HOPE Day 2 - Law Enforcement Wiretaps
Posted by Eric Stein - July 23, 2006 CE @ 17:34:36 UTC
Everything that's complicated is insecure. The only thing that matters is whether or not somebody or something finds the insecurity and exploits it. The best way to avoid someone finding the holes in your software is to minimize the number of them that exist.
You'd think that the federal government would take this to heart. After all, they are sacrificing our most precious freedoms - what originally distinguished the United States from the rest of the world - in the name of security. You would think that they would sacrifice a bit of extra cash to secure the systems law enforcement uses to tap the phones of suspects in an investigation. Unfortunately (or fortunately, if you really think you are interesting enough to be spied on), this is not the case.
Currently, the system is horribly insecure. A criminal (or someone who just wants to jerk the feds around a bit) can set up an automated system at their end of the line to utterly confuse the system. False logs can be entered. Calls can be made but not logged. Calls can be logged as a different number. Really. This isn't exactly a new issue, but it's not a joke or a rumor either. Due to the grant Micah Sherr, Eric Cronin, Sandy Clark and Matt Blaze have from the National Science Foundation, they are permitted to posess the equipment used by the FBI and other 3-letter agencies. For you and me, it's a felony to own the electronics.
We got to see a live demonstration of the falsification of records - I was impressed, to say the least.
You'd think that the federal government would take this to heart. After all, they are sacrificing our most precious freedoms - what originally distinguished the United States from the rest of the world - in the name of security. You would think that they would sacrifice a bit of extra cash to secure the systems law enforcement uses to tap the phones of suspects in an investigation. Unfortunately (or fortunately, if you really think you are interesting enough to be spied on), this is not the case.
Currently, the system is horribly insecure. A criminal (or someone who just wants to jerk the feds around a bit) can set up an automated system at their end of the line to utterly confuse the system. False logs can be entered. Calls can be made but not logged. Calls can be logged as a different number. Really. This isn't exactly a new issue, but it's not a joke or a rumor either. Due to the grant Micah Sherr, Eric Cronin, Sandy Clark and Matt Blaze have from the National Science Foundation, they are permitted to posess the equipment used by the FBI and other 3-letter agencies. For you and me, it's a felony to own the electronics.
We got to see a live demonstration of the falsification of records - I was impressed, to say the least.
Post a Comment