Slashdot Mirror
Greek, U.S. Officials Tapped For Years
Bruce Schneier posts on a story being reported in the Seattle Intelligencer. Greek and U.S. officials in Greece apparently had their phones tapped for over a year before the 2004 Olympics. From the article: "It was not known who was responsible for the taps, which numbered about 100 and included Greek Prime Minister Costas Caramanlis and his wife, and the ministers of foreign affairs, defense, public order and justice. Most of Greece's top military and police officers were also targeted, as were foreign ministry officials and a U.S. embassy number. Also tapped were some journalists and human rights activists." Schneier gives a bit of technical background on how the tapping was accomplished.
You don't tap foreign officials for things to be "admissible in court" - you tap them so that you get the information of what their plans are. Of course, in some states no-party phone taps are legal (I believe that Arizona is one - I'd have to recheck) if you own the phone service, and in most states one-party phone taps are legal (tough luck people of California, Connecticut, Delaware, Florida, Massachusetts, Maryland, Michigan, Montana, New Hampshire, Pennsylvania, and Washington who want to tap a phone call that they're taking part of). None of these would cover tapping someone who'se phone you didn't own, but then again, the federal government tapping a foreign government's phones doesn't fall under the jurisdiction of domestic wiretap law.
Really, though, is this such a surprise? I'd think a foreign government would have to be bloody daft to accept any sort of tech built in the US where any sensitive communication is going to take place. You can make a no-click phone tap from a modem; you think that the US government can't do better? Or do you think that the Bush admin has the scruples not to tap its allies?
Son, a woman is a lot like a refrigerator. They're six feet tall, 300 pounds... they make ice... umm...
This sounds like an organized crime activity to me. Lots of cash flowing around and knowing people's secrets could be just what somebody needed to get a fat contract where they could skim millions. Follow the money and you'll probably find who did this, even if you cant prove it.
I wouldn't be surpriesd if organized crime here in the US hadn't figured out a way to tap into people's phone calls. The telepone companies don't seem to care who listens to our phone calls anymore.
It's time for end to end encryption of all communications. We should get an SSL session from one handset to the other.
set softtabstop=4 shiftwidth=4 expandtab nocp worlddomination
They didn't have to.
They (whoever "they" is) did it all from the telephone company switch.
This is exactly the same mechanism that is used for "proper" (IE: court ordered, law enforcement initiated) taps.
A command is issued in the switch that makes any future calls to or from the "target" phone part of a conference. The 3rd party in the conference would normally be a one-way audio device, that is connected to the police recording equipment.
In this case, it appears that the monitoring party was another cell phone (a pre-paid one, hard to track down who it belongs to).
The "hack" in this case, is really just an un-authorized use of an existing function in the telephone switching platform. It only takes a couple of commands, from a login with appropriate permissions, to do this.
All that stuff in the movies "..what was that, did you hear a click?" is bogus. I've been involved in a lot of testing of these and you can't tell that there's anything out of the ordinary going on.
---
"I can't complain, but sometimes still do..." Joe Walsh
For the curious, here's a list of how each of the fifty U.S. states handle tape recording of telephone calls.
I'm not tense. I'm just terribly, terribly, alert.
"Omykod, neighbor, I just discovered a webcame in MY shower, too! Chekkidout!"
"Wow dude, someone put that same keylogger on my laptop, too! Here it is, right in the process list on my Windows Task Manager!"
"Greek Allies: Thank you for sharing your concerns that we were behind the recent suspicious rerouting of cell phone calls made by your top government officials. As you can see from the attached mobile phone company records, our embassy has been a victim of this heinous eavesdropping as well. We look forward to working with you to find the Real Perpetrators. Sincerely, CIA Field Chief -REDACTED-"
Some more interesting details:
t ics_371_03/02/2006_172382
1) The software used was developed by Vodafone's major supplier,
Ericsson. It was installed although Vodafone does not own any licenses
to use it.
http://news.kathimerini.gr/4dcgi/_w_articles_poli
2) Vodafone was notified by a Reseller, Q-Telecoms, about delays in
text message delivery, after which they undertook an ad-hoc analysis.
