lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Wed Nov 30 18:48:08 2005
From: coderman at gmail.com (coderman)
Subject: Clever crooks can foil wiretaps,
	security flaw in tap technology

heheheh

http://seattlepi.nwsource.com/national/250215_wiretap30.html

'The technology used for decades by law enforcement agents to wiretap
telephones has a security flaw that allows the person being wiretapped
to stop the recorder remotely, according to research by computer
security experts who studied the system. It is also possible to
falsify the numbers dialed, they said.

Someone who is being wiretapped can easily employ these "devastating
countermeasures" with off-the-shelf equipment, said the lead
researcher, Matt Blaze, an associate professor of computer and
information science at the University of Pennsylvania.

"This has implications not only for the accuracy of the intelligence
that can be obtained from these taps but also for the acceptability
and weight of legal evidence derived from it," Blaze and his
colleagues wrote in a paper that will be published today in Security &
Privacy, a journal of the Institute of Electrical and Electronics
Engineers.'

---

To defeat wiretapping systems, the target need only send the same
"idle signal" that the tapping equipment itself sends to the recorder
when the telephone is not in use. The target could continue to have a
conversation while sending the signal.

The tone, also known as a C-tone, sounds like a low buzzing and is
"slightly annoying," Blaze said, "but would not affect the voice
quality" of the call. "It turns the recorder right off," he said. (The
paper can be found at www.crypto.com/papers/wiretapping/.)

---

in band signalling++

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