Insecure by design

Insecure by design


CALEA (Computer Assistance Law Enforcement) is quietly in the background of current news again, because the FBI is pushing congress to mandate that all future routing equipment manufactured will include back doors for law enforcement. Like in CALEA mandates for telephone switching equipment, such back doors require no warrant to activate, and hence can be secretly enabled at will. Some vendors have already eagerly embraced CALEA inspired backdoors to internet routing equipment in anticipation of future intercept mandates, thereby already compromising the integrity and security their current and future customers. This approach of using backdoors on Internet connected systems, even more so than the original CALEA mandates for wiretapping backdoors in telephone switching centers, is a danger to both our infrastructure and our society.

CALEA has required that all telephone switching equipment manufactured since 1994 must include backdoors to enable wiretapping. While the need for lawful legal intercept is estimated to be in the range of 1000 or so wiretaps per year, and past practices have required not only warrants but also physical access to switching centers, these requirements were neither unduly burdensome, nor unduly expensive for the limited number of lawful investigations normally engaged in per year, whether back then or today. What these historic pre-CALEA limitations did assure is that the cost of mass privacy invasion would be far too expensive to ever effectively undertake.

By contrast, CALEA mandated backdoors allows one to activate wiretaps remotely on any scale desired, and to do so entirely in secret. Indeed, the NSA wiretapping scandal is an example of how CALEA can be misused. That the huge volume of information being collected, and the fact that most of the older telephone switching equipment does not normally support true network remote access, had forced the NSA to co-locate facilities in a number of switching centers to collect their data. Applying CALEA backdoors to distributed and even end-user deployed routing equipment that is already Internet connected of course eliminates the need to co-locate facilities, and hence would make it much harder to detect or determine the scope of any future illegal government activities, in regard to misusing Internet wiretapping.

While these mandates may be only originally intended for spying and use within North America, clearly, with proprietary telephone switching systems, such equipment was often also sold overseas. As the Greek prime minister discovered in 2004, when he and 100 other governmental officials were tapped for over a year by someone making use a CALEA mandated backdoor, “source secret by obscurity” backdoors often do not remain secret. Of course this is not the only incident where CALEA backdoors have been used for espionage purposes by others. Such systems are hence inherently insecure by design.

When one deliberately builds in government mandated backdoors that can be opened in secret and without notice, one is opening such systems to undetected access by anyone who can discover and operate them, including those who may be deemed even more undesirable than national governments spying on their own citizens. Even, as noted in the case of the Greek Government, the security of government facilities themselves may be compromised by outside parties. Such information may be used to blackmail individuals, to acquire identity information for theft, or to acquire passwords and information that could be used to compromise the underlying security of key infrastructures and safety systems, like for example power generation systems.

Personally I do not feel any “safer” in a state that requires the infrastructure for enabling or engages in mass surveillance of it's own citizens, or that practices guilt until proven innocent while claiming to do so in the name of my “protection” and safety. Indeed, I find that such a state is in fact a far greater danger to the safety of myself, my children, and the people as a whole, than the potential threats I am supposedly being protected against, whether real or imagined.

Category: 

Comments

vach's picture
Submitted by vach on

CALEA does not provide free all-hands backstage passes for law enforcement. In the U.S. the same processes hold true--the LEA provides a hardcopy of a warrant (typically a fax) and the service provider executes the warrant. No differently than is done today. There is not a single point in this article that seems to have been researched effectively--rather, you're pointing to other people's blogs (read:opinions) on CALEA. Try going to the source and reading a bit, hell, you provided a link to http://www.askcalea.net/, how's about reading what's there.

Othello's picture
Submitted by Othello on

First of all he's not wrong, it does make it easier to wiretap, especially on a large scale. Second of all the main point seems to be the large gaping security holes that CAELA opens up. Remember kids, reading is FUNdamental!

Anonymous visitor's picture
Submitted by Anonymous visitor (not verified) on

The government's backdoor operates on UDP ports 1025-1031. The key to this backdoor is disguised as MS IM spam.

Anonymous visitor's picture
Submitted by Anonymous visitor (not verified) on

speaking as someone who has had to babysit a dms-250 CO switch for sprint
I did* get shown where the wiretap access was :) It was implemented as
a conference bridge with one set of wires cut (duh) they could dial in
and IF THEY HAD AUTHORIZATION could identify who was on and listion in.
actually anyone on the console can log in and find out where a cell phone is (ok, on what sector of what cell site) and even listion in on a conversation if they felt like it. You of course have to have a few passwords to do this but if your authorized to be at a console terminal, you generally have the passwords to do that.
also there was some hardware by that terminal to let me listion in/talk if
I felt like it.
morals to the story:
If big brother wanted to listion in, he would have to have a way to get the audio back to home base (ie the phone lines where they dialed in).
the ability to set up that conference bridge to monitor is behind a password or two, that means that they eather have to give it to big brother or they have to set it up.
I have no idea what the case is, personally I suspect big brother just has the password and they have a computer monitor whos on and pull what they are interisted in. just monitoring any and all conversations would
require a lot* of people listioning in and very little to show for it.
wait a minute, isnt that what echalon is for?
never mind...

caviets:
it was a number of years ago (ie more than 10) since I did this and i only have expierience on one model of CO switch.

adamparkar's picture
Submitted by adamparkar on

The key question becomes, does Microsoft really need Novell anymore, or is it ready to try its luck with Linux directly?
Anyways i have made some stationery logo design & website logo so i can better understand the main problems of this issue.

robertfalco's picture

The central question turns, causes Microsoft truly want Novell anymore, or is it quick to try its luck with Linux immediately?
Anyways I've attained a few stationery logo design & website logo so i could better empathise the important problems of this issue.

Author information

David Sugar's picture

Biography

David Sugar is an active maintainer for a number of packages that are part of the GNU project, including GNU Bayonne. He has served as the voluntary chairman of the FSF’s DotGNU steering committee, as a founder and CTO for Open Source Telecomm Corporation, and currently owns and operates Tycho Softworks.