Slashdot Mirror
Greek, U.S. Officials Tapped For Years
Bruce Schneier posts on a story being reported in the Seattle Intelligencer. Greek and U.S. officials in Greece apparently had their phones tapped for over a year before the 2004 Olympics. From the article: "It was not known who was responsible for the taps, which numbered about 100 and included Greek Prime Minister Costas Caramanlis and his wife, and the ministers of foreign affairs, defense, public order and justice. Most of Greece's top military and police officers were also targeted, as were foreign ministry officials and a U.S. embassy number. Also tapped were some journalists and human rights activists." Schneier gives a bit of technical background on how the tapping was accomplished.
does this surprise anyone? it's the admissability in court that's really the big deal, as well as being able to point to the use of it in ongoing investigations between agencies and oversight.
Did anybody else think that the article was
"Geek U.S. Officials Tapped For Years"?
I dunno...maybe that's just because I was on \. I was thinking that.
-TLAY
Or, are their specific areas of the phone ROM designed for including new and inovative istructions as our fearless leaders (or paying advertisers) require?
- Minutus cantorum, minutus balorum, minutus carborata descendum pantorum.
>
>That was clever. How did they get access to the phones to flash the programming? Phones worked fine otherwise. Makes me think someone had access to them at the factory. How else would they be able to get the source. Or would they need it?
One of three ways:
1) A backdoor in phones for snooping; either placed there by design/regulation in concert with the manufacturer, or slipped in by means of some clever hackery. Read "Reflections on Trusting Trust" for just how clever said hackery could be.
2) By means of the normal process whereby automated firmware updates can be delivered to phones. Same sort of way a Tivo or satellite/cable decoder can be "updated" remotely. Except that the "update" only went to the "right" phones. Sort of a variant on #1.
3) Or the old-fashioned way: the same way a virus/worm author gets access to flash your BIOS, or overwrite the material on a hard drive. Sent 'em some HTML that exploited a flaw when rendered. Sent 'em a .JPG with corrupt headers.
A mobile phone is a computer with a writable storage device on it. Computers run code. Computers do what they're designed to do, unless the code they run contains flaws - in which case they do what they're told to do, which may not be what the designer intended, but it's precisely what the cracker intends.
No need to get all so "conspiracy FUD" about the phone companies loading code onto your phone. From the first article it says that "spyware" was loaded onto the central Vodafone server. Which is obviously the best place to attack the system. That way you can use the entire network as your spy infrastructure.
I am Slashdot. Are you Slashdot as well?
a phone conversation encryptor?
:D
Actually the idea is as old as the MAD magazine, but with today's technology it could be implemented using public keys and a tiny modem in the headset.
voice -> data -> public-key encrypted data -> voice.
Ta-da!
This sounds like an organized crime activity to me. Lots of cash flowing around and knowing people's secrets could be just what somebody needed to get a fat contract where they could skim millions. Follow the money and you'll probably find who did this, even if you cant prove it.
I wouldn't be surpriesd if organized crime here in the US hadn't figured out a way to tap into people's phone calls. The telepone companies don't seem to care who listens to our phone calls anymore.
It's time for end to end encryption of all communications. We should get an SSL session from one handset to the other.
set softtabstop=4 shiftwidth=4 expandtab nocp worlddomination
They didn't have to.
They (whoever "they" is) did it all from the telephone company switch.
This is exactly the same mechanism that is used for "proper" (IE: court ordered, law enforcement initiated) taps.
A command is issued in the switch that makes any future calls to or from the "target" phone part of a conference. The 3rd party in the conference would normally be a one-way audio device, that is connected to the police recording equipment.
In this case, it appears that the monitoring party was another cell phone (a pre-paid one, hard to track down who it belongs to).
The "hack" in this case, is really just an un-authorized use of an existing function in the telephone switching platform. It only takes a couple of commands, from a login with appropriate permissions, to do this.
All that stuff in the movies "..what was that, did you hear a click?" is bogus. I've been involved in a lot of testing of these and you can't tell that there's anything out of the ordinary going on.
---
"I can't complain, but sometimes still do..." Joe Walsh
I'm currently in Greece right now. What they officialy announced was that malicious code triggered a feature of the Ericsson systems Vodafone is using that "duplexes" phone calls. This feature is disabled in Greece by default (or should be anyway) because it is illegal. What is being heavily debated over right now is this: Once Vodafone's administrators found out about the malicious code and the whole illegal setup, they immediantly shut it down, hindering the task of finding the location of the 14 numbers almost impossible. So the question is, if you where in the Vodafone administrator's shoes, would you immediantly shutdown the obviously illegal code, or inform the police before taking action about it?
