As some of you may remember, there was a scandal in Greece
back in
February 2006 involving the interception of mobile phones
belonging to
high-level government officials, including the Prime
Minister. The
CALEA software on the Ericsson switches used by Vodafone was
blamed;
it had apparently been surrepticiously turned on and was
copying
traffic to an equal number of "shadow" phones.
An thorny point in the investigation was the revelation that
the
"shadow" phones had also been used to make phone
calls to Laurel, MD.
An interview with James Bamford on the possible role of the
NSA in the
"Mavili-gate" was published in last Sunday's
(5/8) "To Vima", one of the
major Athens newspapers. I contacted the journalist, Alexis
Papahelas,
asking for permission to forward the article to this list,
and he was
kind enough to send me the original raw transcript. Here it
is, very
slightly edited for obvious transcription mistakes. The
published
article (in Greek) can be found in:
http://www.tovima.gr/print_article.php?
e=B&f=14755&m=A20&aa=1
-- Mr. Bamford Good Evening from Athens, thank you very
much for being
with us tonight.
JB: My pleasure
-- Let me ask you first of all, there has been a lot of
discussion here
in Greece about this lawful interception software,
explain to me
what it is, and whether the US put pressure on worldwide
companies
to install that after 9/11 especially?
JB: Well the software is basically used to attach to
commercial
communication facilities, like the AT&T in the US,
or whatever
commercial company it is, and anything that goes over
these
communication facilities gets picked up, whether it is
e-mail, or
telephone calls and divert it to the US Government,
whoever attached
the equipment.
-- Is it your understanding that most of the hardware
companies around
the world, that provide mobile telephone companies with
equipment,
had this installed at some point?
JB: Well in the US there was a lot of requiring that US
companies do it,
but around the world I think there was pressure by the
US for a lot
of the friendly countries to the US, allied countries to
do as much
as they can in terms of domestic eavesdropping and this
type of
equipment is most useful for that.
-- As you know, during the Olympics here in 2004, a lot of
the US
intelligence agencies were here, based here, they had a
lot of
equipment here, now do you imagine they were able back
then to
monitor conversations between mobile phones here in
Greece?
JB: Oh, the technology has been long in existence for them
to be able to
monitor mobile phone calls, the US monitors phone calls
all over the
world, and it has the equipment, so I would imagine that
especially
since there was a large US contingency at the Olympics
in Athens,
that they would have, the NSA would have had a presence
there with
an eavesdropping capability.
-- Give us a sense of you know, what an NSA operation would
entail here
in Greece.
JB: Well, what would have happened was, the US would fly
over a team
plus equipment. They would first scan out the best
places to maybe
put antennas to intercept microwave communications,
communications
that would carry mobile phone signals, for example. On
the other
hand they could have also worked out an agreement with
Greek
telecommunications companies, or the Greek Government to
install NSA
equipment on their facilities in order to monitor the
communications, so it is hard to say but there is very
little
question that the NSA did a lot of monitoring during
that period of
time.
-- What you are saying is very important to us, so to my
understanding
is that the NSA does strike, I suppose secret
agreements, with phone
companies around the world, is that what you are saying?
JB: Oh sure, it tries as much as it can to get phone
companies around
the world to co-operate with the NSA in order to help
its world-wide
monitoring operations.
-- And would it be acceptable for them also, to try to
recruit some
people from inside the companies, if they cannot strike
such an
agreement?
JB: Yeah, NSA does that too it will try to make a deal, to
get somebody
to co-operate. In the old days the NSA would try to get
a code-clerk
at an Embassy to co-operate, but these days they try to
get people,
that have access to large databases, or
telecommunications
facilities.
-- We have sent you e-mails, and you have an idea of what
this Greek
system of interception looked like. Does it tell you
something, I
mean how sophisticated is it, does it tell you it is a
US
intelligence agency, a British, somebody else? What is
your
assessment?
JB: Well I think it is pretty much a standard communications
system, in
terms of mobile phone calls and so forth, they all
pretty much
operate the same way, it is just that it is a different
frequency,
maybe some different equipment, but the ideas are that
the signals
go from the hand-held cell-phone to a repeater and from
a repeater
to maybe another repeater, eventually making their ways
back to
central telephone exchange where the information is
retransmitted
out to wherever it is supposed to go, so the NSA is set
up for one
reason and that is to eavesdrop on communications around
the world
so this would not be a tremendous technological
difficulty for them.
-- But can you say with some certainty that this was an
American
operation, or it could be somebody else?
JB: Well, I am just speculating because I don't know for
sure, but if
the NSA was over there during the Olympics, and the US
almost always
sends a team consisting of people including NSA people
to major
events around the world, where Americans are going to
take part, to
try to find out if there is going to be any terrorism,
and one way
of doing that is by monitoring the communications, that
go through
the air, the communications that are communicated both
internally
and externally from that country.
-- How many mobile phone-call-conversations could the NSA
monitor in a
country like Greece on any given day?
JB: It is hard to say. What they would probably do , is to
focus on the
key-links where they think that the bulk of the
communications-exchanges are going to be and probably
intercept
those kind of communications. And once they intercept
them,
the NSA would have computer-facilities so that the
communications
would go through the computers and they are probably
going to be
looking for calls from Afghanistan, information that
they think is
very susceptible to terrorism, for example in other
words numbers
that they have of previous terrorist contacts. They
would all be fed
in the computer, and then any e-mail or telephone-call
with those
numbers or e-mail- addresses would be kicked out.
-- Now, who translates all of these things, because I
imagine it is
like thousands of hours of conversations that are being
transmitted
to NSA. everyday.
