 A little bit about what I'm going to tell you and who I am. My name is Jaya Baloo. I'm good at screwing up with Mike. And basically, I'm a freelance consultant. I really apologize for hurting any ears in here. But I'm a freelance consultant working in the Netherlands. And I worked in the Netherlands as well as out of it on the field of interception. So I've set up some systems. Although I'm not the bad guy, I do kind of help them set up tapping systems for IP tapping and email interception. OK. Moving right along. This talk I had made for Black Hat, and it's a bit Eurocentric. So it's not really focused on the US situation. But what is the same for the US as well as in Europe is that the vendors who are providing commercial tapping software and hardware are the same. So that portion will be the same and will be useful, hopefully. So basically, what do we mean when we say lawful interception? Lawful interception just means that the action is based on a legal premise, on a warrant. So there's a warrant for a specific target. And that target will then be made known to a network operator or a service provider. And then the service provider is responsible to make that information available to the authorities, to a law enforcement monitoring facility. So the idea is that there's a warrant. It gets delivered to the network operator, the network operator, then delivers whatever is requested. So it could be a correlation between John Doe and his username, Jay Doe at whatever, and his address and his billing information. That's one type of lawful interception request. And its name address correlation with the target. Or that the authorities may have one thing or the other. And they need the network operator to make the story complete about who he is in a communications environment. And it could also be, of course, a full content warrant. So what they want is they think that he's selling drugs to Columbia. So they want to intercept all of his email communications to the Bogota Cartel. And they will then request a warrant for that target ID, and specifically for all his emails. Or they'll say, OK, what I would like is a full TCP tap on this particular user. So it's the same situation, but a different kind of warrant that then issued. OK, so the most common arguments for interception everywhere. You've got the big five, terrorism, pedophilia, cyber-stocking, data theft, which is like re-industrial espionage that carries some sort of fraud, backgrounds, and drug dealers on the internet. This is their backlash. So they're not supposed to be intercepting for everything else, for petty crimes is not really a big argument in favor of interception. Although it does happen, it's not the norm. And of course, why do you not want to intercept privacy issues and security issues? Security issues primarily from an operator perspective that your LI system becomes the weak point in your network. Because a lawful interception system needs to be so intimately connected sometimes to your regular production network, it becomes a potential failure point. So you don't want anyone hacking your LI system. That would be a bad thing. OK, there are definite legal issues with lawful interception. I'm going to try to run through this because I'd like to show you a video that's actually normally reserved only if you're a fed. So I'm showing a video that you actually never would get to see normally. But in order to do that, I need to rip through some of these slides because I have about 40 slides. So forgive me if I'm speaking too fast. But if you've got a question, raise your hand and we'll tackle it. OK, so what are the legal issues in LI? What we're collecting is data evidence, data evidence, that should be able to be dismissed in court. And normal evidence has certain characteristics. It's supposed to be admissible. It's supposed to be authentic. And it's supposed to be accurate. It's supposed to give you a whole story about what's happening. And it has to be convincing to a jury or a judge who's actually deciding the case. And there are some intrinsic problems when you're talking about digital evidence because it's not necessarily admissible. The intercepted information that you're collecting, it differs per country in Europe and in the United States. You can't explicitly link it to an individual. So unless John Doe's fingerprints were on his laptop and you've got some sort of biometric fingerprint authenticator on that laptop, you can't always explicitly link the actions that were done from that IP address to that person. So he could always say, oh, that was my next door neighbor who sometimes comes in and uses my computer. Or that was my colleague at work. It wasn't me. And even though I was shown as being at work at 9.25, it could have been the cleaner. So yes, of course, I leave my laptop sometimes in the tenant or whatever. So these are all issues. Also, convincing to juries or a judge is quite an issue. Because judges and juries, they make legal decisions, not scientific ones. So when you have lawyers that are a bit savvy, that are arguing against one another about the probative value of the