Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

NSA Patents a Way To Spot Network Snoops

CmdrTaco posted more than 5 years ago | from the welcome-to-the-holidays dept.

Security 161

narramissic writes "The National Security Agency has patented a technique for figuring out whether someone is messing with your network by measuring the amount of time it takes to send different types of data and sounding an alert if something takes too long. 'The neat thing about this particular patent is that they look at the differences between the network layers,' said Tadayoshi Kohno, an assistant professor of computer science at the University of Washington. But IOActive security researcher Dan Kaminsky wasn't so impressed: 'Think of it as — if your network gets a little slower, maybe a bad guy has physically inserted a device that is intercepting and retransmitting packets. Sure, that's possible. Or perhaps you're routing through a slower path for one of a billion reasons.'"

cancel ×

161 comments

Uh... (3, Funny)

Anonymous Coward | more than 5 years ago | (#26202397)

Or perhaps you're routing through a slower path for one of a billion reasons.

I knew taking that left turn at Albuquerque was a bad idea...

Allahu ackbar! (-1, Troll)

Anonymous Coward | more than 5 years ago | (#26202399)

*pushes detonator*

NSA patenting it because... (4, Insightful)

ATestR (1060586) | more than 5 years ago | (#26202403)

They don't want any of US to have access to such technology when THEY slap the monitoring devices on our network.

Re:NSA patenting it because... (3, Interesting)

networkBoy (774728) | more than 5 years ago | (#26202453)

how does that work anyway?
If the patent is filed by a US Government Agency is it not funded by the taxpayer and thus public domain in the US?
-nB

Re:NSA patenting it because... (4, Insightful)

SatanicPuppy (611928) | more than 5 years ago | (#26202547)

I was thinking the same thing...But in this world, it's more likely that they patented it so that some stupid patent troll won't get the opportunity to sue the gov't.

Re:NSA patenting it because... (5, Interesting)

GSPride (763993) | more than 5 years ago | (#26202911)

The NSA can not only file for patents, they can do so secretly.

From wikipedia:

The NSA has the ability to file for a patent from the U.S. Patent and Trademark Office under gag order. Unlike normal patents, these are not revealed to the public and do not expire. However, if the Patent Office receives an application for an identical patent from a third party, they will reveal the NSA's patent and officially grant it to the NSA for the full term on that date.

Re:NSA patenting it because... (3, Funny)

j00r0m4nc3r (959816) | more than 5 years ago | (#26202989)

I'm guessing this is what Steve Ballmer fantasizes about while he makes love to his wife

Re:NSA patenting it because... (3, Funny)

R2.0 (532027) | more than 5 years ago | (#26203605)

I'm guessing this is what Steve Ballmer fantasizes about while he makes love to his money

Fixed that for ya'.

Re:NSA patenting it because... (-1, Offtopic)

WiredNut (1287460) | more than 5 years ago | (#26204281)

It's definitely what I think about when I make love to Steve Ballmer's wife.

Re:NSA patenting it because... (1)

redxxx (1194349) | more than 5 years ago | (#26203365)

ummm... if someone else creates an identical patent, doesn't that mean that it is obvious to someone who works in the field? A person having ordinary skill in the art is able to find the same way of solving the problem.

Lame.

Re:NSA patenting it because... (1)

hedwards (940851) | more than 5 years ago | (#26203933)

Not really, they'd be notified if the patent infringed upon the previous NSA patent. Unfortunately due to the many overly broad patents out there, you might just be patenting something in the same general field.

Re:NSA patenting it because... (3, Insightful)

gnick (1211984) | more than 5 years ago | (#26204005)

Two people/companies eventually coming to a solution that is sufficiently similar to violate patents is a long way from "obvious to someone who works in the field". And, assuming that the two people who identified the solution are the leaders in their field (because they reached the idea before the other 6.7 billion of us), they could be described as having "extraordinary skill in the art".

There are a number of patents for designs that multiple developers reached independently and were awarded to the person who managed to file first (Edison seemed to have extraordinary luck in beating his competitors to the patent office). That doesn't necessarily make the solution obvious, just non-unique.

forcing disclosure (1)

bugi (8479) | more than 5 years ago | (#26203391)

Ah, a way to force disclosure of NSA documents!

Think of it as a way for the NSA to publish prior art without giving up any top secret status or saying when they first implemented it.

It is still a bit annoying that they get the patents starting at disclosure date rather than at filing date. Oh well, at least this way they might actually file instead of suppressing the tech via goons.

Re:NSA patenting it because... (1)

scorp1us (235526) | more than 5 years ago | (#26203571)

How does this "promote the useful arts and sciences"?

