Is It A Trend?

by Bryan

29 comments

1 ellroon { 02.02.08 at 2:24 am }

Ok… you’re freaking me out now. One cable I could understand… but THREE? Is something up?

2 Michael { 02.02.08 at 3:33 am }

Next, more PT boats off the coast of Iran?

3 Kryten42 { 02.02.08 at 5:05 am }

Hmmm… what was that rule I learned in spy school? Ummm… two may be a coincidence, but three is a conspiracy? Something like that. 😉

Or was that 3 Politicians together? My old brain forgets! Probably better that way. 😉

4 Terry { 02.02.08 at 8:13 am }

When you think about the corporate and governmental disasters that would result from a major internet stoppage, it’s not at all reasonable to assume it could be a terrorist target. As we spend billions of dollars protecting airports, do we think they are so unimaginative as to stick with the same 9/11 game plan?

They’re obviously smarter than that, and I hope we have someone out there who can match wits and anticipate rather than react to their next move. Al Queda behind the cable breakage wouldn’t surprise me at all.

5 Terry { 02.02.08 at 11:27 am }

Editted: When you think about the corporate and governmental disasters that would result from a major internet stoppage, it’s not at all unreasonable to assume it could be a terrorist target. As we spend billions of dollars protecting airports, do we think they are so unimaginative as to stick with the same 9/11 game plan?

They’re obviously smarter than that, and I hope we have someone out there who can match wits and anticipate rather than react to their next move. Al Queda behind the cable breakage wouldn’t surprise me at all.

6 Bryan { 02.02.08 at 4:08 pm }

Dragging anchors is a nice story… if you’ve never seen an underwater cable. The stranded steel supports in two layers around the fiber core would take a heck of force to break.

A couple of divers with hydraulic tools, or even a hacksaw would be quick, easy, and cheap. It could be an extortion scheme, there are rumors of criminals as well as terrorists in the Middle East.

7 Kryten42 { 02.02.08 at 6:23 pm }

A local IT online mag is saying this:

Undersea Telecommunications Cables Cut
By Greg McNevin

February 1, 2008: Two undersea telecommunications cables, the firs near Alexandria, Egypt, and the second off Marseille, France, were damaged on Tuesday, resulting in widespread disruption to internet services.

In India, where much of the world’s outsourcing is handled, bandwidth has been severely disrupted, with more than half of the country’s internet users currently affected. The situation is much the same in countries such as Saudi Arabia, while in Egypt bandwidth is currently running at 40 percent of capacity according to Reuters.

While the middle-east and India are experiencing the brunt of the issues, with so much internet traffic being re-routed via Europe and other cables as well as satellites many countries surrounding the problem areas are experiencing their own bandwidth hiccups.

The main problem, however, is still India and the outsourcing services it provides. Companies with large-scale outsourcing operations, such as IBM and Intel, are reportedly scrambling to assess the damages and any service problems stemming from the outage, with the president of the Internet Service Providers’ Association of India, Rajesh Chharia, telling The Associated Press that; “[t]he companies that serve the US east coast and the UK are worst affected. The delay is very bad in some cases.”

The cause of the damage is currently unknown, however, weather problems could be behind the damage to both cables as both links were cut within hours of each other and on Tuesday before the outage Egypt closed the north end of the Suez Canal due to storms. Repair efforts have also been hampered by bad weather so far.

While rare, undersea cables can also be damaged by geological shifts, such as the 2006 earthquake that damaged cables near Taiwan.

Undersea Telecommunications Cables Cut

Interesting. And Google shows a lot of discussions about this. 🙂

8 Kryten42 { 02.02.08 at 6:29 pm }

Interesting! I just had a thought, and checked the ‘Internet Traffic Report’ for Asia, and found that Iran now seems to be completely cut off from the Internet (except for any Sat traffic).

Details for router1.iust.ac.ir

The Internet Traffic Report – Asia

Hmmm.

9 Kryten42 { 02.02.08 at 6:53 pm }

On a further note, it seems India has been having a lot of problems with their fiber-optic cable link being sabotaged and even sections removed since 2006.

Submarine cable link ‘sabotaged’ again

10 Michael { 02.02.08 at 7:46 pm }

With Iran cut off, accidentally as it were, I wonder if any accidental invasion has started.

