BL4CKM1LK teleph0nics [ http://hybrid.dtmf.org ] Covert Government/Military Interception of International Telcommunications. (Pure Paranoia) Written for f41th magazine, October 1999 by hybrid Part I 1. Introduction 2. Communications Intelligence (COMINT) and the NSA a) UKUSA Alliance 3. The Covert Interception of International Telecommunications a) International Leased Carrier (ILC) Interception b) High Frequency Radio Interception c) Interception of Microwave Radio Relays d) Interception of Submerged Telecommunications Cables e) Covert Communications Satellites f) Communications Techniques o Operation SHAMROCK o More High Frequency Radio Interception o The Space interception of InterCity Networks o SIGNIT Satellites Part II 5. Introduction to part II a) Submarine Cable Interception b) Covert Interception of the Internet Protocol 6. Covert Collection of High Capacity Signals a) New Satellite Networks/Systems b) ILC Processing Techniques 7. Hardcore Telecommunications Covert Interception a) Broadband (High Capacity Multi-Channel) Communications b) Covert Telecommunications Interception Equipment o Extraction of Wideband Signals and Data Analysis o Covert Data Processing, Fax Transmission Analysis o Multi Protocol Traffic Analysis Techniqes c) Speech Recognition and Voice Interception o Advanced Speech Recognition, Real CallerID 8. Closing, Summerisation a) My PGP Key ;> Part I ------ 1. Introduction =============== Are you paranoid? You damn well should be. I've recently come accross some very disturbing facts about how international covert governemt organisations intercept, filter and colate data from international communication protocols and networks. This article is only the very tip of the iceberg, their is no way I could possibly cover the wide spectrum of "big brother" activity that shadows over the communication networks that are deployed at present, to do so would require a whole database. The fact is big brother IS watching you, not just you, but also other governments and echonomical bodies. In this file I will discuss the different, very covert techniques that are deployed by certain agencys and alliances to efectivly intercept any type of public, or supposid "classified" data/voice transmission. After reading this article, you'll probably think twice before placing a phone call. 2. Communications Intelligence (COMINT) and the NSA =================================================== COMINT is an abbreviation for Communications Intellegence. The covert interception of telecommunications has existed for a very long time, and began around about the same time that public telecommunications became widely available. It is evident that every single "technologicly advanced" country in the world participates in the covert interception of foreign communication mediums. I would define it as an ongoing game of counter- intellegence, where superpower nations are spying on each other, spying on each other. The scary thing is, it's not just diplomatic communications that are being intercepted, in most cases, an entire nations telecommunications infastructer is being monitored, both from remote locations, and from our own intellegence organistaions spying on us. The NSA openly admit to such activity, although would probably deny any "local" communication interception techniques. COMINT is in the same intelllegence fammily as SIGNIT (Signals Intellegence) which involves the interception of signal emmisions from sources such as radar emmisions. Obvious COMINT communications targets: (interception) o military communications o diplomatic communications o economic intellegence o scientific intellegence o drug trafficking o organisied crime o severe fraud o terrorism Side note: hacking, phreaking, participation in "underground" hacking collectives would be defined as organised crime, and in some cases defined as terrorism. (they have a real nice way of classifying things) a) UKUSA Alliance USSS (United States Signit System) is made up of the NSA (National Security Agency), collective sub-units known as the "CSS" (Central Security Service), aswell as some parts of the CIA and surrrounding organisations/bodies. After the second world war in 1947, the US made and aggrement with the UK to commense international intellegence operations world wide. Other English speaking countrys where allied into the UKUSA aggrement as second partys, they include Canada, NewZealand and Austailia. The UKUSA intellegence alliance was not exposed until earlier this year (March 1999), when the Austrailian government confirmed its deployment of DSD (Defense Signals Directorate) and admited to being part of the UKUSA colaboration of intellegence gathering. 