Feds Have a High-Speed Backdoor Into Wireless Carrier

An anonymous reader writes "An unnamed U.S. wireless carrier maintains an unfiltered, unmonitored DS-3 line from its internal network to a facility in Quantico, Virginia, according to Babak Pasdar, a computer security consultant who did work for the company in 2003. Customer voice calls, billing records, location information and data traffic are all allegedly exposed. A similar claim was leveled against Verizon Wireless in a 2006 lawsuit."

Wow!

[stratjakt]

If some guy said it, it must be true!

CALEA

[jaredmauch]

It's very likely this is to meet the realtime reporting/relay requirements of the CALEA statue which governs lawful intercept of voice and data communications.

Re:CALEA

[faedle]

This is precisely what this is.

NEWS FLASH: EVERY wireline and wireless carrier has facility like this between their central offices and Quantico, Virginia. I can tell you for an absolute fact that a medium-sized cable company operating in the Rocky Mountain region has similar facilities between their main office and the FBI Academy, because I helped install it.

Welcome to the world post-CALEA.

Re:CALEA

[chill]

CALEA taps are on a per-warrant basis. They are explicitly ONE WAY. The LEA can NOT establish a connection back to the carrier. It must initiate the tap from the carrier side. The LEA can not input requests directly. They must pass them to the carrier to enter.

While a DS-3 might not be out of the question to the FBI, depending on the volume of traffic, I have yet to see an "unmonitored" line. Everything I've seen (and set up -- I do this for a living) is an IPSec tunnel from the carrier to the LEA with BER encoded ASN.1 for data and packetized native (to the carrier) encoded voice. And the line works one way only. Carrier --> LEA. The only packets flowing back are stateful connection packets.

In short, I think this story is B.S.

Yes, the FBI probably has a big line with no firewall. That is because the firewall(s) is/are on the carrier end. The carriers do extensive logging as well, so it doesn't surprise me that the FBI-end of the circuit isn't heavily logged. They log their REQUESTS and the carrier logs the connections.

Re:CALEA

[faedle]

While it is true that the connection is "one way", many large carriers do it with a conventional high-cap circuit, like a T-1 or DS-3, because it is easy.

It may appear to be unfiltered to the person making the connection. However, if it is anything like the T1 I hooked up where I worked, only the calls with active warrants are passed down the T1. That being said, the T1 hooks directly into the switch just like any other T1, and is configured to be a CALEA port in the switch itself. A wire-frame guy who isn't doing the programming/translations wouldn't know any better, so I think that's where this "idea" comes from.

Re:CALEA

[Adambomb]

well, the reason thats in CALEA that a legal wiretap must be reporting the details in real time to avoid the possibility of modifying the results of a wiretap from any side (IE: no '3 second broadcast delay' or situations like that).

Still horsepucky, but it IS part of CALEA as the above posters are mentioning.

Re:CALEA

[faedle]

Because the FBI Academy in Quantico is the clearinghouse for the FBI for all CALEA wiretaps, and acts as a "one-stop shop" for carriers wishing to comply with the law.

Use the Goog. It's your friend.

Re:CALEA

If you helped install it, then you should learn to shut up on sites like this.

Re:CALEA

[statemachine]

If you read the article, you'll notice that it isn't some "wire-frame guy" but a security consultant hired to specifically address network security. So he'd have access to all the routers and their ACLs and other firewalling hardware, which would allow him to make such a judgement.

Re:CALEA

[webb75]

Read the article next time:

" Because the data center was a clearing house for all Verizon Wireless calls, the transmission line provided the Quantico recipient direct access to all content and all information concerning the origin and termination of telephone calls placed on the Verizon Wireless network as well as the actual content of calls.

        The transmission line was unprotected by any firewall and would have enabled the recipient on the Quantico end to have unfettered access to Verizon Wireless customer records, data and information. Any customer databases, records and information could be downloaded from this center."

  Since the tech was at the telco & not at Quantico, he was referring to security on the telco side. There was no firewall on the telco side.

Re:CALEA

[Scrameustache]

Don't do evil shit and you won't have to worry. If you have nothing to hide?
Seriously? You're going with that argument?

Re:CALEA

[bigdavesmith]

It's times like this I wish I could mod things 'wrong'

You think all those people in Chinese prisons who were arrested for speaking out against the government 'did evil shit'?

Not that we live in China, but thinking that this can't turn against you...