11 Michael { 02.02.08 at 7:47 pm }

Surely I think this is not possible, but then, I might as well throw it out there…

12 hipparchia { 02.02.08 at 8:41 pm }

that was my thought too, michael.

speaking of submarine cables…

13 Bryan { 02.02.08 at 9:00 pm }

The Iranian government has other routing, but this probably has shut down their ‘Net cafes and individual users, which might be seen as a feature and not a bug to some of the hardliners.

Given the recent performance of the US Navy in the Persian Gulf, it is possible that it was an accident. If you can backend a supertanker, pretty much anything is possible, but Dubai will not be happy campers if the US is involved. Halliburton is now located in Dubai and they are cut off, so I doubt this was anything we planned. I doubt Dick “dick” Cheney would do anything to inconvenience his old company.

14 Kryten42 { 02.02.08 at 9:11 pm }

Oops! Correction! When I said ‘India’ above, I should have said Bangladesh, who are trying to compete in the IT world with India, and are saying India is possibly to blame for their sabotage. Sorry about that. *sigh*

@Michael: For now, the possible reasons are countless. And I have been able to visit a few Iranian blogs and sites I have because their Sat links (mostly via Russia) are still working, and some old land links are now being routed via the UK and USA (and for some very strange reason, I have a feeling of Deja Vu, seriously). Though the sites are a LOT slower, and like Why Now? take several reties. 🙂

Hmmm. I just tried a couple of them now as I was typing this to make sure, and I can’t connect after several tries. Anyone else want to try? (Though, if you are in the USA, you may not have access to these (or want to!) in any case! 😉

Islamic Republic News Agency (IRNA)
Ahmadinejad’s blog

It seams that the FLAG (Fiber-Optic Link Around the Globe) cable links Australia and Japan with Europe via India and the Middle East, which would explain why Internet access from here has slowed somewhat. The 2nd cable, SEA-ME-WE 4 links South East Asia to Europe via the Indian subcontinent and the Middle East. It seems these two cables were laid next to each other (rather stupid and typical).

The two cable cuts meant that the only cable in service connecting Europe to the Middle East via Egypt was the older SEA-M-WE 3.

The problem I have with the scenario of the first two cables being cut by one ship’s anchor is that whilst the two cables do run parallel in some places, they were actually cut in different places. FLAG was cut at 0800 Jan 30th, 8.3km from Alexandria (between Alexandria, Egypt, and Palermo, Italy); whilst the 2nd was cut some hours later 56km from Dubai (between the UAE and Oman). If it was a single ship responsible for both, it’s an astronomical coincidence, and in any case, a single ship could not have caused both breaks simultaneously as originally reported (unless the reported damage sites and times are incorrect).

Details of the 3rd cable, FALCON, (Owned by the same group that owns FLAG), are being kept secret.

Info (with a good diagram of a cable) at BBC NEWS: New cable cut compounds net woes

It does appear that the 1st cut was accidental (maybe), but the problem is that it appears it was caused by ships being told to anchor where the cables were which is highly unusual.

The Register: Submarine cable cut torpedoes Middle East access

Now… where the hell did I put my old tinfoil hat? LOL

Hey Bryan… any idea where the USS Halibut is these days? LOL

Watch this space. 😉

15 Bryan { 02.02.08 at 10:13 pm }

Placing an inductive recorder on undersea cable doesn’t work with these fiber optic runs, a big reason for using them.

The areas where these cables are laid are marked on coastal charts specifically to prevent this sort of problem, so unless the cable was adrift, the story doesn’t wash.

16 Kryten42 { 02.03.08 at 12:23 am }

LOL True Bryan. But I happen to know that Halibut was refitted with a much more extensive suite. 🙂 And I also know it is possible to tap a fiber with the right equipment. I consulted with a comm’s company on this very issue who wanted to design non-invasive or minimally-invasive cable test systems, they said. But I know who was funding that little project. 😉

Light likes to travel in a straight line. If you bend the cable slightly and make a tiny cut in the sheath at the bend, you can copy the data stream. Of course, that data is usually encrypted… but depending on the encryption used, most SigInt agencies have a back door, or keys. Curios that Russia uses a minimum of 1kbit for encryption protocols, and the USA uses a minimum of 64bit up to 256bit (I’m talking for commercial data of course).

17 Bryan { 02.03.08 at 1:11 am }

If you are a paranoid you are watching certain parameters on the fiber and can detect almost any change, but the equipment is expensive and gives a lot of false positives. I would work on the in-line amplifiers.

I’ve never used anything less that 1K for my personal stuff and 4K for a couple of clients who have fits over “proprietary information” that certainly isn’t unique, nor original, but they pay their bills on time, so I humor them.