3. The Covert Interception of International Telecommunications ============================================================== a) International Leased Carrier (ILC) Interception A knowledgable phreak will know how easy it is to intercept supposid private telecommunications, we all know that the US PSTN (Public Switched Telephone Network) is made up of RBOCs (Regional Bell Operating Companys) which all deploy multiple levels of switching architecture and signal protocols. For over 80 years, incomming and outgoing international telecommunications traffic passing through International eXchange Bounderys have been intercepted and filtered for an initative known as "National Security". All US RBOCS have strong links with COMINT, and IXCs (Inter eXchange Carriers) such as AT&T have ties with goverment communication collectives. COMINT organistaions refere to such carrier providers as ILCs (International Leased Carriers), and would obviously have to work closly with such providers where telecommunications interception is involved. b) High Frequency Radio Interception The majourity of the worlds international contempory telecommunications networks are made up of optical transmission protocols, but before this, most international telecommunications where conducted via HF transmission (Higher Freqency) and was used both for public communication aswell as diplomatic and military communications. ------------x-----------------------x-----------------------x / \ / \ / / \ / \ / / \ / \ / / \ / \ / / \ / \ / x-----------------------x-----------------------x------------- x) y) z) In the above diagram, (x) is transmitting to (z). The HF signal is bouncing from the Earths ionosphere back down to (y), then back to the ionosphere, down to (z). Incididently, in this scenario, (y) is the dude in the middle, incercepting the transmission before it reaches (z). Here, the interception of transmission was reletivly straight forward because HF radio transmissions are bounced from the Earths ionosphere and back down to the Earths surface, forming a zigzag type path around the world. This provided ample space for a primitive "man in the middle" interception of the reception of such data. c) Interception of Microwave Radio Relays Microwave radio was deployed in the 1950s as a means to provide higher- cappacity inter-city communications, implementing telephony and televison. Microwave parabolic dishes are placed around 50km apart from each other, as a means of communicaion relay stations. Later I will discuss how such a communications medium can be intercepted. d) Interception of Submerged Telecommunications Cables Early international telecommunications where very primitive compared to what we have today, and only allowed a maximum capacity of 100 telephone calls on similtanious channels. Today Optical Fibre transmission systems are deployed as part of the world wide PSTN, and can handle 5Gbps of similtanious data transmission, which is 60,000 phone calls occuring similtaniously, which is why we no longer require operators to place international calls. e) Covert Communications Satellites Because of the nature of microwave emmisions, they do not reflect off of the Earths ionosphere like HF radio transmissions. Instead, they penetrate the Earths atmosphere and are emited off into space. This is where the covert satelites come into the picture. x salelite / \ / \ / \ / \ / \ ------------x-----------------------x------------ ionosphere / \ / \ / \ / \ / \ x-----------------------------------------------x- earths surface x) z) The most popular satelite setup are those that operate in geo-stationary orbit, or (the clark belt) and are provided for broadcasting purposes. The largest collection of communications satelites in orbit are the COMSATs and are operated by the International Telecommunications Satelite organisation (Intelsat). The latest addition of telecommunications satelites can handle over 90 thousand similtanious calls each. f) Communications Techniques Before 1970, the majourity of communications systems where of anolouge nature and utilised continuous wave technique. Now, in all majour communication systems are digitaly derived, and provide a much higher capacity. The highest capacity systems are for use of internet backbone usage (STM-1/OC-3) and can operate at data rates of 155Mbs (Million bits per second) which is the equivalent to the transmission of 1 thousand books a minute. I'll cover these transmission techniques in more detail in the technical part of this file. Where this type of digital communication is deployed COMINT organisations cannot intercept data unless they have diect access to the communications channels that the data travels over. The data is usually encrypted, but no big deal for such an collective as COMINT, so they obtain access to these communications channels with (or without) the prior co-operation of the carrier provider. o Operation SHAMROCK The NSA are well known for systematically gathering telecommunications traffic from offices of majour cable companys. The interception of cable traffic in the US is refered to as "operation shamrock", and until