evidence, you have the distinctions between, OK, well, can this really be something that we can accept, this scientific challenge? And usually these decisions are not made on any scientific value at all. The other issue is, of course, it's a virtual scene of the crime. It's a virtual locustelecti. And it's actually hard to find criminals caught in the act or in delicto flagrante. And you have additional questions like, how do you handle this expert at all? I already talked to you about the expert evidence. And finally, the case for treating intercepted evidence as secondary and not primary evidence is a case that's done in the Netherlands. So in Holland, when you have collected intercepted information, you can't say that this is the smoking gun. It's not enough to convict someone of anything. So it can be additional. You can have it as a backup to whatever else that's there. The little vials of cocaine all over the room, et cetera. And look, he sent the email to Bogota. OK, that's fine because it's secondary. And secondary also means that it's not the actual evidence, but it's a copy of that evidence. Just to let you know, I am not a lawyer and I do not play one on TV. So any really, really technical legal questions, you're better off asking Jennifer Granik or people from the EFF. They're far better at answering them than I am. OK, interception of internet services. When we talk about IP services, we don't just talk about the actual service. So it's not just surfing, HTML traffic, or SMSP, or chat, or ICQ. It's also the actual access to the internet. So that's the area or the level at which you're intercepting. There have been decisions made by standards body as to what level you're intercepting at, as well as who has the responsibility to conduct the interception. Encrypted traffic is an interesting question that's always brought up. So if I encrypt my traffic, will the fed still be able to get it? And the answer is, who knows? Because the operator, or the telco, or the ISP, is only responsible for, on the basis of a warrant, capturing, collecting, correlating that traffic to a particular user, sending it forward to the law enforcement agency. If they provide encryption, like if they're providing SSH to that server, they're also responsible for stripping it or decrypting it or providing the encryption keys to the authorities. I'm just going to wait, or maybe you can still hear me. When it's not being provided by the service provider, then it's not their problem. So if the user is using his own encryption, so if the user is using PGP, it's not the operator's problem. He just takes the traffic, passes it on, and the government can work on decrypting it themselves. So this is actually a pretty, yes? Yes, in certain countries. The question was, can the user be compelled to provide the key by the courts? Yes, and in certain countries in Europe, he can. For example, in France, they're talking about doing that in the UK. But honestly, I prefer this method that you do it on a per-case basis rather than applying, say, universal key escrow or restricting encryption that is not available to have secondary keys or key storage somewhere else. It's much better this way, I think. So that the good guys still get to use encryption. And when the bad guys use it, then maybe they have to do it. But I believe in this country, what the feds do is they use other things, like magic lantern. How many of you know about magic lantern? OK, well, there's a lot of people. Magic lantern is a tool that's used, I think, by the FBI. And what it is, is it's a keystroke lover. And it just gets sent over. It's like a backdoor kind of thing, or it gets put on a target's laptop or computer. And it just sniffs for his password, and it sends it off to the feds. That's it. But it's a far better way of catching passphrases and passwords than applying for a court order, which is messy and long. OK, so a quick logical overview. The example that I'm showing you now is of a semi-active. Actually, this is a semi-active interception. I'm not going to say fully active. But what you're seeing is a user who is connecting either over DSL or a dial-up link across a telco domain to his ISP. And the reason I wanted to give you this logical overview is to show you at which domain the majority of interception suppliers actually implement their products. They implement them at the ISP domain. In the olden days, they would implement them here at the telco domain. You just had vampire clamps tapping on to the respective lines that the user was using, closest to him, as possible. And then from there, you would just take all the stuff, and the government was responsible for doing it. It's relatively passive, because what the government would do is they would ask for access to the telco environments, get the key to the closet where the switch was, and the line was, and they would clamp, clamp, and they would turn it on, turn it off, whenever, whatever. And as an operator, you had no idea, because you were just supposed to give them the key to the closet, and they were doing whatever the heck they wanted. So that was what we call a passive