AT&T Won't Block Black Hat Eavesdropping Demo 126
snydeq writes "AT&T says it won't interfere with a highly anticipated talk on intercepting cell phone calls at the Black Hat conference this week. Hacker Chris Paget last week said that he plans to demonstrate on Saturday how to set up what's essentially a fake cell tower that allows him listen in on nearby mobile calls. But Tuesday, he wrote on his blog that he had 'heard that AT&T may be considering suing me to stop my talk.' AT&T, however, has insisted it has no plans to interfere with the talk."
AT&T Doesn't Care (Score:5, Insightful)
But what about the types of people that actually enforce the wiretapping and interception laws?
Ya forget AT&T, ask the FBI (Score:5, Insightful)
I'm still not very convinced this is legal, and you want to be sure. While they might well say "It isn't like he caused any harm, just let it slide," they also might now. The law is the law and all that. Plus maybe some company pressures them in to it. Some provider who gets mad says "Hey, you need to charge this guy, he broke wiretapping laws!"
When you are doing something all on your own equipment in a controlled environment, then sure you are good to go. So having a lab with what you need and trying it on your own stuff, that is legal. However intercepting random people in the area of your tower? Don't think that is legal, doesn't matter if you are doing it as a demonstration or not.
Re:Ya forget AT&T, ask the FBI (Score:5, Insightful)
It's definitely NOT legal. If nothing else, he'll be transmitting without a license on frequencies he's not authorized to use. When you use a cell phone normally, it's transmitting under the carrier's license authorization. If he sets up his own "cell site," there's not a license to be found anywhere. It doesn't matter how much power is used, or how far the signal can travel, if it's an intentional radiator, it's illegal.
Re:Ya forget AT&T, ask the FBI (Score:5, Interesting)
"I'm still not very convinced this is legal...So having a lab with what you need and trying it on your own stuff, that is legal." It's definitely NOT legal. If nothing else, he'll be transmitting without a license on frequencies he's not authorized to use. When you use a cell phone normally, it's transmitting under the carrier's license authorization. If he sets up his own "cell site," there's not a license to be found anywhere. It doesn't matter how much power is used, or how far the signal can travel, if it's an intentional radiator, it's illegal.
I had the impression that you could, without a license, transmit on frequencies that require a license so long as it's extremely low power, to the point that beyond X number of feet (300?) no meaningful reception of your transmission is possible.
Before CD players in cars were common, you could get standalone CD players that broadcast the audio in the FM band. The car's radio/tape-player could be set to FM and turned to that frequency to pick up the audio from the CD. This was acceptable because the transmitter is in the same vehicle as the FM radio, so tiny power levels were sufficient.
I admit that I am not a lawyer and don't know much about FCC regulations. I get the impression they're not an agency with a sense of humor, and one you wouldn't want to have to deal with. Still, would cell frequencies be given some special treatment that is not given to FM radio frequencies?
Re: (Score:1)
They even had microphones that would transmit to a certain radio station. However, those devices were licensed and certified for a particular consumer use. It wasn't that you didn't need a license, it's that the device used a specific channel set aside for something like that.
Re: (Score:1)
A USB MP3-Player [amazon.com] which plugs into your cigarette lighter and transmits on FM frequencies.
Re: (Score:2)
N900s also have FM transmitting capability. From what I've heard you'll be lucky to get 10ft. of range from it.
Re: (Score:2)
Re: (Score:2)
If you'd run the whole experiment inside a Faraday cage, then it would be legal I suppose. But then, in order to get the point of this experiment proven, AT&T must cooperate (i.e., put one or more of their towers inside the cage).
Re:Ya forget AT&T, ask the FBI (Score:4, Informative)
I had the impression that you could, without a license, transmit on frequencies that require a license so long as it's extremely low power, to the point that beyond X number of feet (300?) no meaningful reception of your transmission is possible.
Nope, not as a general rule. What you're thinking of are the small FM radio band transmitters (such as used for iPod to car radio), which the FCC allows under a specific rule (47 CFR 15.239 [gpo.gov]) which limits their output. No such rule is available for someone wanting to operate their own cell site. It's illegal, regardless of how low the power or how short the range. Another poster mentioned a Faraday cage; still illegal (even though you'd be unlikely to get caught).