"Omykod, neighbor, I just discovered a webcame in MY shower, too! Chekkidout!"
"Wow dude, someone put that same keylogger on my laptop, too! Here it is, right in the process list on my Windows Task Manager!"
"Greek Allies: Thank you for sharing your concerns that we were behind the recent suspicious rerouting of cell phone calls made by your top government officials. As you can see from the attached mobile phone company records, our embassy has been a victim of this heinous eavesdropping as well. We look forward to working with you to find the Real Perpetrators. Sincerely, CIA Field Chief -REDACTED-"
I mean... c'mon. Everyone knows that at least one third party was already listening in on those conversations anyways. What's the surprise that someone else figured out a cheaper way to do it? That's just good geeks at work trying to impress the bean counters over at the GAO.
Note to self: two tinfoil hat posts in one sitting... I need to cut back on the Mt. Dews after lunchtime
-- Stu
/. ID under 2,000. I feel old now.
These games are played all the time by foreign intelligence services. The most important question here is, if this was not a Greek agency that was behind the wiretapping, why didn't Greek counterintelligence know about this for so long?
Some more interesting details:
t ics_371_03/02/2006_172382
1) The software used was developed by Vodafone's major supplier,
Ericsson. It was installed although Vodafone does not own any licenses
to use it.
http://news.kathimerini.gr/4dcgi/_w_articles_poli
2) Vodafone was notified by a Reseller, Q-Telecoms, about delays in
text message delivery, after which they undertook an ad-hoc analysis.
They found the software, supposedly a remotely activated Trojan (how
the hell could a Trojan get onto an SMS gateway?), by sheer luck, and
then disconnected the computer from the network.
3) The day after (2) the local security manager was discovered dead.
"Suicide", don't you know.
4) Ta Nea (http://digital.tanea.gr/) are claiming it was the CIA,
since the remote proxy used for collecting data appeared to lie in the
vicinity of the American and / or British embassies. How amateurish is
that? Their motive was "Anti-Terrorism" before, during and evidently
also after the 2004 Olympics, which is no doubt why the list of
mobiles being tracked also included those of some prominent, and very
very active (if you follow the news about bombs and firebombs at Greek
banks and ministries, you'll know what I mean) anarchists (not
commies, much more left wing than those boy-scouts).
So long,
They who would give up an essential liberty for temporary security, deserve neither liberty or security - Ben Franklin
I'd guess that they probably got access at some stage during shipping, not at the factory, and swapped outbound phones with ones modded in at their leisure.
;) It was a hollow cavity resonator - it had a large open space in the center with a simple wire in it. The vibration changed the capacitance between the diaphragm and the post plate, but there was no power source. It was not a bug on its own, but when the Soviets would broadcast a strong radio signal, an induced current would induce currents and stimulate a return broadcast at varying frequencies using the wire as an antenna, with frequency determined by the distance between the diaphragm and the post plate (which was determined by the sound impacting the diaphragm). I.e., a simple arrangement of metal became an FM transmitter when you broadcast radio waves at it.
Never underestimate the power of even a simple device to spy. My favorite spy tool of all time was a plaque given to the US Embassy at Moscow by the Soviets in 1946. The US inspected it and determined that there was absolutely no way it could be bugged. It was
Son, a woman is a lot like a refrigerator. They're six feet tall, 300 pounds... they make ice... umm...
I always liked this story about the xerox machine in the Russian embassy doing more than just copying documents.
The collection of Ericsson cell phone switches that I am currently sitting beside (4 of them) have a lot of features available in them, that my employer hasn't bought, and are not enabled. All it'll take to enable those features is a call to Ericsson with a purchase order.
My wild-assed speculation is that this "hack" was done by an employee, or former employee) who was probably recieving more than one income..
---
"I can't complain, but sometimes still do..." Joe Walsh
It's interesting in many ways :
- it confirms what was previously just expected/suspected.
- The way in which it was done ( by installing software on the carrier's cell network that 'conferenced in prepaid phones' ) is definitely interesting.
- It was discovered.
Oh, and I've not read this anywhere else, but there's a post here which gives a few other details, including the mysterious "suicide" of one of the local security officials... not that I can tell you that it's anything real other than some radom dude posted something here, but still, that's interesting too, especially if true.
Anyway, I find it much more interesting than another RIM article or another CSS&HTML book review.
I am going to tell a little story.