intercept, because the operator has very little interaction. It's just, it's on, it's off, whatever. A semi-active is when there's interaction required from the operator in order to turn on the interception to manage it, et cetera, that the warrant is fed through a particular administrative system, and then it's fully managed by the operator. So all of the actual interception actively is done by them. And an active interception is when, in this example, what I'm showing you is that you have a interception device in red, and it's sitting logically between the radio server, so it's getting all the radius requests, and then it would be getting all the traffic that comes in, back and forward between the mail server. So it's like, what I'm showing you in this example is something that would use, say, a hardware splitter. So it takes all the traffic, it copies everything, it filters it for the relevant information, and then it forwards. So when you have John Doe, John Doe logs in, he gets a radius address, sorry, he gets an address from the radio server, and then once he gets that address from the radio server, it filters place for that IP address for all his subsequent mail traffic. This is semi-active. An active intercept is when this little red box is actually on the mail server, or you're getting a blind copy forward, because it's much more intimately tied to the actual production environment. A semi-active approach is that you have a production environment on one side, and then you have a lawful interception environment on the other, and it's all arranged via hardware splitters. So you're not interfering, you're not trying to, there's no performance issue with your normal network on your production environment and you have a separate L.I. environment, and that's like an approach that most L.I. vendors are going towards today. And this is good, because ISPs get happy about this because they don't want their users to be affected, and they also don't want this L.I. environment to be reachable at all, so their production environment remains completely public, and their L.I. environment is mostly private, with the exception, of course, of this box, which then forwards all the traffic across the internet to a different interception facility, or to a single conglomerate interception facility, which then back forwards it to one of the respective, you know, the CIA or the FBI or whomever that actually asked for this. Okay, so there are quite a few challenges that are here. I'm just gonna name a few. One of the requirements that was stalled in Europe, initially with the Etsy documents in Etsy nine for four, which you can Google, was maintaining the transparency and the standard of communication. This box had to be invisible. And when I say invisible, what that means is, is that if you are an intercept target and you have a couple of DSL lines, and you shouldn't be able, like this is just a random example, but if you have a couple of DSL lines, by pumping those DSL lines full of traffic, you shouldn't be able to notice an increase or a decrease on any other portion of an L.I. network. So it should not be visible that you are being intercepted. Like let's say you're a user that also has access somehow to the infrastructure of your IP core in your country or something, or you work for an ISP. You shouldn't be able to know that you're being tapped. And that was one of the initial requirements, maintaining full transparency. And there's also quite a few transparency requirements. I don't know if I'm that popular giving this talk. And I was quite worried about the NDA requirements that I had done. And so when I hear loud noises, I get a little scared, so forgive me. Any case. So maintaining the transparency and maintaining also that standard of communication that you get all the traffic, but you're not touching that production net worth, that you're fully transparent, that is still quite a challenge. Also identifying the target accurately, monitoring all those radius connects and disconnects. And one of the biggest problems, I don't know how many of you are familiar with Steve Belevin, but he had testified before Congress on Carnivore, and he had said, one of the biggest issues with Carnivore, it was like using a spoon to do heart surgery or something like this. He made a beautiful quote that I'm messing up. But basically the point of it was that Carnivore was clueless and it continuously missed the radius disconnect. So what that meant was that you started off tapping John Doe, but then later you started tapping Paul Vowters. And then you had to chuck all of that traffic out because yeah, Paul's not under the intercept order. So you weren't allowed to tap him. So you weren't able to tell the full story. And so you weren't allowed to use that actual evidence that you had collected in the case. So that was an issue with Carnivore. And there's still those kinds of issues with some of the vendors today. Capturing the intercept information which switch the particular vendors like to use to actually do the filtering and forwarding. That also remains or capturing and filtering that also remains an issue because here's the deal. You're taking all the traffic, all the traffic that you can get, all of it, and then you have to strip it for just that one IP address. So as a result, you're throwing away a lot of information. And most switches aren't really that good at like quickly setting on a filter, quickly checking it away. So a firewall would have been more, you know, apt for this kind of purpose, which is going to be your out. But this is not happening now. And one of the things with this is that each vendor has made strategic choices about what switch they're aligned towards. So you'll see quite a bit of vendors going for like, say top layer, others saying that they're using which I'm gonna call it foundry. And I believe there's one that said that they, oh, I'm not allowed to say that. Okay, but there's a lot of different issues with vendors and their preferences. And one thing that I will be talking about later is that Cisco also is getting in the interception game. So they also have issues with this about actually managing to filter effectively and place filters on right away. Okay, another thing, packet reassembly. You need to do TCP sequencing and packet reassembly for email intercepts. And the government side actually is the side that does this. So you have two interception environments. You have the interception environment that's collecting, capturing, forwarding the data from the ISP and then you have the other side from the government that's taking all the data, doing an analysis, seeing if John Doe is talking to Paul Vowters or who else do I know in the audience that I can pick on? Jesse Cornblum, I saw him over there. And I don't know, whoever. But then you say, hey, wait a minute, all these drug dealers that I'm intercepting, they're all talking to Jesse, why? So those kinds of analytical software, it's all done on the government side and it's still done by the same interception vendors. So okay, we're talking about on both sides, relatively complex software, more complex it gets, the more stuff it's promising to do, the more buggy it gets. So as a result, you'll have issues with, are we actually looking at the right information? Are we missing stuff? Is this have the probative value that we were talking about? It's a delicate, complete story, et cetera. And another final story, a final issue that is a challenge is appearing. Because we have DSL, and it's all over the place, you need to set up a link towards the law enforcement management facility from the network operator or the service provider that's capable of handling all your intercept traffic. So if you've got a couple of DSL links, you have to have a really rather fat pipe to the LEMF and that's really not being done now. So that you're missing a lot of the data that's supposed to be getting forward, that's also an issue. Okay, I was not, I don't know if you, how many people are interested in the EU stuff? What? Okay, you know what? I'll mail you the slides, because there's like three steps. All right, basically, I just wanna say something quick about France, Germany and the UK. There are little commissions in France, Germany and the UK that monitor, ooh, how did that happen? Okay, there are little committees in France, Germany and the UK that actually do management about the interceptions and what they do is they coordinate to see if, okay, don't look now, geez. All right, but what they do is they actually look at to see if the interceptions are valid because they have had quite a problem with misuse of the interception order. So, you know, politicians were being intercepted and the press were being intercepted. So this was quite a problem before. Okay, you know what, I'm gonna show you the movie now as a nice segue, which I didn't plan. Okay, can I have this mic on, please? Forgive the 70s porn music and I'm not promoting them, they're just a vendor and I happen to have had this thing and I thought it was a nice cute thing to show you all, so. Internal security, fighting organized crime and of course, terrorism. Others are new, such as cyber crime and the proliferation of weapons of mass destruction. Secrecy and covert actions are your target's middle names. They operate both locally and worldwide, trying to inflict as much damage as possible. In order to remain undetected, they use a variety of advanced communication techniques such as the internet, cellular and satellite phones. NICE has incorporated its expertise with the operational background of intelligence experts and is proud to introduce its NICE Track product line. NICE Track complies with the international standards for lawful interceptions such as the European Etsy, the American Kalea and various proprietary protocols. In addition, NICE Track features a non-intrusive passive mode for interception of network chunks. NICE Track may be configured in various ways from a small-scale local system up to a full-scale nationwide system with central and remote sites. The technical concept behind NICE Track includes various redundancy options such as RAID 5 mirroring and hot swappable devices for the system's components, providing smooth and uninterrupted operation around the clock. An intuitive, user-friendly command and control interface enables the system administrator to easily monitor the technical status and operational workflow of the system. Special attention has been given to assure that the system's integrity is not compromised. This is achieved by using login IDs, passwords, and by configuring different user profiles, each with a detailed set of permissions according to each user's clearance. Electronic authentication, use of proprietary formats, and advanced auditing tools are also a part of NICE Track's comprehensive security concept. I love this part. I think you're gonna like it too, but remember, it is fictional, and this is promo stuff that's given to the feds. This is all promo marketing stuff, so what I'm just trying to show you is what they get to see. In some cases, as in the case you're about to see, the plot begins when a court issues a warrant allowing partial or full monitoring of a suspect's telecommunication devices. This is done after the law enforcement agency is tipped off about possible subversive or criminal activities of a certain suspect. I hope to see you soon. Yeah, me too. Okay, bye. Voice identification confirmed. NICE Track allows real-time and offline monitoring. When a suspect uses his phone, he is under constant surveillance. A system operator can monitor his activity and compose synopses or transcriptions of his telephone calls. A unique system feature, the executability of a telecommunication device allows the suspect to use the telecommunication device The system feature, the executive connect, allows field agents and case officers to be notified about relevant information in real-time, anytime, anywhere. The executive connect is a powerful operational tool for conducting special activities such as covert surveillance. NICE Track allows monitoring of a wide range of communications protocols, including group three and various non-standard fax protocols. As the use of cellular technology is constantly widening, law enforcement agencies and security organizations genuinely need to effectively monitor this communication medium. NICE Track fully answers this requirement. In addition, the system offers usage of GIS data in order to conduct real-time or offline surveillance of a target's movements. This way, authorities may have a wider intelligence outlook and gain better insight into a target's behavior pattern. Hostile elements extensively use computer communications for their purposes. In order to deal with this menace, NICE Track offers a unique and comprehensive solution for monitoring various sorts of computer communications, such as emails, voice over IP, chat, and instant messaging. NICE Track offers short-term and long-term unlimited archiving of collected data and has a special application for presenting evidence in a court of law. This application ensures that the evidence presented is authentic and was not tampered with. Okay, I take it that those were the boys at NICE in Israel because their product promises a lot and this is what they deliver to law enforcement. So for all the feds out there, this is what they get to see. But what I wanna tell you quickly, just before we go back to the presentation is, before I get stoned for coming out of here and saying, oh, you helped the feds build these bad systems, this is the bottom line. The bottom line is interception is gonna happen one way or another and there are bad guys out there that do deserve to get intercepted as long as it's being done on a responsible legal basis and it's really being done for the really, really bad guys, I think that's what you need to do. I think you need to get active in the right way. So yeah, I just wanted to make that little pitch about why I do this and if you are interested, there's more stuff on the different websites of different vendors that I'm gonna mention. There's other systems out there. Nice is just the only one that let me use their promo video. I should have used open office, I apologize. Sorry? Open office? It's free. Oh, okay, it depends. It depends on what exactly you are having because they have a full product suite. They do voice and data and GSM. So it depends on what you're buying and I'm gonna have a little bit about the cost estimates quickly. There are some other slides in there about UK. What I wanna say though is that we're gonna take a quick look at the Etsy model. Etsy model, yes, no. I just wanna explain how this works. Basically, Etsy is developing a standardized model in order to talk about interoperability of handover. So how people saw the video and now they're leaving. Okay, all right. But how to do handover of communications from the operator to the law enforcement monitoring facility. And basically there's three different handovers that are happening that you need to know about. HI-1 is the basic administrative information and it usually deals with the warrant itself. This is the warrant ID. This is the encryption key that we're using for this particular warrant, for this particular intercept. Then you have handover two, which is