Archived posting to the Leica Users Group, 2000/12/18

[Author Prev] [Author Next] [Thread Prev] [Thread Next] [Author Index] [Topic Index] [Home] [Search]

Subject: Re: [Leica] what would you do ?
From: Brian Reid <reid@mejac.palo-alto.ca.us>
Date: Mon, 18 Dec 2000 23:22:45 -0800

My profession is internet engineer. I've designed, built, and operated
internet email systems for a long time.

While it is true that email traffic passes through intermediate
machines, it is much less true that the email messages are
reconstituted at those intermediate points. One of the most important
principles of engineering high-performance internet transport equipment
is to store as little information as possible. "Get it in; get it out".
The engineering rules by which the internet is built actually forbid,
specifically, the reconstituting of email messages at undocumented
waypoints, and I don't know of a single equipment vendor or software
package that would dream of breaking this rule. 

When A sends a message to B, the processing looks like this:

1. A determines the "next hop", or "mail exchanger". Call this "C".
2. A opens a stream connection to C.
3. A breaks up the message into individual IP packets and sends them to C.
4. C reconstitutes the message and queues it for delivery to B.
5. If C=B, then the message has arrived.
6. If C is not equal to B, then C must repeat the process: pretend that C
   is A and follow steps 1 through 5.

In step 3, the packets can take many diverse paths, but the message is
never stored or reconstituted at the waypoints. This is a security
advantage, actually: there is no place that you can connect a listening
device, except the two ends, that is guaranteed to hear the traffic for
snooping purposes. This makes the FBI's famous "Carnivore" device still
require physical access to one of the two ends of the connection.
Carnivore works because most people get their mail delivered to an ISP. 

By contrast, once a telephone circuit is set up, there are many points
that it can be tapped, and it is relatively easy to find them. If any
part of a telephone conversation passes through some waypoint, then all
of it does. There is no concept of chopping the phone call into pieces
and sending them over divergent paths. Well, there is with digital cell
phones. 

About a dozen times in the last 20 years I've had to cooperate with law
enforcement people who had a search warrant and who wanted to monitor
the email of someone whose email service I had control over; I've spent
many hours trying (legally) to tap into other people's email. It's very
hard, unless you can get insider access to the computers operated by
the recipient's ISP, in which case it is very easy. Realistically, the
only place where it is worthwhile trying to wiretap email is to tap into
the same computer that the recipient uses to check his mail. Basically,
you try to grab their mail out of their mailbox before they see it.
It's generally a waste of time to try to grab it anywhere else.