[Infowarrior] - Crashing the Wiretapper's Ball

[Richard Forno]

Crashing the Wiretapper's Ball

http://www.wired.com/news/technology/1,71022-1.html
By Thomas Greene| Also by this reporter
02:00 AM Jun, 01, 2006

CRYSTAL CITY, Virginia -- The dingy hotel corridor was populated with suits,
milling about and radiating airs of defensive hostility. They moved in
close-knit groups, rounding a stranger or a rival group conspicuously, the
way cats do. They spoke in whispers. They glanced nervously over their
shoulders as they took calls on their cell phones, then darted swiftly into
alcoves.

They were government officials, telephone company honchos, military
officers, three-letter-agency spooks and cops, all brought together by
salesmen dealing in the modern equipment of surveillance. It was my job to
learn what they were up to.

They'd gathered for the ISS World Conference, a trade show featuring the
latest in mass communications intercept gear, held in the Washington, D.C.,
suburb of Crystal City, Virginia. Situated conveniently between Reagan
National Airport and the Pentagon, Crystal City is an artificial place
dominated by conference centers and hotels, set up to accommodate the
endless, and often secret, intercourse between the U.S. military and its
myriad itinerant contractors, lobbyists, consultants and trainers. They
rotate in and out, civilians using the airport, military personnel taking
the subway from the Pentagon, with Crystal City as the intersection in a
figure-eight circuit of constant activity.

Back in the narrow hotel corridor, vendors manned their booths, exhibiting
the latest gadgets for mass electronic surveillance: machines capable of
scouring the data streams of millions of subscribers -- industrial-strength
kits for packet interception and analysis, RF interception, and voice and
keyword recognition.

These devices are a bonanza for the communications hardware industry,
vouchsafed by the U.S. Communications Assistance to Law Enforcement Act of
1994, or CALEA, which mandates that all new telephone company gear must be
wiretap-friendly, or "CALEA compliant," according to the popular euphemism.
This has led to a seller's market with equipment makers pushing their
dual-use kits with exceptional confidence. The sales pitch has evolved
beyond the traditional points of reliability, scalability, total cost of
ownership and ease of deployment to exploit the hard-sell undercurrents of
mass-scale commerce that's mandated by law and funded by taxpayers who are
powerless to review the deals and evaluate their various costs and benefits
to society.

While U.S. telephone companies are well accustomed to CALEA requirements
(designed originally to make mobile phone networks as wiretap-friendly as
land-line systems), the Federal Communications Commission has declared
itself competent to expand the act to cover voice over internet protocol
outfits and internet service providers as well. This expansion has been
challenged in federal court, and the conflict has boiled down to a simple
phrase in the law, exempting providers of "information services" (as opposed
to communications services) from CALEA obligations. The Department of
Justice, ever eager for opportunities to plug law enforcement into the
internet at the most basic levels, claims that ISPs, like telephone
companies, are communications services, on grounds that instant messaging,
VOIP and e-mail constitute a significant replacement for traditional
telecommunications.

The FCC is in complete agreement with the Justice Department, and has issued
its demand for compliance by May 14, 2007. The case, currently on appeal, is
pending in a federal appeals court in Washington, D.C., where, comically,
one judge characterized the FCC's legal arguments as "gobbledygook." Thus
it's possible that only VOIP services that use the public switched telephone
network will be covered by the CALEA, leaving peer-to-peer VOIP outfits and
ISPs in the clear. A decision should arrive in a few months' time.

Despite this uncertainty, ISPs (and universities) have become new sales
targets for the surveillance equipment industry -- fresh leads, so to speak
-- and the hustle is uniform and loud: "CALEA is coming, and you'd better be
ready."

In the conference rooms, salesmen pitched their solutions for "lawful
interception." In attendance were the generally responsible representatives
of North American and Western European government and law enforcement, but
also numerous representatives of naked state control in the Middle East,
Asia and Africa. The phrase "lawful interception" might have meaning in the
United States, Canada and Europe, but this was the ISS world conference,
after all, with attendees from more than 30 countries.

Narus was there, maker of the kit fingered by Mark Klein and allegedly used
with impunity by the National Security Agency at numerous AT&T facilities
for mass, domestic internet surveillance, and, the company boasts, used by
Shanghai Telecom "to block 'unauthorized' internet calls."

There were European heavyweights like Ericsson and Siemens, American giants
like Raytheon and light-heavyweights like VeriSign and Agilent, along with a
vast host of leaner, more specialized, surveillance outfits such as Verint,
Narus and the like. They offered equipment and services capable of every
manner of radio frequency and packet interception, with user interfaces and
database structures designed to manage and deliver not just information but
"actionable data," properly organized and formatted for easy prosecutions.

