AT&T Won't Block Black Hat Eavesdropping Demo 126
Posted
by
samzenpus
from the enough-rope-to-hang-yourself dept.
from the enough-rope-to-hang-yourself dept.
snydeq writes "AT&T says it won't interfere with a highly anticipated talk on intercepting cell phone calls at the Black Hat conference this week. Hacker Chris Paget last week said that he plans to demonstrate on Saturday how to set up what's essentially a fake cell tower that allows him listen in on nearby mobile calls. But Tuesday, he wrote on his blog that he had 'heard that AT&T may be considering suing me to stop my talk.' AT&T, however, has insisted it has no plans to interfere with the talk."
AT&T Doesn't Care (Score:5, Insightful)
But what about the types of people that actually enforce the wiretapping and interception laws?
Glad AT&T is not being evil (this time) (Score:3, Insightful)
Good to hear that AT&T is actually doing the "right thing" and hopefully learning from the research instead of attempting to suppress it.
Re:Glad AT&T is not being evil (this time) (Score:2, Insightful)
Sometimes the greatest incentive to change your ways is to have your foibles on public display.
Words and Deeds are often different (Score:2, Insightful)
There are many examples of a corporate spokesman saying one thing, while the company immediately did the opposite.
just imagine:
Well dressed spokesman speaking to TV reporter: "Absolutely not! There is no credibility to the rumor that there is any terrorist activities or police actions taking place at this facility! The rumors are absolutely false! I can only guess that maybe someone who doesn't know any better got a little excited when someone in shipping started playing with some bubblewrap. Everything is just fine, no trouble what so ever."
In the background, a group of fully outfitted swat or paramilitary in black body armor and assault rifles run out of the nearby building and take cover behind a shipping crate, an explosion is heard and gray smoke pours out of the doorway the team just came from...
Ya forget AT&T, ask the FBI (Score:5, Insightful)
I'm still not very convinced this is legal, and you want to be sure. While they might well say "It isn't like he caused any harm, just let it slide," they also might now. The law is the law and all that. Plus maybe some company pressures them in to it. Some provider who gets mad says "Hey, you need to charge this guy, he broke wiretapping laws!"
When you are doing something all on your own equipment in a controlled environment, then sure you are good to go. So having a lab with what you need and trying it on your own stuff, that is legal. However intercepting random people in the area of your tower? Don't think that is legal, doesn't matter if you are doing it as a demonstration or not.
Re:I see AT&T's position (Score:4, Insightful)
If they don't, he'll just have some nastygrams to hang on his wall, and a story of being oppressed by the man, without any lingering consequences.
They might just be ignoring it entirely, figuring that the Streisand effect is not with them on this one; but the path of maximum vindictiveness actually requires them to let him go ahead...
Maybe it will help the network (Score:2, Insightful)
Too many problems with the iPhones - personal towers might be a good idea
Re:Rumour? (Score:1, Insightful)
I'm amazed that this article isn't from kdawson.
Re:Ya forget AT&T, ask the FBI (Score:5, Insightful)
It's definitely NOT legal. If nothing else, he'll be transmitting without a license on frequencies he's not authorized to use. When you use a cell phone normally, it's transmitting under the carrier's license authorization. If he sets up his own "cell site," there's not a license to be found anywhere. It doesn't matter how much power is used, or how far the signal can travel, if it's an intentional radiator, it's illegal.
Re:Rumour? (Score:4, Insightful)
Yeah. It's called "New Media." It's like news, but without the journalism degrees or standards of professionalism.
Re:AT&T Doesn't Care (Score:4, Insightful)
Re:We are living in very interesting times. (Score:2, Insightful)
...critical systems are now running in a decentralized manner...
Not so. Your entire internet is still in the hands of a small group that can cut your connection at any time with a simple flip of a switch or drop of an anchor.
Re:Rumour? (Score:3, Insightful)
Yeah.. cause we can see how professional all those journalists are that have the degrees. They are impartial, and fact check everything.