I'd love to see this go to court. At no point does the government have a right to have its own intellectual property, and protection. (This does not include "classified information" which does not fall under "intellectual property" laws.)

Re:NSA patenting it because... (1)

Actually, I do RTFA (1058596) | more than 5 years ago | (#26203941)

How does this "promote the useful arts and sciences"?

It doesn't. It falls under "national security."

Re:NSA patenting it because... (1)

Actually, I do RTFA (1058596) | more than 5 years ago | (#26204135)

The NSA can not only file for patents, they can do so secretly.

IIRC, any signicantly important patent can be issued secretly. If you apply for a patent on "an individualized (based on dental records) death beam from space" the DoD gets to look at it, and can ask that you get the same treatment.

Re:NSA patenting it because... (1)

SirGarlon (845873) | more than 5 years ago | (#26204309)

However, if the Patent Office receives an application for an identical patent from a third party, they will reveal the NSA's patent and officially grant it to the NSA for the full term on that date.

If the Patent Office receives an application for an identical patent, I doubt the disclosure will ever happen. Far more likely the NSA will just have the applicant arrested for using "stolen" "national security secrets."

Re:NSA patenting it because... (4, Interesting)

teridon (139550) | more than 5 years ago | (#26203073)

From what I gather, you can apply for licenses to federally-owned patents. This is typically done through a "Technology Transfer" office. It seems that you have to be a business capable of bringing the invention to market. I suppose in this case you would have to be capable of implementing the software.

Some information about Technology Transfer here:
http://www.federallabs.org/home/faqs/ [federallabs.org]
Which includes a link to a listing of all federal research organizations and how to initiate Tech Transfer, which I'll repeat here:
http://www.federallabs.org/labs/results/?Agency=-1& [federallabs.org]

The relevant U.S. Codes appear to be collected here:
http://www.law.cornell.edu/uscode/html/uscode35/usc_sup_01_35_10_II_20_18.html [cornell.edu]

In particular, it seems "TITLE 35 > PART II > CHAPTER 18 > Section 209" applies.

But hey, IANAL. :)

Re:NSA patenting it because... (1)

gnick (1211984) | more than 5 years ago | (#26204171)

It's actually easier even than that. I'm overseeing a DoE lab team that's been working for about a year to develop a new tool that our customer needs to use but does not exist. We have no desire to actually manufacture anything so we've been seeking out partners in industry all along the way to build the pieces for the prototypes. So, once we're finished, the industry folks will be responsible for building our units along with as many as they see fit to bring to market. The actual patents will sit with the group in charge of final assembly who basically throw the components together and brand the thing.

I could understand complaints about tax $$ going to help the industry partners set themselves up with this, but the govt certainly isn't looking to make a profit on this or sit on patents to stifle industry.

Re:NSA patenting it because... (3, Interesting)

Lumpy (12016) | more than 5 years ago | (#26202575)

And it wont work for most snooping technology.

a simple linux box with a listen only cable plugged into a small hub in a key location is undetectable by their system as it adds in ZERO delays.

WEll not zero but too small to be measured their way as it will be consistent across all traffic.

I call their system an epic fail for detection for everything but a remote redirect which is incredibly sloppy way of doing it.

Re:NSA patenting it because... (4, Informative)

Anonymous Coward | more than 5 years ago | (#26203033)

a simple linux box with a listen only cable plugged in

Would not alter the packet delay, but inserting

a small hub in a key location

to a network that didn't have one before would. And yes, the delay is noticeable, which is why proper network design limits the number of hubs as well as the length of the longest run in a single network segment.

Re:NSA patenting it because... (1)

bluefoxlucid (723572) | more than 5 years ago | (#26204247)

Use a tap instead of a hub. It's a non-repeater, no electronics; rig the TX pair in one direction to RX for one NIC, and the RX pair in the same direction to the RX for a second NIC. Both pairs also go to the output port. Plug input into one jack, output into another, hook your snooper into both.

I did, but.. (1)

notdotcom.com (1021409) | more than 5 years ago | (#26204427)

It only works on copper 10/100 networks. Plugging into a GigE network will cause major problems, especially if you're plugging it in where there is likely good information to be sniffed (i.e. close to the locations POP/DMARC).

Yes, you can buy commercial taps for Gig, but I wonder if those would insert any delay into the network (both certainly do when you have to unplug the cables to plug in your tap...)

