Interesting People mailing list archives
more on serious threat models
From: Dave Farber <dave () farber net>
Date: Sat, 04 Feb 2006 15:10:34 -0500
-------- Original Message -------- Subject: Re: [IP] more on serious threat models Date: Sat, 04 Feb 2006 01:04:11 -0500 From: Kulesh Shanmugasundaram <kulesh () isis poly edu> To: dave () farber net References: <43E3C794.9040701 () farber net> well, from information available at [from www.schneier.com/blog/]: http://betabug.ch/blogs/ch-athens/288it seems the "interceptors" simply monitored calls to and from a list of numbers. and when they came across those calls the interceptors simply converted those point-to-point calls to a conference call to include the caller, callee, and the prepaid phones. i think this should work with any telephone system with conference capabilities. pretty clever.
kulesh. Dave Farber wrote:
-------- Original Message -------- Subject: Re: [IP] more on serious threat models Date: Fri, 03 Feb 2006 14:49:34 -0500 From: Matt Blaze <mab () crypto com> To: dave () farber net References: <43E39D56.9050506 () farber net> I don't interpret that as "anti-American"; both articles made clear that the US Embassy was one of the TARGETS of the tap. The fact that the "interceptors" were found to be near the embassy strengthens the case that the embassy was a target and seems quite relevant to the story. By the way, it's not at all clear from the story just what was going on or how "high tech" the attack would have to be. What does "diverting" to a prepaid mobile mean? Here's a possibility: they "social engineered" or otherwise compromised the target account to assigned it a new telephone number and forward the old number to a prepaid account they control. The "interceptor" box acts as a "man in the middle" that receives calls at this prepaid account and forwards them back to the target's "new" number (all the while recording the content). Such an arrangement would allow interception of incoming calls (but not outgoing calls, unless they managed to get those forwarded as well somehow -- perhaps there's a GSM feature that can do that, too). Cumbersome, but has the advantage to the attacker of not requiring any custom software or features on the switch or cryptanalysis of the over-the-air interface, just garden-variety subscriber account compromise and cobbling together a couple of off-the-shelf GSM handsets. -matt On Feb 3, 2006, at 13:13, Dave Farber wrote:-------- Original Message -------- Subject: RE: [IP] serious threat models Date: Fri, 03 Feb 2006 13:01:41 -0500 From: Atkinson, Robert <rca53 () columbia edu> To: dave () farber net It's interesting to see The Guardian's relentless anti-Americanism come through in this story. The AP reports: "An investigation showed that these mobiles had been used in a central Athens area where many foreign embassies are located, though Mr. Roussopoulos refused to speculate on whether foreign agencies might be involved." The Guardian article is almost identical to AP's, except it says: "The government revealed that the phone tappers used interceptors traced to the vicinity of the US embassy." Bob -----Original Message-----From: Dave Farber [mailto:dave () farber net] Sent: Friday, February 03, 2006 12:08 PMTo: ip () v2 listbox com Subject: [IP] serious threat models -------- Original Message -------- Subject: serious threat models Date: Fri, 03 Feb 2006 08:38:09 -0800 (PST) From: Gregory Hicks <ghicks () well com> Reply-To: Gregory Hicks <ghicks () well com> To: declan () well com, dave () farber net CC: ghicks () cadence com From: "Steven M. Bellovin" <smb () cs columbia edu> Date: Thu, 02 Feb 2006 21:28:31 -0500 I hate to play clipping service, but this story is too important not to mention. Many top Greek officials, including the Prime Minister, and the U.S. embassy had their mobile phones tapped. What makes this interesting is how it was done: software was installed on the switch that diverted calls to a prepaid phone. Think about who could manage that. http://www.guardian.co.uk/mobile/article/0,,1701298,00.html http://www.globetechnology.com/servlet/story/RTGAM. 20060202.wcelltap0202 /BNStory/International/ --Steven M. Bellovin, http://www.cs.columbia.edu/~smb ------------------------------------------------------------------- I am perfectly capable of learning from my mistakes. I will surely learn a great deal today. "A democracy is a sheep and two wolves deciding on what to have for lunch. Freedom is a well armed sheep contesting the results of the decision." - Benjamin Franklin "The best we can hope for concerning the people at large is that they be properly armed." --Alexander Hamilton ------------------------------------- You are subscribed as rca53 () columbia edu To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ------------------------------------- You are subscribed as matt+ip () crypto com To manage your subscription, go to http://v2.listbox.com/member/?listname=ipArchives at: http://www.interesting-people.org/archives/interesting- people/------------------------------------- You are subscribed as kulesh () isis poly edu To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
------------------------------------- You are subscribed as lists-ip () insecure org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- more on serious threat models Dave Farber (Feb 03)
- <Possible follow-ups>
- more on serious threat models Dave Farber (Feb 04)