While headlines from European hacking conference 30c3 featured speakers vying for U.S. National Security Agency revelation sensationalism, one notorious hacker delivered an explosive talk that dismantled one thing the NSA, law enforcement, and global intelligence agencies depend on: "Lawful Interception" systems.
And German researcher Felix "FX" Lindner did exactly that, in what was stealthily 30c3's most controversial bombshell of the conference.
In a talk titled CounterStrike: Lawful Interception, Lindner explained to a standing-room-only theater of 3,000 hackers how easy it is to find out if you're under legally imposed surveillance, detailing how easily a user can jam the shoddy legacy systems running Lawful Interception (LI).
In explaining how LI works, Lindner revealed the shocking lack of accountability in its implementation and the "perverted incentive situation of all parties involved" that makes it easy to perform interception of communications without any record left behind.
In all, the hacker known for the default password list and Huawei's router backdoors told the world that he's confident the bug-ridden, copy/pasted systems are being used for data acquisition by intelligence services.
LI interfaces, he explained, are the same ones used for bulk collection in the NSA surveillance scandal.
After delivering the CounterStrike talk, Lindner told ZDNet: "I'm convinced that any serious actor, especially nation state or terrorist organizations, is already well aware of the limitations of LI and perfectly capable of circumventing it anytime they want."
He added: "They might use the increased attack surface to actually turn LI against the router itself."
"On the other hand, the current design makes it fairly easy for agencies to establish a tap without going through the official channels, so a change in the architecture is probably not in their interest."
LI it turns out, is based on years and years of legacy code.
It is also based on critically bad decisions — like Cisco's LI router configuration guideline that requires both the router and the mediation device used in LI to be registered in the Domain Name System (DNS).
In an exclusive interview with ZDNet, Lindner said his talk CounterStrike was "meant for network engineers as well as management of service provider companies," with the eye of, "hop[ing] of striking a chord with policy makers."
Bron: zdnet
