Researchers at the universities of Amsterdam and Boston to warn of the possibility that American intelligence via manipulation of the bgp protocol and dns servers American traffic so redirect that they can legally wiretap.
According to the Us constitution allowed Us citizens not flocking to be bugged by the intelligence services. Former Us president Ronald Reagan signed, however, in december 1981 executive order 12333. According to this presidential decree the intelligence of Americans eavesdropping if two conditions are met: a afluisteroperatie may not focus specifically on American citizens and the taps must be performed abroad.
Researchers at the universities of Amsterdam and Boston to warn in a report on the dangers of executive order 12333 which the content is still relatively little has been released. Not only is there, according to the authors of the report, insufficient political control over the intelligence services, also, they highlight a possible detour with which intelligence services still through the sleepnetmethode large amounts of data from U.s. citizens will get their hands on. Executive order 12333 would have them to do so, the legal basis. In addition, the NSA has already indicated that a large part of their spionagewerk is based on 12333.
A possible detour, which the researchers describe for the collection of data of American citizens is the manipulation of the bgp-routing protocol. Through the border gateway protocol to communicate networks of internet service providers with each other so as routeringsafspraken. An intelligence service like the NSA, would be domestic traffic purposely through another country. By this redirected traffic in the foreign countries to drain can a secret service still the movement of Americans collect. Although the researchers are not yet hard evidence that the American intelligence services, this method actually bets, there are the last few years, however, deliberate bgp manipulations performed.
Another possibility that is potentially interesting for Us intelligence is the manipulation of dns servers. By internet users by means of a changed dns record to a server that is in the hands of the intelligence services, web and e – mail to be collected, while the user, for example, are ‘normal’ Facebook page will get to see.
According to the researchers, contain various NSA programs made by whistleblower Edward Snowden have been made public is strong evidence that the NSA has the potential to routers of third parties to take over, while the service also has physical access to internetapparatuur. Also speaks to the service in the Seconddate program on exploit techniques that are focused on internet protocols and man-in-the-middle-aanvalsmethodieken. The researchers are however not yet provided to the NSA and other intelligence agencies are actually accusing of the use of bgp and dns manipulation to American citizens to spy on. Promise it in a future report, possible solutions, such as the use of dnssec, rpki, and encryption to reduce the chances of successful eavesdropping to reduce. Also politics are encouraged in order to outdated legislation and the loopholes therein to address.
Comments
(46)