Does Wiretapping Require Cell Company Cooperation? 174
decora writes "Recently the dictator of Belarus, Alexander Lukashenko, accidentally admitted to wiretapping journalist Irina Khalip. Khalip is the wife of Andrei Sannikov, one of the many opposition presidential candidates who was imprisoned after the election in 2010. I am wondering how Lukashenko did this? Can a government tap a modern cellphone system without the company knowing? Or would it require cooperation, like when AT&T and others helped the NSA perform warrantless wiretapping on Americans?"
It's called spying (Score:1)
It's what they always do to neutralize opposition in politics. They'll find dirt and they'll use it.
why do they bother, are they nut cases? (Score:2)
Why bother spying, i mean in the end whats the worst that can happen, you loose elections, and you still have billions of dollars. big deal.
Are they really that psychotically married to the idea of rule over the people?
I mean, get over it dumbass dictators, your a bunch of fukwits. That will get early dimmensure or some disease. You can take your billions when you died, might as well retire and live like Billy Maddison with all the cocaine you want.
Their rule over the people is one big illusion, 10million y
Re: (Score:3)
What you fail to appreciate is that if you have billions of dollars, you have billions to lose and billions to protect and defend. Once you lose control of your own destiny (as if anyone ever had full control of it) and someone else is in charge, those billions might as well be in their hands.
Let's put it this way. One of the first things people do with their new home is to put their own locks and security devices in them. It's theirs and now they need to protect it. And the more you have, the more you
Re: (Score:2)
It's what they always do to neutralize opposition in politics. They'll FORGE dirt and they'll use it.
FTFY.
Kinda (Score:2)
Re: (Score:2, Insightful)
Re: (Score:1)
Hmm... Belarus... If they're still on old analog cell phones, no. If it's earlier GSM, I think most/all of the secret keys have been figured out w/o insider information. With newer stuff, they might have "friends" (Russia, China) who were able to reverse engineer the keys out of the switch hardware and gave them that info w/o help from the switch manufacturer (or they just nicked them). I'm going to hazard a guess that someone probably have equipment that lets them listen to cell phone conversations over th
Re:Kinda (Score:5, Informative)
Why is this even a question for slashdot. A quick google will inform you that Belrus has a state owned telco.
Nuff said. They own the telco, they'd have access to all traffic across it.
Re: (Score:3)
Nuff said. They own the telco, they'd have access to all traffic across it.
Between your post and elucido's first post [slashdot.org], this question is now answered. The conversation is over. You have got the how and the why.
The only question remaining is how the phrase "Alexander Lukashenko openly stated that the phones of Irina Khalip...were being monitored by the special services" can become "Alexander Lukashenko, accidentally admitted to wiretapping journalist Irina Khalip" in the summary.
"Openly stated" is nowhere near the same as "accidentally admitted".
Re: (Score:2)
If the government took the time to build a mainframe to crack the encryption keys, theoretically they could do it with little more than a partyvan equipped with a few dozen microwave radios or cell phones.
Seems easier to just pay a cleaner some money to let you in after hours and plant a few bugs around the places where phone conversations are likely to be held.
Comment removed (Score:5, Insightful)
Re:Kinda (Score:4, Funny)
Expecting ethical behavior from a corporation is like a duck expecting a piggyback ride across a lake from an alligator.
Which is not to say that it will never happen [blogspot.com] it is just unlikely....?
Re: (Score:3)
egrets, I've had a few, but then again, too few to mention ...
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
What encryption keys? Anyone with a Sercice Monitor can listen in.
Re: (Score:2)
Wasn't this the whole point of CALEA? (Score:5, Insightful)
Re:Wasn't this the whole point of CALEA? (Score:5, Interesting)
even before calea, there was something similar.
they need to teach this in civics classes at school. people need to be told this, explicitly. at least then they can't say "I didn't know."
yes, hardware vendors cannot sell unless there are backdoors.
(the elephant in the room now waves 'hi' to us)
Re: (Score:2)
WHAT Civics class?
You must be as old as I, and I went to pre-K with Diogenes.