Re: (Score:2)
I had the impression that you could, without a license, transmit on frequencies that require a license so long as it's extremely low power, to the point that beyond X number of feet (300?) no meaningful reception of your transmission is possible.
Nope, not as a general rule. What you're thinking of are the small FM radio band transmitters (such as used for iPod to car radio), which the FCC allows under a specific rule (47 CFR 15.239 [gpo.gov]) which limits their output. No such rule is available for someone wanting to operate their own cell site. It's illegal, regardless of how low the power or how short the range. Another poster mentioned a Faraday cage; still illegal (even though you'd be unlikely to get caught).
Thank you for correcting my misperception about this. It sounds like the people running this demo would be wise to tread carefully to make sure they don't run afoul of the regulations. No one in their right mind wants a massive federal bureaucracy coming down on them. This may in fact be why AT&T isn't worried about taking their own action.
Re: (Score:2)
Then how are microcells legal?
Re: (Score:3, Informative)
Authority for subscribers to operate mobile or fixed stations in the Public Mobile Services ... is included in the authorization held by the licensee providing service to them.
Re: (Score:2)
True in some jurisdictions and not in others. For example, those FM transmitters for iPods et al are illegal in some places.
Re: (Score:1)
Re: (Score:2, Interesting)
Re: (Score:1, Insightful)
If he sets up his own "cell site," there's not a license to be found anywhere
Funny, the "cell site" I run and maintain broadcasts on said frequencies and is perfectly legal.
http://www.repeaterstore.com/products/repeaterkits/ [repeaterstore.com]
I never had to contact the FCC nor AT&T for any such license either. In fact it was AT&Ts own team sent out whom recommended the hardware and configuration.
The team was one sales droid and two techs, so I will give that these are not experts on law.
But what they are experts on are acting as a representative of AT&T, and recommending this as standard
Re: (Score:3, Insightful)
Funny, the "cell site" I run and maintain broadcasts on said frequencies and is perfectly legal.
The manufacturers/sellers claim that, but funny, they never cite the regulations which would support such a claim.
This is a grey area - if they are legal, it's for the same reason you don't need a license to operate a cell phone, because it's communicating with a system licensed for that frequency band (the cell carrier). Wilson, probably the manufacturer with the best reputation in this market, says "Wilson cell phone boosters fully comply with FCC regulations for cellular devices and are FCC type accepte
Re: (Score:2)
"because it's communicating with a system licensed for that frequency band (the cell carrier)..." with that licensee's authorization. When you use a cell phone, it is operating under the authority of the carrier's license. If you go to Verizon and buy one of the pico cells they carry, you're operating it on frequencies they have a license for, and with their authorization. If you buy and use a repeater from Joe's Repeater Shack, and your carrier has no knowledge of it, it is very likely illeg
Re: (Score:2)
So... what are you, AT&T, or the FBI going to do to prevent or track/trace or even find out about such exploits being used?
Rhetorically "you", of course. Literally, though, how would anyone find out?
Re: (Score:2)
Well, ok, yeah, I'll give you that one. But uh... you know, every/anywhere else in the world without it being announced?
Re: (Score:1)
Re: (Score:2)
Re: (Score:2)
This isn't hard. He doesn't have a license from the FCC for the cellular band (he can't, because ATT does). Unlicensed intentional radiators are covered (mostly) by 47 CFR 15(c). There is no provision for unlicensed operation in the cellular bands.
Cellular service is covered by 47 CFR 22, which clearly states:
Sec. 22.3 Authorization required.
... (b) Authority for subscribers to operate mobile or fixed stations in the Public Mobile Services ... is included in the authorization held by the licensee providing service to them.
Stations in the Public Mobile Services must be used and operated only in accordance with the rules in this part and with a valid authorization granted by the FCC under the provisions of this part
Additionally, he will likely be in violation of 47 CFR 15.9:
Sec. 15.9 Prohibition against eavesdropping.