recently remained un-exposed for over 30 years. In 1975 an NSA director admitted to the US house of representatives that such operations do exist within the NSA. "..The NSA systematically intercepts international communications, both voice and cable" "messages to and from American citizens have been picked up in the course of gathering foreign intelligence". "...was obtained incidentally in the course of NSA's interception of aural and non-aural (e.g., telex) international communications and the receipt of GCHQ-acquired telex and ILC (International Leased Carrier) cable traffic (SHAMROCK)..." o More High Frequency Radio Interception HF radio transmissions are easy to intercept, in the sense that all you need is the appropraite equipment, and an area which is located in a quiet radio location. Up until 1980 the NSA and the UK's GCHQ used HF radio interception equipment to capture European HF communication on a base in Scotland. The equipment used then was a 400 meter in dialmeter antenna, and was designed to be omnidirectional (capture emitions from every possible angle). Their is a secret base in the UK at Chicksands which is operated by the NSA and DODJOCC, It's purpose is to collect and intercept Soviet and Warsaw Pact air force communications, and also to collect ILC and "NDC" (Non-US Diplomatic Communications). o The Space interception of InterCity Networks Long distance microwave involves the implementation of many transmitters and relay stations. When a microwave transmission takes place, the recieving end only absorbs a small fraction of the orional signal strength, the parts of the microwave transmission that the reciever didn't pick up pass through the Earths atmosphere into space as discussed before. Therefore, contempory microwave communications are intercepted by covert intellegence gathering satelites that are mounted 80 degrees longditude of the horizon. At present, their are many secret satelites operating both in geo-syncronous orbit aswell as satelites following mission paths that gather as much microwave communication traffic as possible and relay back to secret installations on Earth. o SIGNIT Satellites The CIA first launched the SIGINT satelite program back in 1967 which lasted until 1985. The satelites where operated from remote ground installations in Austrailia and implemented parabolic antenna which where able to unfold once in orbit, initially the satelites intercepted transmisisons from the VHF radio band. To this date, similar satelites are in use, codenamed MAGNUM and ORION, they are designed to intercept and filter multiple communications methods on Earth such as VHF radio, cellular and mobile phones, pagers, and also mobile data links, packet radio etc. The idea of this is fairly daunting, basically if you page your girlfriend, chances are the pager radio signal will be intercepted but probably filtered as it would be of no relevance to "national security". This is not some paranoia/conspiracy theory, this is fact. The IOSA system (Intergrated Overhead Signet Architecrure) is very much at large to this date, and is controled from ground level at the following locations accross the world: o Buckley Field, Denver, Colorado o Pine Gap, Australia o Menwith Hill, England o Bad Aibling, Germany Each "secret" installation is rumoured to cost alot of money to run, somthing in the line of 1 billion dollars each. In 1998, the US National Reconnaissance Office (NRO) said it would combine the three separate classes of Sigint satellites into an Integrated Overhead Sigint Architecture (IOSA) in order to " improve Sigint performance and avoid costs by consolidating systems, utilising ... new satellite and data processing technologies". Because of this new spy satelite setup in earth orbit, the US can now use its newly aquired technology to intercept ANY mobile communications source, including city to city traffic accross the globe. The main intension of these satelites is however to concentrate on foreign military and diplomatic "hotspots". GCHQ in the UK are now part of project MERCURY and use the system for similar purposes. Part II ------- Introduction to part II ======================= Summerising part I, we now know about covert satelites, the basess, and the general layout of microwave interception. Now I'm going to discuss the slighlty more scary stuff, the parts that affect me and you, ranging from the interception of phone traffic, to the mass intellegence gathering on the internet. Hopefully you've read all of part I so you can understand the folowing better, if you just paged you suck. Submarine cable interception Submarine cables are widley used in international telecommunications, and are therfore a target for anyone wishing to intercept international telecommunications traffic. Juring the 1970s, a secret submerged cable taping operation nammed "IVY BELLS" was executed by US submarines near the USSR. The