the IRI, which is the intercept related information, which is the intercept started then, it stopped then, et cetera. It has a total duration of X time. And then you have the actual content of communication, which is defined as HI-3. The reason that this is important for you to know is that these handover protocols specify everything about the parameters used between the law enforcement and the operator to conduct interception. So all vendors will put it in that format. So you're talking about things like timestamps, et cetera. And there's a slide on Etsy that I can also mail you. There's some things that I'd like to say about the TIIT. The TIIT is called the TIT, which I thought is a cute name, but the point is that in Holland, it means something else in Dutch entirely, so. But the point is that it was used to define the technical interception requirements. And it's actually quite a nice document. And it's going to probably be the foundation for which the rest of the Etsy standard will be based when they talk about interception of IP traffic. So it's a good thing to take a look at. There's a website that I've listed at the end, hosted by a friend of mine, Paul Valters. You can check the documents out there. The general architecture for this is that you get a warrant from a law enforcement agency. It contains the HI-1, which is the administrative stuff to start the warrant, like the interception key, et cetera. It goes to a lawful interception warrant administration desk, which then gets forwarded to the appropriate ISP. And then this ISP is responsible for actually conducting the intercept, sending it out over the internet, and then finding its way back to the LEMF. Okay, so what do these little boxes do? We have, all the way on the left, we have the S-1s. And what the S-1s do is they get the target traffic for the target entity. They put a timestamp on it. They generate a shahash, or the first 64 packets. And this is all part of the specification for the HI-2. And then they encrypt the target packets, the 64 target packets with a key specific for this particular intercept. It then sends forward to the S-2. The S-2 is just a router. The S-1s are either switches or routers. It depends on what their function is across the network domain. The S-2 then collects it. It distributes it randomly over six different IP addresses, or at least that's what it's supposed to do. The six different IP addresses that it's supposed to submit it over is supposed to be six different locations for the T-1s, which is on the government side, the boxes that are supposed to collect all this information. But right now in the implemented examples in the Netherlands, it's not over six different IP addresses, so it's not distributed randomly yet. And this connection over the internet is either supposed to use TLS or IPsec, depending on the vendor that's used by the particular ISP on this side. Because in Holland, the ISP can choose which vendor they want to use to implement lawful interception requirements. And then on this side, it just needs to be interoperable with all of the other ones. So this is the hardest part to set up. And then it gets distributed to the proper T-1s. And what they're using in between them is X5 and 9 certificates for authentication. The S-3 is there and it's just the box that sets up the interception, it puts an LIID, a lawful interception ID on the intercept request and then manages it for the rest of the time that the target is being intercepted. It also collects billing data, which is interesting because in the Netherlands, ISPs or operators, whoever actually does the intercept, gets paid by the government per intercept that they carry out. This is a bit of a conflict of interest. But that's what the S-3 is supposed to do. So actually, when an ISP buys its stuff, it's in their best interest to have a couple of interests happening so that the stuff that they bought kind of pays for itself. Oh, hey, this is really annoying. By the way, the only reason I'm using windows now is because I needed to show you this mpeg file and I didn't configure for BSD to see the mpeg file. No, okay. All right, okay. So basically, quickly about the T1s. The T1s, the NDI PSEC tunnel or the TLS tunnel, they forward the data to the relevant T2. So the T1s don't belong to anyone. They're just government. And then the T2s can be a different law enforcement agency. So you could have the FBI as a T2, the CIA as a T2, et cetera. This is nice because guess what? If they wanna tap each other, they won't know. So the CIA can tap the FBI and the FBI can tap the NSA and none of them get to know about it. So it's quite a nice little architecture for that. Right, so decrypts the packets, checks the integrity. Okay, so lawful interception implementations. There's a couple. I'm just gonna go through them really quickly. We've got, well, I explained already active, semi-active, and passive. And most of the following implementations are active or a combination of active and semi-active. The passive ones are pretty old. No one really does those anymore unless you live in an Eastern European country or Belgium, but