« Previous entry | Home | Next entry »

The secret Narus spy software at Folsom Street

The venture capital-backed Silicon Valley company Narus has found itself at the center of a legal fight over domestic spying. We're now wondering how its software is being used abroad in places like China and the Middle East.

Narus is based in Mountain View, and makes a network management software.

This week, the Electronic Frontier Foundation filed documents contending Narus' software was plugged into AT&T's network as part of a massive surveillance program conducted by the National Security Agency -- to eavesdrop on Americans' international phone calls and e-mails. President Bush signed a secret order in 2002 authorizing the NSA project.

Our Mercury News colleague Elise Ackerman has the story today (free registration). An AT&T technician said a computer containing Narus' software had been installed in a secret room in the company's Folsom Street office in San Francisco after Oct. 2003 to monitor "people's e-mail, Web surfing or any other data."

We're not sure if this is negative publicity for the company, or positive, because it has given Narus' chief executive a grand platform to talk about Narus' unique properties:

Narus CEO Greg Oslan said the company's software is designed to allow carriers to monitor all Internet traffic, including Web searches, e-mail content and attachments, and Internet phone calls.

There are business reasons for this: AT&T could decide to charge a customer more if they're putting more strain on the network, such as by downloading movies.

There are also security reasons: As the Internet is increasingly used for new purposes such as watching TV, new ways of spreading viruses and other malicious online behavior are popping up.

For example, Narus says viruses can hitchhike on encrypted Internet phone calls. Traditional security software can't spot these invisible intruders, but Narus can. ``We provide a unique level of protection,'' Oslan said.

Good stuff. But more sobering is that the company is selling its technology to folks like China's Shanghai Telecom for a system we'll never know exactly how is being used. At the minimum, the Chinese government can use it to detect and block certain "unauthorized" telephone calls placed over the Internet, but it could be used for much more aggressive monitoring of its citizens.

And here is Narus' response to questions about how customers are using its product: "Once our customers buy your product, it's relatively opaque to us," said Steve Bannerman, vice president of marketing.

Narus has received at least $55 million from Walden International, Mayfield, J.P. Morgan Capital, Intel Capital and others over the past six years, according to our records.

TrackBack URL for this entry:

Links to blogs that reference this entry:

From: SiliconBeat
NSA violating privacy? Some folks in Silicon Valley think so
Excerpt: Here are more details about how AT&T, Verizon and BellSouth have turned over call records for millions of their customers to the super-secret National Security Agency, which is reportedly using the data to search for terrorists. Last month, a furor er...
Tracked: May 12, 2006 7:19 AM
From: International Phone
International Phone
Excerpt: Select the international reverse phone Instant online PIN delivery!Calling card, prepaid phone card, international phone cards, prepaid calling card,...
Tracked: August 8, 2006 9:45 AM


This really about a ship of fools. Narus has been struggling for years and is probably loving all the publicity (they've had a revolving door of executives including the original founder and the CEO that he hired and the CEO later hired, etc. etc.)

The simple truth is that Narus, at its' core, is based on a PC running Linux and capturing network packets.

This is all open-source software. What turns the thing into a $50,000+ "enterprise product" is an Oracle database, and lots of Narus supplied database reporting and analysis software.

It's so hard to use, that Narus makes a lot of it's money from a "professional services" division. In other words, you pay them a wad of cash to buy their software, then you pay them again to install it and get it working for you.

Perhaps AT&T is big enough to simply buy it and never tell Narus nada, but the vast majority of Narus customers are intimately interacting with them; Narus engineers do the installation and configuration and therefore fully know exactly how the software is going to be used.

That said, anyone that really wants to eavesdrop on anything over an IP network can simply buy a copper or fiber optic passive signal tap and then hook up their favorite open-source data capture/packet sniffer and go.

Thus, if one is going to castigate Narus for enabling spying et. al., one should follow the "deep pockets" version of high-tech anthology and cast the blame where it belongs - at the feet of the entire open source software movement for building all these powerful tools and dispering them everyone online for free.

RAbazm on April 12, 2006 8:45 PM
Comment link

yup yup yup....
I am a small ISP and I use a program called IPtraf for linux, works great but I have to do everything manually as far as doing anything with the data to stop people from doing things against my tos such as running a file sharing server etc. I wish the makers of IPtraf would step up and make some mods to make this program more useful. right now it will not even save a list of customer name/ip addresses. I can program it with every customer name and IP address then if I reboot it dumps the list and I am back to square 1. still it is a very cool program though. It would be perfect if I could tie it in with an IPtables firewall so it would trip the firewall and ban certain IP address if they have too much data flowing out (not in, just out. It means their running an illegal file swapping server)

Bob on May 28, 2006 1:08 PM
Comment link
Post a comment

Remember personal info?