Slashdot Mirror

← Back to Stories (view on slashdot.org)

How To DDoS a Federal Wiretap

Posted by timothy on from the first-step-get-wiretapped dept.

alphadogg writes "Researchers at the University of Pennsylvania say they've discovered a way to circumvent the networking technology used by law enforcement to tap phone lines in the US. The flaws they've found 'represent a serious threat to the accuracy and completeness of wiretap records used for both criminal investigation and as evidence in trial,' the researchers say in their paper, set to be presented Thursday at a computer security conference in Chicago. Following up on earlier work on evading analog wiretap devices called loop extenders, the Penn researchers took a deep look at the newer technical standards used to enable wiretapping on telecommunication switches. They found that while these newer devices probably don't suffer from many of the bugs they'd found in the loop extender world, they do introduce new flaws. In fact, wiretaps could probably be rendered useless if the connection between the switches and law enforcement are overwhelmed with useless data, something known as a denial of service (DOS) attack."

3 of 112 comments (clear)

  1. Redundant Technology by mikelieman · · Score: 3, Interesting

    Given that the US Government had AT&T put optical splitters on the network backbones a while back, isn't this CAELA stuff obsolete? It still presumes that Warrants count and stuff and that they're not already copying all voice and data communications.

    --
    Technology -- No Place For Wimps! Grateful Dead and Jerry Garcia Chatroom -- http://www.wemissjerry.org
    1. Re:Redundant Technology by vvaduva · · Score: 3, Interesting

      Obsolete in the sense that it could be done better, or that new technology is already out and readily available to law enforcement? To me it looks like something that works well enough to catch bad guys. The paper deals with a lot of theoretical stuff that will be very hard to replicate in the real world; drug dealers, jihadists and even well-skilled technical people will have a really hard time overloading a major telco switch without access to expensive hardware and lots of resources which very few people have.

  2. Re:Buffering... by starfishsystems · · Score: 3, Interesting

    I developed a similar system. This particular product is not restricted to voice, but supports any network device which can mirror its packet traffic.

    Under its present interpretation, CALEA applies to any sort of subscriber data. If law enforcement can clearly identify the subscriber and the intercept period, the network provider is obliged to supply all data carried for that subscriber during that period. That could be your voice traffic or web browsing or email or whatever. The plant has to be engineered accordingly, but that's essentially a capacity issue.

    On the other hand, it's important to note that there is no obligation upon the provider to interpret the supplied data. Such an obligation would be unreasonable and unenforceable. Instead, law enforcement is basically getting a raw PCAP file.

    I'll tell you what I found to be the most interesting aspect of this project. There is very strict language in CALEA against intercepting data except for the specified subscriber during the specified period. Of course we were careful to implement controls over that. But until I insisted on the point, nobody even considered that we might want to have controls to verify that the intercept request came from a bona fide court and that the intercept data would be sent to a bona fide law enforcement agency.

    --
    Parity: What to do when the weekend comes.