traffic analysis of phone calls?

[Peter Gutmann]

Don Davis <don at mit.edu> writes:

>with similar import, here's cringely's article on insecure CALEA
>workstations:

A friend of mine who used to work for a large telco ended up being delegated
to attend some of the CALEA meetings.  He reports that the FBI were totally
unable to comprehend that if they built a system full of easily-accessible
backdoors (pushbutton access to anything anytime), anyone with the necessary
know-how could also use those backdoors, and since the CALEA monitoring system
didn't appear to have been designed with security in mind (and as Cringely's
article points out, that obviously got carried through to the final design),
it would be possible to watch the watchers.  Sort of like assuming that when
you shoot at the bad guys they go down, but when they shoot back the bullets
bounce off.

(I think this was a manifestation of a generic problem with nontechnical
 decision-makers, the FBI has very clueful technical people, but the ones who
 got sent to the CALEA meetings were nontechnical people armed with wish-
 lists rather than techies armed with clues).

Peter.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com