Does Wiretapping Require Cell Company Cooperation?

decora writes "Recently the dictator of Belarus, Alexander Lukashenko, accidentally admitted to wiretapping journalist Irina Khalip. Khalip is the wife of Andrei Sannikov, one of the many opposition presidential candidates who was imprisoned after the election in 2010. I am wondering how Lukashenko did this? Can a government tap a modern cellphone system without the company knowing? Or would it require cooperation, like when AT&T and others helped the NSA perform warrantless wiretapping on Americans?"

Kinda

[atari2600a]

If the government took the time to build a mainframe to crack the encryption keys, theoretically they could do it with little more than a partyvan equipped with a few dozen microwave radios or cell phones.

Re:Kinda

[atari2600a]

Keep in mind I'm talking out of my ass here.

Re:Kinda

[Jafafa+Hots]

Actually it turns out the easiest way is simply to tell the corporation you want the information.

That's all it took here in the US and we were ostensibly a dictator-free country with laws against it. So in a country with a dictator, it's a no-brainer.

Look at Cisco/China etc.,

Expecting ethical behavior from a corporation is like a duck expecting a piggyback ride across a lake from an alligator.

Re:Kinda

[Fluffeh]

Expecting ethical behavior from a corporation is like a duck expecting a piggyback ride across a lake from an alligator.

Which is not to say that it will never happen it is just unlikely....?

Re:Kinda

[sortius_nod]

Why is this even a question for slashdot. A quick google will inform you that Belrus has a state owned telco.

Nuff said. They own the telco, they'd have access to all traffic across it.

Re:Kinda

[Gadget_Guy]

Nuff said. They own the telco, they'd have access to all traffic across it.

Between your post and elucido's first post, this question is now answered. The conversation is over. You have got the how and the why.

The only question remaining is how the phrase "Alexander Lukashenko openly stated that the phones of Irina Khalip...were being monitored by the special services" can become "Alexander Lukashenko, accidentally admitted to wiretapping journalist Irina Khalip" in the summary.

"Openly stated" is nowhere near the same as "accidentally admitted".

Re:Kinda

[danlip]

egrets, I've had a few, but then again, too few to mention ...

Wasn't this the whole point of CALEA?

[Scareduck]

And isn't it the case now that stuff is embedded in all the major telecom hardware makers?

Re:Wasn't this the whole point of CALEA?

[TheGratefulNet]

even before calea, there was something similar.

they need to teach this in civics classes at school. people need to be told this, explicitly. at least then they can't say "I didn't know."

yes, hardware vendors cannot sell unless there are backdoors.

(the elephant in the room now waves 'hi' to us)

Re:Wasn't this the whole point of CALEA?

[bsDaemon]

Yes. I used to work for a company that made CALEA-compliance stuff. Can't talk about that, but most of the major infrastructure companies had CALEA-compliance stuff built in. It is my understanding, from what I learned while I was there (only about a year before moving on to slightly less creepy stuff), that those functionality has to be available to law enforcement remotely, without requiring active assistance from the telco in some cases. I believe that the majority of cases involve telco cooperation, but only a limited subset of employees are aware when a tap is in place.

I believe Verizon has a couple of hundred people on staff who's full-time job is to assist in compliance with lawful intercept requests and that the information on the existence of an intercept is not shared with other people in the telco.

However, the commentary in the summary shows a bit of naiveness on the part of the submitter. Lukashenko is basically the last of the hard-line Eastern Bloc-style dictators. Getting a wiretap on an opposition figure isn't hard when you run a police state.

Re:Wasn't this the whole point of CALEA?

[joocemann]

You could *always* intercept the signals from the air. Since when did anyone think sending their calls through the air would only go to the desired place?

Re:Wasn't this the whole point of CALEA?

[Sycraft-fu]

I can't speak to the telecom side, but when I worked for network operations we processed a wiretap request for data. They came with a warrant and told us what they needed. They had a given computer they wanted to monitor. So data from that port was mirrored off to a computer they provided that we didn't have access to. They connected to that with a T1. When they were done, they took their box and were off. Some time later, after the court proceedings, everything was unsealed and no longer secret.

This was something that only a limited number of people knew about. While it was going on the judge's order was basically a gag order "You can't talk about the fact this is here or happening," kind of thing. Pretty typical for what you see with court cases.

Wasn't really anything special. I'd imagine most managed switches are CALEA compliant by virtue of being able to mirror ports. That lets you monitor traffic, without the party knowing it is happening.

Now who knows, maybe major providers have special network connections back the FBI and so on directly, but I kinda doubt it. They were big on having their own hardware doing the capturing and they didn't want to reach it via the Internet, hence it had its own T1 (originally dialup but the voice switch guys told them we could get them a T1 no problem).

Wouldn't surprise me if they had equipment kept in the buildings though. Their own locked rack and all that. Provided it was properly access controlled it should keep the chain of evidence evidence intact and they could just present the warrant to the telco/ISP and get a tap going quickly.

Re:Wasn't this the whole point of CALEA?