Re:Wasn't this the whole point of CALEA? (Score:5, Interesting)
Yes. I used to work for a company that made CALEA-compliance stuff. Can't talk about that, but most of the major infrastructure companies had CALEA-compliance stuff built in. It is my understanding, from what I learned while I was there (only about a year before moving on to slightly less creepy stuff), that those functionality has to be available to law enforcement remotely, without requiring active assistance from the telco in some cases. I believe that the majority of cases involve telco cooperation, but only a limited subset of employees are aware when a tap is in place.
I believe Verizon has a couple of hundred people on staff who's full-time job is to assist in compliance with lawful intercept requests and that the information on the existence of an intercept is not shared with other people in the telco.
However, the commentary in the summary shows a bit of naiveness on the part of the submitter. Lukashenko is basically the last of the hard-line Eastern Bloc-style dictators. Getting a wiretap on an opposition figure isn't hard when you run a police state.
Re: (Score:2)
However, the commentary in the summary shows a bit of naiveness on the part of the submitter. Lukashenko is basically the last of the hard-line Eastern Bloc-style dictators. Getting a wiretap on an opposition figure isn't hard when you run a police state.
Since any wireless providers can only do business by the grace of said dictator, I'm sure that they're owned by people that he favors.
Re: (Score:3)
I can't speak to the telecom side, but when I worked for network operations we processed a wiretap request for data. They came with a warrant and told us what they needed. They had a given computer they wanted to monitor. So data from that port was mirrored off to a computer they provided that we didn't have access to. They connected to that with a T1. When they were done, they took their box and were off. Some time later, after the court proceedings, everything was unsealed and no longer secret.
This was so
Re: (Score:2)
That is correct. And most specifications for LI ("lawful intercept") specify that it should be undetectable, or, at least, inconspicuous to the people operating the network. That is, it has to operate outside network management and network statistics gathering. LI implementations can do that successfully because they are usually specified to capture a small fraction of network data - 1% in some cases. LI is distinct from the kinds of technologies used as a data dragnet by spy agencies, and it also distinct
Re: (Score:1)
in the last few years, the router makers have all added DPI. and API's for the DPI for chassis owners (cough, governments) to be able to directly do whatever the hell they want. they no longer have to ask cisco (etc) to do dirty things. they can now set the evil bit directly via user api's. (not kidding; wish I was).
Re: (Score:2)
If you're on a company network and you want to have a network performing okay while bittorrent clients are present on it, you'll need DPI.
That's complete nonsense. Bittorrent and other peer to peer networks are definitely bandwidth intensive, but you don't need DPI to maintain performance on a network. A properly configured QoS should be more than enough to balance things out. Simply prioritizing the outbound data by source address alone would ensure that anyone trying to perform bandwidth intensive tasks gets their fair share. IP protocols were designed to deal with bandwidth restrictions but also to use as much as possible. It's therefore p
Re: (Score:1)
CALEA equipment allows VoIP call surveillance at the telco switch level (DMS 250 & 500). When a Judge issued a warrant to wire tap a phone number. It would usually happen at the telco switch level. VoIP stopped that because IP traffic did not involve the voice network. CALEA upgraded the physical switches them selves to IP and added 1 cabinet of equipment (COLO owned by the FBI). The FBI through an office in Quantico, VA can access the network switches directly with out involving AT&T or Verizon.
htt [wikipedia.org]
Re: (Score:3)
You could *always* intercept the signals from the air. Since when did anyone think sending their calls through the air would only go to the desired place?
Re: (Score:2)
I could track you all day with a small team.
Re: (Score:3)
I worked for AT&T at a small manufacturing plant in Whitsett, NC for several years in the early to mid 90's. We were a union shop in a right-to-work state, so the management was struggling to find projects that had enough margin to keep the plant open. It was probably about '93 when we picked up a project that was an "encryptor".
It was about the size of a pack of playing cards, with two phone plugs in the back. You'd plug your handset into one side and connect the other to the phone. You'd call the
Re: (Score:2)
If the government doesn't have a way in, you won't find the product on the open market.
Which is why you use a software solution like PGP (well, GPG mostly nowadays) or OpenSSL, which doesn't have backdoors. The cat got out of the bag in the early 90s, but they're still trying to keep it out of the hands of average people.
