Slashdot Mirror
Security Flaws Allow Wiretaps to be Evaded
An anonymous reader writes "The New York Times is reporting that a team of researchers led by Matt Blaze has discovered that technology used for decades by law enforcement agents to wiretap telephones has a security flaw that allows the person being wiretapped to stop the recorder remotely. It is also possible to falsify the numbers dialed. The flaws are detailed in a paper being published by the IEEE. Someone who thinks he's being wiretapped can apparently just send a low tone down the line that turns off the recorder. The link has a demo."
Try it and find out...
In other news, smart people can avoid being caught by doing stuff...
I mean, any dolt can PGP or GnuPG encrypt a message or just hand deliver messages. Things like wiretaps are good for the duller knives in the drawer. We should still use them to "grab the low hanging fruit" and look elsewhere to capture the rest.
If a person knows he's being wire tapped, he won't say anything incriminating anyway, and if the feds/cops don't get what they want over the phone, they'll just bug some offices instead.
What are you eating? isItVeg?.
Likely the powers-that-be would know about your new line and tap it as well. It is better to let them think they are tapping you, when in reality you are circumventing the system.
That way when the party officials want to do something underhanded, they use the red 'bat phone' that nukes any cops that are trying to listen in on them. In this way, they can have it both ways. Watch the proles without being watched themselves.
Let's keep this in perspective. The article says:
A spokeswoman for the F.B.I. said "we're aware of the possibility" that older wiretap systems may be foiled through the techniques described in the paper. Catherine Milhoan, the spokeswoman, said after consulting with bureau wiretap experts that the vulnerability existed in only about 10 percent of state and federal wiretaps today. (emphasis added)
So basically it is a minority of antiquated equipment that is vulnerable. Moreover, the person being wiretapped probably doesn't know what system is being used. It is not going to be possible to know, with any assurance, that you have actually defeated the system.
What this probably means is that the FBI will phase out these older systems a little faster than they intended to (mostly due to the publicity-- they were probably already aware of this vulnerability, but didn't care much because "the bad guys" were not aware of it).
...on a router/etc.? Like a programmer's backdoor that they forgot to shut off after they sold the units? I guess it's security through obscurity... relying on the subject not knowing they're even being tapped, and thus having no reason to try to stop the tap.
In other news: A team of researchers belived to be linked to an unknown group of terrorists was charged under the DMCA and PATRIOT act as a threat to national security. They are now being held for an unknown period if time, awaiting trial...
High frequency tones turn off teenagers.
Low frequency tones turn of the NSA.
Slashdotter vocal tones turn off women.
Did I miss anything?
Surely if sending a low frequency tone becomes a "standard", law enforcement agencies will change their methods to so that wiretaps can't be blocked by a low tone? In fact, the aticle says that only 10% of 'dated' wiretap machines can be defeated in this manner anyway, so don't rush out to buy the next phone offering compl33t an0nym1ty from the fedz!
Where's the big deal?
Oh, yeah, guess I forgot a step: flee the country, because they'll be after your ass now!
Use 'slashdot stuff' in the subject line in any email you send me if you want to get past the spam filter.
Remember that we're all presumed innocent. To take an example of encryption, just because I'm using encryption does not mean that I am plotting nefarious schemes against my fellow citizens. I may be discussing confidential business things, for example. Y'know, dare I say it, I might actually work from home in an effort to not drive my car around and burn gas, hurt the environment, etc., etc.
These sorts of mistakes can be dangerous. Imagine the above example--I'm some bigshot business-guy. I own a publicly traded company. The FBI inadvertently taps my phone and learns that someone at the company I work for has just invented something that will make the company a ton of money. Do you really think those agents aren't going to call up their stock-brokers and say, "BUY! BUY! BUY!" (Or, assume the other direction, if you prefer)
Frankly, yes. I want to make it difficult for the government to wiretap it's citizens. I want somebody to look at the evidence that has been accumulated and act as my representative to say, "Hey, wait. Just because he encrypts his phone calls doesn't mean he's a terrorist." I want somebody to second-guess these guys.
The story of the gutsy cop who goes against procedure to nab the bad guys before they enact their evil deeds is a great movie. But it's not real life--remember, in most cases we get the see the bad guys planning their acts in the movies so we know who the bad guy is. Reality is not that cut-and-dried.
In short, I'm more worried about the government abusing it's power than of the terrorists blowing up a building. That happens alot more often.
Check out my website: Playfully Clever
The OP has anything to do with this :
1 8/224826.shtml
http://www.newsmax.com/archives/articles/2001/12/
U.S. Police and Intelligence Hit by Spy Network
Charles R. Smith
Wednesday, Dec. 19, 2001
Spies Tap Police and Government Phones
In the wake of the Sept. 11 terrorist attack, the FBI has stumbled on the largest espionage ring ever discovered inside the United States. The U.S. Justice Department is now holding nearly 100 Israeli citizens with direct ties to foreign military, criminal and intelligence services.