JB: Well it is, but they take in enormous amounts of
communications,
but filters, computerized filters sort of get rid off by
98% of
it, and there is only a 2% that actually gets analyzed
in the
end. And those 2% are whether names in the computer,
people that
they are suspicious of, telephone numbers that they are
looking
for, e-mail-addresses, and once they get down to those,
and they
do have a number of people that speak a wide variety of
languages,
including Greek at NSA.
-- What is the most technologically advanced way of
intercepting
mobile phone conversations? Because for a while we are
assuming
that the code of transmitting over the air is safe. Is
it still
safe or has the NSA broken it?
JB: No, if the communications are traveling through the air,
which
they do by a mobile phone call, they are going to go a
very short
distance so they get to a repeater and they eventually
go to a
central telephone office, so again if you are able to
intercept
those signals as they go through the air, which you
would
basically just need a microwave antenna, or if you have
co-operation of the company or the Government, then you
can get
access of that. I mean they are not intercepting the
entire
communications systems by entering or leaving the
country,
certainly, but they are probably looking at certain key
communications-node, where they think there may be
communications
coming from lets say places like Afghanistan, or Iraq or
some
place like that.
-- Give us a sense of the Size of NSA, in terms of the
budget of
people working for it and so on.
JB: NSA is the largest intelligence agency in the world, and
it is
twice the size of the CIA, it is far more secret, and it
has about
38.000 people. Again NSA's entire job, at least until
recently,
was to spy overseas, to eavesdrop on communications in
foreign
countries. So most of those people are either at the
headquarters
at NSA, or else in countries around the world. NSA over
the years
has had a number of facilities in Greece at various
times, I am
not sure if they have one there now, but in the past
they have had
bases in Greece.
-- And do you think they are focusing in that area from
what you
know, from your research, was Greece always sort of an
important
target for them?
JB: Well, Greece has always been a target, I think it
depends on world
climate how important it is at various times, I mean
right now it
probably has less importance than it did in other times,
because
now they are focusing primarily on Iraq, Iran,
Afghanistan,
N. Korea, areas like that, but if it looks like some
terrorists
are coming into Greece, or are operating in Greece, or
if it looks
like the Government may be communicating with countries
that the
NSA is very interested in, such as Iran, Iraq or any
places in the
Middle East than the NSA would be very interested.
-- Let me go back to what was the Greek system and so
on.You had said
in previous answer that there are very few people in the
world,
that could actually manipulate this Eriksson software in
order to
gain access to this system. How many people in the world
have this
kind of knowledge?
JB: I don't know how many people around the world, but
NSA's job, that
is their entire job. This agency was created for one
purpose and
that is to eavesdrop on the maximum matter of
communications
around the world. NSA could find a way to get a trapped
door or a
back door into say an Eriksson telephone system, you
know they
would do it. Because those systems are used by people
all over the
world.
-- In this case we are talking about a very big cell-phone-
company,
VODAFONE, which is a multinational as you know, would
they risk
you think their reputation, and you know, go ahead and
co-operate
with NSA at that level?
JB: I would think that they would not co-operate at that
level, but
what the NSA normally does, is it hires people that have
worked
for companies like that, and these people tell them how
the
systems work and then their job with NSA is to reverse
engineer
these systems, to find ways into them, so although I
doubt that
the head of Eriksson would co-operate with NSA, the NSA
has
enormous technological capabilities to find sort of back
doors, or
trapped doors, or ways by reversed engineering into
these systems.
-- Knowing how these people work there is a legal
investigation, a
judicial investigation here in Greece, do you think they
will ever
find the answers, I mean who was behind this
interception, any
physical evidence, any traces?
JB: Well, it is hard to say. This happened in the US several
times,
where there has been a question, whether monitoring has
been legal
or not, and they have looked into it occasionally and
they have
found an answer as to who was involved with it, but a
lot of times
they do not find him. Again with NSA, NSA keeps its
information so
very-very secret, they wouldn't even let the judges on
the
surveillance court, they are supposed to prove NSA
warrants about
it, they wouldn't let Congress except for 8 people.
Over 500 people
know about it, so NSA tries to keep it extremely secret.
-- You are one of the world experts in this kind of issues,
so if you
had to take a bet today who was behind this kind of
operations in
Greece?
JB: I just cant say, I don't know enough information about
it , all I
can tell you is that NSA's job is eavesdropping on
communications
around the world , Greece is a target occasionally
whenever they
think there is something important. NSA has bases in
Greece and
NSA looking for indications of terrorism during the
Olympics, so
whether they are involved with this recent operation I
don.t know
but certainly they have an interest in it.
-- Your advice to someone using a mobile phone, should they
talk
openly or no?
JB: The problem, cell phones also, there is not kind of
information
that the NSA cant eavesdrop on one way or another, this
is why in
the USA there is a big debate right now about making the
NSA go
through a quirk and get an authorization before they
eavesdrop on
somebody, but overseas the NSA can eavesdrop on anybody
they want,
there is no restriction on eavesdropping in Greece, even
if there
was an American in Greece, NSA could eavesdrop on that
person
without going through a quirk.
-- so you are saying even the crypto phones that the prime
minister/government/military are using they are
vulnerable to this
kind of penetration you say.
JB: Well, crypto phones are probably NSA's biggest targets
around the
world, whether or not the NSA was able to break the
encryption of
the algorithm to get into those phones I don't know. I
don't have
this information, but I know obviously NSA's key job,
NSA's first
job is intercepting communications, and second job is
breaking
codes such as the codes that encrypts that
communications, and
third job is making USA encryption systems.
-- Thank you
------------------------------------------------------------
---------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe
cryptography" to majordomo metzdowd.com
|