no, I'm just kidding. No, no, that was a bad joke. Belgium is now using nice what we saw on the government side anyway. So, Verint, also known as Converse Infosys. They're based in Israel. There are some rumors circulating. I can neither confirm nor deny, so I advise you all to read Frack 5813 to look at the rumors. There's also a Fox News report that's still floating around the internet. Just do Fox News, Converse on Google, you'll find it. But the allegation that was made was that because Verint was based out of Israel, that the Mossad had built a backdoor into the interception software, that when an interception was conducted by the FBI, that it would then be tunneled back to Israel so that Israel got a chance to look at all the intercepts being done by the FBI. So, I think the Fox News report made it sound more like Israel was capping the FBI, but that wasn't really it. They just had a backdoor to them. One thing you should know is that in Holland, in the Netherlands, on the government side, we use, or they use, or whatever, they use Converse emphasis, or Verint, as their T1, so the box that does the collection and then the decryption for the proper law enforcement agency is Verint. And it is the number one, it's like the market leader. So, you know, it's not just a couple of countries like America and Holland, they're using it. There's a lot of people using Verint. And one of the, how do you say, they have a relationship, a strategic relationship with top layer as the switch vendor to conduct the intercept. And they have also issued a response to all the allegations that were levied against them by Fox News. One of the allegations was, well, they're using foreign language keyboards. They're using Hebrew keyboards, so we can't tell what they're doing when they're coming into the interception facility. All the monitoring and maintenance is done exclusively by them. They don't teach the local staff how to use the systems. They don't release the source code so no one can check the veracity of the backdoor or not. These are all allegations that were levied against them. They've answered it by saying, we do not use foreign language keyboards, we use English, duh. And then they have said, and to the second one, we do train local staff. And to the third one, I forgot what the third one was, oh, we don't have a backdoor, but we won't show you our source code anyway. So that's what they've said. I'm just trying to be fair and tell you both sides of the story. It's up to you to make up your own minds. Okay, NICE was the video that we just saw. They're used in Dell Gym as a T1. They do everything proprietary. All the boxes are proprietary. Converse uses Microsoft, so if that's a comfort, I don't know. But NICE is proprietary. It has been implemented for Etsy, so it's using Etsy and Kalea. That's another issue with Converse, or Varen's is also using Etsy, Kalea. That's something that's required that's from both sides of the Atlantic. One of the things that they claim to do is topic extraction. So across all the traffic that they collect, they're able to do high-level topic extraction, keywords spotting, remote sending, like that executive connect package is supposed to send it remotely to an agent. So this is quite a bit of features built onto a standard Ally. They also claim to be able to do automatic language detection and translation on the fly. So yeah, maybe. They also run on Windows NT, so more happiness. They also have a standalone internet telephony solution right now, which eventually they plan to migrate into one big scary package. ADC and SS8 is proprietary, but it's primarily used for large bandwidth. So if you own a satellite station, you shall know that they use ADC because for satellite connections, it's very popular to use SS8 or ADC. They also support Kalea, XC, and they also use top layer. Accurus, Accurus is based out of Ireland. One of the first limitations from release one until the current release is that they have a maximum of 50 concurrent taps. That's a significant problem. You, I mean, believe it or not, there's a lot more taps being conducted by the operators in the ISPs today than 50 for machines, so that's an issue. The solution isn't dependent on a switch type, so they do have flexibility in which switch they'll be using. You can use a single S2 as a concentrator, so that means if you have S1s deployed all over the country or the world, you use one S2 to collect all of that back from the S1 and ship it back to the LEMF. In terms of cost savings for an operator or an ISP, this is a very good thing. They also plan to have a fully gigabit solution, but it depends on the switch that you get to go with it and the integration with filter setting, because the idea is when you're actually setting up these filters, it has to go on right away, like, boom, and be able to collect everything and send it off nicely and very few of them do that, so there was an issue with Accurus, but I can't talk about it. Ooh, 10 minutes left. They also support Kalea and Etsy. Finally, it's about the money. Someone asked a question about the money, and she's right