> Slightly off-topic, but a reminder of the sort of thing that
> ordinary crypto doesn't hide.
>
> http://www.silicon.com/news/500009-500001/1/5093.html?rolling=2
>
> IT Myths: Colombian drugs gang's mainframe-assisted assassinations?
> Did drugs barons really use multi-million pound systems to see who
> was grassing to informants...?

with similar import, here's cringely's article on
insecure CALEA workstations:

                                        - don davis


http://www.pbs.org/cringely/pulpit/pulpit20030710.html

"Not only can the authorities listen to your phone calls,
 they can follow those phone calls back upstream and
 listen to the phones from which calls were made.  They
 can listen to what you say while you think you are on
 hold.  This is scary stuff.

"But not nearly as scary as the way CALEA's own internal
 security is handled. The typical CALEA installation on
 a Siemens ESWD or a Lucent 5E or a Nortel DMS 500 runs
 on a Sun workstation sitting in the machine room down
 at the phone company. The workstation is password
 protected, but it typically doesn't run Secure Solaris.
 It often does not lie behind a firewall. Heck, it
 usually doesn't even lie behind a door. It has a direct
 connection to the Internet because, believe it or not,
 that is how the wiretap data is collected and transmitted."






-

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to