Re:NSA patenting it because... (1)

aliquis (678370) | more than 5 years ago | (#26203251)

As long as it's not supposed to be a straight link from one end to the other? Also I assumed they would had wanted to use it for detection changes in data, because if someone snaps it up and then sends out some changed data it will indeed be noticed, right?

Re:NSA patenting it because... (1)

flyingpastor (1436913) | more than 5 years ago | (#26203639)

This was my very first thought. the question is, when we come up with something better, how do we keep it secret from them?

I saw this on tv years ago (fiction) (1, Interesting)

Anonymous Coward | more than 5 years ago | (#26202435)

They had something like this years ago on an episode of 'Alias'. The good guys had infiltrated the bad guy base and were siphoning off date...

Averages (4, Informative)

Yvan256 (722131) | more than 5 years ago | (#26202439)

Of course there can be a billion reasons as to why some packets will take longer than others to reach their destinations.

However, if you do enough sampling over a period of time, you can make averages and see if some types/destinations of packets are possibly being messed with.

It's not perfect, but neither are averages in general, etc.

What makes it newsworthy is that such a simple idea was granted a patent.

Re:Averages (2, Insightful)

Dusty00 (1106595) | more than 5 years ago | (#26202525)

Also newsworthy as the NSA is an organization with theoretically no commercial interest. So they're filing for a patent for what reason?

Re:Averages (1, Insightful)

Anonymous Coward | more than 5 years ago | (#26202611)

To have the work out there for the general public to read. Remember besides patents having protections for their inventor it also provides that the inventor publish their invention or breakthrough in public view. I suggest this is the easiest way to have this work in the public domain so to speak.

Re:Averages (1, Informative)

Anonymous Coward | more than 5 years ago | (#26203401)

They have enormous commercial interest. A whole industrial park full of spy tech companies has been opened up across the street from headquarters. Many of these companies are run by former NSA people as well as top spy people from countries such as Israel.

Re:Averages (1)

jank1887 (815982) | more than 5 years ago | (#26204273)

one primary reason the government patents things is to protect themselves from paying licenses/royalties later for things they've already funded. I.e., most contracts stipulate that if the government funded a development that was patented, even by contractor, the government retains royalty free usage of the invention. Similarly, if they patent something they invented, it guarantees no one can 'invent' it later and charge for use (a CYA patent). Of course, the government can collect royalties on patented inventions, and often does so. even give the inventors a decent royalty share, compared to most companies which give you an 'attaboy'.

Re:Averages (4, Funny)

GMFTatsujin (239569) | more than 5 years ago | (#26202539)

Nah. What makes it newsworthy is that the snoops are patenting tools which can detect their own snoopage.

Counter-snooping this way is now a patent infringement as well as anything else, and the laws seem much tougher for that crime. Pursue 'em for one thing, nail 'em to the wall with another.

Re:Averages (1)

Hordeking (1237940) | more than 5 years ago | (#26203161)

Nah. What makes it newsworthy is that the snoops are patenting tools which can detect their own snoopage.

Counter-snooping this way is now a patent infringement as well as anything else, and the laws seem much tougher for that crime. Pursue 'em for one thing, nail 'em to the wall with another.

So, what you're saying is that they came up with the poison (the use of this technique), and the antidote (the counter-use), which is also a poison (patent infringement)...this should be good...

Well shit. (1)

Corpuscavernosa (996139) | more than 5 years ago | (#26203213)

There goes my patent on patenting network snoop detection so nobody can detect my snooping.

Re:Averages (2, Insightful)

SatanicPuppy (611928) | more than 5 years ago | (#26202637)

So, if you slip your monitoring gear in on day 1, the only way it would be detectable is if you took it off, and the packets started going faster.

Re:Averages (1, Insightful)

Anonymous Coward | more than 5 years ago | (#26203227)

However, if you do enough sampling over a period of time, you can make averages and see if some types/destinations of packets are possibly being messed with.

And at that point it is much too late and your data is already compromised. I mean, how much sampling would you need to be sure that the cause of the delay is snooping versus some clod bringing a hub into work.

Re:Averages (2, Informative)

mr_mischief (456295) | more than 5 years ago | (#26203739)

In an all-switched network that has any chance of being secure, a hub is a snooping device.

Re:Averages (2, Interesting)

TheGratefulNet (143330) | more than 5 years ago | (#26203993)

as a network engineer, myself, I can only LAUGH at this.

there is SO much randomness in a network (ethernet is BUILT on the whole notion of 'randomness adds to efficiency' (csma/cd uses randomness to 'increase order' in a network) that this can't possibly do much.

it WOULD be a nice random number generator. take your 'output' and send it to something that generates heat, measure the heat and then do math on that.

that might work.

but this 'scheme' to detect active listeners? what a laugh. networks are simply NOT circuit-switches (anymore).

idiots.... wasting our tax money on shit that will never work. but SOMEONE is making money selling crap the government....

