From: Dave Emery <die@pig.die.com>
To: Bill Stewart <bill.stewart@pobox.com>
Message Hash: c22a0694f09bbabb590688571d87ec7de893389f3426592909683f8be7824865
Message ID: <19980911010325.B10226@die.com>
Reply To: <33CCFE438B9DD01192E800A024C84A19284623@mossbay.chaffeyhomes.com>
UTC Datetime: 1998-09-10 16:09:08 UTC
Raw Date: Fri, 11 Sep 1998 00:09:08 +0800
From: Dave Emery <die@pig.die.com>
Date: Fri, 11 Sep 1998 00:09:08 +0800
To: Bill Stewart <bill.stewart@pobox.com>
Subject: Re: radio net (fwd)
In-Reply-To: <33CCFE438B9DD01192E800A024C84A19284623@mossbay.chaffeyhomes.com>
Message-ID: <19980911010325.B10226@die.com>
MIME-Version: 1.0
Content-Type: text/plain
On Thu, Sep 10, 1998 at 01:57:46PM -0700, Bill Stewart wrote:
>
> But that doesn't mean there isn't a strong demand for voice privacy -
> just that the average consumer is satisfied having _some_ privacy,
> enough to keep casual observers out and neighbors from stealing phone service,
> and either doesn't believe the police would illegaly wiretap _him_,
> or (more cynically) doesn't believe the cellphone is enough protection
> if they do decide to target him.
>
>
And it clearly isn't. With the exception of cellphone to
cellphone traffic on one providers system (especially if it is GSM) the
traffic gets sent in the clear over trunking which is not particularly
well protected (and on occasion over microwave backhauls from cell sites
in the clear), to wire line phones which are often very vulnerable to
wiretaps. And all of these are subject to CALEA access, and many also
to various subrosa access via mechanisms provided for test and
maintainence and remote configuration of the system and trouble
diagnosis (mechanisms well and trully exploited by phreakers over the
years and well known and understood by the spooks as well).
Without end to end encryption with secure key material the
security of any phone is weak at best, link encryption of vulnerable
links such as RF paths will keep the nosey out and raise the bar enough
so as to discourage that kind of penetration by professionals, but if
the call goes through switching and trunking infrastructure in the clear
it is hardly difficult for large and powerful organizations to get
there hands on it if they really need it...
And of course if they really get desparate, they can bug
the area the conversation is taking place in... or even the phones...
--
Dave Emery N1PRE, die@die.com DIE Consulting, Weston, Mass.
PGP fingerprint = 2047/4D7B08D1 DE 6E E1 CC 1F 1D 96 E2 5D 27 BD B0 24 88 C3 18
Return to September 1998
Return to “Mok-Kong Shen <mok-kong.shen@stud.uni-muenchen.de>”