Is the CoS the NSA? Hardly. Mods: don't know if this qualifies as "general" enough for General Discussion, so feel free to move it. I think it's worth mentioning how archaic the CoS infrastructure is though How technologically sophisticated is the CoS, from an IT/networking perspective? Two words: not very. From the 30,000 foot IT/networking view, they look like they didn't even know the internet existed for the most part until 2001. Even now, for an organization with bizillions of dollars claiming a membership in the millions in 2008 -- they look like a mom-and-pop outfit with a few offices here and there. Their network topology looks like a bad example of, "how not to do the internets" (may make this into a PowerPoint... tffft). For tin-foil hat types who expected NSA level sophistication and connectivity -- sorry to disappoint you. It's no wonder they've had to call in outside security expertise, only to be told, "no you're doing it wrong." They're definitely doing it wrong. I have no doubt that there are a few bright, dedicated and knowledgeable people working on their end who KNOW how wrong they are, and grit their teeth because they aren't permitted to bitch about it. I would absolutely fucking hate to be a network admin or IT guy on their side, because truth-be-told, even simply looking at publicly available information about their networks shows that they're still in the bronze age. Hats off to you poor souls... I feel for you. None of the information below was gleaned through illegal means. No network scans or penetrations were involved. This is strictly publicly-available info that's out there if you know where to look for it. If you're not a netfag, it's probably best you stop reading here. The rest is just going to be one big yawn ---- The bulk of the CoS connectivity is, by a wide margin, at their Hollywood Blvd. facility in California, most of which is provided by AT&T. That facility also appears to be multi-homed with another carrier, Level 3. The address space provided by AT&T (3 x /28, 1 x /24, and 2 x /23) is much larger than that provided by Level 3 (1 x /24), indicating the facility is not fully redundant and that the Level 3 connection cannot support their entire infrastructure should something go wrong with their (presumably) primary carrier, AT&T. This probably explains their mad scramble to to move their public-facing servers to Prolexic. Their next most-connected facility is Gold Base, in Gilman Hot Springs, California. Again, AT&T provides the connection, with one /25 range of IP addresses assigned to it. I don't see any redundancy for their IP space there thus far. Flag HQ in Florida comes in third, with two netblocks assigned by AT&T (1 x /29, 1 x /28) and a second connection provided by Telepacific (1 x /29), again indicating they do not have full redundancy. San Francisco comes in at number four, with 4 x /29 non-contiguous netblocks (indicating growth over time). Seems a bit odd that this org should have so much address space assigned to it. Tertiary facility? Way too many IPs for a "generic" location. Data indicates a location at 268 BUSH STREET #5000, SAN FRANCISCO, CA 94104, which is separate from their "public" org location on Montgomery. Don't know if they've moved it, if that's just a mailing address, or are running things separately in two locations. Other orgs (six in total) appear to all have /29 netblocks assigned to them (i.e. 8 IP addresses, six of which would be usable). This commentary is specific to the Church of Scientology International. They also have various other (small) connections to Narconon and Criminon offices, but these pretty much mirror the standard /29 nets in regular orgs. Still working through the long, long list of Scientology front companies, various law firms and PI's known to work for them and likely sympathetic-corporations controlled by big-dollar benefactors of Scientology. Will publish the full results, with yummy geek details when finished. And now, it is my GREAT pleasure to pass the tin-foil hat over to the "experts" in the OSA. I *really* hope you folks thought about how stupid it is to hire an army of asshat private investigators to do your bidding for you. Let's hope that none of them are likely to, um, leak any information you might find embarrassing? I'm not saying anyone would do anything to get to it -- I'm just saying it's time for you to start losing a LOT of sleep wondering if anyone IS. Hugs and kisses! That's what you get for being dicks and trying to be spaiz. I think you've FINALLY pissed off the wrong people.