Huh? (1)

DSmith1974 (987812) | more than 5 years ago | (#26202465)

Or maybe you're by chance experiencing more CSMA collisions, or the network's now has more active nodes or higher traffic?

Re:Huh? (2, Insightful)

internerdj (1319281) | more than 5 years ago | (#26202511)

Because they are going to drop all their other methods of intrusion detection for this? It seems like a reasonable cue for a warning for something that is difficult to pinpoint. Especially if that warning were to kick off an automated task that kicked off a more intensive search/monitoring process.

Re:Huh? (5, Interesting)

Amouth (879122) | more than 5 years ago | (#26203611)

i remember a while back a firend of mine that workd for a college was tasked with trying to find a person who was sniffing peoples logins on the campus wifi.. what he ended up doing was sending out garbled truncated packets - turns out that windows boxes running things like etheral would get the truncated packet and then request the rest of the packet even though it wasn't addressed to them.. very clever way of finding the stupid ones.. luckly the person they where after was stupid

Re:Huh? (1)

bugs2squash (1132591) | more than 5 years ago | (#26204011)

This may be ugly, but I have used a tricked out ethernet cable that has only receive wires to sniff packets.

I don't see how a sniffer that can't transmit would in any way be detected. So long as it does not attenuate the signal so much that packets are being lost routinely (in the particular circumstances in which I used this cable, this was not apparently the case)

I think when people talk of snooping on traffic they are probably thinking of a passive receive-only device.

Re:Huh? (1)

Detritus (11846) | more than 5 years ago | (#26204211)

Time domain reflectometer.

Gov't patents (3, Insightful)

Rinisari (521266) | more than 5 years ago | (#26202467)

This is another example of the broken patent system. No government should be able to patent something--that technology was funded by the taxpayer and should thus be owned by the taxpayer, meaning that it is public and thus not patentable.

Re:Gov't patents (3, Insightful)

JCSoRocks (1142053) | more than 5 years ago | (#26202791)

I was actually confused by that when I first saw the headline. I didn't even know that the government could patent something. It's just so completely broken and silly that I never even considered it.

Re:Gov't patents (1)

Capt James McCarthy (860294) | more than 5 years ago | (#26203097)

I was actually confused by that when I first saw the headline. I didn't even know that the government could patent something. It's just so completely broken and silly that I never even considered it.

There are many reasons why this is possible. First of all, the Government agencies all can patent processes/things and they have to follow the same rules as anyone else. One reason you want to provide this capability is to prevent Company A from developing said technology only to turn around and sell it to Country B.

Re:Gov't patents (4, Interesting)

AviLazar (741826) | more than 5 years ago | (#26202849)

This is another example of the broken patent system. No government should be able to patent something--that technology was funded by the taxpayer and should thus be owned by the taxpayer, meaning that it is public and thus not patentable.

I killed my spent mod points to respond to this. I have no problems with the gov't patenting something, just as long as they don't use it to prevent people from using it in a positive manner. It's possible the gov't patented this so they could share the information with other people and not worry about some private company patenting the idea and then sueing everyone else for us it. Basically - patent to allow people to use it. In this case we don't have to look at the gov't for being evil, but maybe the gov't is protecting us from companies who like to create submarine patents?

Instead of looking at everything the gov't does and say "but it's evil because big brother did it", let's give them the benefit of the doubt.

Re:Gov't patents (1)

JustinOpinion (1246824) | more than 5 years ago | (#26203109)

It's possible the gov't patented this so they could share the information with other people and not worry about some private company patenting the idea and then sueing everyone else for us it. Basically - patent to allow people to use it.

If that's the intent, and the patent system is working as intended, then the patenting is superfluous. Publication of all the details (without restriction) is sufficient to prevent anyone else from patenting the idea, because the publication acts as demonstrable prior art with which to challenge any subsequent patent application. (This is also why anyone who wants to patent something usually has to hold off on publication until the patent process is already underway--a publication can be used to show that the idea had already become "common knowledge" before the patent.)

Of course, in reality publishing details is usually not enough to prevent someone else from patenting, because it seems that no one (least of all patent examiners) does a thorough job of uncovering prior art. So I guess you could argue that they were being extra-careful and strategic, making sure to patent it to so that they could liberate the idea without any chance of someone else claiming it.

