Bill Totten's Weblog

Saturday, January 19, 2008

NSA's Lucky Break

How the US Became Switchboard to the World

by Ryan Singel

Wired (October 10 2007)

A lucky coincidence of economics is responsible for routing much of the world's internet and telephone traffic through switching points in the United States, where, under legislation introduced this week, the US National Security Agency will be free to continue tapping it.

Leading House Democrats introduced the so-called RESTORE Act (.pdf) Tuesday that allows the nation's spies to maintain permanent eavesdropping stations inside United States switching centers. Telecom and internet experts interviewed by Wired News say the bill will give the NSA legal access to a torrent of foreign phone calls and internet traffic that travels through American soil on its way someplace else.

But contrary to recent assertions by Bush administration officials, the proportion of international traffic entering the United States is dropping, not increasing, experts say.

International phone and internet traffic flows through the United States largely because of pricing models established more than 100 years ago in the International Telecommunication Union to handle international phone calls. Under those ITU tariffs, smaller and developing countries charge higher fees to accept calls than the US-based carriers do, which can make it cheaper to route phone calls through the United States than directly to a neighboring country.

"Carriers shop around for the best price for termination", says Stephan Beckert, the research director at Telegeography, a communications-traffic research firm.

The United States, where the internet was invented, was also home to the first internet backbone. Combine that architectural advantage with the pricing disparity inherited from the phone networks, and the United States quickly became the center of cyberspace as the internet gained international penetration in the 1990s.

In those early days, internet traffic from one Asian country often bounced through the first West Coast internet-exchange point, the San Jose-based MAE West, says Bill Woodcock, the research director for Packet Clearing House, which helps create packet-exchange points around the world.

While nobody outside the intelligence community knows the exact volume of international telephone and internet traffic that crosses US borders, experts agree that it bounces off a handful of key telephone switches and perhaps a dozen IXPs in coastal cities near undersea fiber-optic cable landings, particularly Miami, Los Angeles, New York and the San Francisco Bay Area.

Miami sees most of the internet traffic between South America and the rest of the world, including traffic passing from one South American country to another, says Bill Manning, the managing partner of "Basically they backhaul to the United States, do the switch and haul it back down since (it's) cheaper than crossing their international borders".

And some internet traffic traveling from Asia to Europe still crosses the entire breadth of the United States, entering in Los Angeles and exiting in New York, says Woodcock.

For voice traffic, the NSA could scoop up an astounding amount of telephone calls by simply choosing the right facilities, according to Beckert, though he says NSA officials "make a big deal out of naming them".

"There are about three or four buildings you need to tap", Beckert says. "In Los Angeles there is One Wilshire; in New York, Sixty Hudson, and in Miami, the NAP of the Americas".

The United States' role as an international communications hub came at a convenient time for the National Security Agency, which in the 1990s began confronting a world moving away from easily-intercepted microwave and satellite communications, and toward fiber optics, which are difficult and expensive to tap.

Press leaks in recent months have revealed that the NSA began tapping the US communications hubs for purely international traffic shortly after 9/11, at the same time that it began monitoring communications between US citizens and foreigners as part of the Terrorist Surveillance Program.

After the Democrats took over Congress in 2007, the administration put the NSA surveillance programs under the supervision of a secretive spying court, which ruled shortly thereafter that wiretapping US-based facilities without a warrant was illegal, even for the purpose of harvesting foreign communications.

In August, Congress granted the NSA "emergency" temporary powers to continue the surveillance, which are set to expire in February. The RESTORE Act (the Responsible Electronic Surveillance That is Overseen Reviewed and Effective Act of 2007) is the Democrat's effort to extend that power indefinitely, while including some safeguards against abuse. It would legalize both the foreign-to-foreign intercepts, and the domestic-to-foreign surveillance associated with the Terrorist Surveillance Program.

The bill enjoys wide support in the House, but on Wednesday President Bush vowed to veto any surveillance legislation that doesn't extend retroactive legal immunity to telephone companies who cooperated in the NSA's domestic surveillance before it was legalized - a provision absent from the RESTORE Act. AT&T, which is facing a class-action lawsuit for allegedly wiretapping the internet on behalf of the NSA, is reportedly among the companies lobbying hard for immunity.

Experts say that, even with a stamp of approval from Congress, the growth of international communications networks will eventually rob the NSA of its home-field advantage in inspecting foreign communications. "The creation of alternative paths are starting to challenge the dominant position the US has", Manning says, adding that the changes will not be welcomed by US intelligence services.

Exchanges in Hong Kong and London are emerging as local hubs for Asian and European traffic, while new fiber cables running north and south from Japan around to Europe will divert traffic from the trans-America route. Meanwhile, more countries are building their own internal internet exchanges.

"Because the decisions are made by the private sector, you're always going to go the direction where you have the cheapest fiber", Woodcock says. "That's likely to be through the US for a while yet, (but) that's changing as more and more fiber gets installed around South Asia".

Manning points to South Africa as an example of how countries are creating their own internet exchanges.

"In South Africa for a long time, ISPs didn't talk to each other and would backhaul traffic to the US or Europe", Manning said. "What they have done in last ten years, they have built local exchange points and fixed regulatory conditions to allow cross exchange of traffic".

The trend may leave US spooks longing for a simpler time; like 1992, when the first - and at the time, only - internet exchange point, called MAE-East, was erected in Washington DC.

"All the traffic in the world went through Washington", Woodcock says. "But it was coincidence that it was Washington, more or less, and it was private-sector. And it probably wasn't tapped for at least a couple of years."

Bill Totten


Post a Comment

<< Home