What kind of stupid question is this? (Score:3)
Just think about it for a minute. The only way a government or dictator could tap someone's phone without the phone company knowing would involve using secret agents (in the broadest sense) to plant bugs or intercept signals.
If there were ways to tap phones without doing this, using only the phone system, they would be common knowledge.
The easiest method is to use your influence (legitimate or otherwise) to get the phone company to cooperate, which is unsurprisingly the most common.
What was the point of this question?
Re: (Score:1)
Just think about it for a minute. The only way a government or dictator could tap someone's phone without the phone company knowing would involve using secret agents (in the broadest sense) to plant bugs or intercept signals.
Not really; listening in on the radio signals sent between the phone and the tower would not be difficult, and the encryption for it is a joke.
Re: (Score:2)
If there were ways to tap phones without doing this, using only the phone system, they would be common knowledge.
There's the supersecret method of bribe/extort an employee to get access.
Re: (Score:2)
Ruling a population purely by fear is pretty difficult. Conveniently, though, some people have shockingly low standards. And revel in them.
Re: (Score:2)
Re: (Score:2)
But could you do that without the companies finding out?!
Re: (Score:2)
Or, like in Italy, you can own/control the television and several newspaper.
Re: (Score:2)
And they can. It's trivial. And it's common knowledge covered here before at http://it.slashdot.org/story/09/12/28/1931256/GSM-Decryption-Published [slashdot.org] so no backdoors, bribery, coerced vendors or anything else is needed. In fact, why not do it yourself? It would be like getting a police scanner that had the range of the old analog simplex radiotelephones. We used to listen to them and smirk because they thought their conversations were private.
Re: (Score:2)
If there were ways to tap phones without doing this, using only the phone system, they would be common knowledge.
There's the supersecret method of bribe/extort an employee to get access.
Hah! Indeed [xkcd.com]
Re: (Score:2)
There are other ways, most of them are common knowledge to your average hacker that read Phrack back in the day. Since most cell phone systems rely on very old, insecure, fixed key cryptography it is fairly trivial to hack a cell phone transmission, impersonate a cell tower or do any number of things with a cell phone system without requiring the cell phone company.
What is required of the phone company is widespread, warrantless wiretapping the central hubs where all communications flow. This is likewise a
Re: (Score:1)
Re: (Score:2)
Or to make the answer a little less obtuse:
The question, in essence, was: Can the government tap my phone?
The answer is: Yes.
Next question?
VOIP IAX encryption (Score:2)
IAX encryption
As of asterisk version 1.2.4 (maybe before) there is a rather undocumented channel encryption feature included in chan_iax2. After successful authentication the whole channel including control data and voice data is encrypted with AES128. The encryption can be activated by adding the line
encryption=aes128
Re: (Score:2)
Like this? http://www.pcmag.com/article2/0,2817,2367247,00.asp [pcmag.com]
I'd say something in PC Magazine is common knowledge
Dictator (Score:3, Informative)
Yes (Score:3, Interesting)
Although it is a bit more difficult with current technology cell phones can be intercepted. The portable phones, even claiming to be frequency shifting can also be intercepted. And nothing is a worse bug than a baby monitor as those things have quite a signal output and are almost never secured. They can broadcast whispers from many rooms in the home as the sensitivity is great on their microphones. I think any serious radio hobbyist could talk if they were not frightened to admit eavesdropping. From what I know people should be encouraged to tap into communication streams. What you learn might scare you to death.
I am certain that none of the above remarks are factual and only some part of a bit of stew gone rancid or a fire in my imagination. I know nothing.
Re: (Score:3)
Not too concerned (Score:2, Funny)
My opinion is if you aren't doing anything wrong you have nothing to worry about. If it helps put criminals and terrorists away....have at it!!!
Cinthia :)
http://www.car-shipping-quotes.net/site_map.html
Re: (Score:2)
My opinion is if you aren't doing anything wrong you have nothing to worry about. If it helps put criminals and terrorists away....have at it!!!
Cinthia :)
http://www.car-shipping-quotes.net/site_map.html [car-shipping-quotes.net]
Of course, you posted (theoretically) anonymously, then signed the message and add a link to your webpage at the bottom...
I'm guessing you don't really spend a whole lot of time thinking about personal security.
Re: (Score:2)
That's just it. You have something to worry about.
