Effortless Eavesdropping费力窃听

Are you worried that your intercepts are not quite as hi-fi as you hoped?您是否担心您截取不太作为Hi - Fi的，因为你希望呢？ Can’t catch the details of other peoples’ electronic conversations?不能跟上的详情，其他国家人民的'电子会话？ Your wiretaps letting you down?您的窃听，让您呢？ Welcome to the unfortunate world of the modern eavesdropper!欢迎不幸的世界现代eavesdropper ！

Computing and information scientists Eric Cronin, Micah Sherr and Matt Blaze of the University of Pennsylvania have investigated the reliability of current eavesdropping tools and found them to be lacking.电脑及资讯李家祥科学家克罗宁，弥迦sherr和马特创新的宾夕法尼亚大学的调查的可靠性，目前的窃听工具，并发现他们是缺乏。 “Obtaining ‘high fidelity’ transcripts is harder than previously assumed,” they say in a forthcoming issue of the International Journal of Security and Networks (2008, 3, 103-113). “获得'高逼真度的'誊本，是比以前更难承担， ”他们说，在即将出版的国际期刊的安全和网络（ 2008年， 3 ， 103-113 ） 。 They add that, even in highly favorable situations those being spied on can block eavesdropping technologies and prevent messages from being reconstructed accurately.他们补充说，即使在高度有利的情况下，这些被间谍就可以拦截窃听技术和防止信息被准确地重建。

Around one third of the systems tested report irregularities, and almost half incorrectly interpret covert text chosen by the sending party 大约有三分之一的系统测试报告违规情况，几乎有一半不正确的解释秘密案文所选择的派遣党

The team has tested both open source eavesdropping tools and commercially available packages, including Bro, Chaosreader, Ethereal, Snort, tcpick, tcptrace, tcpflow, CommView, NetworkActiv, and Sniffem.该小组已测试，均开放源代码窃听的工具和商业上可用的软件包，包括人权法， chaosreader ，醚，嗤之以鼻， tcpick ， tcptrace ， tcpflow ， commview ， networkactiv ， sniffem 。

They point out that, unlike encryption or steganography (the art of adding a secret message to an image), preventing the accurate reconstruction of an intercepted communication (whether it be email, instant message, or VoIP), does not require the participation of the communicating parties -we’ll call them Alfie and Bess.他们指出，不同的加密或隐秘（艺术加入一个秘密的信息，图片） ，防止准确的重建一截获的通信（无论是电子邮件，即时讯息，或VoIP ） ，并不需要参与该沟通各方-我们将为称他们为alfie与贝丝。 Indeed, simple unilateral eavesdropping countermeasures mean that electronic communications cannot be reconstructed with 100% fidelity by someone (Agent Clark, for instance) attempting to spy on Alfie and Bess.事实上，简单的单方面窃听对策意味着电子通信不能重建与100 ％富达由某人（代理人克拉克，例如）企图以间谍对alfie与贝丝。

There are several properties of the internet that mean error-free eavesdropping is not nearly as easy as movie script-writers would have us believe.有几个特性的互联网意味着无差错的窃听是几乎没有一样容易电影剧本-作家希望我们相信的。 First, there are many different components to any given communications connection.首先，有很多不同的组件，以任何特定的通讯连接。 Much of the control of the transfers that take place between Alfie and Bess’s internet communication devices is decentralized.大部分的控制权转让采取地方之间的alfie与贝丝的互联网通信设备是分散的。 Moreover, when communication data is transferred it is done using a “best effort” approach, as opposed to a reliable and lossless method, resulting in reordered, duplicated, or lost packets.此外，当通信数据转移，这是做了用“最大努力”的做法，反对以可靠和无损的方法，导致在重新排序，复制，或丢失的数据包。 These network effects make it difficult for Clark to perceive the communication in the same way as Alfie and Bess.这些网络的影响，实在难以克拉克的看法，沟通，在同样的方式alfie与贝丝。

The flow of data changes all the time, often asymmetrically, which makes getting a handle on the ebb and flow of data packets difficult among the billions of packets being routed to and fro along the same copper wires and fiber optic links.数据流的变化，所有的时间，往往不对称，这就使得到处理就处于低潮，和流动的数据包难以之间的数十亿包被路由和来来往往沿同一铜线和光纤的联系。 Additionally, there are ambiguities in the communications protocols, the way they are implemented and how they are configured, which again means reconstructing an electronic conversation from the various bits and pieces in a manner that is consistent with Alfie’s and Bess’ interpretation is difficult.此外，还有一些含糊不清之处，在通信协议，他们的手段实施，以及他们如何配置，这再次手段重建一个电子的谈话从各种零碎以某种方式是一致的alfie的与贝丝'的解释是困难的。 Finally, because there is an essential lack of sender and receiver authentication, there is no way for Clark to know for certain that any given thread of e-chat was sent by Alfie or Bess.最后，是因为有一个基本缺乏发送人及接收验证，是没有出路的，为克拉克知道了肯定的是，任何特定的线程电子商务的聊天，被送往由alfie或贝丝。

Moreover, if Alfie and Bess, or yet another third party, Evelyn, deliberately add confusion into the setup - either physically, using different broadcast frequencies on WiFi, or through software obfuscation - to rebuff the eavesdropper, then even without encryption Clark is all but locked out.此外，如果alfie与贝丝，或又一第三党，伊夫林，故意混淆添加到安装-无论是身体上，使用不同的广播频率对无线网络连接，或通过软件的困惑-抗击ea vesdropper，那么，即使没有加密克拉克是所有，但锁定。

Without using any confusion techniques, all but one of the eavesdropping packages were able to intercept and reconstruct the messages accurately.不使用任何混乱，技术，所有的，但其中的包被窃听能够拦截和重建的讯息准确。 However, as soon as confusion software was employed, all eavesdropping systems failed.不过，尽快混乱，软件雇用，所有监听系统的失败。 The two simple confusion protocols against which the eavesdropping software was tested were MAC (as in the Media Access Control address that uniquely identifies devices connecting to a switch or hub) and TTL (time-to-live, the variable that drops packets if they stay in transit too long).两个简单的混乱议定书所针对的窃听软件进行测试，分别在Mac （如在媒体访问控制地址唯一识别装置连接到一个交换机或集线器）和TTL （时间到现场，变量下降的数据包，如果他们留在过境太长） 。 In MAC confusion, the address is spoofed or changed obscuring the source of any given packet, while exploiting TTL involves ensuring the packet last long enough to get from Alfie to Bess and vice versa but times out before Clark can grab it.在Mac混乱，地址是伪造的或改变模糊的来源，任何特定的数据包，而开发的TTL涉及确保数据包的长久足以让从alfie ，以贝丝，反之亦然，但时代之前，克拉克可以抓住它。

Traditional wisdom has held that eavesdropping is sufficiently reliable as long as the communicating parties do not participate in a bilateral effort to conceal their messages,” the researchers say, “We have demonstrated that even in the absence of cooperation between the communicating endpoints, reliable internet eavesdropping is more difficult than simply capturing packets.” 传统的智慧认为，窃听是充分可靠的，只要有关各方沟通，不参加在双边努力掩饰他们的讯息， “研究人员说， ”我们已经表明，即使在没有之间的合作沟通的端点，可靠的互联网窃听是比较难，比简单地捕捉数据包“ 。

For more on the current debacle regarding National Security Agency allegedly eavesdropping on your email check out this security如需了解更多关于目前的崩溃就国家安全局监听，据称对您的电子邮件请参阅此安全 post邮政 from Surveillance State’s Chris Soghoian.从监视国家的克里斯soghoian 。