mass line tap operation of USSR communication ended in 1992 when the geographic locations of the submerged line taps where sold to KGB by a former NSA employlee. To this date, the US still plant submerged line taps on various communications links, rumoured to be the Middle East, the med, eastern asia, and south america. The United States is the only naval power known to have deployed deep-sea technology for this purpose. Where fibre Optic cables are concerned, it is impossible to simply place a radio sensitve inductive tap on them, because obviously fibre Optics don't leak radio freqency signals. However, the NSA spend alot of time and money into the research of Optical fibre tapping, and are rumoured to be successful in such research using optoelectronic "repeaters" which boost signal levels over long distances. Covert Interception of the Internet Protocol ============================================ The NSA and GCHQ all operate a private network which is concidered to be just as large as the public net. This private network is known as project EMBROIDERY and is said to span the globe via a massive WAN network. It is this network which is said to serve such purposes as project ECHELON and other intellegence projects. The whole system is based on the IP protocol. The majority of internet traffic origionates or is passed through the US, and major routers. Sinse early 1990, the COMINT project have developed systems which intercept and filter all packet, or digital data traveling via the US net backbones. The targets of such interceptions are communications between Europe, Asia, Oceania, Africa and South America. When a packet is sent, depending on the time stamping of the origin and destination, it is likely it will pass through a major network exchange somewhere in the US. For example, routers in USwest are most idle when European packet traffic is at its peak beacuse of the time zone differences. Because of this, hig capicity network traffic will pass through the routers which are situated in USwest, which subseqentialy the NSA have access to (for COMINT purposess), it is then that the NSA can intercept data traveling to and from European countrys. Where COMINT and the internet are concerned, COMINT interception takes advantage of the way in which internet packets are routed, in the sense that datagrams contain the numerical routing instructions which are used by COMINT to filter irrelevant traffic. Any packet with a military or diplomatic datagram origin, is likely to be intercepted at a major US network backbone to be filtered or analyised. alt.Usenet discussion groups are well known to be intercepted and analyised by government agencys, such usnet traffic accumulates about 15 gigs of transmitted data per day. Intellegence agencies have open access to all usenet discussion groups, and most store the information in massive data- bases. For example, in the UK, the DERA (Defense Evaluation and Research Agency) maintain a 1 terrabyte databasse which contains 90 days worth of all usnet messages. DERA also operate web-robots which scan the net for certain keywords and then mirror entire sites on this database. Subseqentialy my own site has been visited by DERA, and sinse then is visited 2 per month by, xxx.dera.gov.uk - - [18/Jul/1999:16:10:05 -0500] "GET /files/hybrid-files/x Recently an NSA employee informed the public that certain major backbone net exchanges are being monitored for ALL data traveling through them in the US. The NSA either have direct access to them, or have mass sniffer programs running to collect as much data as possible traveling through the follwowing major internet exchanges in the US: (NSA Internet Comint access at IXP sites) Internet site Location Operator Designation ------------------------------------------------------------------------------ FIX East College Park, Maryland US government Federal Information Exchange ------------------------------------------------------------------------------ FIX West Mountain View, California US government Federal Information Exchange ------------------------------------------------------------------------------ MAE East Washington, DC MCI Metropolitan Area Ethernet ------------------------------------------------------------------------------ New York NAP Pennsauken, New Jersey Sprintlink Network Access Point ------------------------------------------------------------------------------ SWAB Washington, DC PSInet/BellAtl SMDS Washington Area Bypass ------------------------------------------------------------------------------ Chicago NAP Chicago, Illinois Ameritech Network Access Point ------------------------------------------------------------------------------ SanFran NAP SanFrancisco, California Pacific Bell Network Access Point ------------------------------------------------------------------------------ MAE West San Jose, California MCI Metropolitan Area Ethernet ------------------------------------------------------------------------------ CIX Santa Clara California CIX Commercial Internet Exchange ------------------------------------------------------------------------------ It is rumoured, and almost certanly true, that a leading US telecommunications and internet provider company are contracted with the NSA to develop specialised mass data gathering software for installation on such internet exchanges, other software manufactures such as microsoft and netscape etc are said to aid in the production of specialised network traffic interception equipment. (see enclosed .jpg files for screenshots) 6. Covert Collection of High Capacity Signals ============================================= Where very sensitive data is concerned, diplomatic agencies are usually very wise to the fact that someone out their may be interested in intercepting it. Therefore, when the more obvious interception methods/procedures are inpracticle, COMINT agencies develope special devices that can be installed on the target premisiss or base. The NSA manufactures specialised equipment for use in covert activitys, one such device is called the "ORATORY" -a computer that fits into a brief case, which is programed to behave on dictionary selection for use in sigint data interception. a) New Satellite Networks/Systems A popular means of communication for government employees are private dedicated mobile communications. Their are satelites orbiting very fast around the earth, each in its own orbit pattern which provide global coverage for diplomatic usage. These systems are sometimes called Satelite Personal Communications Systems or SPCS. At present, their is a satelite network called the IRIDIUM network, which was launched in 1998. The IRIDIUM satelite network implements 66 satelites each relaying mobile data back to the ground. IRIDIUM is considered to be fairly secure, in the sense that anyone trying to intercept network data would have great trouble as the satelites are fast moving and only beam information back down to earth in a concentrated beam. b) ILC Processing Techniques Covert agencies employ a vast array of multi-protocol data interception systems and devices. Such devices are capable of intercepting selectable, or randomly chosen communications channels implementing a new concept called "topic analysis". It has been a rumour for a long time that covert agencies use equipment that is capable of reacting to certain keywords when intercepting voice or modem traffic. It is rumoured that if you say somthing like "kill_the_presedent" over the telephone, you'll have a gathering of feds outside your front door. This rumour however, is probably not true when refering to a residential line, unless a line has been "tapped" beforehand. However, such systems DO exist, and all operate on topic analysis techniques. For example: Such systems are based on dictionary computers with built in (pre-programmed) key words. These systems are designed to be placed in the paths of communications channels, such as standard voice traffic, or modem links. The properties of such systems are as follows: o A topic analysis COMINT system would be "attracted" to certain levels of communications traffic, such as international calls to and from "hotspot" areas, above normal calling freqency (scanning, or suspicious overusage of a given communications protocol). o ability to "pick-up" on certain keywords, or signitures. o voicetracking capabilitys, ie: voice recognition, freqency analysis of voice patterns. It is therefore presumarable that such monitornig devices may be attracted to any given voice/data channel if such patterns are emited, ie: heavy call usage. However, such interception techniques can be impaired to a certain extent, when the channels being monitored implement voice or data encryption, hense the international export laws on cryptographic engines and alghorithms. Comint interception devices are individualy designed to intercept differnt arrays of communications protocols, for example, some devices are designed soly to intercept internet traffic (packet analysis, headers etc) others are designed to intercept pager signals, and voice traffic (topic analysis). Any type of publically known communications medium is subject to interception by a foreign source (if their is motive). 7. Hardcore Telecommunications Covert Interception ================================================== a) Broadband (High Capacity Multi-Channel) Communications taken from a 9x file by me (FDM): http://www.ninex.com/9x/rawtext/9X_TEL.TXT ------------------------------------------------------------------------begin- To maximise the frequency spectrum available over trunk cables and international links, the subscribers base band voice signals covering from 300 to 3400 Hz are translated usinga sideband (SSB) modulation to a higher frequency range suitable for propagation over coaxial cables and radio links. 