6 June 2003

See Dave Emery's message on Russian SIGINT: http://jya.com/rusigint.htm


Date: Fri, 6 Jun 2003 01:41:29 -0400
From: Dave Emery <die@die.com>
To: Randy <randy@gte.net>
Cc: cypherpunks@minder.net
Subject: Re: SIGINT planes vs. radioisotope mapping

On Thu, Jun 05, 2003 at 11:52:14PM -0400, Randy wrote:

> I recall a few years back, a single satellite lost stability, and
> it pretty much wiped out everyone's pagers, for a few days. Just
> my way of saying that I don't have any clue as to how much
> point-to-point traffic may get relayed by a bird at some point.

Within the continental US, very very little point to point telephone traffic flows via satellite (hardly any in fact except a few remaining private systems for companies and government - carriers completely gave up satcom links about 15-20 years ago in the PSTN). The economics don't work and people hated the delay in calls due to the distance to the satellite.  The only real exception is parts of back country Alaska... which is still served by satellite.

There is still some international traffic on satellites, though mostly to remote and underdeveloped places.   The great bulk of traffic between the US and Europe and Asia is on fiber now.  Satellite does provide backup to cables if they are cut, but more and more places have enough redundant fiber to never need to use this capability.

Until recently, most domestic PAGER traffic did flow via satellites because it was cheaper to get it to the towers on remote hilltops that way than by leasing fiber or copper circuits.  And indeed when G4 died, a lot of pager transmitters had no input from the central computers and went off the air.   Nobody had really thought about what might happen if the bird died - they had been focusing on up link and downlink reliability instead.   And in a very typical communication screwup, some of the backups were on the same satellite.

There has been some use of satellites for Internet IP traffic, but again only a tiny bit compared to the flood that travels over fiber. This is much more used for international Internet links, some of which are on satellites.

The major use of satellite capacity over the US is for video, both broadcast and cable and direct to home, and for some innately broadcast services like distributing weather data to airports and weather forecast offices and the like.  There are also some remaining point of sale credit card verification networks on satellite because of the reduced cost of a satellite link compared to thousands of circuits to local gas stations or convenience stores.

And a lot of satellite capacity gets used for mobile terminals for video uplinks for satellite news gathering and sports back hauls and the like.   It is obviously not usually possible to provide fiber to the scene of a major news event and only sometimes to the venues of sports events.  And the military and government uses satellite capacity to talk to things like Navy ships and mobile command posts which aren't in one place very long.

Very little travels by microwave anymore in the CONUS either (maybe a couple of percent or less of wireline telephone calls do at any point, perhaps even less by now - mostly to backward places where stringing fiber is hard or uneconomical).   Most of the old AT&T microwave towers that once dotted hilltops across the country have been shut down and sold to cell operators or even private citizens seeking a remote location for a cabin - and most of this shutdown happened by the late 80s in fact.  Very very few of the towers still in existence transmit any traffic any more or ever could again.

> I seem to recall that, years ago, the Transatlantic copper traffic
> entering and leaving the US was shot via microwave link to/from the
> US terminus, over a > bay, and allegedly there was a NSA farmhouse
> on the line-of-site path of the link. The implication being that,
> yes, they "could" have just wired around the bay, but instead there
> was an intentional opportunity for interception.

There is an interesting microwave shot from Greenhill, Rhode Island (the landing site for around a third of the transatlantic cables) and a point in Connecticut.   One may draw whatever conclusions one likes about why this was done this way in the early 70s or so.

I have seen an unnamed Telco insider comment on a public mailing list that certain fiber Sonet rings linking a NJ cable landing site (with another third or so of the cables) to a switching facility that actually handles most of the traffic further inland have three nodes on them instead of two.  No idea why... just one of those weird things that got built that way in construction I guess.

> And I'll point out that long-haul comms to submarines are done with
> RF > basically at audio frequencies, via buried antennas....yeah,
> they DO use very high power, but aircraft are close and don't have
> salt-water and thick earth to penetrate.

Submarine communications use very very low (80 hz) frequencies from buried wires for a kind of paging function that says come up and get the nuclear war order.   Actual messages are sent on VLF frequencies (16-90 khz) which penetrate seawater better than other frequency ranges and can be received while submerged to up to a couple hundred feet. Antennas for this function are not buried, but gigantic towers or mile long wires trailed from command and relay aircraft.

Aircraft (notably the Guardrail and Rivet Joint aircraft)  can and do collect most any available radio signals they can see from flight altitude.   This allows cellphones, cordless phones, pagers, pdas, wireless email devices, and miscellaneous two way radio signals to be vacuumed up and some microwave links to be intercepted as well, but none of these aircraft has ever been reported to routinely do TEMPEST type interception of wireline traffic from incidental radiation.

> And if any of the copper is carrying digital data, square waves are
> hugely rich in harmonics well up into the MHz bands, and would
> therefore tend to radiate better from any above-ground wires between
> poles, possibly even roadside pedestals.

Actually FCC rules require things be built NOT to radiate all that much because of interference to licensed services using precious spectrum, so most wire communications devices fiber and copper radiate very very little energy.  Part of this is due to the cancellation effect of energy flowing in balanced transmission lines, and part due to filtering and shielding.

And there are myriads and myriads of information streams flowing in typical aerial cables - even if the energy could be detected at a distance (which it can't due to the impact of the inverse square law) it would be nearly impossible to sort out the impulses from one circuit from those of all the others in the same cable.

> And I've seen alot of RF off of traditional CATV coax; don't know if
> fiber-optic cable systems might ultimately have any tie-in to the
> coaxial feed to/from the headend.

Cable TV systems have rather high level VHF and UHF rf flowing in them.  There is constant problem for cable companies with corrosion and damage to the wires causing some of this energy to leak out and be radiated and cause interference to licensed services on the same frequencies.  Cable companies spend lots of dollars going around looking for and fixing these problems in order to avoid fines and other legal action by the FCC and FAA.

Modern cable companies use fiber optics to transmit the signals from the headend where the satellite dishes and antennas are to a neighborhood where they are converted from optical to rf on copper and distributed locally.

And optical fiber does not radiate at all at radio frequencies. The only source of rf radiation in fiber optic systems is the electronics at either end which convert the light into electrical signals for local use.

One problem that most naive paranoid types completely fail to grasp is the titanic volume of modern communications.  The flow is so overwhelming that only a powerful God could possibly process it all to find interesting material.   The entire federal budget could not pay  enough humans to screen and analyze ALL the electonic communications of even a medium size city in 2003.    So communications intercepts are necessarily targeted very narrowly, even drag net fishing is likely done only in places where there is a real likelihood that something important will turn up with finite effort.

The notion that an all powerful big brother is listening to everything and capturing everything just is not realistic, and a very very high percentage of what does get captured is never looked at or listened to or even stored for very long.

Which of course is why traffic analysis and transaction analysis and social network discovery is far more important than flying airplanes around trying to collect incidental radiation from local copper T1 lines. Knowing who calls or emails who makes it possible to find the needles which you want to monitor in the vast haystacks.   Thus there is a much greater probability that records of your calls and IP traffic addresses are looked at for patterns and association with known bad guys than that someone is actually listening to or reading your traffic looking for the word bomb.

--

Dave Emery N1PRE,  die@die.com  DIE Consulting, Weston, Mass 02493

PGP fingerprint 1024D/8074C7AB 094B E58B 4F74 00C2 D8A6 B987 FB7D F8BA 8074 C7AB