Except for the operations of law enforcement officers conducted under lawful authority, no person shall use, either directly or indirectly, a device operated pursuant to the provisions of this part for the purpose of overhearing or recording the private conversations of others unless such use is authorized by all of the parties engaging in the conversation.
...and
Re:Ya forget AT&T, ask the FBI (Score:5, Insightful)
"Hey, you need to charge this guy, he broke wiretapping laws!"
That might be just a bit difficult to convince a jury, given that his "wiretapping" is going to be limited to a small area that likely includes just the conference room full of people their for expressly this purpose, for not particularly long. If anyone doesn't want to be "wiretapped" perhaps they can restrain themselves and not make any phone calls during that short period in that room.
Why is it that some people are always so convinced "the law" is something like the laws of physics that's set in stone and not interpreted for a specific purpose?
I'm guessing he'll be breaking FCC regulations. If someone wants to make some big complaint about the few minutes he'll be running his demo, well I'd help contribute to whatever pathetic fine they might try to assess. In reality this would never happen since the FCC has better things to do.
Re: (Score:3, Informative)
From what I've heard of jury duty and from people I know who have had jury duty, they strongly emphasis only whether or not the law was broken and will screen for anyone thinking. Guess if they can't get a plea bargin, they go for the next easiest thing.
Re: (Score:2)
that would require you get on the Jury - and be able to think for your self.. this is a quality that they try to screen out. they want yes/no's not people who ask why?
Re: (Score:2)
That might be just a bit difficult to convince a jury, given that his "wiretapping" is going to be limited to a small area that likely includes just the conference room full of people their for expressly this purpose, for not particularly long.
You expect a jury (or judge) to understand a technical issue? It will basically boil down to "ZOMG HAX, put him in jail!!!1one!"
Re: (Score:2)
You expect a jury (or judge) to understand a technical issue? It will basically boil down to "ZOMG HAX, put him in jail!!!1one!
No, but I expect a jury or judge to understand that when you go to talk where the guy says he's going to listen in on a phone call for the next couple minutes that someone in the room makes, you just don't make a call unless you want everyone in the room to hear it. Why is this such a hard concept for some people to grasp?
Re: (Score:1)
It is a well known issue that none of the cell phone SPs are ever held accountable and yet always get to charge the big bucks for all those services. Just for the sake of showing how weak the system is, if I were that guy, I would go through with it even if there were cops there to take me in after the presentation for breaking a law...I am sure many
people would help fund him for his his lawyer....we could all donate 1$ each...as well, this helps to promote more people to do this sort of thing, hence they w
Re: (Score:1)
It's black hat hacking, it's not about legality. What he's showing is a security weakness that needs to be fixed.
Re: (Score:1)
Re: (Score:2)
I'd imagine their lobbyists and lawyers will use terms like "potential disruptions to communications networks" and "danger to national security" and other buzzwords.
Forget those, those are yesterday's news. Now it's CYBERATTACKS and CYBERTERRORISM which can cause a CYBER PEARL HARBOR or CYBER 9/11! Get with the times man!
Re:AT&T Doesn't Care (Score:4, Insightful)
Hmm (Score:1)
Rumour? (Score:4, Informative)
Re: (Score:1, Insightful)
I'm amazed that this article isn't from kdawson.
Re:Rumour? (Score:4, Insightful)
Yeah. It's called "New Media." It's like news, but without the journalism degrees or standards of professionalism.
Re: (Score:3, Insightful)
Yeah.. cause we can see how professional all those journalists are that have the degrees. They are impartial, and fact check everything.
Re: (Score:3, Insightful)
There are still plenty that do, although it's true that gone are the days of Cronkite. It's sad, really, but 24-hour news cycles mean they can't put as much time and effort into making sure that they cover relevant information accurately. That's not an excuse, more of an indictment. Do people even watch the evening news anymore?
Re: (Score:3, Funny)
Why does news only have to last 24 hours? Any story worth telling probably has at least a few years worth of action in it. Slow is better. Trust me.