there. Well, it depends. She asked how much the government pays for that software, and the solution for the ISP side can be anywhere between $100,000 to $700,000, for the ISP. The government side, it depends, because the government side actually needs to do a bit more work than the ISP side, so those can run up, up, up, up. It also depends on who you get to provide it. One of the, or I should say, the largest ISPs in the Netherlands, they use a solution that comes from a small company called Pine that actually built a solution, you know, scratch for $100,000, which is pretty good, because it was one-tenth of, you know, some of the other people were asking for a solution. But this kind of money is serious money, and a lot of ISPs can't afford it, so it depends on what, you know, the government will require. I'm not really sure about too many of the prices. But the UK government expected to spend $46 billion over the next five years, just on interception stuff, you know, staff, training, la, la. And then they went back before the house, and they said, well, $27 billion, that's our currently reduced estimate. There was recently a report in February about doing email interception by the UK authorities, and there was another quote of another $20 billion that was going to be estimated for five, no. Actually, it was data retention. It was data retention, and it was in the UK by Yahoo. Yahoo said that if you want us to do the amount of data retention you're telling us to do for six years, then it's gonna cost us like $20-some-odd billion to do that. There's just no way we can do that for less than that. So the government was gonna go back and think about it. Anyway, the division of costs. In Europe, the current division of costs is that the capital expenditure, the stuff it costs to build it is borne by the ISP, and the operational expenditure to maintain it is done by the government. That's why the government pays you per warrant. I'm really gonna finish quick. There is a penalty for non-compliance. In Holland, it can be as severe as having the house arrest of the CEO of the ISP. He just gets to sit at home. So, you know, you also have $205,000 in fines, which is also pretty painful, but yeah. Okay, and there is cooperation between the ISPs to choose a single tool, and that failed miserably. So all the smaller ISPs that wanted to get together and should have, they said Linux, Windows, ah, ah, and it was all painful and it was gone. Okay, this is a conclusion for law enforcement. So all the law enforcement people here, read that later. Future development and issues. Because the EU is expending, LI is gonna be, it's a requirement to join the EU that you have to be able to intercept all your communications traffic. It's a requirement in the majority of European countries that if you cannot intercept, you cannot offer communications to the public. They will shut you down. So that's quite an issue. Data retention decisions are still being worked on. Eventually there'll be an info poll organization that monitors, manages and maintains. We're talking eventually about a situation where you're looking at borderless lawful interception capabilities. So lawful interceptions gonna be conducted from Europe to America to France, just, you know, seamlessly. And the request for intercepting someone in another country will flow much more easily than it does today. The ISP role, is it going to expand or will it diminish when you have something like borderless LI? Because right now in Holland, the ISP role is rather high. But if you wanna make it so widespread, you might have to shift the responsibility scale. Quantum cryptography is gonna be another big huge challenge, because think about it. Forget if you are doing encryption. Forget if you're intercepting. If I know that you're intercepting on my link, if I can show that my photons are being changed by a potential interceptor between A and B, I'm not going to transmit. So I know that link is not safe. So when you have like an internet work or a giant quantum crypto network that you can do from point to point verification, then you're no longer going to be able to do interception. Okay, well, think about that one. Waylan is a challenge, because intercepting it is a challenge, but also, let's say you're offering a big free wireless LAN from your dorm room. Does that mean you're a public communications provider? Cause anybody can walk by and use it, free for the public. You're not getting money for it necessarily, but would it mean that you would also be able to intercept your Waylan for the government if you are providing that service? Those are interesting issues. And then what does this mean for privacy legislation? I have some websites for you to check out, and I didn't think you would have too many questions, but I've got something. Okay, I have one minute left, so okay. Well, think about these questions, I don't know. All right, and that's my name and number and email thingy. So if you want to send me email, go for it. Send me email, no spam. Unless it's about that penis enlargement thing, because the prices are going way down on that, so. Okay.