• Root (271)
  • digest (139)
    • debate (1)
    • economy (12)
    • education (5)
    • freedom (7)
    • freespeech (18)
    • idiots (9)
    • media (26)
    • music (1)
    • politics (29)
    • religion (1)
    • society (2)
    • stumbleupon (6)
    • tech-sci (3)
  • fun (22)
    • videos (7)
  • ideas (6)
    • epistemology (5)
  • meta (6)
  • misc (11)
  • news (36)
    • media (5)
    • politics (25)
  • personal (12)
    • florin (5)
    • lupo (6)
  • series (4)
    • complexity (1)
    • ponerology (3)
  • tech-sci (35)
    • comp (4)
    • medicine (28)
    • psychology (1)
    • quantum (1)

RSS feed

GPG/PGP pubkeys

Has Been Tapped bit revived?

author: www-data

UPDATE: ...it was an April's fool joke, but I soooo bought it...

I was, literally, rolling on the floor laughing and biting in the carpet as I read this [german version via heise, google-translation here]. I'm going to paraphrase a part of the Heise article, simply because the idea is so infinitely funny :-)

The ECN bit of the TCP/IP protocl has traditionally been used as a HBT marker, i.e. "has-been-tapped". Secret services used to set this bit to signalize that the travelling data packet has already been tapped and that other secret services need not double the effort to tap it again.

Ancient documentation about about the HBT use of the bit seems to have vanished from the net... almost :-)

The first thought that comes to mind is: why not set the bits ourselves, to evade a tapping? Well, the problem is that while the client does have influence over it's own HBT, it cannot influence the server's HBT. Now let's assume a tapping party: if all the packets from one direction carry the bit, and all from the other don't, it's pretty easy to tell that there's a smart-ass trying not to get tapped. In early ARPAnet ages, the connection was immediately interrupted. Nowadays, there seem to be more elegant ways to settle the issue.

The question arises: now with Linux, *BSD n'stuff, why couldn't we implement a check of the HBT-bit in the TCP/IP stack of the OS itself, which, in case the HBT bit is set on an incoming connection, automatically reponds with another HBT bit set. Additionally, all server services (like apache, bind, exim etc) should set the HBT bit by default. This way: all servers set the HBT bit, and interested clients (F/OSS) answer to it accordingly.

Oh, almost forgot: there's speculation about what the RedmondOS knows and does (or doesn't do) with the bit. After all, there's a nbtstat.exe in the system directory nobody knows about. Not-been-tapped statistics? Or is it NetBIOS table?...

And I'm still giggling... :)

2009-04-01 15:11 | www-datarootshell.ro | [/tech-sci/comp] | permanent link