The spy ring reportedly includes employees of two Israeli-owned companies that currently perform almost all the official wiretaps for U.S. local, state and federal law enforcement.
The U.S. law enforcement wiretaps, authorized by the Communications Assistance for Law Enforcement Act (CALEA), appear to have been breached by organized crime units working inside Israel and the Israeli intelligence service, Mossad.
Both Attorney General John Ashcroft and FBI Director Robert Mueller were warned on Oct. 18 in a hand-delivered letter from local, state and federal law enforcement officials. The warning stated, "Law enforcement's current electronic surveillance capabilities are less effective today than they were at the time CALEA was enacted."
"Freedom and Justice for All" is a registered trademark of The United States Govt Inc. Not available in all areas.
I don't care if it's 90,000 hectares. That lake was not my doing.
I feel safer already....
... the powers-that-be add insult to injury. A few years ago German police woke up to the fact that a large portion of their wiretapping operation had gone sour. Apparently they used some sort of a digital voice-message like scheme to implement the surveillance and somebody, presumably a beancounter at one of the telecoms, decided to bill the customers in question for this 'service'.
Only to idiots, are orders laws.
-- Henning von Tresckow
*Ahem* From the 'wire tapping' I know of it's all man in the middle, digitised, and stored on hard disk - with the cooperation of the telecoms or without. I haven't seen a 'tape recorder' in a good 10 years now. Still have them, just not needed any longer. I should imagine, given the hardware used in Australia, that US police would do a similar thing and if not - identical. The likelyhood these days of a machine that could be switched off remotely I would suggest is improbable at best.
:-)
They did use "publicly available information" - what is made (or leaked to the) public is often years out of date, inaccurate, or simply not even true - rarely does it describe the technology in actual use, so don't go and loosen the straps on the tin foil just yet
Is this some sort of darwinian IQ test for terrorists? You can just imagine the gleeful delight on their simple, child-like faces and the unrestrained joy they will experience with unfettered access to telecommunicaions this will allow.
[low hum down a phone line]
"Hello. Is that you Omar?"
"Why, yes it is Osama. How are you today? And what's the weather like like in your donkey burrow in Yemen? The weather's great here in Florida. My view from the Delano Hotel's room window is fabulous - I am also ordering martinis like James Bond."
"Yes, yes... quit your bragging. Just because you weren't born with the most recognisable stripey beard in the world... Now can we please start planning our next atrocity?"
"Ah yes. It is pleasing that we can freely discuss our locations and plans now that the engineers of the American military-industrial complex have told us how to easily counteract their most sophisticated surveillance. Their foolishness in revealing this technique to the entire world, via the internet, has allowed us to dispense with our counter-surveillance training, techniques, and equipment. It is truly a golden age for violent reactionaries wishing to impose a totalitarian pseudotheocracy on the idol-worshipping, hemp-smoking, fornicating, soulless infidels!"
"Wait! Who THE FUCK did you say told you this would work?!"
"Yes, the Americans. They said we'd be safe if we did this. How typically naive of them. Their destruction is assured!"
One of the penalties for refusing to participate in politics is that you end up being governed by your inferiors - Plato
Do you want the truth?
You can't handle the truth!
The truth is that in the current environment, you can't trust anything. Use your PC to scramble the call. If its that sensitive, anything else is foolish. Or use a one-time pad to encode it.
Think of it, if you were the "powers that be", isn't this how you'd do it?
The link has a demo.
Hey, it works! I tried the demo and a few minutes later the big black van parked out front drove away...
Be a real patriot: Question authority. Think for yourself. Formulate your own conclusions.
But wiretappers don't just record voice, they record dialed numbers and caller-id. The other set of flaws, which you can read about in the longer PDF paper, depend on the fact that DTMF detectors are usually analog devices with a certain amount of sensitivity, and in general the phone switch and the wiretapper's equipment won't be the same. So you can find out how far off to bend your touchtones and have the phone switch still listen to you, and then you can send touchtones in-spec or out-of-spec to confuse the wiretapper's equipment, which can't tell whether the phone switch is or is not listening to the numbers you can dial. If it's more sensitive than the phone switch, you can send bogus digits that the wiretapper will record and the phone switch will ignore - but if it's less sensitive, and you're sending your digits just at the edge of the phone switch's range, the wiretapper won't see them.
You can play similar games with CallerID, giving the wiretapper lots of entertaining stuff to listen to when you're not on the phone.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Basically, there's a fairly high proportion of the wiretapping gear that's actually deployed is vulnerable, in spite of what the police PR folks say, and it's much easier to hack the pen-register technology (though probably impossible to prevent the phone company from giving a direct billing database feed to the Feds, which you probably can't hack.)
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Since this works through SS7, and full call-control information is available, it's immune to any in-band tones.
See this old Slashdot article with more links.