CALEA is the terrible US federal law that requires that all switches that carry voice-traffic be built with an easy-to-access remote wiretapping capability so that cops (or bad guys who know cop secrets) can listen in on your voice conversations without cooperation from the phone company. A team of University of Pennsylvania researchers (already notorious for finding flaws in the previous version of the CALEA standard that let callers lock out wiretaps) have found a solid theoretical attack against the newer, shinier CALEA standard.
"We asked ourselves the question of whether this standard is sufficient to have reliable wiretapping," said Micah Sherr, a post-doctoral researcher at the university and one of the paper's co-authors. Eventually they were able to develop some proof-of-concept attacks that would disrupt devices. According to Sherr, the standard "really didn't consider the case of a wiretap subject who is trying to thwart or confuse the wiretap itself."
How to Deny Service to a Federal Wiretap
It turns out that the standard sets aside very little bandwidth -- 64K bits per second -- for keeping track of information about phone calls being made on the tapped line. When a wire tap is on, the switch is supposed to set up a 64Kbps Call Data Channel to send this information between the telco and the law enforcement agency doing the wiretap. Normally this channel has more than enough bandwidth for the whole system to work, but if someone tries to flood it with information by making dozens of SMS messages or VoIP (voice over Internet protocol) phone calls simultaneously, the channel could be overwhelmed and simply drop network traffic.
That means that law enforcement could lose records of who was called and when, and possibly miss entire call recordings as well, Sherr said.
Thinkgeek’s $150 Bluetooth Communicators are based on 3D scans of a prop communicator; pair it with your phone and clip it to your belt: when you get a ring, the psychedelic hypno-disc in the middle will spin prettily, flick it open and start talking.
Eye-Fi makes clever wifi hotspots in the shape of SD cards; your camera sees them as SD cards but you can mount them on your network and automatically feed the images captured by your camera to a nearby laptop. But to make all this work with some models, you need an account on “Eye-Fi Center,” […]
Kyle writes, “The Volt is a fully open source, arduino-based, handmade analog clock that tells time with meters. Available in a DIY install kit, 2 pre-made models, and a mix & match hardware option. The clocks are but with solid black walnut and maple, with faceplates produced in brass, copper, and steel. Only on Kickstarter!”
Drones are hot items, but where to start? Check out our assortment of 5 of the best drone models on the market, and get to work building your own aerial armada. And don’t forget to add coupon code DRONE10 for 10% off your purchase of any one of these drones, courtesy of the Boing Boing Store.Code Black Drone […]
If you’ve got a coding career on your mind, few programming disciplines will take you farther than a commanding knowledge of the Python language, which is not to be mistaken for parseltongue. Its versatility and ease of use make it a go-to for any coding project…so master Python now with this all-inclusive all-level python programming course […]
The realm of web development is constantly evolving. New platforms, languages, and processes materialize all the time, so staying on top of all that innovation is a tall order.Whether you’re brushing up on new tricks, starting from scratch, or just looking to make your own website a little jazzier, Rob Percival’s new Complete Web Developer Course 2.0 (now […]