million of us, and so, any particular person is not being watched. But, there are some people who are being watched.
We are not innocent with nothing to hide. We are all guilty just waiting for the po-po to turn their flash lights upon us.
I don't put any weight in the difference between most phone calls being recorded and all phone calls being recorded.
It is tedious to break any habit. That doesn't mean sometimes it isn't worth doing.
You mean when people want you to mean what you said, as opposed to reading your mind to see what you really meant?
We don't use Outlook. And as to the phone PBXes bullshit. We built them. ;) We didn't buy them from a manufacturer. Furthermore I gave you an example where people could make intraoffice phone calls without it even being connected to the rest of the world. Even if there was a back door it wouldn't do anything for you if the system isn't connected to the rest of the world for the back door to be accessed.
So my examples stand. There are a lot more email servers than outlook. In fact the SMTP protocol is pretty simple. I've written some of them before from scratch. No NSA code there.
My entire argument was based around the absolutes. It only takes one case for an absolute to be false. Thus what I said stands.
Email does not have to go onto the internet. LEt's say I am sending from the IT Department to the Accounting Department in the same company. That email will never even touch the internet.
There is no sucking thing that is constantly dragging all packets off of everyone's internet circuits. It doesn't happen. You can use wireshark (tshark) or anything like that an monitor the traffic.
One is possible. The other is not.
Also, I appreciate your response. You should know me by now though. If I disagree I'll respond, but at least I'll try to explain why. I may also phrase things to illicit other thoughts. That doesn't always work out well, but it's something I do.
On the backdoors. Those typically exist so if the NSA or someone wants access to your server they can get in. They typically do that if they are looking for something. The statement was they capture all emails. They don't. It isn't possible.
If the backdoor were that type then every time you sent an email internally (assuming your email server is onsite) then it would also need to use the internet connection to go out to the NSA. That would register as using some of your bandwidth for the internet. If you have a packet sniffer in place you can actually monitor this traffic .
It doesn't happen.
However, there are things that do cause odd traffic lately. Windows 10 reaches out to the internet with its default settings a lot more than it probably should. Malware (whether from the NSA or other) can and does tend to use the internet some. It typically won't result in all calls or email being tracked, but it can compromise the machine in question and offer a backdoor into that network. It isn't always recording everything though that'd give it away in an unusual spike in internet activity. That is actually something that can give away both hackers and malware... unusual traffic spikes.
Yes, unusual traffic spikes and things being accessed that are rarely accessed.
That we don't have smart packet sniffers is beyond me. It should be fairly easy to learn the normal traffic. (You know, Sue is at her desk accessing the db from 9-5. Anything else should be less than one record from a known cell phone/laptop.) But, we are really lacking in this area. (but, but, it may have all changed.)
The thing that really urks me is things like "Men are stronger than women". And the typical feminist response is "Not all men" or "Not all women". You get into a conversation that becomes tediously time consuming, without any actual conversation about the topic.
Further, english doesn't really have any words for 97%. Statistically speaking, that is considered all. We have words that mean 60-90%ish, but nothing that really says 97%. And really, there is never a case where it is all, except in identities.
Oh and for the record. I've used absolutes before too. People have called me out on it and I thank them. I didn't say it was easy to break the habit. I believe I likely used absolutes just like most people at some point. I don't remember how long ago that was or what it was like.
I still use them from time to time, but I am okay when people call me out on them.
I'll catch myself typing one from time to time and I correct it. I don't personally consider getting better at conveying more precisely what I mean as tedious. I do consider it challenging, but I usually am rewarded from trying challenging things.
It is now. That doesn't mean it is correct. There is a word for 97%. MOST, or even ALMOST ALL.
Yet there is something about ABSOLUTES. They do not have exceptions.
So I get people use ALL, EVERY, NEVER, NO ONE, etc... and really it is just a societal bad habit. It is an exaggeration.
MOST, FEW, etc work just as well but are more accurate.
There are absolutes, but they are pretty rare. They are things without exception.
So yeah, the fact most people do it doesn't mean it is right.
thanks for sharing this informative post @dwinblood i cannot agree more in your informative post...thanks for sharing
So do you feel like that limited and incomplete spying is a good thing to spend money and effort on on or a bad thing?
A bad thing. These types of things mostly catch the regular people. If you know such things exist and you want to circumvent them there are always ways. So a criminal could use some hefty encryption, VPN, etc. So the people most targeted by this type of process are ordinary people. I am not a fan.
I personally believe banning rarely fixes anything, it just makes a black market for criminals and the people that are going to commit a crime will ignore any such bans anyway. So the majority of people impacted by bans are non-criminals.
I believe the same type of results occur from this type of surveillance.
EDIT: To correct usage of absolutes.
I'm always surprised they never use this "data" for any crimes that occur. I would think they would be able to get any info they wanted, but they never seem to have it when needed.
Yeah things like this mostly seem to come up when they are coming after someone rather ordinary. The people it should impact it doesn't seem to touch. There is a definite double standard.
It's similar to the cameras everywhere that never have photos when needed. I think it's just another way to steal money.
If you ever needed a good example of that all you need to consider is the Las Vegas Shooting and how those Casinos suddenly became video black holes. Or you could go back to 9/11 and note how that heavily videoed building had trouble producing videos and how they took all the videos from cameras of businesses near there.
That speaks very loud. They can say "there is no conspiracy", but that one fact alone is a loud shout that there is.
I so agree. And we always get blurry cell phone clips from these fake events. Not even my fb friends fall for them now. It's like a big shrug.
LV was supposed to be "the biggest mass casualty event blah, blah, blah." There should have been weeks of funeral coverage, but no - nothing.
excellent post ..loving to your blog.thanks for sharing..
A nice idea, we can use your daily publications on this subject, to be certain to make the right decision.....
Oh I still very much advocate people think for themselves. I also don't think being paranoid about them listening in on email and phones is a bad idea. Better safe than sorry. I just wanted to address the MYTH that they are recording them all. It's not possible.
Curated for #informationwar (by @openparadigm)
Relevance:intelligence gathering capabilities
Great post
thanks for sharing this informative post @dwinblood,we can use your daily publications on this subject,,,,,,,,,,,
great idea........///////