Is big brother watching?

by martin Posted on 23 May 2006

TheWaz recently posted an article giving the link to the Wired magazine leaking of the documents involved in the AT&T NSA wiretap case brought by EFF. It boils down to the idea that if your internet traffic goes through any of the big US backbones then it is being reconstructed and monitored by the NSA without your knowledge, and this has been going on since 2003.

Leaving aside how much of an invasion of privacy this is – some people seem to mind less than others that Big Brother is looking over their shoulder, and leaving out the fact that he’s not my Big Brother, since I’m not a US citizen – there’s this question:

“If you live in the US and are connecting to a site in the US your traffic, then is your traffic being monitored?”

The answer is to do some traceroutes.

The particular backbone providers mentioned in the documents are:

  • ConXion,
  • Verio,
  • XO,
  • Genuity,
  • Qwest,
  • PAIX,
  • Allegiance,
  • Abovenet,
  • Global Crossing,
  • C&W,
  • UUNET,
  • Level 3,
  • Sprint,
  • Telia,
  • PSINet

This is probably not an exhaustive list, as you’ll see from the documents.

But I’m in Australia so it’s quite obvious that all my traffic to the US would go through an East Coast backbone, monitored by AT&T, so I can’t see what you would see… Here’s the last few hops of my route to newsvine.com:

 8  gi0-0.bdr1.syd6.agile.on.net (150.101.199.232)
 9  pos1-1.bdr1.lax1.agile.on.net (203.16.213.153)
10  gigabitethernet3-2.gw1.lax15.alter.net (208.222.8.93)
[snip]
14  194.atm7-0.gw3.sea1.alter.net (152.63.105.205)
15  accretive-gw.customer.alter.net (208.214.100.6)
16  216.187.88.190 (216.187.88.190)
17  www.newsvine.com (64.34.33.179)  243.690 ms  233.952 ms  247.890 ms

By the way 216.187.88.190 are Peer 1, I presume the hosts for Newsvine. And who are alter.net? We can whois 208.214.100.6… let’s see:

whois 208.214.100.6

OrgName:    UUNET Technologies, Inc.
OrgID:      UU

And yes, UUNET are mentioned as being monitored in the documents. Try tracerouting your favourite sites and see which ones travel through one of the backbone providers being monitored, you might be surprised. In any case, if live in the US and you can see a pattern with traceroute, let me know how you get on, as I can’t test this myself from over here.

This entry was posted in law, net, observations. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>