On Wed, 24 Mar 2010 09:35:39 -0700 (PDT), bod43
wrote:

You constantly monitored all connections for service
interruptions. If there was an interruption you sent round
the boys in black to check for network taps just in case
the interruption was caused by someone inserting a tap.

Yeah, sure. If there were only one interruption caused by a tap
insertion, that would probably be cause for an investigation. When
you have a few dozen minor interruptions daily, it's difficult to get
inspired to investigate one more. More likely, the fault will
magically heal itself, and the operator or log skimmer will assume
it's a transient error. If 10G, GFEC (Generic forward error
correction) might mask any errors.

Many of the fibers worth taping are miles and miles long. One big
long dark fiber. How about this run from Santa Cruz to Sunnyvale in
one piece? About 99% of the light never makes it to the other end,
but that's good enough for DWDM (dense wave division mux). A little
additional loss, and probably nobody would notice.

On the other foot, picking up leakage from a bent single mode fiber is
not my idea of fun. I could probably build a suitable pickup, but
trying to get all the different colors separated would be a mess.
Besides, the DWDM sniffer box would probably cost $10,000 and up. Even
so, sniffing fiber is like drinking from a fire hose. The horsepower
required to decode and capture everything is well beyond that of a
common PC.

Of course all this is only affordable for government level
or similar security.

If you throw an infinite amount of (public) money at a problem,
anything is solvable (except maybe federal health care).

Then there is quantum cryptography which guarantees
that message interception is detectable by principle.

Yep. That's the major benefit.
--
Jeff Liebermann
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558