12 basic channels are modulated on to carriers in the range 64 to 108 KHz and speed 4 kHz apart. When the lower sideband (LSB) is selected, these form a 'group' with a bandwidth of 48 kHz, extending from 60 to 108 kHz. Five groups are then modulated in a similar manner onto carriers spaced at 48 kHz intervals from 420 to 612 kHz to form a 'supergroup'. 16 supergroups are then LSB-SSB modulated onto carriers spaced by 248 kHz from 1116 kHz upwards. This results in band of freqencies from 564 kHz upwards. To utilise the range bellow 564 kHz, a supergroup is modulated on to a 612 kHz carrier which after selection of LSB is reduced to a band between 60 and 300 kHz. The band between 300 and 564 kHz is filled with another supergroup in basic form (312 to 552 kHz). This hierarchy, referred to as 'master' or 'hypergroup', provides a muliplex (including freqency gaps or guardbands to cater for the characteristics of practical filters), with an upper frequncy of close to 4 MHz which is easyily carried over a coax cable. --------------------------------------------------------------------------end- Analouge communications are now more or less obsoleet as literaly all international telecommunications protocols and developments turn digital. Digital telecoms are based on a method called TDM (Time Division Multiplexing), this alows multi-channel communications to take place. The individual conversational channels are first digitised. Information concerning each channel is then transmitted sequentially rather than similtaneously, with each link occupying successive time slots. Bell implement t1 links as part of the majour routng backbones on the US PSTN which handle 24 phone channels at 1.544 Mbps. European countrys, such as the UK, operate on slightly higher transmission speeds as part of the backbone. Instead of T-1 technology, European telco providers have implemented a different protocol called E-1, which carrys 30 phone channels at 2 Mbps. Most COMINT telecommunications interception equipment is designed to intercept the European transmission protocols. New digital telephony techniques are emerging all the time, so Comint agencies spend alot of time and money investigating each new transmission technique. One of the latest developments, is the implementation of the SONET network, which uses synchronised signals which are carried by high capacity optical fibres, and are supposidly easily extractable by Comint agencies when high capacity links are involved. b) Covert Telecommunications Interception Equipment The NSA contract many organisations to devlop and produce Comint and Sigint sophisticated interception equipment. Such entitys include Space Systems, Lockheed, TRW, Raytheon and Bendix. The two majour contracted NSA developers include AST (Applied Signal Technology) and IDEAS corp, where the directors are ex NSA employees. Out of all these NSA contracted developers, AST seems to be the most conspicuous, and describes its equipment as "TEMPEST screened" Such an organisation was described as "the one stop ECHELON shop". Extraction of Wideband Signals and Data Analysis ================================================ Where wideband/broadband siganl interception is concerned, they are usually intercepted from satelite relays and tapped digital multiplexed cables. One such method used by COMINT agencies is called "wideband extraction", and involves utilising specialsed Sigint equipment manufactured by the NSA contracted companies. Interception applications available to COMINT agencies is as followed: (transponder survey equipment) o satellite downlink inception o demodulators o decoders o demultiplexers o microwave radio link analysers o link survey units o carrier analysis systems Satelite data link interception is analysised with AST equipment (AST model 196 transponder charactorisation system) where the basic structure of the siganl is broken down and analyised. The AST model 195 "the SNAPPER" is a wideband snapshot analyiser and capture data from extensivly high capicity systems for extraction. A newly developed system is the AST model 990, "Flexible Data Acquisition Unit", which is designed to record and analyise data from 2.488 Gbps SONET OC-48 telecommunications backbones, this device is fitted with 48 Gigs of memory and is capable of intercepting every packet of data from multiple internet exchanges. The data that is intercepted is then stored on RAID HD networks and then later analyised by an AST SONET 257E analyiser. Their are many steps and procedures that Comint agencies follow when intercepting such data. First, obviously the data is intercepted at links, channels and exchanges, then the captured data is broken down into parts so that multi channel processors can extract then filter the contained messages such as voice channels, fax communication, and modem data. " The AST Model 120 multi-channel