Re: (Score:3, Interesting)
I try but they always tack on some celebrity or sports shit and then I turn off the TV.
Re: (Score:2)
Yes, I watch the evening news every day (though lately I sometimes get the podcast instead and listen to the audio only).
Comment removed (Score:4, Insightful)
Re: (Score:2)
So he blogged that he heard that AT&T might sue him to stop the talk, AT&T deny the rumour, it makes headlines.
To be honest, the first think I thought when I read his blog entry was "scapegoat". Maybe he realized his hack doesn't work quite right, or is flawed in some other way and wants an easy way out of giving the presentation? Claiming worry about a big lawsuit sounds pretty good for that.
I'm betting at this point that AT&T came forward because they:
1) Want to make sure he can't use them as an excuse, and
2) They really want to know (probably more than most people) if the hack really works.
I can easily see
Re: (Score:2)
So where did he get the idea AT&T might sue? Did they tell him they might sue? Did someone else with inside knowledge of AT&T's plans tell him they might sue? Did some random person think to themselves, "hey, AT&T could sue!" and told him it was a possibility? Did he make it up himself and lie about it?
Also, did AT&T decide not to sue because they looked at the situation, considered their best course of action, and determined that suing wasn't the right thing to do? Or did they decide t
Glad AT&T is not being evil (this time) (Score:3, Insightful)
Good to hear that AT&T is actually doing the "right thing" and hopefully learning from the research instead of attempting to suppress it.
Re: (Score:3, Informative)
The right thing is to give these companies time to respond and to close potential security vulnerabilities before the information goes public. In this case, that obviously is not going to happen (by that I mean addressing vulnerabilities). I hate that they have to release this information in such a public way and wish they wouldn't, but I see the need for it all the same.
Re: (Score:2, Insightful)
Sometimes the greatest incentive to change your ways is to have your foibles on public display.
Re: (Score:2)
Re: (Score:2)
I think it's not so much a matter of not knowing about this as a potential vulnerability, as it is a case of the hardware necessary to pull it off suddenly becoming cheap and affordable to just about anyone with the slightest interest in doing it.
Perfect illustration of "exploit" that becomes possible due mainly to falling prices:
My best friend owns two Blu-Ray players. One is Region "A". He bought it for $99 the day after Thanksgiving last year. The other is Region "B". He paid around $160 for it, includin
Re:Glad AT&T is not being evil (this time) (Score:4, Informative)
There already was a public talk about this GSM vulnerability last december. Back then, the group cracking the protocol didn't have the hard/software to demultiplex the connections a GSM basestation has to handle in realtime. That problem is now solved and so the hack is fully functional. The rainbowtables needed to crack the protocol were publicly created for almost all of 2009. The GSM industry had PLENTY of time to react and get their shit together, instead they stonewalled, ignored and threatened the hacking group as Mr. Piaget described back in his December 2009 talk.
The DECT industry group for cordless phones who use a similar encryption method but weaker as GSM had their protocol examined bofore that in 2008 or so by the same people. When the hackers approached the DECT people they were basically welcomed and both, DECT group and hackers, worked together on fixing the protocol, spec and especially implementations.
Ironically the DECT industry group and the GSM association is made of largely of the same companies...
Re: (Score:2)
When the hackers approached the DECT people they were basically welcomed and both, DECT group and hackers, worked together on fixing the protocol, spec and especially implementations.
This is great - is there a DECT2 now? My current phones are 900MHz spread-spectrum, but they don't seem to be widely available any longer.
Ironically the DECT industry group and the GSM association is made of largely of the same companies...
So perhaps the first hackers' group had a superior approach? I don't recally ever readi
Re: (Score:2)
Ironically the DECT industry group and the GSM association is made of largely of the same companies...
So perhaps the first hackers' group had a superior approach? I don't recally ever reading about it - perhaps that was part of the success?
I suspect the cellphone case has more government regulation of the protocols that would have to be tweaked.
Re: (Score:2)
Good to hear that AT&T is actually doing the "right thing" and hopefully learning from the research instead of attempting to suppress it.