Once upon a time, there was a dike. It was just a simple dike, nothing special. The dike was built, as dikes are, to stop water from flowing all over. One day though, someone decided to break a little bit of the dike. Nothing too drastic. Just a little water flowing out. What's the harm, y'know? In fact, it's helpful to the people nearby, since they get some free water! Thus, the whole wasn't fixed. But this little hole soon started to get larger. Alright...well the people are getting more free water now! But this hole kept on getting larger. Eventually, the hole was so large that the dike was of no use anymore. All the people who were getting free water could now be found under that water.
Now, to come back to the topic at hand: What happens when the government finds out that it is "okay" to eavesdrop on its own citizens? That the people don't care one bit about the whole thing. The government starts to do it more often. Eventually, it is too large to stop. I could very well bring up the Nazis, but I'd prefer to not violate Godwin's law.
Stories such as these raise awareness to the fact. I remember reading a comment earlier today about how the RIAA was purposely initiating frivolous lawsuits (Such as suing the person who never used a computer.) simply to remind people that they are still actively hunting those 'evil pirates.' The more people are aware, the more they participate. For example, in the late-1700s and early-1800s, the literacy rate throughout Europe started to rise. At the same time, the level of participation within politics also rose. One of the primary causes of the French Revolution (and the Terror that followed) was the use of newspapers to raise awareness amongst the populace.
Nowadays, awareness is the first step toward action.
Would you kindly mod me +1 insightful?
Come on. You know it was just the Olympic Committee making sure no one violated their trademark on the term "Olympics". Because you know they have to protect the term "Olympics" so that know one else can make money off the word "Olympics". If these officials where caught using the term Olympics they could be in big trouble with the Olympic Committee. Hold on, someone's knocking on my door.....
Coder's Stone: The programming language quick ref for iPad
It's not like the Executive Branch has just asserted its right to basically do what it pleases in the name of fighting terrorism, is it?
I understand your list of usual suspects, but something on the level of what's described doesn't sound like the Russians. Why would they do it? (And to the same objection about the States -- they've already proven their willingness and ability...)
"Fundamentalism" isn't about divine morality. It's about human authority.
There was 1 phone in the US embassy bugged too. 1? Why only 1? Why only the USA Embassy?
I reckon that's either to test it, or so it could be denied later ('well we were bugged too').
If it was Israel, China etc, I bet they'd bug all the western embassies - it would just be an extra line in a configuration file.
Plus I know a few Ericsson switch engineers and they are all US or UK contract staff which rules out China or Russia to me (but maybe that has changed, maybe Ericsson use Russian staff now?) and Turkey Cyprus or Albania, forget it! Where would they get switch engineers from?
I hate to jump to conclusions too, but it looks highly likely, especially given the domestic spying without warrant in the USA, and the UN Kofi Annan spying incident, and the claimed kidnapping of Greek citizens by US & UK agencies.
> Oh, and I've not read this anywhere else, but there's a post here
> which gives a few other details, including the mysterious
> "suicide" of one of the local security officials... not that I can
> tell you that it's anything real other than some radom dude posted
> something here
The story of the Vodafone employee who was found dead two days after the discovery of the "spyware" has been in the TV news here (in Greece) and in some online news reports too. There was a "thorough investigation" by a high ranking state attorney, after which it was declared suicide. Vodafone denies any connection of this death to the phone tapping.
I once heard a story about someone who claimed that they were being listened to. This person says that he heard an odd "clicking" and other bizzare noises when he was talking on his home land line. When he complained to the phone company, the repairman said his phone was wired really weird. He claimed that it was wired through to the company he used to work for. This was in the mid-nineties. I don't really trust the word of this person, but I would like to know if this has any validity.
Now, thanks to the wonder of Slashdot, I can ask multiple people who may know something about this.
1) Is this story believable?
2) Do you hear "clicks" if your phone line is being tapped?
3) Can any private organization arrange to have another wire leading from another phone?
If you think this is news, it'll shudder you to your core to know that...brace yourself...the UN is also completely bugged. Been that way since the start.
A lot of you zombies think it's some good-hearted organization for finding lost puppies, but part of the Iraq-war intel came from there. And it stretches back all the way....I suppose to the Bay of Pigs or so.
It's not new; it's just new to you...part of how the world has always worked. Don't panic.
--- For a good time mail uce@ftc.gov
Your sig:
Gods don't kill people, people with gods kill people.
Those crazy super religious communists and facists! Killing all those millions of people in the name of Jesus! The mass murders of the 20th century, Stalin, Hitler, Pol Pot etc etc all were religious zealots!
Oh... wait a second. Erhh...