The story about the insecure Diebold electronic voting system recently
forwarded to Bugtraq was certainly disturbing, but here's something even
worse (though some of it is old news):

     The Federal Bureau of Investigation administers the Communications
     Assistance to Law Enforcement Act (CALEA), which was passed by Congress
     in 1994.  [...]  Every telephone switch installed in the U.S. since
     1995 is supposed to have this surveillance capability [...].  Not only
     can the authorities listen to your phone calls, they can follow those
     phone calls back upstream and listen to the phones from which calls
     were made.

     [...]

     The typical CALEA installation on a Siemens ESWD or a Lucent 5E or a
     Nortel DMS 500 runs on a Sun workstation sitting in the machine room
     down at the phone company. The workstation is password protected, but
     it typically doesn't run Secure Solaris.  It often does not lie behind
     a firewall.  Heck, it usually doesn't even lie behind a door.  It has a
     direct connection to the Internet because, believe it or not, that is
     how the wiretap data is collected and transmitted.

     [...]

     Israeli companies, spies, and gangsters have hacked CALEA for fun and
     profit, as have the Russians and probably others, too.

The full column is at:

    http://www.pbs.org/cringely/pulpit/pulpit20030710.html

--
Dan Harkless
bugtraq@harkless.org
http://harkless.org/dan/