But if it really were their intention to liberate the idea for all to use, one would think that any press release mentioning the patent would also mention the associated "perpetual, worldwide, royalty-free license to use these patented methods" that the NSA is offering. I see no such offer.

Re:Gov't patents (1)

Zordak (123132) | more than 5 years ago | (#26204275)

Of course, in reality publishing details is usually not enough to prevent someone else from patenting, because it seems that no one (least of all patent examiners) does a thorough job of uncovering prior art.

Patent examiners basically search issued patents and published patent applications. If you want to challenge a pending application based on prior art, here is the:

POOR MAN'S CHALLENGE TO A PENDING PATENT APPLICATION.

Make a copy of the reference you think anticipates the patent. Send a copy to the applicant's attorney of record, and keep a copy of everything for yourself.

Attorney has a duty to submit relevant prior art. He has to either determine that the reference is not material (in which case, he risks being sanctioned and having ALL of the patent claims---not just the ones material to the reference---invalidated when the patent is later in litigation if the court determines he should have sent it in), or he has to submit it to the patent office. Most attorneys will just submit it to the patent office to be on the safe side. Chances are, if the reference is remotely relevant, the rejection-happy patent examiner will cite the thing (and despite what all the Slashbots think, the patent office is rejection happy; in fact, there are big incentives for examiners to reject applications at least twice). Everybody wins. You get to keep a possibly invalid claim from issuing, the examiner gets his points, the attorney gets paid for arguing around the reference if necessary*, and the client gets a stronger, more valid patent that now cites the most relevant prior art and has claims drawn to what he is actually entitled to claim.

*This is in my little fantasy world where clients actually pay their patent attorneys.

This post is not legal advice. I don't represent you, and I'm not advising you to do this. You should not rely on this post for any reason whatsoever.

Re:Gov't patents (1)

pitchpipe (708843) | more than 5 years ago | (#26203457)

Instead of looking at everything the gov't does and say "but it's evil because big brother did it", let's give them the benefit of the doubt.

Giving them the benefit of the doubt is how we got the Iraq War, Banking Deregulation, Trickle Down Economics, "Good Job Brownie", and etc, etc. The Government should always have to demonstrate that what they're doing is beneficial and not just "trust us."

Re:Gov't patents (1)

cyn1c77 (928549) | more than 5 years ago | (#26204009)

Instead of looking at everything the gov't does and say "but it's evil because big brother did it", let's give them the benefit of the doubt.

Giving them the benefit of the doubt is how we got the Iraq War, Banking Deregulation, Trickle Down Economics, "Good Job Brownie", and etc, etc. The Government should always have to demonstrate that what they're doing is beneficial and not just "trust us."

Did you list all Republican policies on purpose? Not that I am complaining, but maybe you just have a problem with the current dictators in office....

Re:Gov't patents (1)

AviLazar (741826) | more than 5 years ago | (#26204393)

Giving them the benefit of the doubt is how we got the Iraq War, Banking Deregulation, Trickle Down Economics, "Good Job Brownie", and etc, etc. The Government should always have to demonstrate that what they're doing is beneficial and not just "trust us."

And thats why we have elections. BTW naming all the bad the gov't does and not listing any of the good does not make your comments valid. If the gov't only did bad, well we know what happend the last time we got really pissed at our gov't.

Re:Gov't patents (1)

Matt Perry (793115) | more than 5 years ago | (#26203943)

I have no problems with the gov't patenting something, just as long as they don't use it to prevent people from using it in a positive manner.

Who decides what is a positive manner or not?

Re:Gov't patents (1)

AviLazar (741826) | more than 5 years ago | (#26204439)

Who decides what is a positive manner or not?

We do.

Re:Gov't patents (1)

_Sprocket_ (42527) | more than 5 years ago | (#26203961)

It's possible the gov't patented this so they could share the information with other people and not worry about some private company patenting the idea and then sueing everyone else for us it. Basically - patent to allow people to use it.

Couldn't they do the same thing by, say, publishing a paper?

Re:Gov't patents (0, Troll)

Anonymous Coward | more than 5 years ago | (#26204007)

I killed my spent mod points too, to write this reply. Can I also get automatic +5 Insightful for ths comment?

Thanks in advance

Re:Gov't patents (1)

eebra82 (907996) | more than 5 years ago | (#26202851)

This is another example of the broken patent system. No government should be able to patent something--that technology was funded by the taxpayer and should thus be owned by the taxpayer, meaning that it is public and thus not patentable.

I fully agree, but at the same time, it also prevents some company to claim that it has the copyright of something that belongs to the "people".