Re:CALEA

[Jah-Wren+Ryel]

Don't do evil shit and you won't have to worry. First problem - this system encourages lack of oversight - you know the checks and balances that our American system of government was founded on. In the past, not only did a wiretap require a court order, there was someone at the phone company who actually checked that the court order had been obtained before enabling the wiretap.

Now, while a court order is still legally required, it is no longer technically required. The FBI need only press a button to start wiretapping. Not only is there no one outside of the organization verifying that the FBI has a legitimate need to know, there is no one keeping records of the wiretaps other than the FBI itself. Our American system has been subverted in the name of safety.

Second problem - what the FBI can use, criminals can abuse. And I'm not talking about criminal behaviour by the FBI itself, I mean unauthorized users with the smarts to co-opt the backdoors that the FBI uses. See this paper from the January/February 2008 issue of IEEE Security and Privacy.

Third problem - what's your definition of "evil shit?" Does it include breaking up with your boyfriend, the federal agent?

Re:CALEA

[eli+pabst]

Once they feel confident enough to openly acting that way, then it's already too late.

You should seriously spend some time learning about the principles this country was founded on, because the concept of monitoring interpersonal communications of American citizens would have been an appalling affront to the people who founded it and gave their blood and lives for it. Frankly I find it shameful that so many Americans are willing (if not overjoyed) to hand over their Constitutional rights.

Re:CALEA

[bigdavesmith]

I'm not trying to be insulting, but I'm not sure you understand the reality of what you're trying to argue.

If there comes a time when the US government starts acting like China (having people tortured and killed because of their political views), we can take care of it with something called an "election".

Read the above quote. If the US ever starts killing people for expressing political views, you're going to fix that by... expressing your political views? Or are you assuming that even though the government is willing to kill people for their political views, they're going to keep the voting system fair and unbiased, so that people who don't like getting killed can vote and change the system?

I'm not trying to be a dooms-day preacher, saying that we're going to start killing our own citizens for exercising their freedom of speech, but the fact of the matter is, as seen in your circular logic (someone correct me if that's not what it is) in the quote above, that by the time it is a problem, you're not going to be able to fix it by voting.

I feel like I understand your argument; I'm not doing anything wrong in my house, so why do I care if the government puts cameras up and watches everything I do? Honestly, I don't care one bit. Until someone decides to pass a law that makes copying a CD illegal, or being gay (just an example... I'm not) illegal, or decides they don't want to count my vote in the next election because I'm a Democrat (again, just an example), or decides that I should be put in jail where my anti-government ideas can't influence other people. And by then, voting isn't going to do me much good.

Re:CALEA

[MillionthMonkey]

I'm not impressed either. *I* helped install the secret surveillance system between DNC headquarters and the FBI Washington Field Office.

Re:CALEA

[freedom_india]

we can take care of it with something Why do i keep seeing the following poem on the US Holocaust Memorial:

First they came for the Socialists, and I did not speak out -
because I was not a Socialist.
Then they came for the Trade Unionists, and I did not speak out -
because I was not a Trade Unionist.
Then they came for the Jews, and I did not speak out -
because I was not a Jew.
Then they came for me - and there was no one left to speak for me.

I couldn't care less if there's some guy sitting in an office in Virginia listening to my phone calls. Small drops make a ocean, small grains of sand make a beach.
Small steps like these make a totalitarian state make.

Do you think our Founders were stupid to abolish domestic spying?

It is people like you who form the remaining 22% support base for Bush & Co.
Perhaps if you are shown on your DVD player all (i mean ALL) that you have said, done and possibly non-being-able-to-do, i guess you will understand...Or probably you would shrug it off when Eva Longoria comes about in Desperate Housewives.

Re:CALEA

[BVis]

You're not serious.

Do you think this administration gives a flying fuck whether or not evidence is admissible in court?

Once the government started holding people indefinitely without trial, the whole concept of admissibility went right out the fucking window. Prisoners in Gitmo don't even have the right to know what the evidence against them is at all, much less whether or not it's admissible in a court of law. (Hell, they don't even have access to lawyers to tell them whether or not the evidence is admissible.)

Concern for this sort of infrastructure and its potential for abuse isn't tinfoil-hat paranoia, the abuse can and has happened. (If you haven't been paying attention, google 'warrant less wiretapping' for further information.)

The checks-and-balances part of the Constitution has been slaughtered in the name of 'protecting our citizens from the terrsts' and 'national security'. While the latter is nothing new, the former is a recent development.