There are enough laws to make everyone a criminal. Innocent until proven guilty? Yeah, right, you'll be innocent while you sit in jail for a couple years waiting trial as the lawyers are not-so-slowly sucking away anything resembling wealth you've ever owned.
Laws are not longer created to protect innocents. They are created for control.
Whoosh (Score:2)
You missed the joke. CinthIA = CIA. The woman whose voice is used for one of the numbers stations [numberstations.co.uk] is known as Cynthia because of the station's supposed connection to the CIA.
Yes, quite easily (Score:4, Interesting)
if you have the money and contacts. Covered on slashdot as far back as 2003 [slashdot.org] at least ...
Basically GSM can be made to switch to A5/0 i.e. disable encryption by use of a commercially available "IMSI catcher" device. Originally these sent a spoofed degraded signal to the base station to make it think A5/0 was needed (it uses less bandwidth), these days it seems they just act as base stations. Cellphones automatically lock onto the strongest base station, and GSM security authenticates the handset only, so such rogue base stations are not technically difficult to make.
The "degraded signal" method implies that A5/0 also kicks in naturally in areas of bad reception and anyone with appropriate scanner hardware could monitor calls in that area. You'd still have to deal with the frequency hopping though.
Answer: No (Score:3)
Re: (Score:2)
They have a name for that employee. It's "CEO".
Yes, and it only costs $40 (Score:4, Interesting)
Re: (Score:2)
I'd call that "relatively cheap equipment" personally.
why end this summary with a question mark? (Score:3, Informative)
http://www.wired.com/threatlevel/2010/07/intercepting-cell-phone-calls/ [wired.com]
does that answer your summary?
see how some phone run custom software from the (Score:1)
see how some phones run custom software from the cell company's it's very likely.
GSM, SRSLY? (Score:2, Insightful)
GSM is not the most secure standard out there. Check the video from this presentation for a nice overview of exactly how fucked up GSM security is.
http://events.ccc.de/congress/2009/Fahrplan/events/3654.en.html
Not required, just makes it easier. (Score:2)
Long story short: It makes it easier, but it's not required. If they've got it, they can just copy the call at the switch level. If they don't, they can: Install software on the persons phone, sniff + break the radio waves, bribe a telco employee, plant software on the towers (see http://www.dmst.aueb.gr/dds/pubs/jrnl/2007-Spectrum-AA/html/PS07.pdf [dmst.aueb.gr] - really interesting read), or i'm sure they've got more methods.
Cell phone's aren't secure.
Re: (Score:2)
Tapping land lines? (Score:2)
Re: (Score:2)
Re:Tapping land lines? (Score:4, Insightful)
Re: (Score:2)
except when corruption and subversion is being done BY the ones who are supposed to watch out for us.
there is no one watching the watchers and so its fair to assume the power is abused. with as much certainty as human behavior would have us assume.
I worry more about those who rule us than those they say are 'out to get us'.
yes, the tables have turned. we don't care about 'terrorists'. we DO care about the ones in washington who chip away at our civil liberties, though. that's a real and certain threat.
Re: (Score:2)
And you don't have to be a pot-smoking liberal to be worried about the ones in Washington. I'm as libertarian/conservative as they come, and it is painfully clear where the dangers of oppression are coming from.
Re: (Score:2)
Shit, what was that term for the "effect" where you can't tell if someone is parodying something, or is the genuine article?
Re: (Score:2)
Re: (Score:2)
That's the one.
And well played, sir. :)
No (Score:3)
Re:No (Score:4, Interesting)
but in Belarus they still have PULSE dialing on their landlines
So does US. Tone dialing is convenient, but for the sake of compatibility, pulse is supported on all landlines. Plug a Model 500 phone into any analog phone outlet in US, and it will work.
Re: (Score:2)
Technically that should be "most landlines" in the United States. Supporting pulse dialing is optional for the phone company, but they support it in most areas because it is no extra work for them. However, there are a fair amount of PBX systems out there with pulse dialing disabled. Hotline circuits (aka automatic ringdown circuit) obviously do not support pulse dialing, since they don't support dialing at all. There are a few other cases too.