Is there a lawyer in the house? (1)

mcgrew (92797) | more than 5 years ago | (#26202925)

I was under the impression that anything produced by the government was in the public domain. Any lawyers here that can rebut or verify?

Re:Gov't patents (1)

OrangeTide (124937) | more than 5 years ago | (#26203003)

Patents are different than Copyrights.

But I agree with you, on the principle that the government has to waste resources to search and file a patent. Unless there is some standing order from higher up for government organizations to patent everything to block private patents of it. There appears to be no justification in the authorization of any funds to be used for paying patent lawyers or filing with the patent office.

Re:Gov't patents (2, Funny)

mattwarden (699984) | more than 5 years ago | (#26203153)

What if it was funded by loans from China?

Re:Gov't patents (2, Insightful)

astrodoom (1396409) | more than 5 years ago | (#26203211)

Once you pay the government, it stops becoming your money. You don't in any way own the road I drive on just because you pay your taxes. You may get some privileges to use it, but really, not even that. I mean, when they close the road I've never successfully gotten out of my car, showed them a 1099 tax form and forced them to let me drive on MY road...

Re:Gov't patents (2, Funny)

Anonymous Coward | more than 5 years ago | (#26203669)

Try a more recent tax form - proving you paid taxes more recently than 909 years ago is unlikely to impress them.

Re:Gov't patents (1, Informative)

Anonymous Coward | more than 5 years ago | (#26203371)

..meaning that it is public and thus not patentable.

Public, sure, but not "patentable"? Would a private entity be allowed to patent it? In this case, perhaps the "invention" is so obvious that you think it shouldn't be. If so, fine. But in general, if an invention is patentable, then it's patentable no matter who applies for the patent.

Look at it this way: now it's prior art, so no one else is going to be able to patent it (well, they can, but their patent will be easily challenged) and prevent the rest of the public from using the "invention."

I think a more interesting question is: what if a private entity wants to use the same technique? Will the NSA sue them? Sue them for what, commercial damages? That'll be $0, which might be enough that they might not even have any standing or ability to sue.

Re:Gov't patents (1)

orielbean (936271) | more than 5 years ago | (#26203541)

You only own it, you don't control it in anything other than a limited sense, such as an individual shareholder can control the company it owns.

Re:Gov't patents (1)

UncleTogie (1004853) | more than 5 years ago | (#26203729)

No government should be able to patent something--that technology was funded by the taxpayer and should thus be owned by the taxpayer, meaning that it is public and thus not patentable.

Actually, I'd be happy to let 'em patent stuff on one condition: that all monies from said patent licensing goes directly to pay our taxes. Not a fund to be raided like Social Security, but one SOLELY for taxpayer relief.

Re:Gov't patents (1)

Actually, I do RTFA (1058596) | more than 5 years ago | (#26203983)

No government should be able to patent something--that technology was funded by the taxpayer and should thus be owned by the taxpayer, meaning that it is public and thus not patentable.

I know. I went to a military base and said I wanted to fly an F-22 for a while. It seems easy and a lot of fun. When they gave me trouble, I tried explaining that the F-22 was funded by the taxpayer (me) and thus I just wanted to get my share of its use.

Fundamentally, taxes are the price we pay to live in this country. Being a taxpayer gives you no more rights than being a consumer does.

Tape Dispenser Plans Missing on NSA Website (5, Funny)

saintsfan (1171797) | more than 5 years ago | (#26202473)

Uh oh, someone stole the plans for the NSA Tape Dispenser, it is missing from their Domestic Technology Transfer Program website! http://www.nsa.gov/techtrans/techt00075.cfm [nsa.gov]

Re:Tape Dispenser Plans Missing on NSA Website (0)

Anonymous Coward | more than 5 years ago | (#26203265)

Help! They accidentally the template!

Re:Tape Dispenser Plans Missing on NSA Website (1)

IchNiSan (526249) | more than 5 years ago | (#26204565)

Wow, I intentionally the post.

Re:Tape Dispenser Plans Missing on NSA Website (1)

steelfood (895457) | more than 5 years ago | (#26203645)

To be fair, it was a very effective tape dispenser that dispensed tape very well.

Not to fear! It will soon be replaced by the NSA Red Stapler--as soon as they figure out their tape dispenser went missing that is.

A Billion here a Billion there, pretty soon... (4, Funny)

alcmaeon (684971) | more than 5 years ago | (#26202497)

these false positives really begin to add up. Couple this will all the lame-brained terrorist detection schemes that create millions of false positives and we can see the plan to get America out of recession is to have every single citizen working for the government hunting snipe.