Trusting this government (or any likely future one) with this kind of potential for abuse is kind of like putting a junkie in a room with a kilo of heroin and his 'works', and telling him only to shoot up if the withdrawal symptoms become impossible to bear. It doesn't matter IF they abuse the system, the problem is that they ARE the system, and will do whatever they feel is necessary to protect the system, and therefore themselves (and the multinational corporations that pull their strings.) Even when they DO get called on something that's obviously an abuse of the system (if not black-letter-law illegal) they stamp their feet, throw a tantrum, and refuse to do ANYTHING until the multinationals get immunity for their self-serving rape of their customers' privacy rights.

I've said it before, I'll say it again: If you can convince a judge that I'm obviously engaged in illegal activity, wiretap away. Until then, get the fuck off my phone lines. While I understand the need for expedience in an emergency situation, there is no reason for these lines to be active at all until there's a signed warrant. If you think that's too much bureaucracy or an unnecessary burden on law enforcement, go find another country, because this one requires it by Constitutional order. The only way we can avoid a police state (well, a more obvious one) is to not allow this sort of shit to go unquestioned.

Ghorbaneh Shoma

[Jeremiah+Cornelius]

Babak, Agha!

Guess who!

[Ripit]

FTA:

That suit names Verizon Wireless as the culprit.
"Can you hear me now?"

"Yes we can, perfectly clear."

In an unrelated story....

[Holistic+Missile]

....Babak Pasdar, a computer security consultant, has not been seen nor heard from since he left a client site earlier today. His family life was stable and solid - his family suspects foul play. Federal officials suggest that no foul play was involved, and regret that they cannot waste their resources on a missing person who 'probably ran away to start a new life.'

Full story at eleven....

Re:Talk is Cheap

[tomhudson]

Extraordinary claims require extraordinary evidence.

The problem is that, with this administration, any claims of domestic spying are hardly "extraordinary". It's more like "business as usual" - to be assumed unless there's evidence to the contrary.

Re:Talk is Cheap

[monoqlith]

Hmmm. How about we try to get some?

Go to your Verizon Wireless-serviced cell phone, call a friend in a foreign country, and have a normal conversation, but make sure to throw in a few key "red flag" words and phrases here and there. Examples of "red flags" are:

"Bomb"
"Subways"
"Code Green"
"Statue of Liberty"
"Monuments"
"Airplanes"
"Buildings"
"I hate George Bush and think the Justice Department is a corrupt pile of shit"

Say goodbye to your friend once a few or all of these phrases have been sprinkled into your conversation. Then sit back in your favorite Barca lounger, take out your stopwatch, measure how many minutes it takes for one or more black SUVs to park across from your driveway.

The NSA and FBI are both hiring in the Tech areas

[QuantumRiff]

If your interested in applying, call your mother and tell her.

And the loyal opposition, the Democrats, will...

[The+Master+Control+P]

Make a roaring bluster about this and then fold like wet paper tigers when it comes time to put up or shut up..

Do you want to know why Bushco thinks it's above the law? Because until you fucking cowards grow a goddamn spine and stand up to their evil, corrosive attitude towards the rule of law THEY ARE.

Why is it that in 8 years, I have never, EVER heard of a major Democrat standing up and saying outright, without analogy, subtlety or tact, that thanks to Bush the terrorists have succeeded beyond their wildest dreams? That thanks to him, 19 insane religious fanatics have gone from "attacked three buildings and got their organization crushed like a bug for it's trouble" to "shook the rule of law, the foundation of the most powerful country in the world, to it's base?" That thanks to him and the Republican fear machine, bin Laden has changed and hurt American society in ways he never could have dreamed of? That thanks to him, the terrorists have won in every way that matters?

Why are people surprised by this?

[slashname3]

I don't understand why people in general, and specifically the /. crowd, are surprised to learn about such accommodations? Anyone that knows even a little bit about networking should realize that unless they are encrypting their connections they are open to anyone along the line. What would be more interesting would be if there was a claim that they were breaking AES encryption in real time. That would be of interest. But since that is not the case there is nothing of real interest here. Nothing to see. Move along folks.

Opposition? You've been deceived...

[msauve]

there's little difference between the Democrats and the Republicans. They're both intent on maintaining and building government power. It's only their _priorities_ which are different. Ultimately, they're for the same end result. That's the great scam - they stay in power by making the plebes think they have some sort of say in their destiny.

Re:everyones an expert

[nyet]

You are user # 1,251,600.

