While the paper seems to come from a serious source, as far as I'm familiar with this kind of equipment (I worked for Comverse (CMVT), which builds these wiretapping boxes) the simple solution is called SS7 (Signaling System number 7). It's an out-of-band signaling system that provisions and "tears down" calls on a separate network from the voice cables and therefore cannot be messed with over the line, no matter what you send on it.
I start to believe from this article that the affected systems (the FBI says only 10% are affected) are just too old and have never been upgraded to use SS7.
As far as I recall, the Pentium 4 (at least the original one) was developed in Israel.
Also all of Intel's mobile line is developed in Israel.
Again, maybe my memory is hazy, but I just wanted to bring up this point in light of the "Israeli technology is crap" posts raised in previous stories.
As the Anonymous Coward says (but I don't see how to moderate up his comment) - reading is the relativelly easy part, especially once you have the documentation and tons of samples to test with.
Besides, file formats talk about the data - order of fields, permitted values in fields, etc., not about how to program the process which writes or reads the fields, this part is up to the implementor. For examples just go to the W3C site and look for the specs of HTML, XML, CSS etc.
(As another, although not direct, example - see the native NTFS support in Linux - it can ready pretty well for years now, while writing comes along much more slowly).
I think you pretty much nailed it - on one hand once the format is public and open then it should be easy for bodies like OpenOffice.Org to implement it fully on other platforms, so what's in it for Microsoft?
My take is that Microsoft will take 18 months to provide the format (it says so in the original link), during this time the adoption of alternative formats will stall because governments will think "hey, MS is going to be open Real Soon Now (tm) so why bother with changing over to other formats? We'll stay with MS format and MS Office". After a while these bodies will notice that "Oops, MS Office runs only on Windows, ah.. never mind, so we'll stay with Windows". By then (over 18 months from now, maybe two years) OpenOffice.Org and friends will fully and officially support the ECMA format but that wouldn't be quite relevant because the bodies still stick to "the original". After a while interest in alternatives will whane and the efforts will close shops.
(It's history repeating itself - MS also "supported" HTML/HTTP and the web but managed to make its browser so pervasive that the competition (Netscape) just dried up and died, by which time MS could impose their own closed "standard" of the web and "close" the market to competition. It's true that Mozilla eventually got off life support and startted kicking IE's butt at last but: 1. MS stopped updating IE 6 years ago, which eventually allowed the competition to catch up, especially when this market has relativelly respected and loud standards body. 2. Do you want to wait another ten years for another round for OpenOffice?.)
In short - it's another manifestation of stalling tactic.
This device triggered an old memory I have of a news item from a year or two ago about the US Navy developing a device which can practically listen to thoughts (it detects nerve activity in the throat related to speech while the person "talks to himself" even if no sound is uttered).
I concuir with your assersion that Israel can afford this because the traffic is tiny compared to other places.
Only one addition - the Shin Bet screens passengers lists already when they buy a ticket, long before they left home to the airport. When they park the car in the airport they already passed two circles of security - the screening of passengers lists and the entrance to the airport (the parking lot is already behind gates with armed guards who ask you where are you going).
You sound a bit like you think the world is like a Hollywood movie - where the people flying in the cabin know everything that's going on just like the person sitting in the cinema and seeing both the control tower, the cockpit and the hero hiding on the landing gear.
Terrorist attacks do not play out so dramatically like in the movies, man.
Or even worse - if you are dealing with terror suspects they may as well change their plans a bit, have other ways to get on with their plans without the drive (e.g. with other copies available even outside the country) or just speedup their terrorist attacks.
For instance - the guy who did the Bali bombings was tracked down because a friend of his gave his position. I guess this information was relevant because nobody warned him that the police know where he's supposed to be. Imagine if this friend gave this info but then was released because there wasn't enough evidence to keep him in custody - the first thing he would do would be to warn the fugitive.
Are you aware that backdoors in form of boxes connected to all exchanges already exists in practically every country in the world?
I used to work for a subsidary of Comverse (Nasdaq:CMVT) which was wholly built around providing the wiretapping boxes to law enforcement agencies around the world (complete with automatic speaker recognition, automatic voice to text, data analysis (i.e. extracting that HTML page out of anything from radio modems to ATM VC's and beyond), voice enhancements, and lots of other neat stuff).
The point I'm trying to pass is that all approved telephone exchanges in the world already have provisions to allow law enforement agencies connect wiretapping devices to them already, and this ruling, as far as I follow (which I admit isn't much) just extend this state of affairs to a new technology.
I still don't see how Skype and its ilks can comply to this (I don't know if they will be requires, that's a parallel thread), given that the voice bits may travel directly between the two talking parties or through random intermediates.
