A Bad Week For Govt Snoops

November 13, 2009

* How to Deny Service to a Federal Wiretap

It turns out that the standard sets aside very little bandwidth — 64K bits per second — for keeping track of information about phone calls being made on the tapped line. When a wire tap is on, the switch is supposed to set up a 64Kbps Call Data Channel to send this information between the telco and the law enforcement agency doing the wiretap. Normally this channel has more than enough bandwidth for the whole system to work, but if someone tries to flood it with information by making dozens of SMS messages or VoIP (voice over Internet protocol) phone calls simultaneously, the channel could be overwhelmed and simply drop network traffic.

That means that law enforcement could lose records of who was called and when, and possibly miss entire call recordings as well, Sherr said.

Of course, criminals have plenty of easier ways to dodge police surveillance. They can use cash to buy prepaid mobile phones anonymously, or reach out to their accomplices with encrypted Skype calls, said Robert Graham, CEO with Errata Security. Luckily for the cops, criminals usually don’t take their communications security that seriously. “Most criminals are stupid,” he said. “They just use their same cell phone.”

* Microsoft Police Forensics Tool Leaked

The police-only forensics tool made by Microsoft to capture forensics data from a live system has been leaked online. The tool, Coffee, has been the subject of much speculation by the tech media who now finally has a chance to see it. According to reports, it grabs process information, network data, user passwords, and all sorts of information. Could the methods needed to gather that data be exploited by others? Given Microsoft’s security history the answer is most likely.

Coffee is hosted on Cryptome. User guide here.

About these ads

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: