Chinese hackers breached US court wiretap systems, WSJ reports (opens in new tab)

(reuters.com)

24 pointspash1y ago7 comments

7 comments

Building and having exist these mass targeted surveillance creates a risk that is pretty hard to mitigate - they’re meant to be secret even to most of the people operating the comms networks. It’s also creates a blame arbitrage risk - at least in the US, the reputation of all telcos is so in the garbage that they don’t have a huge incentive to keep things tight when doing things the government forces them to do.

Another related case was in the mid 2000s where someone did the same thing to Vodafone’s mobile network: https://en.wikipedia.org/wiki/Greek_wiretapping_case_2004%E2...

Circumstantial evidence suggests it was the US in that case.

stufffer1y ago

If a local police department wants phone records they have to go through the company's legal compliance department.

The disturbing revelation here is that it sounds like the federal government has direct backdoor access to all these records without having to show any warrants.

https://en.m.wikipedia.org/wiki/Room_641A

hulitu1y ago

> The disturbing revelation here is that it sounds like the federal government has direct backdoor access to all these records without having to show any warrants.

This is since a looong time. HTTPS does not offers any security. It just serves to identify you in case they want to.

bananapub1y ago

Every telco in every country has specific systems for handling wiretaps, it’s called “LI” - “lawful intercept”. They don’t like to talk about it, even with their employees

hujun1y ago

all network devices that terminates a subscriber (broadband or mobile) has a feature called LI: https://en.wikipedia.org/wiki/Lawful_interception, which is required by law in almost all countries one requirement is that operation of LI feature is totally separate from normal network operator, so that even normal network admin are not supposed to know what kind of LI operation is ongoing...

ungreased06751y ago

If true, this is a catastrophic cybersecurity failure. I’m feeling more like a Luddite every week. Systems like that maybe shouldn’t exist.

floydnoel1y ago

time to start the Butlerian jihad

j / k navigate · click thread line to collapse

7 comments

bananapub1y ago

Another related case was in the mid 2000s where someone did the same thing to Vodafone’s mobile network: https://en.wikipedia.org/wiki/Greek_wiretapping_case_2004%E2...

Circumstantial evidence suggests it was the US in that case.

stufffer1y ago

If a local police department wants phone records they have to go through the company's legal compliance department.

The disturbing revelation here is that it sounds like the federal government has direct backdoor access to all these records without having to show any warrants.

https://en.m.wikipedia.org/wiki/Room_641A

hulitu1y ago

> The disturbing revelation here is that it sounds like the federal government has direct backdoor access to all these records without having to show any warrants.

This is since a looong time. HTTPS does not offers any security. It just serves to identify you in case they want to.

bananapub1y ago

Every telco in every country has specific systems for handling wiretaps, it’s called “LI” - “lawful intercept”. They don’t like to talk about it, even with their employees

hujun1y ago

ungreased06751y ago

If true, this is a catastrophic cybersecurity failure. I’m feeling more like a Luddite every week. Systems like that maybe shouldn’t exist.

floydnoel1y ago

time to start the Butlerian jihad

j / k navigate · click thread line to collapse