How To DDoS a Federal Wiretap 112
alphadogg writes "Researchers at the University of Pennsylvania say they've discovered a way to circumvent the networking technology used by law enforcement to tap phone lines in the US. The flaws they've found 'represent a serious threat to the accuracy and completeness of wiretap records used for both criminal investigation and as evidence in trial,' the researchers say in their paper, set to be presented Thursday at a computer security conference in Chicago. Following up on earlier work on evading analog wiretap devices called loop extenders, the Penn researchers took a deep look at the newer technical standards used to enable wiretapping on telecommunication switches. They found that while these newer devices probably don't suffer from many of the bugs they'd found in the loop extender world, they do introduce new flaws. In fact, wiretaps could probably be rendered useless if the connection between the switches and law enforcement are overwhelmed with useless data, something known as a denial of service (DOS) attack."
Redundant Technology (Score:4, Interesting)
Given that the US Government had AT&T put optical splitters on the network backbones a while back, isn't this CAELA stuff obsolete? It still presumes that Warrants count and stuff and that they're not already copying all voice and data communications.
Re:Redundant Technology (Score:4, Interesting)
Obsolete in the sense that it could be done better, or that new technology is already out and readily available to law enforcement? To me it looks like something that works well enough to catch bad guys. The paper deals with a lot of theoretical stuff that will be very hard to replicate in the real world; drug dealers, jihadists and even well-skilled technical people will have a really hard time overloading a major telco switch without access to expensive hardware and lots of resources which very few people have.
Encryption (Score:2, Interesting)
Eventually, nobody will care about this because all communications will be encrypted end-to-end and wiretaps will be useless. Attempts to outlaw that would result in only criminals having encryption and honest people falling victim to wiretaps by criminals and foreign governments. Besides there are many ways to make encryption not look like encryption.
This is quite all right for law enforcement, as many new ways to breach people's privacy are emerging at the same time - RFIDs, GPS phones, new hackable devices, street cameras, voice-tracking lasers shinned on one's window and so on. On the whole, it will be easier than ever to do lawful or unlawful. curvallaince. They just need to stop cribbing about having to abandon some old technologies and adopting new ones.
Re:Buffering... (Score:4, Interesting)
Under its present interpretation, CALEA applies to any sort of subscriber data. If law enforcement can clearly identify the subscriber and the intercept period, the network provider is obliged to supply all data carried for that subscriber during that period. That could be your voice traffic or web browsing or email or whatever. The plant has to be engineered accordingly, but that's essentially a capacity issue.
On the other hand, it's important to note that there is no obligation upon the provider to interpret the supplied data. Such an obligation would be unreasonable and unenforceable. Instead, law enforcement is basically getting a raw PCAP file.
I'll tell you what I found to be the most interesting aspect of this project. There is very strict language in CALEA against intercepting data except for the specified subscriber during the specified period. Of course we were careful to implement controls over that. But until I insisted on the point, nobody even considered that we might want to have controls to verify that the intercept request came from a bona fide court and that the intercept data would be sent to a bona fide law enforcement agency.