For AT&T, 'learning from research' would be admitting inferiority in a way. It's better for them to stay away officially then send geeks of their own to 'learn from the research', even though their own geeks failed to see iPhone problems before millions did.
Re:Glad AT&T is not being evil (this time) (Score:4, Informative)
Good to hear that AT&T is actually doing the "right thing" and hopefully learning from the research instead of attempting to suppress it.
Time was when "research" and "AT&T" were damn near synonymous. But yeah, it's good that they're keeping the sharks in check.
Re: (Score:2)
Time was when AT&T wasn't just a name purchased by Cingular.
Re: (Score:3, Informative)
There was a time when Nuclear Power Plants and "Westinghouse" were nearly synonymous, yet now they're making cheap toasters that don't work.
The "AT&T" of today only happens to use the same name as the "AT&T" of years ago. Other than that, they died out entirely, much like Polaroid. What's now calling itself AT&T is, in fact, SBC, and has all the baggage associated with that shiftless company.
Re: (Score:1)
what about every single person in the audience and surrounding city that might not really care how cell phone security works as long as people aren't advertising how to listen to their calls. he might have an angry mob on his hands.
Re: (Score:2)
If you could cover any significant urban area with a small and low powered antennae sitting on a table inside a theater, mobile calls would be a lot cheaper than they are. This is research, and it's being done inside the lab. Also, stopping research is fucking stupid. If I got my conference interrupted by the FBI, I would go ahead and sell the technology to spammers. That would be far worse. Do not attempt to stop research, ever. It is the wrong thing to do, both in ethical and practical considerations.
Re: (Score:1)
Re: (Score:1)
I was under the impression that if you went to Las Vegas, and something happened that you didn't want people to know about (maybe embarrassment, blackmail, or you don't want your grandchildren to know)... I thought it was supposed to stay there. Have I been lied to?
Maybe I should visit Atlantic City instead.
Re: (Score:2)
Words and Deeds are often different (Score:2, Insightful)
There are many examples of a corporate spokesman saying one thing, while the company immediately did the opposite.
just imagine:
Well dressed spokesman speaking to TV reporter: "Absolutely not! There is no credibility to the rumor that there is any terrorist activities or police actions taking place at this facility! The rumors are absolutely false! I can
Re: (Score:2)
Or when Kennedy came out saying that no Americans would be involved in any invasion of Cuba right about the time of Bay of Pigs fiasco with the CIA...
Re: (Score:3, Insightful)
Just because one person at AT&T said they won't do anything about it, there is absolutely no guarantee that someone else doesn't have different plans.
The way I read it was: "Oh no, we won't interfere with the talk at all. But just wait until you see what we do after the talk!"
I see AT&T's position (Score:1)
While I detest AT&T on multiple levels, this shows that AT&T is thinking clearly(at least at the very moment at time). AT&T was probably advised, from a legal standpoint, that they(AT&T) had no legal basis to use to stop this demonstration. It is the same reason why we can learn how to build a multitude of bombs, learn how to make various drugs, and learn a plethora of various knowledge on the internet and out in the "real world". The First Amendment to the United States' Constitution can
Re:I see AT&T's position (Score:4, Insightful)
If they don't, he'll just have some nastygrams to hang on his wall, and a story of being oppressed by the man, without any lingering consequences.
They might just be ignoring it entirely, figuring that the Streisand effect is not with them on this one; but the path of maximum vindictiveness actually requires them to let him go ahead...
Re: (Score:2)
the presenter may well have just committed a number of crimes in front of a live audience, and probably a fair few cameras.
A live audience filled with feds...
Maybe it will help the network (Score:2, Insightful)
Too many problems with the iPhones - personal towers might be a good idea
Re: (Score:1)
Too many problems with the iPhones - personal towers might be a good idea
Maybe that's why AT&T doesn't want to block the presentation. They hope to learn something about building cell towers.
That's a wrong headline (Score:1)
Re: (Score:1)
Defcon != Blackhat (Score:2, Informative)
Different conference. My understanding is that the EFF is involved, and signs are being posted around the perimeter. Either way, I won't be using a GSM enabled phone. Should be interesting.
