[122073] in North American Network Operators' Group
Re: lawful intercept/IOS at BlackHat DC, bypassing and
daemon@ATHENA.MIT.EDU (Christopher Morrow)
Thu Feb 4 21:26:55 2010
In-Reply-To: <8736B9E5-D9A5-4DEC-BD96-77E758DC9D1A@cs.columbia.edu>
Date: Thu, 4 Feb 2010 21:26:45 -0500
From: Christopher Morrow <morrowc.lists@gmail.com>
To: Steven Bellovin <smb@cs.columbia.edu>
Cc: Crist Clark <Crist.Clark@globalstar.com>, NANOG <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Thu, Feb 4, 2010 at 5:49 PM, Steven Bellovin <smb@cs.columbia.edu> wrote=
:
>
> On Feb 4, 2010, at 5:42 PM, Christopher Morrow wrote:
>
>> On Thu, Feb 4, 2010 at 5:26 PM, Crist Clark <Crist.Clark@globalstar.com>=
wrote:
>>
>>>> this seems like much more work that matt blaze's work that said:
>>> "Just
>>>> send more than 10mbps toward what you want to sneak around... the
>>>> LEA's pipe is saturated so nothing of use gets to them"
>>>
>>> The Cross/XForce/IBM talk appears more to be about unauthorized
>>> access to communications via LI rather than evading them,
>>>
>>> =A0"...there is a risk that [LI tools] could be hijacked by third
>>> =A0 parties and used to perform surveillance without authorization."
>>>
>>> Of course, this has already happened,
>>
>> right... plus the management (for cisco) is via snmp(v3), from
>> (mostly) windows servers as the mediation devices (sad)... =A0and the
>> traffic is simply tunneled from device -> mediation -> lea .... not
>> necessarily IPSEC'd from mediation -> LEA, and udp-encapped from
>> device -> mediation server.
>>
>>> =A0http://en.wikipedia.org/wiki/Greek_telephone_tapping_case_2004-2005
>>
>> yea, good times... that's really just re-use of the normal LEA hooks
>> in all telco phone switch gear though... not 'calea features' in
>> particular.
>
> There's a difference? =A0CALEA is just the US goverment profile of the ge=
neric international concept of lawful intercept.
hrm, I always equate 'calea' with 'ip intercept', because I
(thankfully) never had to see a phone switch (dms type thingy). You
are, I believe, correct in that CALEA was first 'telephone' intercept
implemented in phone-switch-thingies in ~94?? and was later applied
(may 2007ish?) to IP things as well.
-Chris
