Washington Post: How the NSA infers relationships based on mobile location data from SS7 and GRX

May 4, 2014 | Posted in News | By

A new article shows preoccupying combination of SS7 and GRX interception, OTT app HTTP calls eavedropping and datawarehousing to extract subscriber privacy details from Telecom and Mobile operators.

Washington Post: New documents show how the NSA infers relationships based on mobile location data.


Read More →

Belgacom hacks and spying show the needs to strongly improve telecom security

October 25, 2013 | Posted in News | By

“Several of us around the table had been subject to surveillance,” he told reporters.”The least we can expect is the countries and security services involve change their practices.”

“According to De Standaard, […] the spying was carried out by the U.S. National Security Agency and involved tracking international telephone calls for two years. It was focused on BICS, the Belgacom unit which provides wholesale telecom infrastructure services–in particular in Africa and the Middle East.”

Belgacom claims it was spied on by NSA.

Belgium latest to seek answers on spying allegations.


Read More →

France in the NSA’s crosshair : phone networks under surveillance

October 21, 2013 | Posted in News | By

Le Monde article on NSA spying on France telecom networks based on Snowden leaks.

“According to the documents retrieved from the NSA database […] telephone communications of French citizens are intercepted on a massive scale.”

“The techniques used for these interceptions appear under the codenames ‘DRTBOX’ and ‘WHITEBOX’. Their characteristics are not known either. But we do know that, thanks to DRTBOX, 62.5 million data were collected in France and that WHITEBOX enables the recording of 7.8 million elements. ”



Read More →

New report: Is Huawei in Ericsson’s shoes when Athens Affair hit?

October 18, 2013 | Posted in News | By

Huawei is trying to clear its name from the allegations of spying. But is Huawei really worse and compromised than Ericsson.

Ericsson backdoored products were used by intelligence agencies to spy on Greek government officials and hundred of VIP mobile phones, yet Ericsson did not suffer from the same level of ban and bad press that Huawei did get.

Is it a cultural bias against Huawei? A political and economical against chinese manufacturer? Or the level of compromission of Huawei is much higher, prompting this reaction.

Huawei is nevertheless trying to clear its name from these allegations with the following report “Cyber Security Perspectives” by John Suffolk, Huawei SVP & Global Cyber Security Officer.

PDF Report: Huawei Cyber Security White Paper (Oct. 2013)

Huawei: We are not spying on you.


Read More →

Operation Tempora: GCHQ taps fibre-optic cables for secret access to world’s communications | UK news | The Guardian

June 21, 2013 | Posted in News | By

Operation Tempora: GCHQ taps fibre-optic cables for secret access to world’s communications.

“Britain’s spy agency GCHQ has secretly gained access to the network of cables which carry the world’s phone calls and internet traffic”.

“The sheer scale of the agency’s ambition is reflected in the titles of its two principal components: Mastering the Internet and Global Telecoms Exploitation, aimed at scooping up as much online and telephone traffic as possible. ”

“GCHQ was handling 600m “telephone events” each day, had tapped more than 200 fibre-optic cables and was able to process data from at least 46 of them at a time.”

GCHQ taps fibre-optic cables for secret access to world’s communications | UK news | The Guardian.

Read More →

Huawei: Former Pentagon analyst says China has backdoors to 80% of telecoms

July 14, 2012 | Posted in News | By

Allegation that Huawei and ZTE have backdoors to enable chinese covert access to telecom infrastructure.

Former Pentagon analyst: China has backdoors to 80% of telecoms | ZDNet.

Huawei and ZTE deny backdoor allegations | The Inquirer.

The Secret Ways of Little Known Chinese Telecoms Giant Huawei | SPIEGEL ONLINE.

Huawei: worried about cyber-espionage backdoors? You can look at our code | Ars Technica.

The nightmare backdoor , reflections on the case Huawei | Security Affairs.

Huawei Initiating Int’l Network Security Standards | PR site

U.S. lawmakers to American companies: Don’t do business with Huawei or ZTE | Killer Apps.


Read More →

Vodafone Femtocell hack

July 15, 2011 | Posted in News | By

The Hacker’s Choice has published details on how to use a Vodafone “Sure Signal” femtocell as a 3G phone interception point.




Read More →

The Athens Affair – Ericsson AXE10 Mobile MSC backdooring & spying

June 29, 2007 | Posted in News | By

“The prime minister of Greece was told that his cellphone was being bugged, as were those of the mayor of Athens and at least 100 other high-ranking dignitaries”.

“The victims were customers of Athens-based Vodafone-Panafon, generally known as Vodafone Greece.”

“Rogue software used the lawful wiretapping mechanisms of Vodafone’s digital switches to tap about 100 phones”.

Screen Shot 2013-10-30 at 8.43.57 PM

“Like most phone companies, Vodafone Greece uses the same kind of computer for both its mobile switching centers and its base station controllers—Ericsson’s AXE line of switches.”

“In AXE exchanges a remote-control equipment subsystem, or RES, carries out the phone tap by monitoring the speech and data streams of switched calls. It is a software subsystem typically used for setting up wiretaps, which only law officers are supposed to have access to. When the wiretapped phone makes a call, the RES copies the conversation into a second data stream and diverts that copy to a phone line used by law enforcement officials.

Screen Shot 2013-10-30 at 8.44.11 PM

Ericsson optionally provides an interception management system (IMS), through which lawful call intercepts are set up and managed. When a court order is presented to the phone company, its operators initiate an intercept by filling out a dialog box in the IMS software. The optional IMS in the operator interface and the RES in the exchange each contain a list of wiretaps: wiretap requests in the case of the IMS, actual taps in the RES. Only IMS-initiated wiretaps should be active in the RES, so a wiretap in the RES without a request for a tap in the IMS is a pretty good indicator that an unauthorized tap has occurred. An audit procedure can be used to find any discrepancies between them.”

“From time to time the intruders needed access to the rogue software to update the lists of monitored numbers and shadow phones. These activities had to be kept off all logs, while the software itself had to be invisible to the system administrators conducting routine maintenance activities. The intruders achieved all these objectives. They took advantage of the fact that the AXE allows new software to be installed without rebooting the system”

Screen Shot 2013-10-30 at 8.44.38 PM

“The investigators examined the dumps more thoroughly and found the rogue programs. What they found though, was in the form of executable code—in other words, code in the binary language that microprocessors directly execute. Executable code is what results when a software compiler turns source code—in the case of the AXE, programs written in the PLEX language—into the binary machine code that a computer processor executes. So the investigators painstakingly reconstructed an approximation of the original PLEX source files that the intruders developed. It turned out to be the equivalent of about 6500 lines of code, a surprisingly substantial piece of software.”

Source & More information: The Athens Affair – IEEE Spectrum.


Read More →

Room 641A: telecommunication interception facility operated by AT&T for the U.S. National Security Agency

October 31, 2006 | Posted in News | By

Room 641A: the scandal and lawsuit about a telecommunication interception facility operated by AT&T for the U.S. National Security Agency (NSA)

Room 641A: telecommunication interception facility operated by AT&T for the U.S. National Security Agency | Wikipedia, the free encyclopedia.


Read More →