NSA Graciously offers to Quit Harvesting Phone Metadata

April 12, 2015 by Colin Berkshire

The NSA recently offers that it was willing to stop bulk collection of domestic-only phone call meta data, in respect to the privacy rights of citizens. It was the first and only public move by the NSA to recognize that personal privacy has any value.

The truth is quite different, when you understand the underlying technologies.

The truth is that the NSA no longer needs to collect phone records on every phone call from the phone companies because it already gets this information from other sources.

Here is the technical point missed by most reporters:

Phone traffic is largely routed over the Internet or on the same fiber routes. When you place a call on Verizon or Frontier or AT&T the call is either routed over the Internet or on a dark fiber running point to point between the carriers. Either way, it runs through the mysterious closets with half-taps going to the NSA.

Traditional SS7 used for network signaling is very much like SIP in that it carries all of the phone calls meta-data. (https://en.m.wikipedia.org/wiki/Signalling_System_No._7) SS7 used to run on a network of private lines, but now it is often encapsulated and run over the Internet through either SIGTRAN (http://en.wikipedia.org/wiki/SIGTRAN) or what is sometimes called SS7oIP.

Thus, the NSA is able to slurp up all phone call records by tapping the SS7 signaling. While SS7 traffic is able to be partially encrypted, most of it is not secured in any way. The minimal encryption that is possible is easily hacked using SnoopSnitch. The minimal encryption is defeated through an automated means state authorities have to provide the keys. And, the NSA can directly decrypt the small amount of SS7 traffic that is encrypted because the root-level keys have been compromised.

So it is simply unnecessary for every telephone company to provide bulk data to the NSA anymore. All of this data is readily available to the NSA throw its existing domestic surveillance programs.

The offer by the administration to end phone call bulk data collection is simply disingenuous.

By Colin Berkshire

Colin Berkshire is a highly technical HR executive in the Pulp and Paper Industry. Colin has an engineering and voice background, and is currently on assignment in Asia. NOTE: Colin does not respond to comments, and does not Tweet.

Look ma, no ads!

Admit it! You just can’t look away. Yet, there’s so much more.

Become a subscriber to TalkingPointz for access to reports and premium posts.

There are several ways to stay informed:

Visit this site regularly.
Receive new posts in your email once a week.
Become an Insider or All Access Subscriber for alerts and access to uncensored content.

Become a Member from $49 / month

TalkingHeadz Podcast

The TalkingHeadz podcasts are @DaveMichels and @EvanKirstel chatting with interesting guests. These are unsponsored and unscripted for your enjoyment. You can subscribe on most podcast apps including iTunes.

Listen on iTunes

Podcast Avaya TalkingHeadz

TalkingHeadz with Avaya’s Anthony Bartolo

June 22, 2020

Anthony is driving product leadership at Avaya, and relies on outcome focused, customer journey mapping to do it. There’s a lot of excitement about the work he is doing at Avaya. He brings an interesting background to Avaya with a…