<i>We had to facilitate them to set up a duplicate port to tap in to monitor that customer’s traffic. It was a 2U (two-unit) PC that we ran a mirrored ethernet port to.</i><p><i>[What we ended up with was] a little box in our systems room that was capturing all the traffic to this customer. Everything they were sending and receiving.</i><p>And yet his lawyer could have written a truthful denial that they'd given the govt "direct access to the server". See how that works?
I used to work for a webhosting company, and had similar experiences. We'd get requests for Men In Nice Suits to come in, rack up a nice non-descript 3u box -- this was a few years prior to this experience, so I'm certain that the tech's improved since then. As was described, the box just sat there, eating power, under orders Not To Touch Under Any Circumstances, until the federales came back in to take their box back.<p>Thinking back about it, again, this seems a lot of how the feds can keep things like this from getting out. The people that know are given the gag orders, the sysadmins racking and unracking know it's better for their careers, and their not staying out of jail, not to say that they have weird boxes on their network which have mirrored ports going to them. It's there, it's suspect, but the consequences for discussing a suspect box make it difficult to really discuss things.
So, mount webcams in the datacenter. Point them at your racks (front and back, to show cables). This isn't a bad idea in any event, because sometimes it's good to know what Figby Tenthumbs recabled on Monday morning when he was hung-over.<p>Now make access to the cameras public.<p>"What's that new box?"<p>"We can't say."<p>"Ooohh, I see. Noted."<p>Watch the watchers watching.
Maybe I just don't pay enough attention to this, but this is the first place where I've read that Google and other large companies are being paid for monitoring their customers. This is making my sleaze-o-meter spike. What are the rates like? Is it per user? Per message? Per kilobyte? It certainly couldn't be per arrest...<p>Sometimes it seems like the rabbit hole just keeps going deeper, but then you realize it's a damned sewer!
It's not always the NSA. Some of my datacenter friends told me stories about times when "a box" would appear and they were officially to not go within 6 feet of it. Of course, actually working on neighboring customer boxes meant sometimes violating that (without telling anyone), but for the most part they would stay away.<p>I seem to recall they were chasing down online pill vendors this way. One little box with power and two Ethernet ports can collect a whole bunch of evidence, after all. They get what they need, and then they remove it.<p>This was 10 years ago... or more. I can only imagine what happens now.
I think the this excerpt is a fine description of the problem with secret courts and so on:<p>"These programs that violate the Bill of Rights can continue because people can’t go out and say, “this is my experience, this is what happened to me, and I don’t think it is right.”"
Wait. They show you the warrant requiring your compliance. But you don't get to keep a copy of that paper?<p>How do you later prove that you were required by law to make the actions that you did? How do you ensure that you comply completely with the instruction if you can't compare your action to the original warrant?<p>That seems strange.
Direct link to the story:<p><a href="http://www.buzzfeed.com/justinesharrock/what-is-that-box-when-the-nsa-shows-up-at-your-internet-comp" rel="nofollow">http://www.buzzfeed.com/justinesharrock/what-is-that-box-whe...</a>
This is likely the reason why lots of tech firms give the NSA access to their servers. It's better than having a box installed on your network.<p><a href="http://news.cnet.com/8301-13578_3-57593538-38/how-the-u.s-forces-net-firms-to-cooperate-on-surveillance/" rel="nofollow">http://news.cnet.com/8301-13578_3-57593538-38/how-the-u.s-fo...</a>
"A number of [larger] companies are getting paid for the information. If you go establish a tap on Google’s network, they will charge X amount per month. Usually the government pays it."<p>This is directly contrary to what every "larger" company has repeatedly stated in response to Prism. People actually think that the companies are not only forced to keep silent, but release public statements lying?
I'm very curious to know if these little black boxes could function as a MITM. I mean, if you're already there mirroring everything that's going across...
I wonder what the website was... The only one I can think of that might possibly get this treatment might be Maddox, but thats total speculation of course.
Thanks for speaking of your experiences with the rogue spy apparatchik which has recently reared its ugly head and I'd also like to thank you for running a Tor node.<p>Together we stand, for freedom. For America.
/me wonders: why a link to readability who is just framing buzzfeed.com and not a link to the original site?<p>And why do 245 people upvote it without noticing this link bait?
could someone run an isp with a completely public inbox, so that they couldn't receive a FISA without it becoming public?<p>are companies obligated to have a private means of contacting them?
The whole American society is gagged and that's the problem. If you don't like unconstitutional actions of the US Government then you are called:
1. Traitor
2. 9/11 Truther
3. Terrorist<p>That's where the apathy originates from.<p>I strongly believe that in the USA of today saying out loudly that a radical change is needed to get the country back on its Constitutional track could make one a terrorism suspect. If they can label 82-year old nun a terrorist and try her in court on this nonsense, then why not me or others who speak out loud ?