They found the software, supposedly a remotely activated Trojan (how
the hell could a Trojan get onto an SMS gateway?), by sheer luck, and
then disconnected the computer from the network.
3) The day after (2) the local security manager was discovered dead.
"Suicide", don't you know.
4) Ta Nea (http://digital.tanea.gr/) are claiming it was the CIA,
since the remote proxy used for collecting data appeared to lie in the
vicinity of the American and / or British embassies. How amateurish is
that? Their motive was "Anti-Terrorism" before, during and evidently
also after the 2004 Olympics, which is no doubt why the list of
mobiles being tracked also included those of some prominent, and very
very active (if you follow the news about bombs and firebombs at Greek
banks and ministries, you'll know what I mean) anarchists (not
commies, much more left wing than those boy-scouts).
So long,
They who would give up an essential liberty for temporary security, deserve neither liberty or security - Ben Franklin
I'd guess that they probably got access at some stage during shipping, not at the factory, and swapped outbound phones with ones modded in at their leisure.
;) It was a hollow cavity resonator - it had a large open space in the center with a simple wire in it. The vibration changed the capacitance between the diaphragm and the post plate, but there was no power source. It was not a bug on its own, but when the Soviets would broadcast a strong radio signal, an induced current would induce currents and stimulate a return broadcast at varying frequencies using the wire as an antenna, with frequency determined by the distance between the diaphragm and the post plate (which was determined by the sound impacting the diaphragm). I.e., a simple arrangement of metal became an FM transmitter when you broadcast radio waves at it.
Never underestimate the power of even a simple device to spy. My favorite spy tool of all time was a plaque given to the US Embassy at Moscow by the Soviets in 1946. The US inspected it and determined that there was absolutely no way it could be bugged. It was
Son, a woman is a lot like a refrigerator. They're six feet tall, 300 pounds... they make ice... umm...
It's interesting in many ways :
- it confirms what was previously just expected/suspected.
- The way in which it was done ( by installing software on the carrier's cell network that 'conferenced in prepaid phones' ) is definitely interesting.
- It was discovered.
Oh, and I've not read this anywhere else, but there's a post here which gives a few other details, including the mysterious "suicide" of one of the local security officials... not that I can tell you that it's anything real other than some radom dude posted something here, but still, that's interesting too, especially if true.
Anyway, I find it much more interesting than another RIM article or another CSS&HTML book review.
I am going to tell a little story.
Once upon a time, there was a dike. It was just a simple dike, nothing special. The dike was built, as dikes are, to stop water from flowing all over. One day though, someone decided to break a little bit of the dike. Nothing too drastic. Just a little water flowing out. What's the harm, y'know? In fact, it's helpful to the people nearby, since they get some free water! Thus, the whole wasn't fixed. But this little hole soon started to get larger. Alright...well the people are getting more free water now! But this hole kept on getting larger. Eventually, the hole was so large that the dike was of no use anymore. All the people who were getting free water could now be found under that water.
Now, to come back to the topic at hand: What happens when the government finds out that it is "okay" to eavesdrop on its own citizens? That the people don't care one bit about the whole thing. The government starts to do it more often. Eventually, it is too large to stop. I could very well bring up the Nazis, but I'd prefer to not violate Godwin's law.
Stories such as these raise awareness to the fact. I remember reading a comment earlier today about how the RIAA was purposely initiating frivolous lawsuits (Such as suing the person who never used a computer.) simply to remind people that they are still actively hunting those 'evil pirates.' The more people are aware, the more they participate. For example, in the late-1700s and early-1800s, the literacy rate throughout Europe started to rise. At the same time, the level of participation within politics also rose. One of the primary causes of the French Revolution (and the Terror that followed) was the use of newspapers to raise awareness amongst the populace.
Nowadays, awareness is the first step toward action.
Would you kindly mod me +1 insightful?