[122052] in North American Network Operators' Group
Re: lawful intercept/IOS at BlackHat DC, bypassing and recommendations
daemon@ATHENA.MIT.EDU (Crist Clark)
Thu Feb 4 17:27:13 2010
Date: Thu, 04 Feb 2010 14:26:23 -0800
From: "Crist Clark" <Crist.Clark@globalstar.com>
To: "Christopher Morrow" <morrowc.lists@gmail.com>
In-Reply-To: <75cb24521002041227j1f0daf21s5f95d5a9206fc0c6@mail.gmail.com>
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
>>> On 2/4/2010 at 12:27 PM, Christopher Morrow
<morrowc.lists@gmail.com> wrote:
> On Thu, Feb 4, 2010 at 3:19 PM, Gadi Evron <ge@linuxbox.org> wrote:
>>
>> "That peer-review is the basic purpose of my Blackhat talk and the
associated
> paper. I plan to review Cisco’s architecture for lawful intercept
and explain
> the approach a bad guy would take to getting access without
authorization.
> I’ll identify several aspects of the design and implementation of
the Lawful
> Intercept (LI) and Simple Network Management Protocol Version 3
(SNMPv3)
> protocols that can be exploited to gain access to the interface, and
provide
> recommendations for mitigating those vulnerabilities in design,
> implementation, and deployment."
>
>
> this seems like much more work that matt blaze's work that said:
"Just
> send more than 10mbps toward what you want to sneak around... the
> LEA's pipe is saturated so nothing of use gets to them"
The Cross/XForce/IBM talk appears more to be about unauthorized
access to communications via LI rather than evading them,
"...there is a risk that [LI tools] could be hijacked by third
parties and used to perform surveillance without authorization."
Of course, this has already happened,
http://en.wikipedia.org/wiki/Greek_telephone_tapping_case_2004-2005
