Does Wiretapping Require Cell Company Cooperation?
decora writes "Recently the dictator of Belarus, Alexander Lukashenko, accidentally admitted to wiretapping journalist Irina Khalip. Khalip is the wife of Andrei Sannikov, one of the many opposition presidential candidates who was imprisoned after the election in 2010. I am wondering how Lukashenko did this? Can a government tap a modern cellphone system without the company knowing? Or would it require cooperation, like when AT&T and others helped the NSA perform warrantless wiretapping on Americans?"
if you have the money and contacts. Covered on slashdot as far back as 2003 at least ...
Basically GSM can be made to switch to A5/0 i.e. disable encryption by use of a commercially available "IMSI catcher" device. Originally these sent a spoofed degraded signal to the base station to make it think A5/0 was needed (it uses less bandwidth), these days it seems they just act as base stations. Cellphones automatically lock onto the strongest base station, and GSM security authenticates the handset only, so such rogue base stations are not technically difficult to make.
The "degraded signal" method implies that A5/0 also kicks in naturally in areas of bad reception and anyone with appropriate scanner hardware could monitor calls in that area. You'd still have to deal with the frequency hopping though.
even before calea, there was something similar.
they need to teach this in civics classes at school. people need to be told this, explicitly. at least then they can't say "I didn't know."
yes, hardware vendors cannot sell unless there are backdoors.
(the elephant in the room now waves 'hi' to us)
--
"It is now safe to switch off your computer."
GSM has horrible security and carriers aren't exactly doing their best to make their networks secure either. A while ago you needed relatively expensive equipment (around $1000-2000) to be able to sniff on the network, but it's now been done with a few very cheap phones. There's a very informative presentation (with video) here. For this to work, you need to be close to the person you want to eavesdrop on however.
Yes. I used to work for a company that made CALEA-compliance stuff. Can't talk about that, but most of the major infrastructure companies had CALEA-compliance stuff built in. It is my understanding, from what I learned while I was there (only about a year before moving on to slightly less creepy stuff), that those functionality has to be available to law enforcement remotely, without requiring active assistance from the telco in some cases. I believe that the majority of cases involve telco cooperation, but only a limited subset of employees are aware when a tap is in place.
I believe Verizon has a couple of hundred people on staff who's full-time job is to assist in compliance with lawful intercept requests and that the information on the existence of an intercept is not shared with other people in the telco.
However, the commentary in the summary shows a bit of naiveness on the part of the submitter. Lukashenko is basically the last of the hard-line Eastern Bloc-style dictators. Getting a wiretap on an opposition figure isn't hard when you run a police state.