Nevertheless, on the vast majority of U.S. landlines pulse dial
Re: (Score:2)
PBXes are not "landlines" -- they use digital interfaces everywhere, and formally don't support tone dialing, either.
Re: (Score:2)
My PBX has POTS pairs as it's CO interface, and supports POTS sets with DTMF. I haven't checked if it supports pulse dialing or not, though.
Tone is an add on expense in some areas (Score:2)
Re: Er... Incorrect. (Score:1)
Does it matter? (Score:2)
I am sure all telecommunication companies in a state well known to be the opposite of a democracy will very willingly cooperateon all levels.
Anti-terrorism Laws legal tapping. (Score:2, Informative)
Ever since the world ended up going hell bent on terrorism laws (New World Order), all wire-tapping is legal with or without a warrant and you do not require any special permissions anymore if you work in law enforcement and a telecoms company need not know either.
It is better known as black boxing http://en.wikipedia.org/wiki/Black_box [wikipedia.org] these systems have been in place since 1998 legally. The FBI changed it's code name from Carnivore to Magic Lantern after a bunch of hackers exposed the source code "cult of
Re:Anti-terrorism Laws legal tapping. (Score:4, Insightful)
Ever since the world ended up going hell bent on terrorism laws (New World Order), all wire-tapping is legal with or without a warrant and you do not require any special permissions anymore if you work in law enforcement and a telecoms company need not know either.
The erosion of liberties guaranteed to you in the US Constitution as a result of the War on Terrorism simply pales in comparison to what you've surrendered due to the War on Drugs and the War on Poverty.
"Government"? Which country? (Score:2)
Governments everywhere are in different countries. They have different laws.
Is it tougher to tap a cellular line than a "land line"? No.
Is it tougher to tap a "land line" than a VoIP line? No.
If the entity wishing to tap your line either has the technical means or gets a court order to make someone else do it, they WILL EASILY be able to do so.
E
Re: (Score:2)
In New Zealand (where I am) our government reminded all of our telcos of a law to have this lawful inception equipment installed by the end of 2010 (my understanding it was part of our international obligations, mostly at the behest of the US whose own agencies are not subject to our local [NZ] laws). Similar equipment is installed in many other countr
But is it useful? (Score:2)
Is it actually useful? I mean, if you're the wife of a leader of an opposition party to a dictator, you must assume you are being tapped. I hope they have the common sense to avoid talking about anything remotely political on their phones.
surely smartphones with apps are the end of this? (Score:2)
So it seems (relatively) trivial to me to write an app that handshakes with your friend when you meet in person, exchanging keys of sufficient bit length for high-grade encryption. Then when you want to talk privately, the app encrypts the audio. This would seem to be the (pretty much permanent) end to man-in-the-middle attacks of this sort.
So out of curiosity, can anyone link to said app yet?
I'm sure it could (Score:2)
Thing is people won't bother. It is amazing how lazy people are with security, physical, virtual, etc. Sure you could do encryption, this is more or less what the STU and STE phones the government use. The STU-III was more or less a phone, a digitizer, an encryption unit, and a modem. It encoded your voice and then could use analogue lines to send it out. The STE phones are all ISDN (or more recently IP) and handle everything digital, and are much more flexible.
You could almost certainly implement such a th
Re: (Score:2)
Well, surely people in general won't bother, most people don't have well-financed, politically powerful enemies. But those who do? Surely it's worth a tiny amount of effort to them to secure their conversations?
Re: (Score:2)
What do you do when you're driving through Michigan, minding your own business, and you get stopped, because a policeman 'suspects' that you might be driving drunk or participating in prostitution? He can use the excuse that you drove to close to the center line, or your car doesn't look like it fits in the area that you're driving in.* While you're stopped, the policeman takes your phone and copies all the data off of it. It takes him about 90 seconds.
* This is not far-fetched. I have been stopped for
Re: (Score:2)
You store your encryption keys in an encrypted file, and require a passcode/voice ident/etc to dial anyone you care about encrypting with.
Or you accept that end attacks are much harder to defeat than man-in-the-middle. You resync with anyone you need to encrypt with after each arrest.