[Shotgun]

I worked for AT&T at a small manufacturing plant in Whitsett, NC for several years in the early to mid 90's. We were a union shop in a right-to-work state, so the management was struggling to find projects that had enough margin to keep the plant open. It was probably about '93 when we picked up a project that was an "encryptor".

It was about the size of a pack of playing cards, with two phone plugs in the back. You'd plug your handset into one side and connect the other to the phone. You'd call the other party, then press a button. The device would negotiate with the other party's device, and all a third party would here is static.

The project was going like gangbusters, and then all of a sudden it just stopped dead in its tracks. The government came in, shut the project down, and bought all the inventory. I never saw one again.

If the government doesn't have a way in, you won't find the product on the open market.

What kind of stupid question is this?

[BitHive]

Just think about it for a minute. The only way a government or dictator could tap someone's phone without the phone company knowing would involve using secret agents (in the broadest sense) to plant bugs or intercept signals.

If there were ways to tap phones without doing this, using only the phone system, they would be common knowledge.

The easiest method is to use your influence (legitimate or otherwise) to get the phone company to cooperate, which is unsurprisingly the most common.

What was the point of this question?

Dictator

[bahurd]

I think the key word here is "dictator", as in you WILL do this wiretap....

Yes

[b4upoo]

Although it is a bit more difficult with current technology cell phones can be intercepted. The portable phones, even claiming to be frequency shifting can also be intercepted. And nothing is a worse bug than a baby monitor as those things have quite a signal output and are almost never secured. They can broadcast whispers from many rooms in the home as the sensitivity is great on their microphones. I think any serious radio hobbyist could talk if they were not frightened to admit eavesdropping. From what I know people should be encouraged to tap into communication streams. What you learn might scare you to death.
            I am certain that none of the above remarks are factual and only some part of a bit of stew gone rancid or a fire in my imagination. I know nothing.

Re: Yes

[phantomfive]

GSM is not secure. Don't reveal important information over a cell phone, any more than you would a landline (which has no encryption whatsoever).

Not too concerned

My opinion is if you aren't doing anything wrong you have nothing to worry about. If it helps put criminals and terrorists away....have at it!!!

Cinthia :)
http://www.car-shipping-quotes.net/site_map.html

Yes, quite easily

if you have the money and contacts. Covered on slashdot as far back as 2003 at least ...

Basically GSM can be made to switch to A5/0 i.e. disable encryption by use of a commercially available "IMSI catcher" device. Originally these sent a spoofed degraded signal to the base station to make it think A5/0 was needed (it uses less bandwidth), these days it seems they just act as base stations. Cellphones automatically lock onto the strongest base station, and GSM security authenticates the handset only, so such rogue base stations are not technically difficult to make.

The "degraded signal" method implies that A5/0 also kicks in naturally in areas of bad reception and anyone with appropriate scanner hardware could monitor calls in that area. You'd still have to deal with the frequency hopping though.

Answer: No

[SEWilco]

A government can bribe or persuade an employee to perform the tap, or place an undercover worker in the telephone company in a position which can perform taps. So taps could be done without the telephone organization knowing about them.

Yes, and it only costs $40

[ketso]

GSM has horrible security and carriers aren't exactly doing their best to make their networks secure either. A while ago you needed relatively expensive equipment (around $1000-2000) to be able to sniff on the network, but it's now been done with a few very cheap phones. There's a very informative presentation (with video) here. For this to work, you need to be close to the person you want to eavesdrop on however.

Re:Yes, and it only costs $40

[Heretic2]

I'd call that "relatively cheap equipment" personally.

why end this summary with a question mark?

http://www.wired.com/threatlevel/2010/07/intercepting-cell-phone-calls/

does that answer your summary?

GSM, SRSLY?

GSM is not the most secure standard out there. Check the video from this presentation for a nice overview of exactly how fucked up GSM security is.
http://events.ccc.de/congress/2009/Fahrplan/events/3654.en.html

No

[Charliemopps]

It's very easy to tap a phone. Landlines are extremely simple to tap. You could do it with a little research on the web. Tapping a cellphone is slightly more complicated but still easy. In more modern countries it's getting a little more difficult as we all move towards soft-switches but in Belarus they still have PULSE dialing on their landlines. This means their switches are definitely hardware, and definitely at least 30-40 years old. Who owned the phone company 30-40 years ago? The USSR. I guarantee all their cellphone traffic travels through the same switch(s) installed by the USSR back in the day and all the equipment the KGB had installed at the time is likely still there. You make a call, it hits the cell tower, the cell tower has trunks that lead back to the switch and now they have you. It's a trivial matter to request that all incoming calls from a particular number get recorded.

Re:No

[Alex+Belits]

but in Belarus they still have PULSE dialing on their landlines

So does US. Tone dialing is convenient, but for the sake of compatibility, pulse is supported on all landlines. Plug a Model 500 phone into any analog phone outlet in US, and it will work.

Anti-terrorism Laws legal tapping.

[NSN+A392-99-964-5927]

Ever since the world ended up going hell bent on terrorism laws (New World Order), all wire-tapping is legal with or without a warrant and you do not require any special permissions anymore if you work in law enforcement and a telecoms company need not know either.

