Feeds

SHOCK REVELATION: Telstra manages its networks!

Post-Snowden reporting is getting very, very, silly

SANS - Survey on application security programs

Reporting on telcos' role in communications interception is getting very, very, silly.

Back in July, Australian media “discovered” an agreement between Australia's dominant carrier Telstra and the USA's Federal Bureau of Investigation and Department of Justice to snoop submarine cable traffic. As we demonstrated at the time, the agreement is business as usual: foreign carriers that want to land a cable in the USA have to sign such agreements in order to do business. Such agreements are not carte blanche to snoop, but a guarantee foreign carriers will allow “Lawful US process” to be applied as signatories will be required to “provide technical or other assistance to facilitate such Electronic Surveillance.”

What we now know about the NSA is that the extent of that surveillance may be rather greater than had previously been imagined. That's not good, but doesn't change the fact reports Telstra had given up our secrets were looking at the agreements through the darkest-imaginable lenses.

Which brings us to today's “revelations”, touted by Fairfax media as ”Telstra's data 'vacuum'.

The guts of the story are as follows:

  • Telstra deals with a Melbourne company called Newgen Systems that is the sole supplier of Gigamon kit in Australia
  • Gigamon's products “are designed to find not just a needle in a haystack, but bits of needles in many haystacks.
  • Gigamon kit is spookware
  • Telstra also uses Splunk products
  • Splunk is spookware

Before we go on, let's note that a tiny bit of Googling undertaken by Vulture South's Richard Chirgwin came up with this auto-downlading slide deck dated 2007 and titled “Gigamon Training for Telstra”, by way of pointing out that Gigamon's been chatting to Telstra for quite a while without ever upsetting anyone before. And also to show that there's not much revelatory on offer.

Let's now deal with each element of the story in turn

Newgen Systems is a shadowy funnel for spookware

The time-honoured way for US companies to enter Australia is to find someone who already knows its products and set them up as a distributor/reseller. The aim of this ploy is to find a big customer – nearly always a telco or bank – that will provide enough revenue for the first distributor/reseller to survive and grow. Newgen looks like just such a distributor/reseller. That is the only Gigamon distributor/reseller in Australia is unremarkable: Australia does not have a huge prospect pool for Gigamon kit

Gigamon's products “are designed to find not just a needle in a haystack, but bits of needles in many haystacks

So what?

Carriers operate networks. If they didn't monitor them extensively, we'd be worse off than if they did! That the tools they use harvest lots of data about network traffic should not be news to anyone. Fairfax at least acknowledge that Telstra has an obligation to collect lots of data to facilitate lawful interception, but should also acknowledge that attacks on networks can be very sophisticated. Finding fragments of needles is a very useful thing to do if you're trying to defend a network on which millions of people rely for phone calls and internet access

Gigamon's products are spookware

No they are not. That they gather a lot of data that spooks could find interesting cannot be denied. That they gather a lot of data network administrators find interesting cannot be denied. That they gather a lot of data marketers keen to understand usage patterns of newspaper web sites would find interesting cannot be denied. OMG! Fairfax is SPYING on readers of its websites!

Telstra uses Splunk products

Yes it does. It evaluated it back in back in 2009. Splunk, by the way, shows up in shadowy places like conferences where its “booths” offer a “sales presence” it uses to “find new customers” ! Damning evidence, we know.

Splunk is spookware

Puh-lease. Yes, Splunk can analyse all manner of activity. But again, it can be used by spooks in the same way that any other log file analysis tool can be used by spooks.

And let's not forget that just about every piece of technology Telstra and every other business uses to operate produces log files. And those files can be analysed to produce information on who did what, when and where. Customers. Partners. Staff. Records about all of them are being created by every router, every server, every firewall.

And they're all sitting there waiting to be analysed by someone unscrupulous – maybe even a journalist – who will use them to prove a point. ®

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.