Re:A Billion here a Billion there, pretty soon... (0)

Anonymous Coward | more than 5 years ago | (#26202821)

False positives already start of with whole of China, soon to be followed by (much smaller) Australia, and a few month later the UK, USA and rest of the world. So this "invention" is probably useless before the patent is granted.

Not that the NSA's of other countries would feel particularly restricted by patents anyway. Do you think that the US would have canceled the atom bomb if some other country had already patented it ?

The more collisions you have... (1)

Carnivore24 (467239) | more than 5 years ago | (#26202537)

on your network the more the terrorists will win right?

How was the mountain of prior art missed? (2, Informative)

Andy_R (114137) | more than 5 years ago | (#26202725)

The patent was filed May 24, 2005. Googling for 'computer slow spyware 2004' gives 127,000 hits.

Comparing types (2, Insightful)

Anonymous Coward | more than 5 years ago | (#26202819)

It is not just measuring speed of network it is apparently measure differences in speeds of different network layers, or types of network traffic. Network congestion affects generally all types of packets the same. Snooping presumably may take longer to identify certain types of packets.
Oh and a passive tap will only work with certain protocols, it can't work (or not easily) with Gigabit ethernet for example.

New way to fight terrorism (1, Flamebait)

scsirob (246572) | more than 5 years ago | (#26202891)

NSA: We are going to send more troops and guns!
Terrorist: Sure, bring 'em on... We'll be waiting and we'll fight to the death

NSA: No wait... We will PATENT things! Then we will send LAWYERS to you and get your for INFRINGEMENT!
Terrorist: Oh nooo! Not the LAWYERS! Have mercy, please! We surrender...

Sure, that will work..

Re:New way to fight terrorism (1)

R2.0 (532027) | more than 5 years ago | (#26203671)

NSA: We are going to send more troops and guns!
Terrorist: Sure, bring 'em on... We'll be waiting and we'll fight to the death

NSA: No wait... We will PATENT things! Then we will send LAWYERS to you and get your for INFRINGEMENT!
Terrorist: Oh nooo! Not the LAWYERS! Have mercy, please! We surrender...

No, no, no - you shoot lawyers FROM the guns. Fix 2 problems at once.

Re:New way to fight terrorism (0)

Anonymous Coward | more than 5 years ago | (#26204425)

NSA: We are going to send more troops and guns!

Do you even know what the NSA does?

Dear N.S.A. : +1, Seditious (0)

Anonymous Coward | more than 5 years ago | (#26202895)

The Network Snoop Is

MICROSOFT SOFTWARE BLOAT.

Now please return to regular scheduled Homeland Security
Department Chistmas shopping spree with MY FEDERAL
TAX DOLLARS.

Cheers,
Kilgore Trout

So... what? (3, Funny)

Geminii (954348) | more than 5 years ago | (#26202981)

The best this will be able to do is detect changes in latency patterns, possibly being able to narrow it down to certain network segments depending on how many devices are having their details analysed in real time.

"NSAapp: Latency change detected in segment AA23. No idea what it might mean. Send the intern."

Re:So... what? (1)

rindeee (530084) | more than 5 years ago | (#26203799)

I would think that if these were deployed as a sensor net of sorts that they could isolate faults pretty readily (whatever those faults may be...tap or otherwise).

Re:So... what? (1)

juuri (7678) | more than 5 years ago | (#26203871)

Uh well that is some very valuable information, especially when deciding if you should actually send some information or not.

If you are aware the link has a 99% confidence level that it isn't being snooped on or a 75% confidence level you may greatly alter what information, however encrypted, secure, timely, or whatever its attributes. Some simple historical sampling of trends with some "intelligent" sorting on top would allow you to assign many different confidence levels to individual connections.

Remix (0)

Anonymous Coward | more than 5 years ago | (#26202997)

http://room.bogthistle.com - this is real...

Prior art? (0)

Anonymous Coward | more than 5 years ago | (#26203037)

I could think of a few possible prior art areas that may destroy this patent. There is one I'm not sure about. Does anyone remember what technique L0pht used (I think it was them) in the program they released to detect sniffers on an ethernet? That was a while back. Maybe it was the ARP technique, but I don't think it was? Here's a quick page I found, but I don't have time to look further:
http://cns.tstc.edu/cpate/LINUX/Linux_How2/Sniffers.htm

Re:Prior art? (0)

Anonymous Coward | more than 5 years ago | (#26203119)

I think it just tried to determine if an IP was in promisc, but I could be wrong.

