[122055] in North American Network Operators' Group
Re: lawful intercept/IOS at BlackHat DC,
daemon@ATHENA.MIT.EDU (Steven Bellovin)
Thu Feb 4 17:50:12 2010
From: Steven Bellovin <smb@cs.columbia.edu>
In-Reply-To: <75cb24521002041442h1a8ced5dt5f31e597e3b6a101@mail.gmail.com>
Date: Thu, 4 Feb 2010 17:49:50 -0500
To: Christopher Morrow <morrowc.lists@gmail.com>
Cc: Crist Clark <Crist.Clark@globalstar.com>, NANOG <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Feb 4, 2010, at 5:42 PM, Christopher Morrow wrote:
> On Thu, Feb 4, 2010 at 5:26 PM, Crist Clark =
<Crist.Clark@globalstar.com> wrote:
>=20
>>> this seems like much more work that matt blaze's work that said:
>> "Just
>>> send more than 10mbps toward what you want to sneak around... the
>>> LEA's pipe is saturated so nothing of use gets to them"
>>=20
>> The Cross/XForce/IBM talk appears more to be about unauthorized
>> access to communications via LI rather than evading them,
>>=20
>> "...there is a risk that [LI tools] could be hijacked by third
>> parties and used to perform surveillance without authorization."
>>=20
>> Of course, this has already happened,
>=20
> right... plus the management (for cisco) is via snmp(v3), from
> (mostly) windows servers as the mediation devices (sad)... and the
> traffic is simply tunneled from device -> mediation -> lea .... not
> necessarily IPSEC'd from mediation -> LEA, and udp-encapped from
> device -> mediation server.
>=20
>> http://en.wikipedia.org/wiki/Greek_telephone_tapping_case_2004-2005
>=20
> yea, good times... that's really just re-use of the normal LEA hooks
> in all telco phone switch gear though... not 'calea features' in
> particular.
There's a difference? CALEA is just the US goverment profile of the =
generic international concept of lawful intercept.
I recommend http://www.spectrum.ieee.org/jul07/5280 (linked to from the =
Wikipedia article) as a very good reference on what is and isn't known.
--Steve Bellovin, http://www.cs.columbia.edu/~smb