I don’t send anything that’s valid for more than 60 days over a comm link of any kind. Old habits are hard to break.

The Soviets has some good habits, and some unbelievably bad habits, like talking in the clear on “unused channels”. If their bosses weren’t listening, neither was anyone else, right? They also didn’t discuss with the technical people what was and wasn’t classified, as if the classification was secret, so the techs didn’t know that they weren’t supposed to be talking about the equipment. It was surreal – they wouldn’t tell you the time but they’d give you a schematic of their clock.

18 Kryten42 { 02.03.08 at 8:35 am }

Bingo! Yup! The amplifiers are the weak point. It’s where the light data are converted to electronic data and back again. They are usually heavily shielded (not just mechanically, they also have noise generators). for this reason… but TEMPEST does exist. 😉 We used to have a lot of fun on the dissemination of disinformation on TEMPEST, like making up words to make it an acronym, which it isn’t. We used to love driving the tinfoil hatters nuts trying to figure out what ‘TEMPEST’ meant! (and what it really was). 🙂

Yeah, I use 2kbit keys usually. After seeing a demonstration of how vulnerable the standard RSA PKI was some years ago, and other US encryption products, I recommended to clients here to only use non-US products if they wanted reasonable encryption security (or a hacked version of RSA’s PGP with up to 4kbit blowfish (and other) encryption with backdoors removed). 1k was more than enough, until US mathematician Stephan Wolfram designed an ultra fast PrimeQ testing algorithm, and developed Mathematica. I saw a demo here in the early 90’s of Mathematica on a Mac II with a special accelerator card (developed by Tektronix for the NSA). It was used to show a flaw in the RNG for PGP that made it easy to crack any encrypted data, except that it wasn’t a flaw. 🙂 I met with Peter Guttman a few times, and use his algorithms. If you want decent encryption, he’s the best. 🙂

If you check my IP & WHOIS etc, you’ll see you see my ISP is ‘The Planet!’ which is an encrypted onion router network (not TOR! That’s compromised. Was partly funded by NSA and Navy). (that’s not my actual ISP BTW). 😉

I just like to keep my hand in also. 😉 and yes… Old habits do die hard. Especially when one knows why they are very good habits to have! As I always say… Ignorance is NOT bliss! 🙂

Yeah, the Russians were (and probably still are) a strange dichotomy! LOL But… I couldn’t help liking them (generally). 🙂

19 Bryan { 02.03.08 at 4:36 pm }

The US rules on encryption are totally absurd and out-dated. I have used encryption from an Aussie outfit for years because it doesn’t have all of the crippling that is done to the American versions. I could do my own, as I have the books, but it’s more convenient to use the pre-packaged stuff.

If I was really going to go sneaky, I would drop back to the tried and true “page, line, word” from a specific edition of a common book. The old chestnuts are still useful and damn hard to break.

I noticed you were coming from The Planet when a post ended up in moderation [probably for link count] and I was wondering if someone was spoofing your handle. There are way of “sniffing” the real path, but they’re a pain in the neck and can break things which annoys bystanders. They also leave a path unless you are really careful, so you have to be really mad at someone to make the effort and not end up with public officials knocking on your door.

I liked Russians, it was the Soviets who were really annoying – 70 years and they never got the joke.

20 Kryten42 { 02.03.08 at 5:14 pm }

The old ‘one time pad’ 😉 Yes, it’s still the hardest to break, so long as nobody knows the rules you and whoever else you are swapping encrypted data with are using. Once you have more than 2 people using it, it gets weaker fast.

Yeah, The Planet! is just the endpoint network I use in the USA to decrypt all my web data. Everything is encrypted and made anonymous (certain header data modified for example, and cookies also), but it’s not perfect of course. 🙂 But with the new rules Howard put in place here, it stops my ISP keeping tabs on what I do and where I go. I actually don’t need it, I’m not doing anything online that requires it, but it’s just for experience etc so I can talk knowledgeably about it to paying customers (if I ever have any!) LOL It’s interesting to look at the stats though. For example, in the past Month, I’ve had 24,215 cookies modified. At this point, I am only changing various REFERRER fields and any fields with personally identifying data requests. That’s a lot of cookies! I notice that some annoying sites want a dozen cookies before you even see the page! LOL It also block a lot of useless ad’s and popups! A bonus. LOL Though, I do use a modded Firefox with NoScript, and AdBlock Plus with several filter lists, and other extensions (like CookieSafe and JS view). 🙂

Not that I’m paranoid or anything! 😉 LOL

You are right about the Soviets too! I met a few at functions mainly, and when they were around, my Russian friends were like wooden soldiers. I did ask my liaison friend about that, and he said simply “I like my job, and my life.” You could tell the Soviets… very, very HARD. Scary people. And now, many are running the mafia and other crime groups. Many do it because they truly believe it’s the way to bring the West down. It’s a means to an end, which is why they are so dangerous. And they may just be right.