You don't think that out of that 1.2 MILLION of mostly geeks many of us don't work in the datacom industry?

And that out of those, many of us see the stupid games the government plays with the second biggest near monopoly/cartel on the planet?

It doesn't add up

[Derling+Whirvish]

My BS detector is pinging.

the transmission line provided the Quantico recipient direct access to all content and all information concerning the origin and termination of telephone calls placed on the Verizon Wireless network as well as the actual content of calls. The contents of my cell phone calls made locally intracity west of the Mississippi DO NOT get routed through a single line on the east coast that terminates at Quantico. It's absurd to think that all of Verizon's cell calls are routed to that link. Occam's razor.

Re:And the loyal opposition, the Democrats, will..

[The+Master+Control+P]

Do you seriously believe that President Gore or President Kerry would have initiated/continued the kind of blatant attacks on the rule of law & accountability that are so characteristic of the Bush administration? Would they have debased our ability to claim any moral high ground by condoning and supporting torture? Would they have used "national security" as a cover to try and build a corporate-sponsored surveillance state? Would they madly cling to policies under the banner of "stay the course," no matter how horribly and obviously wrong those policies were or turned out to be? Name the last Democratic president who said in an interview that this would be a lot easier in a dictatorship if he were the dictator.

The Democrats are no better than Bush? Then why is it Bush, and the party which routinely condemns "tax-and-spend liberals" and trumpets itself as the bringer of small government and fiscal responsibility, the one which has in 8 years saddled us and our children with more debt than every other president combined, and doubled the size of the federal budget whose cancerous growth he and the Republicans so vehemently denounce?

Neither party is at all better than the other? Since when have the Democrats proclaimed themselves to be the sole beacon of light, Moral Decency, and the Traditional American Family in the smothering night of evil secularism, only for one Democrat after another to turn out to be those gays or adulterers whom they so ardently and stridently insist are going to be the downfall of America?

What Democratic or Republican president before Bush has taken that fabled shining city upon a hill, and desecrated it such that his supporter's defense in a debate is no longer "Because we are better than they are," but "We aren't the worst human rights violator on Earth?"

No, the Democrats have a very long way to go before they are as bad as Bush has been, for both his party and the nation.

Nonsense

[Mr2001]

there's little difference between the Democrats and the Republicans. They're both intent on maintaining and building government power. It's only their _priorities_ which are different. Oh, and their policies. You know, little things like health care, social security, abortion, welfare, environmental and industry regulations, taxes, teaching religion in schools... those things matter, at least to most of us.

But I guess if the only thing that matters to you is "government power", then yes, you might think they're the same, because you're ignoring all the substantial differences.

Re:Nonsense

[Mr2001]

Most of us do care about those things but most of us are experienced enough to know that GOVERNMENT is the absolute worst entity to charge with making positive changes therein. Experienced? No, that's not experience, it's ideology. Look at any country other than the US, and you'll find plenty of people with plenty of experience who believe that the government is quite capable of making positive change.

In fact, one might argue that the main reason the US government has been so bad at making positive change is that there are so many people here who believe, as a matter of principle, that government can't do anything well - and when those people are elected, they use their power to prove themselves right.

Government is really just an alternate way to get things done. Private industry and the free market are excellent at getting things done efficiently, but the other side of that coin is, they don't even try to get anything done that isn't going to be profitable. If you want something done, period, whether or not it's profitable, that's where government is useful. For example, look at phone and electrical service in rural areas: it didn't exist before the government stepped in, because it wasn't profitable to build phone infrastructure where there were only a few potential customers, but We The People decided that infrastructure was important enough that it should be built anyway.

I'd rather have a gov't stagnated and unable to do much than one that felt it had the mandate of heaven, even when literally killing their own citizens en masse. Hey, so would I. No one likes mass murder.

On the other hand, I'd rather have a government that does good things, like make medical care and education available to people who can't afford to pay for it, than one that's stagnant and unable to do anything.

Do the math

[thegameiam]

A GSM half-rate channel is 5.6Kbps (a fullrate channel is twice that, but let's look at the most extreme case). A DS3 = 45 Mbps. 45Mbps = 45000Kbps

45000Kbps / 5.6Kbps = 8037 simultaneous calls supported on a DS3, assuming 0% overhead, protocol, encryption, and that all calls are half-rate.

VZW and ATTW have subscriber counts in the millions.

Whatever the legality or circumstance of this, a single DS3 is hardly wholesale snooping.