Signaling Vulnerabilities In Law Enforcement Wiretapping Systems presented at 15th USENIX Security Symposium 2006

by Matt Blaze,

Tags: Security Legal

Summary : The politics of wiretapping is a hot topic (again) lately. But how do the police actually tap telephones, anyway? How might tapping technology fail? Telephone wiretap and dialed number recording systems are used by law enforcement and national security agencies to collect critical investigative intelligence and legal evidence. This talk will examine the technology of (legal) wiretapping and show how many of these systems are vulnerable to simple, unilateral countermeasures that allow wiretap targets to prevent their call audio from being recorded and/or cause false or inaccurate dialed digits and call activity to be logged. The countermeasures exploit the unprotected in-band signals passed between the telephone network and the collection system and are effective against many of the wiretapping technologies currently used by US law enforcement, including at least some "CALEA" systems. We'll explore possible workarounds, as well as the broader implications of the security vulnerabilities in evidence collection systems.