| ▲ | Henchman21 8 hours ago |
| Never tapped a port, eh? Edited to not be so flippant: I work in HFT/finance where recording all traffic is required I think by law and definitely for one's own sanity. We're able to maintain nanosecond trades while capturing ALL the traffic. It has zero impact on the traffic. This is normal, widely used tech. Think stuff like Ixia passive taps and/or Arista Metamako FPGA-based tap/mux devices. |
|
| ▲ | Aurornis 8 hours ago | parent | next [-] |
| > Never tapped a port, eh? I have. I have a background in high speed networking. Have you ever paused for a moment to consider how much infrastructure would be required to send 80% of data on the internet across the country and into a single datacenter in Virginia? If you've worked in HFT, you can probably at least start to imagine the scale we're talking about. |
| |
| ▲ | reactordev 7 hours ago | parent [-] | | It’s not a single data center, it’s about 200 of them. | | |
| ▲ | Aurornis 7 hours ago | parent [-] | | Just minutes ago you said this: > Almost 80% of communications go through a data center in Northern VA Where are you getting this new 200 numbers? Share a source please. | | |
| ▲ | Mtinie 6 hours ago | parent | next [-] | | https://broadbandbreakfast.com/dateline-ashburn-data-centers... “Loudoun County currently has 199 data centers, with another 117 in development, according to Michael Turner, vice chair of the board of supervisors transportation and land use committee and Ashburn’s district supervisor.” https://virginiabusiness.com/loudoun-county-advances-changes... | |
| ▲ | reactordev 7 hours ago | parent | prev | next [-] | | One of… Ashburn, VA is the data center capital of the world. When you type and hit submit, even on this site, your data will hit one of those data centers. The few exceptions are government networks and China. | |
| ▲ | jen20 7 hours ago | parent | prev [-] | | I have no data or information on the topic, but the use of English was fine for the apparent intended meaning: "Almost 80% of communications go through a data center in X" Does not mean that all traffic goes through a single data center in X. Just that it goes through one of potentially many data centers that happen to be in X. | | |
| ▲ | coliveira 4 hours ago | parent [-] | | You're right. It's fantastic to see how English comprehension is decaying, even in groups that supposedly are smarter than average. There's a fast decaying tendency in language comprehension overall, and I can only point to the fact that much of the new generation is unable and unwilling to read even a single book. |
|
|
|
|
|
| ▲ | suhputt 8 hours ago | parent | prev | next [-] |
| the time it takes for light to travel from los angeles to virginia is 12 - 16 ms, round trip is 30ms lets say - that is a noticeable delay, and it could be easily disproven that 80% of traffic is literally routed through VA now.. could they just copy the traffic and send it to VA on a side channel? probably? |
| |
| ▲ | metadat 7 hours ago | parent | next [-] | | And how useful would this information be? srcIP:port_dstIP:port pairs with almost all traffic encrypted. Pretty boring from a sigint pov. Instagram, YouTube, misc Web traffic, and torrents, with a side of minutae. I'm certain the three letter agencies yearn for the days before letsencrypt was de facto. | | |
| ▲ | rtkwe 4 hours ago | parent [-] | | There is the small possibility that the NSA has found cracks in some of the popular cyphers and could actually make sense of the encrypted data. It's not completely out of the question, their cryptanalysis has been shown to be ahead of the public best efforts in the past. They demonstrated it back in the 70s with DES S-boxes hardening them against a technique no one publicly knew about until the 80s. |
| |
| ▲ | NGRhodes 7 hours ago | parent | prev [-] | | i used to work, 15 years ago, on a (permissive, not covert) monitoring service for a UK national public service, the NHS spine core. We used switches to mirror ports and capture traffic in promisciouse mode on a few dozen servers
split across a few datacentres that all the traffic went througg. We had certs installed to decode https. We could get enough hardware to do this step easily, but fast enough storage was an issue, we had 1 petabyte of usable storage across all sitesn that could hold a few days of content. We aimed to get this data filtered and forwarded into our central Splunk (seperate storage) and also into our bespoke dashboards within 60s. We often lagged... |
|
|
| ▲ | rtkwe 4 hours ago | parent | prev | next [-] |
| The point they were making was that you could tell via ping times if the traffic was literally being routed through VA unnecessarily because the extra unavoidable light speed delay that extra distance would add between a user and the server if they weren't already very near to VA. Could be mirrored via the type of monitoring you're talking about but that'd only get you mostly encrypted traffic unless the 90s cypherpunk paranoia turns out to have been true. |
|
| ▲ | wasabi991011 8 hours ago | parent | prev [-] |
| But you are only tapping your own data that's already passing by you not? Not 80% of the internet that has nothing to do with you. |