processor - used by NSA in different configurations known as STARQUAKE, COBRA and COPPERHEAD - can handle 1,000 simultaneous voice channels and automatically extract fax, data and voice traffic. Model 128, larger still, can process 16 European E-3 channels (a data rate of 500 Mbps) and extract 480 channels of interest. The 1999 giant of AST's range, the Model 132 "Voice Channel Demultiplexer", can scan up to 56,700 communications channels, extracting more than 3,000 voice channels of interest. AST also provides Sigint equipment to intercept low capacity VSAT satellite services used by smaller businesses and domestic users. These systems can be intercepted by the AST Model 285 SCPS processor, which identifies and extracts up to 48 channels of interest, distinguished between voice, fax and data. " Covert Data Processing, Fax Transmission Analysis ================================================= After the actual transmission interception has taken place, the extracted data is then analyised by sophistaicated AST developed software with "user friendly" equipment. AST have developed specialised covert operations data filtering and extraction software called ELVIRA which opertates on given specifications such as STRUM. THe software analysises the data and informs the user of phone call destinations and other signal related information. The information is then sent back to a remote NSA location in the form of CSDF (Collected Signals Data Format). Included in this file is a screenshot of a special software platform designed by AST called TRAILMAPPER which can operate upto speeds of 2.5 Gbps, and is designed to be very versatile, in the sense that it can intercept any type of telecommunications medium (especialy optitical protocols). The trailmapper software is especialy suited to extracting and analysising data from the new ATM (Asychronous Transfer Mode) networks which are becoming increasing popular from implementation from IXCs such as AT&T. AT&T operate a special ATM network which spans the US, aswell as another ATM network which is backboned via European locations. COMINT agencies are esspecialy interested in ATM networks because telco providers offer ATM networking for VPNs, LANS and international WANS. AST also offer very specialised equipment and software which is designed to intercept data from devices used to connect to networks and the internet. When a telecommunications link is intercepted, a transmission from an individual using a modem to connect to a network or the internet is easily extracted and then later anlayised. Aswell as modem interception, FAX transmissions are also of intellegence interest. A fax transmission can be intercepted at any point juring its journy over a PSTN, and then later analysied (or analyised in real time) by AST software such as the Fax Image Workstation which implements OCR (Optical Charcter Recognition). And if you think that's scary.. AST also produce a system called "Pager Identification and Message Extraction" system which automatically collects and processes data from commercial paging systems. The NSA contracted collective "IDEAS" also produce specialised covert equipment like the VTP (Video Teleconferencing Processor) which has the ability to intercept and record multiple similtanious video, and/or teleconference calls. Multi Protocol Traffic Analysis Techniqes ========================================= Covert agencies participate in the art of traffic analysis, where information from telephone calls is processed and then later studied, depending on the area of "interest". For example, in such activities, information about the subjects line is always tranmitted when placing a call, such as the CLID and the origin of the call via SS7 protocols. Even if voice encryption is used, the intercepted voice channel still reveals important, and potentialy sensitive data about the call type: o CLID o duration of call o OPC codes o destination of call o freqency of call setups Text locators: Applications have been built that are designed to intercept and sift through large arrays and quantitys of data and information. Such applications are essential to the effective operation of systems such as ECHELON, as the ECHELON system uses dictionary based applications to filter important or un-inportant data. Such systems can be ported to act as robots on most communication protocols, such as IP or voice traffic. Data that has been intercepted is stored on massive databases for later retreavel, so a covert agency could implement topic analysis technology to search an internal database for keywords, ie: "counter attack" or "kill the president". The NSA currently use a filtering method known as "N-gram" which is designed to sort through a textual database for any topic, regardless of language. "To use N-gram analysis, the operator ignores keywords and defines the enquiry by providing the system with selected written