|
|
|
|
|
|
by drdaeman
1439 days ago
|
|
|
It could be either mirroring all the traffic to an agency-provided black box, or sending just NetFlow (or sFlow) metadata about the traffic. And if someone thinks the first option is not realistic - this is how almost every ISP in Russia works (search for SORM-2 and SORM-3 for more detail, typically traffic is mirrored at ISP's border gateway(s)). Sure, Russia or China wouldn't be great examples, but the point is that it's technically possible, even at scale, and all the real problems are in the meatspace (legal enforcement or coercion). |
|
|