It is better known as black boxing http://en.wikipedia.org/wiki/Black_box these systems have been in place since 1998 legally. The FBI changed it's code name from Carnivore to Magic Lantern after a bunch of hackers exposed the source code "cult of the dead cow" If I remember correctly.

Now you also have the likes of GCHQ and deep packet inspection http://www.theregister.co.uk/2009/05/05/gchq_mti_statement and they have been doing this since 1996.

The simple fact is you can be recorded for any half plausible excuse. Getting your location through a cell network takes about 5 seconds...... sadly each persons privacy is eroded and you do not have any choice.

Don't use Credit Cards, Cell Phones, Loyality Cards or the internet. Get out more and a pen and paper works better than spoken words!

Re:Anti-terrorism Laws legal tapping.

[Shotgun]

Ever since the world ended up going hell bent on terrorism laws (New World Order), all wire-tapping is legal with or without a warrant and you do not require any special permissions anymore if you work in law enforcement and a telecoms company need not know either.

The erosion of liberties guaranteed to you in the US Constitution as a result of the War on Terrorism simply pales in comparison to what you've surrendered due to the War on Drugs and the War on Poverty.

Re:Tapping land lines?

[fuzzyfuzzyfungus]

If you have a gluttonous lust for ghastly, utterly banal, PR-drivelspeak concerning wiretapping, anybody on Cisco's "Lawful Intercept Mediation Device Suppliers" list is excellent reading.

Reminds me of the Greek wiretapping scandal

[kabloom]

Reminds me of the Greek wiretapping scandal. In that version of the wiretapping scandal, a very technically sophisticated attacker (possibly an insider in the phone company) installed wiretap software into the phone network's routers. News broke after a top exec at the phone company hanged himself. Though surely there's a lot we don't know, it was almost certainly not official company policy to cooperate with government wiretaps on political opposition.

It's called "Lawful Intercept" technology

[mysidia]

Not only is cooperation from the phone company not required, but the phone company doesn't get to know when it's being used, and has no technical means to stop it or prevent it.

It's a legal requirement that the government is given the means to tap at will, and a legal requirement that their tapping cannot be discovered.

That's what is happening when telecom/network equipment vendors are touting the "lawful intercept" feature compliance of their latest product models.

Wiretapping is too easy now.

[Animats]

Wiretapping is just too easy now. It used to be quite difficult. Before electronic central offices, wiretapping required either a tap near the phone end of the circuit, or wiring to the appropriate circuit at the central office's main distributing frame. Telcos charged law enforcement for central office taps. Guliani writes, in his book about his days prosecuting the New York Mafia, that they were paying about a million dollars a year to New York Telephone for wiretaps, which were charged as private line extensions. On one occasion, the FBI didn't pay a bill on time, and the billing system billed the other party on the circuit, the one being wiretapped. This was a major motivation for CALEA.

In the crossbar era, it was possible to use the Automatic Line Insulation Test (ALIT) gear for wiretapping. This was a system that automatically tested each line every night, applying a test voltage and measuring leakage between the lines and to ground. Lines could also be tested remotely, on request, and the gear allowed listening in. But a central office would typically only have two sets of ALIT gear (three racks each), and using it for wiretapping interfered with routine maintenance. The FBI could sometimes get access to ALIT gear, but not local law enforcement. Only for short periods, too; the telco would keep demanding their test gear back.

All this was such a headache that wiretaps weren't used much. Now, all CO gear has remote wiretapping of large numbers of lines on demand at all times. It's also much easier to record and to monitor the recordings. Orwell would be so impressed.

why do they bother, are they nut cases?

[cheekyboy]

Why bother spying, i mean in the end whats the worst that can happen, you loose elections, and you still have billions of dollars. big deal.

Are they really that psychotically married to the idea of rule over the people?

I mean, get over it dumbass dictators, your a bunch of fukwits. That will get early dimmensure or some disease. You can take your billions when you died, might as well retire and live like Billy Maddison with all the cocaine you want.

Their rule over the people is one big illusion, 10million yes men, who would kill you for youre wealth if offered.

Re:why do they bother, are they nut cases?

[erroneus]

What you fail to appreciate is that if you have billions of dollars, you have billions to lose and billions to protect and defend. Once you lose control of your own destiny (as if anyone ever had full control of it) and someone else is in charge, those billions might as well be in their hands.

Let's put it this way. One of the first things people do with their new home is to put their own locks and security devices in them. It's theirs and now they need to protect it. And the more you have, the more you have to lose. And unless you are comfortable with other people taking what's yours (and most people aren't) you have to do something to protect it.

I'm not saying it's right or good or normal... no wait, I am saying it's normal. What's not normal is having way more than you need. But these desires have a way of building on themselves. "I have resources. I need to protect them. To do that, I need more resources..." Some people just don't know when, where or how to stop. The rest of us are inherently limited in some way.

VOIP IAX encryption

[cheekyboy]

IAX encryption

As of asterisk version 1.2.4 (maybe before) there is a rather undocumented channel encryption feature included in chan_iax2. After successful authentication the whole channel including control data and voice data is encrypted with AES128. The encryption can be activated by adding the line

    encryption=aes128