documents concerning the topic of interest. The system determines what the topic is from the seed group of documents, and then calculates the probability that other documents cover the same topic. In 1994, NSA made its N-gram system available for commercial exploitation. NSA's research group claimed that it could be used on "very large data sets (millions of documents)", could be quickly implemented on any computer system and that it could operate effectively "in text containing a great many errors (typically 10-15% of all characters)". The "Data Workstation" Comint software system analyses up to 10,000 recorded messages, identifying Internet traffic, e-mail messages and attachments Speech Recognition and Voice Interception ========================================= The UK's GCHQ combined with the US's NSA all conduct research into speech recognition techniques. Rumours that such technology is used to "pick up" on certain keywords in telephone speech cannot be classified as concrete fact, because obviously such organisations would deny this type of communications monitoring. However, if such a system is deployed by these agencies, they would be able to gather a higher degree of intellegence information, rather than picking on areas of suspition. If software is available to the public that allows a pc user to talk to a computer, then have the computer dictate what the person is saying into text format, just imagine what the COMINT agencies have.. Advanced Speech Recognition, Real CallerID ========================================== GCHQ and the NSA currently have TE464375-1 VADA (Voice Activity Detector and Analyser) equipment installed inside a GCHQ base in Cheltenham England. Advanced specch recognition systems can be produced to operate on a mass scale basis, whereas a subjects voice patterns can be programmed into such a device, which will then hunt that particular voice patter down on a given set of telephone channels. System descriptions must be classified "secret" if NSA "determines that they represent major advances over techniques known in the research community". 8. Closing, Summerisation This article only covers a very limited set of covert communications interception techniques, their are many more out their. The COMINT and SIGINT organisations are very resourcfull, in the sense that they have vast funds to back up research into covert communications devices. The idea that technology exists that can distinguish voice patterns over telephone channels it particulary scary, and in a sense, a complete infringment of the "private" service that the telco providers offer. The fact is, such technologys do exist, and can (or have) been implemented. Telecommunications equipment is intended for the interception of "hotspot" information such as military and diplomatic communications, it is however strange that such systems are designed to be attached to majour telecommunications backbones (Opticaly Derived) to "filter" the imporatant information. Its a case of whether or not you "trust" the NSA or GCHQ or whatever to only intercept real intellegence information, or whether they'll adopt the "big brother" approach and monitor ALL communications. Either way, they are unlikely to admit to any such activitys, the fact is, they have the technology and the ability to monitor all majour communications protocols.. Do you trust them? Do they trust you? Its all in the name of "National Security"... Well, thats it for this file, I hope you enjoyed it. Werd/Shouts to: D4RKCYDE, 9x, b4b0, kelticphr0st, jasun, zomba, bodie, gr1p, shadowx, lowtek, psyclone, shylock, digiphreq, downtime, elaich, oxidation, substance, tip, pbxphreak, lusta & nou, force, microwire, oclet, knight, siezer, devious. ------------------------------------------------------------------------------ B L 4 C K M 1 L K teleph0nics FUCKIN HARDCORE, BABY http://hybrid.dtmf.org/ ------------------------------------------------------------------------------ Type Bits/KeyID Date User ID pub 2048/86298E99 1999/09/18 hybrid -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.3ia mQENAzfjBzcAAAEIANaRNlbj/1FQo3V6JK4L+lziSwsXh/axd7trkB9lP2Sxwv/U F7/avmxY3PhjjpqG3o85z2D1qduVSZcXoN6iF/JiCMqAU2nsfmZwvO9U7WZX5Xv/ wEUuqDAt59YKLqSjpZXue/ROZJLSAJXbhbOEZdq24gzDMAvCmqJJWk/7QdFoJYl1 0aszUPTyw6JA0ys+K9YRyiYAPe4RvJV0VaImP5uNaf8w+H1znTL8dUmUYqSbbRx2 0p5AJTxPTYsNWRg9LopF2qVIOf8SGpvJTCfsLoZxfmezUBWv5nrSU6H9xlFGdlJK RezXi8QYGEyljAZODt930r9iS9XxckKelIYpjpkABRG0GGh5YnJpZCA8aHlicmlk QGR0bWYub3JnPokBFQMFEDfjBzhyQp6UhimOmQEBC70H/R+rZfFef3PzGO0ez9ct dNq7lTUkuStXmqpJhHNSuNEAx9b5q2DjKS/LJQYn+WymfA0mSeGaYL8yJ7wroh1N JHySe266qEjov6R/WjUk1f/OEz38UCfzln7MtLykhk9bnWC745uwTiXAdU6hUzUN J45opUpWwAQ843MWypN3Mm4q7UnBMAlcUXyyWEWpZrc9lxSaZDyw9acEZLKqDgwB m6fMiyq4QXeoVI4HbLHiZFDll7+XE5HripXyKXU0qhACcr7JbM5jYWrmob9XL94r 3HAiOfJQbQIC25D3Cbf++ilwLsTdVR6bCFsiw3YPEK9/v0WTZHAIr8ftXl2C2OjG Q0s= =8jkO -----END PGP PUBLIC KEY BLOCK-----