CALEA support was required of us in order to sell equipment to all the big Telco companies, because governments required those companies to allow law enforcement to do local imtercept. It was never part of any consumer or small business router or switch. It only went into the big routers and switches that go into big central offices.

TR-69 came about as a reaction to CableLabs DOCSIS standard for remote management of cable modems. Before this, every cable modem vendor had a proprietary management protocol and applications and cable companies either got locked in to one vendors modems, or had a terrible patchwork of management applications. DOCSIS was a standard adopted by the cable companies and forced on the modem vendors to help clean that up.

Meanwhile the DSL services and modem vendors were headed down the same road and said they could come up with something better, that would also address some problems specific to DSL. So they came up with the competing TR-69 standard.

Both DOCSIS and TR-69 have the capability to set up packet captures, and filters and triggers for those captures. This was intended as a debugging tool, but could certainly be used to ease drop. Neither would be very efficient for capturing lots of local traffic and sending it someplace. Capturing at the CO is more efficient on a working connection.

Steve

On Friday, December 6, 2013, Charles N Wyble wrote:

Would someone mind setting reply to list instead of sender?

-------- Original Message --------
From: Charles N Wyble <charles@thefnf.org>
Sent: Fri Dec 06 08:29:40 CST 2013
To: Mitar <mitar@tnode.com>
Subject: Re: [Mesh] NSA and OpenWRT

Calea doesn't need to mod the end modem to do interception. If you are transiting the modem, you are going through the CO, where they can tap.

Tr069 is a really nice standard for mass configuration at scale. Open source bits exist, I've not been able to play with them yet.

So the linked technologies aren't really in support of the articles main point.

Now in the case of all in one residential gateways, internal traffic is very susceptible to intercept.

My home network is setup like this

Cable modem -> pfsense edge router -> core switch (cisco 3550) -> core ap (wndr3800 running openwrt).

I've also tapped the outside of the pfsense (modem Ethernet side) and seen very large amounts of neighborhood WAN traffic. So I don't even need to be the government or telco to spy. Just think, they only need to comp some modems per neighborhood to see everything.

I run all my DNS lookups over a VPN connection to a non logging resolver in an on net facility. I've considered running all my traffic out the Colo and via tor, but I'm not that paranoid yet. He he.

Interesting article for sure. Remember that openwrt can be comped as well and WiFi can be trivially tapped.

Mitar <mitar@tnode.com> wrote:
>Hi!
>
>Maybe of interest to some:
>
>https://forum.openwrt.org/viewtopic.php?id=47703
>
>
>Mitar

--
Charles Wyble charles@thefnf.org
818 280 7059
CTO / co founder thefnf.org and guifi.us
--
Charles Wyble charles@thefnf.org
818 280 7059
CTO / co founder thefnf.org and guifi.us
_______________________________________________
mesh mailing list
mesh@lists.sudoroom.org
http://lists.sudoroom.org/listinfo/mesh