Certain conference sessions, according to the schedule, were "open to sworn
law enforcement agents only." But there was no discrimination between the
more punctilious law enforcement agencies of democratic nations and those
hailing from quarters where darker practices are commonplace.

The last thing anyone involved wanted was publicity. Unfortunately, I had a
job to do, although it would be difficult; the press had been strenuously
dis-invited, and Wired News' efforts to get credentialed for the event
firmly rebuffed. I spent my first day lurking in public areas of the hotel.
In the lobby, two nattily dressed men with Caribbean accents were being
hustled by an American salesman. The Caribbean fellows stiffened upon my
approach, and warily lowered their voices. I buried my nose in the paper and
listened.

I could hear little of what the two potential customers said, but the
salesman, God bless him, was a loudmouth, and I was able to piece together
parts of the conversation from his various announcements. It seemed elements
of the deal that he was attempting to close were challenging. This may have
had to do with his customers' qualifications to take delivery of
surveillance equipment, perhaps because they weren't legitimate government
representatives, or the government that employed them was subject to U.S.
export restrictions. I never learned the exact problem with getting the
equipment into the customers' hands, but it was obvious that there was one.

The salesman concluded with a hearty recap. "I'm glad we had the chance to
meet in person; this is not a conversation I'd want to have on the phone,
for obvious reasons," he roared. Everyone laughed heartily.

Later, at the bar, I sat beside three Americans: two cops and a civilian
police employee. They bitched about how difficult RF interception is, how
the equipment is complicated and its user interfaces mysterious, and the
difficulty of getting adequate funds and properly trained personnel to carry
out surveillance effectively.

Grant money is to be avoided, they agreed. It's got strings attached --
strings like performance milestones and complicated reporting demands. And
on top of that, there's such an assload of damned frequencies, and it's such
a trial just to get the kit dialed in. You can waste hours listening to TV
instead of the subject's cell phone. But all the brass understands is hard
evidence leading to arrests, they whined.

This was suggestive stuff, but it's not what I came for. On day two, it was
time to make a move. I went to the registration booth and requested a pass
and a press fee waiver. "The conference isn't open to the press," a
receptionist explained with a fluty tone of voice and an android smile. A
uniformed security guard took a step closer, for emphasis.

I withdrew, bloodied but unbowed.

In the bar that night, things got interesting. A group of men associated
with the Pen-Link and Lincoln electronic surveillance systems came in. I
exchanged small talk with them for a bit, then moved to their table.
Although I had identified myself as a journalist, an enthusiastic reseller
of the equipment decided to hold forth. We drank a great deal, so I won't
name him.

"I'm not much concerned about wiretaps in America and Europe," I'd been
saying to one of the Pen-Link engineers, "but I wonder if it bothers you to
consider what this technology can do in the hands of repressive governments
with no judicial oversight, no independent legislature."

Our man interrupted. "You need to educate yourself," he said with a sneer.
"I mean, that's a classic journalist's question, but why are you hassling
these guys? They're engineers. They make a product. They don't sell it. What
the hell is it to them what anyone does with it?"

"Well, it's quite an issue," I said. "This is the equipment of
totalitarianism, and the only things that can keep a population safe are
decent law and proper oversight. I want to know what they think when they
learn that China, or Syria, or Zimbabwe is getting their hands on it."

"You really need to educate yourself," he insisted. "Do you think this stuff
doesn't happen in the West? Let me tell you something. I sell this equipment
all over the world, especially in the Middle East. I deal with buyers from
Qatar, and I get more concern about proper legal procedure from them than I
get in the USA."

"Well, perhaps the Qataris are conscientious," I said, "and I'm prepared to
take your word on that, but there are seriously oppressive governments out
there itching to get hold of this stuff."

He sneered again. "Do you think for a minute that Bush would let legal
issues stop him from doing surveillance? He's got to prevent a terrorist
attack that everyone knows is coming. He'll do absolutely anything he thinks
is going to work. And so would you. So why are you bothering these guys?"

"It's a valid question," I insisted. "This is powerful stuff. In the wrong
hands, it could ruin political opponents; it could make the state's power
impossible to challenge. The state would know basically everything. People
would be getting rounded up for thought crimes."

"You're not listening," he said. "The NSA is using this stuff. The DEA, the
Secret Service, the CIA. Are you kidding me? They don't answer to you. They
do whatever the hell they want with it. Are you really that naïve? Now
leave these guys alone; they make a product, that's all. It's nothing to
them what happens afterward. You really need to educate yourself."

