On Sun, 10 Jun 2012 13:25:30 -0700 coderman <coderman@xxxxxxxxx> wrote: > On Sun, Jun 10, 2012 at 9:42 AM, Benjamin Kreuter > <ben.kreuter@xxxxxxxxx> wrote: > > ... > >> (CALEA taps are *widely* exploited by the bad guys. > > > > Do you have a good citation for this? > > the most infamous case is the athens affair: > http://spectrum.ieee.org/telecom/security/the-athens-affair > > "While this is the first major infiltration to involve cellphones, the > scheme did not depend on the wireless nature of the network. > Basically, the hackers broke into a telephone network and subverted > its built-in wiretapping features for their own purposes." > > with the "built-in wiretapping features" being CALEA components... It is not clear to me that these were CALEA components, as opposed to some similar law in Greece or the UK (where Vodaphone is based). Are there examples of this sort of thing happening in the US, using CALEA equipment? Alternatively, is it clear that the Greek equipment was built to US standard i.e. that all CALEA requirements are already met by that equipment? Again, I have little doubt that CALEA functionality has been abused by criminals, I just do not know of any well-publicized cases that I can point to. -- Ben -- Benjamin R Kreuter UVA Computer Science brk7bx@xxxxxxxxxxxx KK4FJZ -- "If large numbers of people are interested in freedom of speech, there will be freedom of speech, even if the law forbids it; if public opinion is sluggish, inconvenient minorities will be persecuted, even if laws exist to protect them." - George Orwell
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/