[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [interesting-people Home]
Subject: [IP] more on serious threat models
-------- Original Message -------- Subject: Re: [IP] more on serious threat models Date: Fri, 03 Feb 2006 14:49:34 -0500 From: Matt Blaze <mab@crypto.com> To: dave@farber.net References: <43E39D56.9050506@farber.net> I don't interpret that as "anti-American"; both articles made clear that the US Embassy was one of the TARGETS of the tap. The fact that the "interceptors" were found to be near the embassy strengthens the case that the embassy was a target and seems quite relevant to the story. By the way, it's not at all clear from the story just what was going on or how "high tech" the attack would have to be. What does "diverting" to a prepaid mobile mean? Here's a possibility: they "social engineered" or otherwise compromised the target account to assigned it a new telephone number and forward the old number to a prepaid account they control. The "interceptor" box acts as a "man in the middle" that receives calls at this prepaid account and forwards them back to the target's "new" number (all the while recording the content). Such an arrangement would allow interception of incoming calls (but not outgoing calls, unless they managed to get those forwarded as well somehow -- perhaps there's a GSM feature that can do that, too). Cumbersome, but has the advantage to the attacker of not requiring any custom software or features on the switch or cryptanalysis of the over-the-air interface, just garden-variety subscriber account compromise and cobbling together a couple of off-the-shelf GSM handsets. -matt On Feb 3, 2006, at 13:13, Dave Farber wrote:
-------- Original Message -------- Subject: RE: [IP] serious threat models Date: Fri, 03 Feb 2006 13:01:41 -0500 From: Atkinson, Robert <rca53@columbia.edu> To: dave@farber.netIt's interesting to see The Guardian's relentless anti-Americanism comethrough in this story. The AP reports: "An investigation showed that these mobiles had been used in a central Athens area where many foreign embassies are located, though Mr. Roussopoulos refused to speculate on whether foreign agencies might be involved." The Guardian article is almost identical to AP's, except it says:"The government revealed that the phone tappers used interceptors tracedto the vicinity of the US embassy." Bob -----Original Message-----From: Dave Farber [mailto:dave@farber.net] Sent: Friday, February 03, 2006 12:08 PMTo: ip@v2.listbox.com Subject: [IP] serious threat models -------- Original Message -------- Subject: serious threat models Date: Fri, 03 Feb 2006 08:38:09 -0800 (PST) From: Gregory Hicks <ghicks@well.com> Reply-To: Gregory Hicks <ghicks@well.com> To: declan@well.com, dave@farber.net CC: ghicks@cadence.com From: "Steven M. Bellovin" <smb@cs.columbia.edu> Date: Thu, 02 Feb 2006 21:28:31 -0500I hate to play clipping service, but this story is too important not tomention. Many top Greek officials, including the Prime Minister, and the U.S. embassy had their mobile phones tapped. What makes this interesting is how it was done: software was installed on the switch that diverted calls to a prepaid phone. Think about who could manage that. http://www.guardian.co.uk/mobile/article/0,,1701298,00.htmlhttp://www.globetechnology.com/servlet/story/RTGAM. 20060202.wcelltap0202/BNStory/International/ --Steven M. Bellovin, http://www.cs.columbia.edu/~smb ------------------------------------------------------------------- I am perfectly capable of learning from my mistakes. I will surely learn a great deal today. "A democracy is a sheep and two wolves deciding on what to have for lunch. Freedom is a well armed sheep contesting the results of the decision." - Benjamin Franklin "The best we can hope for concerning the people at large is that they be properly armed." --Alexander Hamilton ------------------------------------- You are subscribed as rca53@columbia.edu To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ------------------------------------- You are subscribed as matt+ip@crypto.com To manage your subscription, go to http://v2.listbox.com/member/?listname=ipArchives at: http://www.interesting-people.org/archives/interesting- people/
------------------------------------- To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [interesting-people Home]
Powered by eList eXpress LLC