WCA September 2007

Wire & Cable ASIA – September/October 2007

Telecom

news

A sophisticated spying operation that

tapped into the mobile phones of the

prime minister of Greece and other

officials of his government discloses

weaknesses in telecommunications

systems using decades-old computer

code. The secret operation was

blown early in 2005 when the hackers

tried to update their software and

generated an alert – whereupon it was

discovered that they had installed no

fewer than 6,500 lines of code.

The investigation into the secret

tapping of the calls of some 100 people

is open. But Jeremy Kirk of IDG News

Service, writing in

PC World

, drew on

a report by two computer scientists

to offer a look at how the hack was

accomplished. (A fuller analysis of

what Mr Kirk called ‘an operation of

breathtaking depth and success’ is

available on IEEE Spectrum Online, the

website of the Institute of Electrical and

Electronics Engineers Inc [IEEE]).

The case includes the ‘first known

rootkit that has been installed in [a

phone] exchange,’ said Diomidis

Spinellis, an associate professor at the

Athens University of Economics and

Business, who authored the report

with Vassilis Prevelakis, an assistant

professor of computer science at

Drexel University in Philadelphia.

Mr Kirk defined a rootkit as a special

program that buries itself deep

into an operating system for some

malicious activity and is extremely

difficult to detect. He explained

the method employed in Greece:

“The rootkit enabled a transaction

log to be disabled and allow call

monitoring on four switches made by

Telefonaktiebolaget LM Ericsson within

Vodafone’s equipment. The software

enabled the hackers to monitor phone

calls in the same way law enforcement

would, minus the required court order.

The software allowed for a second,

parallel voice stream to be sent to

another phone for monitoring.” (‘Greek

Spying Case Uncovers First Phone

Switch Rootkit,’ 12

July).

The intruders covered their tracks by

installing patches on the system to

route around logging mechanisms that

would alert administrators that calls

were being monitored.

An irony of the case is that

the clever unknown hackers

were tripped up by their own

self-improvement

effort.

The

question suggests itself: could

a similarly ambitious provider

✆

have protected its distinguished

Greek subscribers? The authors

of ‘The Athens Affair,’ cited above,

believe the scheme might have

been uncovered sooner through

statistical call analysis linking the

calls of those being monitored

to calls to phones used to monitor

the conversations. Mr Kirk of

IDG News noted that carriers

already do that sort of analysis, if

more for purposes of marketing

than security.

It appears that, in the main,

vulnerability to rogue code, viruses,

and rootkits is the unfortunate result

of the complicated and somewhat

haphazard development of telecom

infrastructure. In the words of the

report: “Complex interactions between

subsystems and baroque coding

styles – some of them remnants of

programs written 20 or 30 years

ago – confound developers and

auditors alike.”

But not rogue interlopers. The IEEE

website gives ‘The Athens Affair’ this

subhead: “How some extremely smart

hackers pulled off the most audacious

cell-network break-in ever”.

‘Aggregation’ promises

a way to cut the cost

of Wi-Fi usage

The proliferation of Wi-Fi hot spots

– wireless Internet connections in

busy public places – is creating an

opening for companies that bring

together the Wi-Fi networks of

different operators whose clients may

then open a laptop and connect, at

the same price, wherever in the world

they happen to find themselves. On

June, the ‘aggregator’ Boingo

Wireless Inc (Santa Monica, California)

introduced what it said is the first

global flat-rate plan for Wi-Fi hot

spots. For a monthly fee of $39, or

€29, subscribers are entitled to use

the hot spots of any of the company’s

affiliates for as long as they wish.

Access to more than 100,000 hot

spots will include 27,000 in North

America; 23,000 in Asia; and 51,000

in Europe, the Middle East, and Africa.

These are owned and operated by

EarthLink, BT, Verizon, Sprint Nextel,

and Telecom Italia, among others.

The company said no special

software is needed, although it does

recommend that clients download

GoBoingo, a program that alerts

users when they are in range of a

Boingo hot spot. Eric Sylvers of the

New York Times

noted that, while other

companies have monthly plans, most

of these apply extra fees for minutes

exceeding a set limit. Mr Sylvers

wrote: “Because many services charge

in half-hour or hour segments, people

who connect for 10 or 15 minutes

often pay for Internet access time they

do not use, according to a report [in

May] from Trustive, an aggregator of

about 25,000 hot spots worldwide.”

Boingo believes that its plan will tap

an entirely new market segment: the

international traveller who passes

quickly through many major cities. If

so, it can expect plenty of competition.

“We will be rolling out flat-rate pricing

in the next few months,” Mr Sylvers

was told by Owen Geddes, director of

business development at The Cloud.

The British-based Wi-Fi network

operator provides access by way of

7,000 hot spots in Britain and 1,500