Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

[Fwd: Re: CALEA electonic wiretapping on unsecured Solaris boxes]

From: KF <dotslash () snosoft com>
Date: Tue, 15 Jul 2003 20:08:57 -0400
--- Begin Message --- From: KF <dotslash () snosoft com>
Date: Tue, 15 Jul 2003 20:07:47 -0400
ANYONE on this list that hears weird chirps , tones, unusual kerchunks, pops etc or if you feel that you are being monitored via your phone please contact me via email. I feel that a DMS switch running one of the phone networks I was forced to use was compromised by means similar to what was mentioned below or perhaps via means described in the Munoz vs Sprint case. I am looking for people with similar experiences as well as for people that feel that they have been blown off by telecom security staff. contact dotslash () snosoft com 
-KF

Dan Harkless wrote:


The story about the insecure Diebold electronic voting system recently
forwarded to Bugtraq was certainly disturbing, but here's something even
worse (though some of it is old news):

    The Federal Bureau of Investigation administers the Communications
    Assistance to Law Enforcement Act (CALEA), which was passed by Congress
    in 1994.  [...]  Every telephone switch installed in the U.S. since
    1995 is supposed to have this surveillance capability [...].  Not only
    can the authorities listen to your phone calls, they can follow those
    phone calls back upstream and listen to the phones from which calls
    were made.

    [...]

    The typical CALEA installation on a Siemens ESWD or a Lucent 5E or a
    Nortel DMS 500 runs on a Sun workstation sitting in the machine room
    down at the phone company. The workstation is password protected, but
    it typically doesn't run Secure Solaris.  It often does not lie behind
    a firewall.  Heck, it usually doesn't even lie behind a door.  It has a
    direct connection to the Internet because, believe it or not, that is
    how the wiretap data is collected and transmitted.

    [...]

    Israeli companies, spies, and gangsters have hacked CALEA for fun and
    profit, as have the Russians and probably others, too.

The full column is at:

   http://www.pbs.org/cringely/pulpit/pulpit20030710.html

--
Dan Harkless
bugtraq () harkless org
http://harkless.org/dan/

--- End Message ---
Previous By Date Next
Previous By Thread Next

Current thread: