6 July 2007
There's a fascinating new IEEE Spectrum article by Vassilis Prevelakis and Diomidis Spinellis about the Greek cellphone tapping incident. In this incident, someone — just who remains unknown — inserted some code in some phone switches to abuse the built-in wiretap facilities to eavesdrop on calls. Over 100 people's lines were monitored, up to and including the prime minister.
There are two important lessons to be drawn from this incident. First, logging and process are very important. Everyone involved in system design or operation should pay attention to that portion of the article. I say "everyone" and not "all security people" because the logs in question are not necessarily intended for security purposes.
The second lesson, of course, is that built-in wiretap facilities and the like are really dangerous, and are easily abused. See, for example, Security Implications of Applying the Communications Assistance to Law Enforcement Act to Voice over IP, by myself, Blaze, Brickell, Brooks, Cerf, Diffie, Landau, Peterson, and Treichler; The Real National-Security Needs for VoIP, by me, Blaze, and Landau; Comments on the Carnivore System Technical Review, by me, Blaze, Farber, Neumann, and Spafford; The RISKS of Key Recovery, Key Escrow, and Trusted Third-Party Encryption by Abelson, Anderson, me, Benaloh, Blaze, Diffie, Gilmore, Neumann, Rivest, Schiller, and Schneier; CERT® Advisory CA-2000-18: PGP May Encrypt Data With Unauthorized ADKs; and many more.
Update: Matt Blaze has also blogged about this article.