Re:Prior art? (1)

BigHungryJoe (737554) | more than 5 years ago | (#26203163)

I remember that - it didn't work very well at all, but the principle that it was based on was similar.

mod 3own (-1, Redundant)

Anonymous Coward | more than 5 years ago | (#26203057)

THINKING AyBOUT IT. BitToorent) Second,

Prior art: L0pht antisniff from 1999? (4, Insightful)

Hobart (32767) | more than 5 years ago | (#26203143)

Looking at the article, (and having skimmed but not read all of the patent [uspto.gov] ), isn't AntiSniff [packetstormsecurity.org] (released by DilDog [wikipedia.org] of L0pht in 1999) using this technique? (Slashdot article, Aug '99 [slashdot.org] )

Original tech paper was on l0pht.com (now defunct) - looks like archive.org doesn't have a mirror, here's the best copy I could find in Google: http://servv89pn0aj.sn.sourcedns.com/~gbpprorg/l0pht/antisniff/tech-paper.html [sourcedns.com]

Re:Prior art: L0pht antisniff from 1999? (0)

Anonymous Coward | more than 5 years ago | (#26203513)

The algorithms are the magic here.

Re:Prior art: L0pht antisniff from 1999? (1)

Hobart (32767) | more than 5 years ago | (#26203591)

The algorithms are the magic here.

Ah.

Re:Prior art: L0pht antisniff from 1999? (2, Interesting)

rapidient (1396639) | more than 5 years ago | (#26204643)

This also strikes me as similar to how HDMI works. The output and input devices are in constant communication with each other, so if a device inserted in between is attempting to decode the data the video stream is effectively shut off.

NSA secrets unveiled! (2, Insightful)

PolygamousRanchKid (1290638) | more than 5 years ago | (#26203157)

How come I have the sneaky feeling, that if the NSA discovered anything really spectacular ... I wouldn't be reading about it on Slashdot?

"Cracking WPA2? No problem but it is patented by the NSA and documented by the USPTO" ... so you can read about it, but you have to license it from the NSA, if you want to use it.

That business model ought to work.

Re:NSA secrets unveiled! (0)

Anonymous Coward | more than 5 years ago | (#26203613)

Dear NSA,

Me and my Moscow and Beijing associates would like to license this WPA2 encryption breaking technology for our new Customer Related Advertisement Program. We believe that given a large enough customer base, utilizing C.R.A.P., we can ensure that SPAM is a thing of the past.

Government patents (1)

Bromskloss (750445) | more than 5 years ago | (#26203167)

How can a governmental agency hold patents anyway? Otherwise they wouldn't have any incentive to invent things that will eventually be useful to the public, or what?

I call BS (1)

osifanatic (794266) | more than 5 years ago | (#26203269)

Putting a regen fiber tap inline doesn't cause ANY latency difference...it's all physical layer optics. I can sniff your frames all day and you'll never know anything about it.

False Positives (1)

RabidMoose (746680) | more than 5 years ago | (#26203285)

It's not like this would be the first time the US government came up with false positives...

Re:False Positives (1)

mr_mischief (456295) | more than 5 years ago | (#26203841)

You mean Senator Joseph McCarthy's memory lives on?

Might work better in tightly controlled networks.. (1)

WoTG (610710) | more than 5 years ago | (#26203839)

I don't think it's of any use to the average home user or small business. Too much weird stuff can happen on a run of the mill network. But, if you're someone like the NSA where every device is scrutinized closely and the network itself is managed tightly, an unexpected slow down at some layer of some stream of network traffic could be useful in finding a snoop... at the very least, it'll highlight potential bottlenecks in the network.

Dan and packet delay (1)

Spyder (15137) | more than 5 years ago | (#26203939)

Dan Kaminsky's Blackhat US 2006 and 2007 talks (as I recall) metioned using techniques similar to this to detect protocol based bandwidth throttling, and used it to detect P2P traffic shaping. I would personlly say that this would work to detect a layer 2 man in the middle attack using something like ettercap. Or as Dan said, to detect some kind of inline intercept box on the network. In order to do that, you'd need to hoave a pretty good idea what the latency nubers should be to start with. In my experience, most networks of any size (1000+ users) couldn't even tell you if every SPAN port on there network was authorized and currently in use, so I don't think this technique is currently viable in industry. In highly controlled networks, like I assume classifed networks are, this may be useful.

I'm going to patent a snooping device... (2, Insightful)

Geraden (15689) | more than 5 years ago | (#26204541)

that randomly adds delay to each packet before rebroadcasting it...making it impossible to get a good bearing on the latency in the network once it's installed.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...