Reminds me of the Greek wiretapping scandal (Score:3)
Reminds me of the Greek wiretapping scandal [ieee.org]. In that version of the wiretapping scandal, a very technically sophisticated attacker (possibly an insider in the phone company) installed wiretap software into the phone network's routers. News broke after a top exec at the phone company hanged himself. Though surely there's a lot we don't know, it was almost certainly not official company policy to cooperate with government wiretaps on political opposition.
short answer (Score:2)
Yes it requires cooperation, but no, that cooperation doesn't have to be voluntary.
It's called "Lawful Intercept" technology (Score:2, Informative)
Not only is cooperation from the phone company not required, but the phone company doesn't get to know when it's being used, and has no technical means to stop it or prevent it.
It's a legal requirement that the government is given the means to tap at will, and a legal requirement that their tapping cannot be discovered.
That's what is happening when telecom/network equipment vendors are touting the "lawful intercept" feature compliance of their latest product models.
Re: (Score:2)
Not entirely true. The telco must enable that feature on demand, it's not on by default (at least not in the countries where I've seen it). A warrant or legal order is served with exact details, and only the data for that tap will be provided.
The non-disclosure component is only towards the subject, which makes sense from an investigative point of view.
"Hello? Ah yes, here is your telco. We had to put a tap on your line. No, no, it's all legal. Just carry on as before, and have a nice day" :-)
Anything sent using radio frequency emission.... (Score:2)
can be intercepted and decoded given enough time and/or money. It was once trivial to intercept cell calls (I could do it using off-the-shelf amateur radio equipment). It's become more difficult with digitized signals but I suspect that the technology to demodulate them is not beyond even former Soviet Bloc states. You don't need access to the cell company's hardware, either. These things are, after all, radios.
Wiretapping is too easy now. (Score:3)
Wiretapping is just too easy now. It used to be quite difficult. Before electronic central offices, wiretapping required either a tap near the phone end of the circuit, or wiring to the appropriate circuit at the central office's main distributing frame. Telcos charged law enforcement for central office taps. Guliani writes, in his book about his days prosecuting the New York Mafia, that they were paying about a million dollars a year to New York Telephone for wiretaps, which were charged as private line extensions. On one occasion, the FBI didn't pay a bill on time, and the billing system billed the other party on the circuit, the one being wiretapped. This was a major motivation for CALEA.
In the crossbar era, it was possible to use the Automatic Line Insulation Test (ALIT) gear for wiretapping. This was a system that automatically tested each line every night, applying a test voltage and measuring leakage between the lines and to ground. Lines could also be tested remotely, on request, and the gear allowed listening in. But a central office would typically only have two sets of ALIT gear (three racks each), and using it for wiretapping interfered with routine maintenance. The FBI could sometimes get access to ALIT gear, but not local law enforcement. Only for short periods, too; the telco would keep demanding their test gear back.
All this was such a headache that wiretaps weren't used much. Now, all CO gear has remote wiretapping of large numbers of lines on demand at all times. It's also much easier to record and to monitor the recordings. Orwell would be so impressed.
duh, of course they can... (Score:2)
Yes, governments can monitor cellphones without having control of the switching facilities. In fact, they are, right now.
The term you need to google for (Score:2)
The term you need to google for is "lawful intercept".
In essence, in most countries any telco is legally obliged to provide a mechanism for law enforcement to intercept calls and metadata about calls. Assuming Wikipedia's correct, this mechanism may allow interception to take place without the telco even knowing about it. (see: http://en.wikipedia.org/wiki/Lawful_interception [wikipedia.org]) and IIRC such a mechanism is baked right into the GSM standard.
So the answer to your question is: Wiretapping does not necessaril
Re: (Score:2)
Do you have laws against your guys using it against you?
Do you really think having those laws would really help?
Re: (Score:2)
The currently standing record for GSM "decryption" is to pretend to be the provider and tell the phone to not encrypt. Sure, that does not involve any actual decryption, but since you as a user cannot tell it happened, what exactly is the difference?
Re: (Score:2)
Every power that a government has is dangerous. Are you saying that they should have a capability to kill a large number of people in a short time, but not listen to cell phones? To whatever degree we trust a government to protect us from villains rather than be a villain, I would rather shift their powers towards later. What if communications of 9/11 highjackers were intercepted and we didn't go to two wars and make mountains out of naked unlawful combatants?