On day three, the last day of the conference, I had nothing left to gain
from working the periphery, hence nothing to lose from being tossed out, so
I strolled past the android and the uniformed guard. No one challenged me. I
chatted with vendors. I grabbed brochures from their tables and handouts in
the conference rooms. I hung out on the veranda and smoked with fellow
tobacco addicts.

The best conversation I had was with Robert van Bosbeek of the Dutch
National Police. I asked him if he was tempted to buy anything.

"Not really," he said with a laugh. "But it's always good to see what's on
offer. Basically, we're three or four years ahead of all this."

He said that in the Netherlands, communications intercept capabilities are
advanced and well established, and yet, in practice, less problematic than
in many other countries. "Our legal system is more transparent," he said,
"so we can do what we need to do without controversy. Transparency makes law
enforcement easier, not more difficult."

By noon on day three, the conference had wound down. The final thing I
needed was the forbidden packet, with its CD of the slides from the
presentations. I would have it in spite of the android. Indeed, because of
the android.

I waited in the lobby. A group of Koreans came down the stairs. I know this
because they spoke Korean, and few outsiders speak it. It's not a popular
language, like French or English.

As it happens, I can speak it a little. Most Koreans are charmed by
foreigners who can mutter even a few words of their mother tongue, so I
chatted for a bit, and asked if I might copy the conference CD onto my
notebook computer. They were happy to oblige.

Naturally, this forbidden object contained nothing that could justify
keeping it from a journalist. There were no stunning revelations about new
intercept equipment designs, capabilities or techniques. Making it
unavailable was just another expression of the conference director's
small-minded attitude of hostility toward the press.

An attendee told me that during one presentation, a discussion arose about
whether the press should be invited to future ISS conferences. Some of those
present believed that secrecy only leads to speculation, which is usually
worse for trade than the facts. Others believed that reporters are too
ignorant to write competently about the secret intercourse between big
business and law enforcement, and should be told as little as possible in
hopes that they'll have nothing to write. Judging by my own experiences, it
was clear that the second line of reasoning had prevailed.

But it's foolish to be secretive: A determined reporter can't be thwarted,
and it's better that one should have more rather than less information to
work with.

It's ironic that spooks so often remind us that we've got nothing to fear
from their activities if we've got nothing nasty to hide, while they
themselves are rarely comfortable without multiple layers of secrecy,
anonymity and plausible deniability. While there was little or nothing at
the conference worth keeping secret, the sense of paranoia was constant. The
uniformed guard posted to the entrance was there to intimidate, not to
protect. The restrictions on civilians attending the law enforcement agency
sessions were, I gather, a cheap marketing gesture to justify their
$6,500-per-head entrance fee with suggestions of secret information that the
average network-savvy geek wouldn't have known.

In the end, all this surveillance gear and attendant hype becomes
meaningless with simple precautions like encrypted VOIP, a good
implementation of virtual private networks, and proxies and SSH for web
surfing, IM, internet relay chat, webmail and the like. Skype's VOIP service
is encrypted but closed-source. Still, there's SpeakFreely, a peer-to-peer,
open-source VOIP app; Zfone, an open-source VOIP crypto plug-in from PGP
honcho Phil Zimmermann; Invisible IRC, an open-source IRC proxy
implementation that includes anonymization and encryption features, plus
other dodges too numerous to mention.

The popular law enforcement myth is that crooks are getting ever more
sophisticated in their use of modern technology, so the police have got to
acquire more "sophisticated" point-and-drool equipment to catch them. We
find versions of this incantation in virtually every Justice Department
press release or speech related to CALEA. But these tools -- especially in
the IP realm -- are not so much sophisticated as complicated and very
expensive. They're a bad alternative to old-fashioned detective work
involving the wearing down of shoes and dull stakeout sessions in
uncomfortable quarters such as automobiles. The chief impulse behind this
law enforcement gizmo fetish is laziness, and it's a bad trend: The more
policemen we have fiddling with computer equipment, the fewer we have doing
proper legwork.

The windup is that garden-variety crooks will remain those most susceptible
to remote, electronic surveillance, while sophisticated, tech-savvy bad guys
will continue operating below the radar. CALEA and its most potent
technological offspring are inadequate to catch the people who most need
catching. The project of "lawful interception" is huge, grotesquely
expensive, controversial, infused with unnecessary secrecy and often useless
against the most important suspects it purports to target.

It poses a tremendous threat to human rights and dignity in countries
without adequate legal safeguards, and still invites occasional abuses in
countries with them. Its costs are paid by citizens who are deliberately
kept in the dark about how much they're paying for it, how effective it is
in fighting crime and how susceptible it is to abuse. And that's the way the
entire cast of characters involved wants to keep it.

Which, of course, is exactly why the public needs to know much more about
it, even if it requires rude tactics like crashing the spooks' soirée.