Re: lawful intercept/IOS at BlackHat DC, bypassing and recommendations

[Steven Bellovin <smb () cs columbia edu>]

On Feb 4, 2010, at 5:42 PM, Christopher Morrow wrote:

> On Thu, Feb 4, 2010 at 5:26 PM, Crist Clark <Crist.Clark () globalstar com> wrote:
>
> > > this seems like much more work that matt blaze's work that said:
> > "Just
> > > send more than 10mbps toward what you want to sneak around... the
> > > LEA's pipe is saturated so nothing of use gets to them"
> >
> > The Cross/XForce/IBM talk appears more to be about unauthorized
> > access to communications via LI rather than evading them,
> >
> >  "...there is a risk that [LI tools] could be hijacked by third
> >   parties and used to perform surveillance without authorization."
> >
> > Of course, this has already happened,
>
> right... plus the management (for cisco) is via snmp(v3), from
> (mostly) windows servers as the mediation devices (sad)...  and the
> traffic is simply tunneled from device -> mediation -> lea .... not
> necessarily IPSEC'd from mediation -> LEA, and udp-encapped from
> device -> mediation server.
>
> >  http://en.wikipedia.org/wiki/Greek_telephone_tapping_case_2004-2005
>
> yea, good times... that's really just re-use of the normal LEA hooks
> in all telco phone switch gear though... not 'calea features' in
> particular.

There's a difference?  CALEA is just the US goverment profile of the generic international concept of lawful intercept.

I recommend http://www.spectrum.ieee.org/jul07/5280 (linked to from the Wikipedia article) as a very good reference on 
what is and isn't known.

                --Steve Bellovin, http://www.cs.columbia.edu/~smb