A former AT&T technician, Mark Klein, has come forward saying that the government has an installation in a “secret room” at AT&T, and is getting a carbon copy of all Internet traffic that goes through AT&T’s Internet servers. Not just some as defined in a warrant or as necessary for national security – but an exact duplicate of all traffic. They have accompished this through installing a NARUS STA 6400 unit in the secret room at ATT offices, which is grabbing and sniffing all of the traffic. The NARUS STA 6400 is a device designed to monitor, capture, and analyze Internet data and traffic (STA stands for “semantic traffic analyzer”).
Explains Mark Klein, a technician with nearly 20 years of service with AT&T, “An exact copy of all Internet traffic that flowed through critical AT&T cables — e-mails, documents, pictures, Web browsing, voice-over-Internet phone conversations, everything — was being diverted to equipment inside the secret room.”
That equipment was the NARUS STA 6400.
According to Narus themselves, “Narus uniquely provides insight into the entire network, ensuring that all targeted data is captured regardless of the size, speed, or asymmetric topology of the network. Any number of links, at any speed, with any routing architecture, can be simultaneously monitored.
Complementing the NIS total network view is real -time monitoring and capture a t line-speed, eliminating the need for unmanageable volumes of data, costly post processing, and the side effects of capturing untargeted data.
NIS’ unmatched breadth of target criteria also provides for surgically precise capture of data. Supported targets include both broad identifiers such as port, protocol, RADIUS login, or IP address as well as application specific identifiers such as such as e-mail address, web-mail identity (even those within a ‘cc’ or ‘bcc’ field), SIP URI, VOIP number, and many others.” (Emphasis added.)
For their part, AT&T is not denying anything, issuing a pablum-weak public statement saying only that “AT&T is fully committed to protecting our customers’ privacy. We do not comment on matters of national security.”
It’s rumoured that with news of this breaking week, some people with AT&T accounts have started switching to other providers. Of course, with so many peering agreements, it’s not likely to make much of a difference, but it is still a statement. That said, the government likely has similar installations at other major providers – in fact Qwest is the only provider known to openly refuse government requests for wholesale, warrantless access to date.