Demystifying Lawful Intercept and CALEA TMC

Illegal Wiretapping - Not so Easy

July 20, 2007

Recent news coverage of the Greek cell phone wiretapping scandal should put to rest some of the fears that people have over illegal wiretapping. Renewed interest in this story was sparked by an extensive analysis in the IEEE’s online magazine Spectrum ( ).  The article describes in detail how an illegal wiretapping operation existed in Greece, at  cell phone carrier Vodaphone, for over nine months. In reading the news coverage and the IEEE articleThe Athens Affair “ by Vassilis Prevelakis and Diomidis Spinellis, one can’t help but be amazed at the significant effort it took to illegally take advantage of the lawful intercept capabilities that existed on the phone switches. 


Please understand that I’m not talking about the now infamous “warrant-less wiretaps” done by the Bush administration but rather the illegal use of technology to wiretap individuals where no authorization, warranted or otherwise, existed (except maybe in the mind of the perpetrators) to do the wiretaps.


For a long time now, skeptics have claimed that having an automated, centralized, standardized platform for performing lawful intercept, at carrier locations, actually creates a security risk rather than reducing it.  The argument concludes that if a lawful intercept system is easy to use by the phone carriers, then surely the bad guys out there will be able to easily defeat the system and manipulate it to their own ends. On first glance the Greek incident seems to support this concern.


In fact, a report last year from the Information Technology Association of America (ITAA) raised that very issue: “Designing wiretapping into the communication system raises a fundamental security issue: can the capability be controlled so that only authorized parties can employ it?  However, the report concluded that for traditional wired and wireless telephony, such as the Greek Vodaphone system, it wasn’t a problem. The ITAA study even referenced the Greek incident and concluded that information available at the time pointed to an inside job instead of a malicious outside hacker.  


The IEEE report carefully and fully reveals the lengths taken to achieve this feat, and justifies the assertion that this was not a trivial or easy thing to do.  Through this revelation it becomes obvious just how much time, commitment, expertise and undetected access had to be garnered in order to defeat a system like this.


The experts will tell you there is no such thing as an absolutely impregnable system; rather, security is really a matter of making a system sufficiently difficult to breach. Hacking the Vodaphone system was certainly no cakewalk and it would be very difficult to replicate.  Consider these four factors:


Time – significant time planning, designing and writing software went into this effort. This wasn’t an afternoon or weekend project someone thought they would throw together. 


Commitment – since the software development work had to have gone on for weeks, if not months, surely this was a very committed effort and not an amateur’s hobby or prank


Expertise – the software used in the Ericsson switches is not a common programming language that the average software developer off the street can be successful with. In fact very few people know the language or the design of the system well enough to write code that will work, never mind secret code that is undetectable. 


Undetected Access – again this is not something readily available to the public, it took the right person in the right position to gain access to the systems. 


Even just looking at these factors quickly, the argument about how secure these solutions are becomes self-evident.  Clearly this is not the stuff that the average bad guy or even organized crime could pull off.  Based on this evidence the general public in Greece, the rest of Europe, North America, Asia or any where else in the world where these systems are used, should be reassured that they are secure and when used properly, can certainly benefit them.


Till Next time ... (when I will return to the subject of Data Retention as I promised last time)

Related Tags: , , , , ,

Listed below are links to sites that reference Illegal Wiretapping - Not so Easy:

Trackback Pings

TrackBack URL for Illegal Wiretapping - Not so Easy:

Comments to Illegal Wiretapping - Not so Easy

  1. RE: Illegal Wiretapping - Not so Easy
    Diomidis Spinellis :

    While I agree that setting up the wiretapping software in the Vodafone case was not easy, this does not mean that lawful interception facilities don't pose a significant risk. Consider the following two factors. 1) The move towards VoIP will result in the deployment of phone exchange facilities by small operators using non-proprietary hardware and software. Thus the difficulty of programming in PLEX and knowing the details of a proprietary exchange platform goes away. 2) Hacking into internet servers and developing rootkits for PC architectures also requires time, commitment, expertise, and undetected access, yet such attacks are now very common. These are the early days for telephony attacks; I believe the Vodafone case presages a trend.

    Diomidis - Thanks for your comment and I would agree that the threat is out there and will always be out there. But as long as things continue to evolve and the proper safe guards are put in, what is difficult today should remain difficult in the future.

    Scott Coleman

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)