NSA Patents a Way To Spot Network Snoops 161
narramissic writes "The National Security Agency has patented a technique for figuring out whether someone is messing with your network by measuring the amount of time it takes to send different types of data and sounding an alert if something takes too long. 'The neat thing about this particular patent is that they look at the differences between the network layers,' said Tadayoshi Kohno, an assistant professor of computer science at the University of Washington. But IOActive security researcher Dan Kaminsky wasn't so impressed: 'Think of it as — if your network gets a little slower, maybe a bad guy has physically inserted a device that is intercepting and retransmitting packets. Sure, that's possible. Or perhaps you're routing through a slower path for one of a billion reasons.'"
I saw this on tv years ago (fiction) (Score:1, Interesting)
They had something like this years ago on an episode of 'Alias'. The good guys had infiltrated the bad guy base and were siphoning off date...
Re:NSA patenting it because... (Score:4, Interesting)
how does that work anyway?
If the patent is filed by a US Government Agency is it not funded by the taxpayer and thus public domain in the US?
-nB
Re:NSA patenting it because... (Score:4, Interesting)
And it wont work for most snooping technology.
a simple linux box with a listen only cable plugged into a small hub in a key location is undetectable by their system as it adds in ZERO delays.
WEll not zero but too small to be measured their way as it will be consistent across all traffic.
I call their system an epic fail for detection for everything but a remote redirect which is incredibly sloppy way of doing it.
Re:Gov't patents (Score:5, Interesting)
I killed my spent mod points to respond to this. I have no problems with the gov't patenting something, just as long as they don't use it to prevent people from using it in a positive manner. It's possible the gov't patented this so they could share the information with other people and not worry about some private company patenting the idea and then sueing everyone else for us it. Basically - patent to allow people to use it. In this case we don't have to look at the gov't for being evil, but maybe the gov't is protecting us from companies who like to create submarine patents?
Instead of looking at everything the gov't does and say "but it's evil because big brother did it", let's give them the benefit of the doubt.
Re:NSA patenting it because... (Score:5, Interesting)
The NSA can not only file for patents, they can do so secretly.
From wikipedia:
The NSA has the ability to file for a patent from the U.S. Patent and Trademark Office under gag order. Unlike normal patents, these are not revealed to the public and do not expire. However, if the Patent Office receives an application for an identical patent from a third party, they will reveal the NSA's patent and officially grant it to the NSA for the full term on that date.
Re:NSA patenting it because... (Score:5, Interesting)
From what I gather, you can apply for licenses to federally-owned patents. This is typically done through a "Technology Transfer" office. It seems that you have to be a business capable of bringing the invention to market. I suppose in this case you would have to be capable of implementing the software.
Some information about Technology Transfer here:
http://www.federallabs.org/home/faqs/ [federallabs.org]
Which includes a link to a listing of all federal research organizations and how to initiate Tech Transfer, which I'll repeat here:
http://www.federallabs.org/labs/results/?Agency=-1& [federallabs.org]
The relevant U.S. Codes appear to be collected here:
http://www.law.cornell.edu/uscode/html/uscode35/usc_sup_01_35_10_II_20_18.html [cornell.edu]
In particular, it seems "TITLE 35 > PART II > CHAPTER 18 > Section 209" applies.
But hey, IANAL. :)
Re:Huh? (Score:5, Interesting)
i remember a while back a firend of mine that workd for a college was tasked with trying to find a person who was sniffing peoples logins on the campus wifi.. what he ended up doing was sending out garbled truncated packets - turns out that windows boxes running things like etheral would get the truncated packet and then request the rest of the packet even though it wasn't addressed to them.. very clever way of finding the stupid ones.. luckly the person they where after was stupid
Re:Averages (Score:3, Interesting)
as a network engineer, myself, I can only LAUGH at this.
there is SO much randomness in a network (ethernet is BUILT on the whole notion of 'randomness adds to efficiency' (csma/cd uses randomness to 'increase order' in a network) that this can't possibly do much.
it WOULD be a nice random number generator. take your 'output' and send it to something that generates heat, measure the heat and then do math on that.
that might work.
but this 'scheme' to detect active listeners? what a laugh. networks are simply NOT circuit-switches (anymore).
idiots.... wasting our tax money on shit that will never work. but SOMEONE is making money selling crap the government....
Re:Prior art: L0pht antisniff from 1999? (Score:2, Interesting)