Re:Words and Deeds are often different (Score:3, Insightful)
Just because one person at AT&T said they won't do anything about it, there is absolutely no guarantee that someone else doesn't have different plans.
The way I read it was: "Oh no, we won't interfere with the talk at all. But just wait until you see what we do after the talk!"
Re:Rumour? (Score:3, Insightful)
There are still plenty that do, although it's true that gone are the days of Cronkite. It's sad, really, but 24-hour news cycles mean they can't put as much time and effort into making sure that they cover relevant information accurately. That's not an excuse, more of an indictment. Do people even watch the evening news anymore?
Re:Ya forget AT&T, ask the FBI (Score:5, Insightful)
"Hey, you need to charge this guy, he broke wiretapping laws!"
That might be just a bit difficult to convince a jury, given that his "wiretapping" is going to be limited to a small area that likely includes just the conference room full of people their for expressly this purpose, for not particularly long. If anyone doesn't want to be "wiretapped" perhaps they can restrain themselves and not make any phone calls during that short period in that room.
Why is it that some people are always so convinced "the law" is something like the laws of physics that's set in stone and not interpreted for a specific purpose?
I'm guessing he'll be breaking FCC regulations. If someone wants to make some big complaint about the few minutes he'll be running his demo, well I'd help contribute to whatever pathetic fine they might try to assess. In reality this would never happen since the FCC has better things to do.
Remeber Adobe? (Score:5, Insightful)
It doesn't matter what some mediadroid says. All it would take is one phone call from the right person at AT&T to the right person in the DOJ.
AT&T could deny any and all prior knowledge when the Feds arrest the presenter for breaking some law or another. Hell, AT&T could even call for his release afterward knowing that history would repeat itself.
Considering how big AT&T is again there really isn't anything anyone can do even if they did move openly. Boycott? HA!, how many of us can afford to give up our cell phones, home phones and Internet connections in protest? AT&T knows they have most of us by the tender bits.
Re:Ya forget AT&T, ask the FBI (Score:1, Insightful)
If he sets up his own "cell site," there's not a license to be found anywhere
Funny, the "cell site" I run and maintain broadcasts on said frequencies and is perfectly legal.
http://www.repeaterstore.com/products/repeaterkits/ [repeaterstore.com]
I never had to contact the FCC nor AT&T for any such license either. In fact it was AT&Ts own team sent out whom recommended the hardware and configuration.
The team was one sales droid and two techs, so I will give that these are not experts on law.
But what they are experts on are acting as a representative of AT&T, and recommending this as standard operating procedure for small to large campuses, or in my case one large manufacturing plant that is RF shielded in the external walls, would give me pretty decent legal protection if your claim was actually true.
I'm sure if I wanted to jack its transmitter output up a couple orders of magnitude to match the other cell towers out there, they might have a problem with it. But there is no need for that, neither in my case nor the black hat demonstration.
Re:Rumour? (Score:4, Insightful)
So it's like news?
Re:Ya forget AT&T, ask the FBI (Score:3, Insightful)
Funny, the "cell site" I run and maintain broadcasts on said frequencies and is perfectly legal.
The manufacturers/sellers claim that, but funny, they never cite the regulations which would support such a claim.
This is a grey area - if they are legal, it's for the same reason you don't need a license to operate a cell phone, because it's communicating with a system licensed for that frequency band (the cell carrier). Wilson, probably the manufacturer with the best reputation in this market, says "Wilson cell phone boosters fully comply with FCC regulations for cellular devices and are FCC type accepted." Note that they're very careful not to claim that operation without a license is legal. FCC type acceptance only means that a device meets the technical specifications required for use with a particular service (spectral purity, max power output, etc.), it doesn't mean the device can then be used by anyone without a license. You can buy many transmitting devices without a license, but actually operating one is illegal without a license (e.g. ham radios, GPRS, "business band" FM, etc.).