Wednesday, August 21, 2013

How to use the 25% of the internet that the NSA doesn’t monitor

The Planet data center

This morning you probably read the report that the NSA, despite its emphatic claims to the contrary, has the ability to scoop up 75% of all US internet traffic. Through various programs known as Fairview, Oakstar, Lithium, Blarney, Stormbrew, and old favorites such as XKeyscore and Prism, the US government gathers data from almost every US telecommunications company. Blarney, for example, according to former AT&T officials, sends a copy of anything interesting that crosses the AT&T network (which is huge) to the NSA.
Rather than worry about whether your internet activity is being snooped on by the US government, though (spoiler: it is), I thought I would instead take a different tack and surprise you with a glass-half-full approach. If the NSA can listen in on 75% of all traffic traveling through the US, then that must surely mean that a full 25% goes unmonitored. When you’re talking about a significant chunk of the internet’s infrastructure, representing exabytes (billions of gigabytes) of traffic every month, 25% is a significantly sizable swath that’s unchecked by the US government. 25% is easily enough room for you to surf the web without the omnipresent gaze of an overreaching government. But how do you stop being part of the quietly oppressed 75% and enjoy the freedom of the other 25%?

Are you being monitored?

Unfortunately, because we’re dealing with classified information and journalistic reports that redact a lot of the more juicy information, it’s quite hard to work out which 75% of the US internet is being monitored, and which 25% is fast and loose. Let’s start by running through what we do know.
NSA leaked slide showing PRISM Collection Details
At the very least, it seems that AT&T, Verizon, and Sprint have hardware in their data centers and transit hubs that mirror data, filter the data according to the NSA’s requirements, and then ferry that data to the NSA. Judging by the names mentioned in the leaked Prism slides, major US companies such as Microsoft, Google, Yahoo, and Facebook are all under the thumb of the secret Foreign Intelligence Surveillance (FISA) court, too.
Between AT&T, Verizon, and Sprint, the US government has a tap on most of North America’s US internet traffic. Not only do these companies act as ISPs (connecting consumers to the internet), but by virtue of being tier 1 operators they also run some of the largest backbone and backhaul links (connecting enterprises and whole data centers to the internet). AT&T and Verizon (via WorldCom and UUNET) also have extensive overseas networks, which the US government probably has access to as well.
Sprint's US backbone map
Sprint’s US backbone map (date unknown, but probably quite recent)
Level 3's North America internet backbone
Level 3′s North America internet backbone (2013)
The most notable omission from the leaks appears to be Level 3 — a US company that just so happens to be one of the biggest players in the global internet backbone business. If Level 3 hasn’t signed onto the NSA data collection programs, then that might explain the missing 25%. In reality, Level 3 is probably beholden to the same laws and FISA rulings that have forced other US companies to install the NSA’s special packet-mirroring routers. (See:The secret world of submarine cables.)