On Tue, Dec 01, 2015 at 11:50:59AM -0800, Christian Huitema wrote:
I am also concerned with automated mass surveillance, including traffic
analysis. The basic traffic analysis produces "5-tupple" logs. Since a lot
of the Internet usage is now mobile, there is no direct mapping between IP
addresses and user identities. To move from traffic analysis to
surveillance, the analyzers need to restore that mapping.
I share this concern, but:
I think it's a very safe bet that all large email providers have
been quite thoroughly backdoored  by at least one intelligence agency,
with or without their knowledge, with or without their cooperation.
Consider that such an agency -- with access to all of the logs on MAGY
(to borrow an acronym seen elsewhere in this discussion) -- can do an
incredible amount of surveillance even before they grab the messages.
(Which they will also do, of course.)
What fraction of the world's email traffic (measured by message count)
traverses at least one of MAGY? What fraction does that become if we
add so-called "social networks" and a dozen other large email providers?
My point is that if the mass surveillance is coming from governments
with sufficient resources, they won't rely on header extraction from
messages for traffic analysis: they'll just tap the logs. Or request
it from their colleagues who already have (if there's a close working
relationship) or try to steal it from them (if there's not).
 I think this is a safe bet because we have an existence proof
demonstrating that they've already done it once. Surely nobody is naive
enough to think that they've only done it once or only done it one way:
this data is far too rich for its acquisition to depend on
a single point-of-failure.
ietf-smtp mailing list