CALEA is the terrible US federal law that requires that all switches that carry voice-traffic be built with an easy-to-access remote wiretapping capability so that cops (or bad guys who know cop secrets) can listen in on your voice conversations without cooperation from the phone company. A team of University of Pennsylvania researchers (already notorious for finding flaws in the previous version of the CALEA standard that let callers lock out wiretaps) have found a solid theoretical attack against the newer, shinier CALEA standard.
"We asked ourselves the question of whether this standard is sufficient to have reliable wiretapping," said Micah Sherr, a post-doctoral researcher at the university and one of the paper's co-authors. Eventually they were able to develop some proof-of-concept attacks that would disrupt devices. According to Sherr, the standard "really didn't consider the case of a wiretap subject who is trying to thwart or confuse the wiretap itself."
How to Deny Service to a Federal Wiretap
It turns out that the standard sets aside very little bandwidth -- 64K bits per second -- for keeping track of information about phone calls being made on the tapped line. When a wire tap is on, the switch is supposed to set up a 64Kbps Call Data Channel to send this information between the telco and the law enforcement agency doing the wiretap. Normally this channel has more than enough bandwidth for the whole system to work, but if someone tries to flood it with information by making dozens of SMS messages or VoIP (voice over Internet protocol) phone calls simultaneously, the channel could be overwhelmed and simply drop network traffic.
That means that law enforcement could lose records of who was called and when, and possibly miss entire call recordings as well, Sherr said.
The LG Watch Urbane 2nd Edition LTE was the company’s latest answer to Apple’s dominating entry into the market. But it died fast, pulled off the shelves within a week due to an unspecified problem with the display. Ron Amadeo writes that they “are not in a position to communicate the specifics of the issue […]
I’ve been using Stanley’s classic flask for years (I literally packed one, full of nice bourbon, in my suitcase this morning for the Melbourne/Sydney/Berlin trip I’m leaving on tonight), and I have no complaints: it’s beautiful, easy to close, and rugged.
Mattel’s Hello Barbie has a microphone and a wifi interface, and it transmits the phrases it hears to a central server in order to parse them and formulate a response. Mattel claims that the data isn’t being retained or harvested for marketing purposes, and assures parents that they can make Barbie stopping eavesdropping on them […]
Today and tomorrow only we are offering an additional 15% off the entire Boing Boing store (some exclusions may apply). Simply use coupon code: BLACKFRIDAY at checkout! Below are a few of our favorites from the store: First Generation Lytro 16GB Camera: The First Consumer Camera to Capture the Entire Light FieldAdobe Training Videos: Lifetime Subscription: 6,000+ Adobe […]
Today only in the Boing Boing Store we are offering an extra 15% off of the below VPN deals just use coupon code: VPN15 at checkout. proXPN VPN: Premium Lifetime Subscription Surf the web with ultimate peace of mind – both at home and on the road – over proXPN’s fully-encrypted, lightning-fast servers. Your lifetime premium subscription […]
These knitted gloves are here to save the day (and your hands) with an ultra-comfy, double-layer that will allow you to stay warm and use your phone. Now you can take photos on the fly, text, Tinder, and more without letting freezing temperatures get in your way. Plus they work with all touchscreens, so no […]