Re: (Score:2)
Re: (Score:2, Informative)
There's nothing 'non-' or 'un-blackhat' about DEFCON.
Close one! (Score:1)
Remeber Adobe? (Score:5, Insightful)
It doesn't matter what some mediadroid says. All it would take is one phone call from the right person at AT&T to the right person in the DOJ.
AT&T could deny any and all prior knowledge when the Feds arrest the presenter for breaking some law or another. Hell, AT&T could even call for his release afterward knowing that history would repeat itself.
Considering how big AT&T is again there really isn't anything anyone can do even if they did move openly. Boycott? HA!, how many of us can afford to give up our cell phones, home phones and Internet connections in protest? AT&T knows they have most of us by the tender bits.
Re: (Score:1, Troll)
Remember when Chris Paget defamed AT&T by making up a false story of impending litigation in a lame attempt to create some press for himself?
(That's one way it could go.)
I also heard that Chris Paget only runs Windows Me on his desktop because he thinks everything else is just dumb. That's what I heard anyway.
Re: (Score:1)
Boycott? HA!, how many of us can afford to give up our cell phones, home phones and Internet connections in protest? AT&T knows they have most of us by the tender bits.
Maybe. But AT&T is NOT cable. Dialup and DSL usually have competitors that we can flee to in case of poor signal or service. It's not like it runs most of the world's internet... it's just an American company, and faces hard competition from Verizon, Sprint, T-Mobile and others. If underdeveloped places provide only AT&T service, then consider yourself weird --the VZ map is the most complete one when it comes to cell service, if their ads have taught us anything all these years.
Other than that, iPho
Re: (Score:2)
AT&T, Verizon, and Sprint all provide competitive cell phone service. Sure, maybe you'd have to give up the exact model of cell phone you currently use, but that's it.
"Home phone" is a bit of an anachronism now. Wire a cell
15 years ago... (Score:2)
Listening in on cell phone calls was sometimes as trivial as turning on your TV to the right UHF station. If you wanted to get sophisticated, you bought a scanner to listen on the right frequency.
It's interesting someone found a way to make a base station an do a MITM attack, but this is nothing compared to the massive problem with cloning, interception, and everything else than went on in the analogue era of cell phones for many many years.
Isn't that the point? (Score:2)
Sera
Street Creds (Score:1)
Re: (Score:1)
I wonder how many will actually cut AT&T some slack or give them credit for NOT interfering?
\insert is this your first time on slashdot joke here\
Re: (Score:2)
Re: (Score:2)
And yet most people are more concerned about the law then about the technical side of it all.
This is surprising? A kernel panic doesn't get you sent to a rape cage.
So let's see what calls we can pick up... (Score:4, Funny)
Senator Stampingston: Gentlemen, it's clear that we're in a universally precarious situation. Dethklok has summoned a troll.
General Krosier: That's impossible, there's no such thing as trolls.
Senator Stampingston: Then how do you explain the dead unicorns?
Um... Okay, moving on to the next call...
Re: (Score:1)
strange (Score:2)
Don't they teach students about man-in-the-middle attacks anymore, these days?
How do you know you're connecting to fake tower (Score:1, Troll)
How does an AT&T customer know he is connecting to a fake tower?
He gets a signal.
Re: (Score:2)
To the person who modded me down,
I understand the difficulty you must have. Life must be very stressful for you, these days. Having to groom the perfect goatee, spend all your time at Starbucks, and shop for black turtlenecks can take it's toll on a person.
But please understand, what I did is known colloquially as a joke. Please look it up, while you still have a connection to the internet. And if you are doing this from a home computer, please let me advise you to use the scroll bars. Swiping your finger a
In other news at Vegas (Score:2)
But I'm sure they'll be blocking the wireless hacking demos at DEFCON.
See ya'll there, gotta love these 2 conferences.
Re: (Score:2, Insightful)
...critical systems are now running in a decentralized manner...
Not so. Your entire internet is still in the hands of a small group that can cut your connection at any time with a simple flip of a switch or drop of an anchor.