I hope I get to the US again one day and we can catch up over a coffee (I can’t do alcohol any more). Or maybe you’d visit here one day. 🙂 Either way, would be a blast. 😀

Cheers!

21 Michael { 02.03.08 at 8:40 pm }

I presume all networks are interfiltrated at some level at all times. This presumption may be wrong, it may be correct, but it keeps me from trusting conspiracies.

22 Michael { 02.03.08 at 8:41 pm }

I have found the best policy is to put your really valuable information right out in the open where everyone can see it and share it.

23 Michael { 02.03.08 at 8:44 pm }

Mainly, the use of encryption and other privacy conserving devices are temporary measures for emergency circumstances, and ought not to be relied upon for long term security. Moreover, it increases the chance of really valuable information becoming lost altogether.

24 Michael { 02.03.08 at 8:48 pm }

Quantum computation is a near-term or immediate reality. Take my word for this, your 8192-bit encryption won’t stand up for long.

25 Michael { 02.03.08 at 8:54 pm }

Time-sensitive information and authentication are what it’s best for.

26 Kryten42 { 02.03.08 at 9:49 pm }

Hi Michael, 😀

I hear you m8! 😉 but disagree about the quantum computing stuff (for now). 🙂 It’s going to be some time (in spite of all the hype) before that becomes a reality. However,as you say, it does look to be useful in certain applications. I have friends in the UK (worked for Gould and others) that say they have had some very annoying issues getting quantum computing to work as they want.

And you are correct about only using encryption when absolutely necessary. I did security audits and created security plans, policies, procedures and manuals for clients. Some actually used them properly. 🙂 I used a 4 level model (I don’t believe in unnecessary complexity!) from public to top secret. Anything top secret, don’t use the public internet. 🙂

We spent much time at JIO finding ways to break various security systems. People might be horrified at how easy some were. 🙂

If you REALLY want something secret… tell no one! (and hope you don’t talk in your sleep). LOL

Cheers! 🙂

27 Bryan { 02.03.08 at 10:48 pm }

The people with access to quantum computing for the next decade aren’t interested in what I’m sending, or they’re wasting a lot of money.

As for encryption, if you synch two computers and change the code based on an agreed rota at agreed intervals, and decryption is of minimal value.

No code is considered unbreakable, it is given a rating based upon how long it will take for the other side to break it. The selection of the level of encryption used is based on the “shelf life” of what is being encrypted.

A lot of what is classified is not inherently secret, it is classified to prevent other people from knowing what you are interested in and what you are looking at. An amazing amount of intelligence is gathered from “open sources” that anyone could read, but you didn’t want the “other side” to know you were reading them and reporting based on what you were reading.

Kryten, I dump cookies every time I shut down the browser, and limit the sites I accept them from to an absolute minimum.

28 Kryten42 { 02.04.08 at 12:06 am }

Exactly Bryan. 🙂 It’s all about patterns. If you have enough of a pattern, one can guess a lot of the rest. So we tried to avoid any patterns. Not easy. I know some of what we classified wasn’t even remotely secret. Some we just didn’t want others to know we were interested in, and some was just red herrings. 🙂 If one adds a lot of *noise* to the data, the patterns become harder to see. 🙂

We have some data here that we wanted kept secure for at least 30 years. Was a tough ask. One of my jobs was working as junior member of a team designing as good a pseudo-RNG as possible! We had 2 physicists and a mathematician (and other stranger scientists) from DSTO for over a year. I heard that as a favor to the Bush Admin, Howard ordered our intel people to stop using it. Guess why? I sure as hell hope that SOB didn’t give the data on the RNG to the USA (or anyone else!) I’d shoot the bastard myself as a traitor, with pleasure! Now I just upset myself! *sigh*

Ehhhh…

Yeah, I only accept cookies (modified) from very few sites, and others are session-only. everyone else is denied. I like looking at the logs now and then. 😉 I need a life! LOL

29 Michael { 02.06.08 at 1:04 pm }

another one down