What did you move on to? I use Debian testing on my desktop for about ten years now and though it's a bit behind the curve on the latest releases the versions it contains are good enough and the packaging system and quality of packages are a major argument in favour of Debian.
Slashdot Mirror
Oops, you are probably right. Should have looked better before I jumped.
From your quoted headers: "Debian-3".
Does this mean they use Debian in there?
Last time I heard they kept saying that they took some RedHat version and trimmed it down to fit.
Or maybe it's just for other types of servers.
I take back what I said about the P-4, maybe I confused this with the original Pentium. Thanks for the correction.
I start to believe from this article that the affected systems (the FBI says only 10% are affected) are just too old and have never been upgraded to use SS7.
Also all of Intel's mobile line is developed in Israel.
Again, maybe my memory is hazy, but I just wanted to bring up this point in light of the "Israeli technology is crap" posts raised in previous stories.
Just regarding your description of JIT - that's not how JIT works, at least not the implementation I know off.
What JIT does is to actually create binary code in-memory and then execute it. Nothing to do with shared objects.
Besides, file formats talk about the data - order of fields, permitted values in fields, etc., not about how to program the process which writes or reads the fields, this part is up to the implementor. For examples just go to the W3C site and look for the specs of HTML, XML, CSS etc.
(As another, although not direct, example - see the native NTFS support in Linux - it can ready pretty well for years now, while writing comes along much more slowly).
My take is that Microsoft will take 18 months to provide the format (it says so in the original link), during this time the adoption of alternative formats will stall because governments will think "hey, MS is going to be open Real Soon Now (tm) so why bother with changing over to other formats? We'll stay with MS format and MS Office". After a while these bodies will notice that "Oops, MS Office runs only on Windows, ah.. never mind, so we'll stay with Windows". By then (over 18 months from now, maybe two years) OpenOffice.Org and friends will fully and officially support the ECMA format but that wouldn't be quite relevant because the bodies still stick to "the original". After a while interest in alternatives will whane and the efforts will close shops.
(It's history repeating itself - MS also "supported" HTML/HTTP and the web but managed to make its browser so pervasive that the competition (Netscape) just dried up and died, by which time MS could impose their own closed "standard" of the web and "close" the market to competition. It's true that Mozilla eventually got off life support and startted kicking IE's butt at last but:
1. MS stopped updating IE 6 years ago, which eventually allowed the competition to catch up, especially when this market has relativelly respected and loud standards body.
2. Do you want to wait another ten years for another round for OpenOffice?.)
In short - it's another manifestation of stalling tactic.
I wonder where is this system today.
Only one addition - the Shin Bet screens passengers lists already when they buy a ticket, long before they left home to the airport. When they park the car in the airport they already passed two circles of security - the screening of passengers lists and the entrance to the airport (the parking lot is already behind gates with armed guards who ask you where are you going).
You sound a bit like you think the world is like a Hollywood movie - where the people flying in the cabin know everything that's going on just like the person sitting in the cinema and seeing both the control tower, the cockpit and the hero hiding on the landing gear.
Terrorist attacks do not play out so dramatically like in the movies, man.
Or even worse - if you are dealing with terror suspects they may as well change their plans a bit, have other ways to get on with their plans without the drive (e.g. with other copies available even outside the country) or just speedup their terrorist attacks. For instance - the guy who did the Bali bombings was tracked down because a friend of his gave his position. I guess this information was relevant because nobody warned him that the police know where he's supposed to be. Imagine if this friend gave this info but then was released because there wasn't enough evidence to keep him in custody - the first thing he would do would be to warn the fugitive.
I used to work for a subsidary of Comverse (Nasdaq:CMVT) which was wholly built around providing the wiretapping boxes to law enforcement agencies around the world (complete with automatic speaker recognition, automatic voice to text, data analysis (i.e. extracting that HTML page out of anything from radio modems to ATM VC's and beyond), voice enhancements, and lots of other neat stuff).
The point I'm trying to pass is that all approved telephone exchanges in the world already have provisions to allow law enforement agencies connect wiretapping devices to them already, and this ruling, as far as I follow (which I admit isn't much) just extend this state of affairs to a new technology.
I still don't see how Skype and its ilks can comply to this (I don't know if they will be requires, that's a parallel thread), given that the voice bits may travel directly between the two talking parties or through random intermediates.
What did you move on to?
I use Debian testing on my desktop for about ten years now and though it's a bit behind the curve on the latest releases the versions it contains are good enough and the packaging system and quality of packages are a major argument in favour of Debian.