[IP] Bamford on the NSA and the Greek mobile phone tapping scandal
Begin forwarded message:
From: John Ioannidis <ji@xxxxxxxxxxxxxxx>
Date: May 13, 2006 6:03:45 PM EDT
To: cryptography@xxxxxxxxxxxx
Subject: Bamford on the NSA and the Greek mobile phone tapping scandal
As some of you may remember, there was a scandal in Greece back in
February 2006 involving the interception of mobile phones belonging to
high-level government officials, including the Prime Minister. The
CALEA software on the Ericsson switches used by Vodafone was blamed;
it had apparently been surrepticiously turned on and was copying
traffic to an equal number of "shadow" phones.
An thorny point in the investigation was the revelation that the
"shadow" phones had also been used to make phone calls to Laurel, MD.
An interview with James Bamford on the possible role of the NSA in the
"Mavili-gate" was published in last Sunday's (5/8) "To Vima", one of the
major Athens newspapers. I contacted the journalist, Alexis Papahelas,
asking for permission to forward the article to this list, and he was
kind enough to send me the original raw transcript. Here it is, very
slightly edited for obvious transcription mistakes. The published
article (in Greek) can be found in:
http://www.tovima.gr/print_article.php?e=B&f=14755&m=A20&aa=1
-- Mr. Bamford Good Evening from Athens, thank you very much for being
with us tonight.
JB: My pleasure
-- Let me ask you first of all, there has been a lot of discussion
here
in Greece about this lawful interception software, explain to me
what it is, and whether the US put pressure on worldwide companies
to install that after 9/11 especially?
JB: Well the software is basically used to attach to commercial
communication facilities, like the AT&T in the US, or whatever
commercial company it is, and anything that goes over these
communication facilities gets picked up, whether it is e-mail, or
telephone calls and divert it to the US Government, whoever
attached
the equipment.
-- Is it your understanding that most of the hardware companies around
the world, that provide mobile telephone companies with equipment,
had this installed at some point?
JB: Well in the US there was a lot of requiring that US companies do it,
but around the world I think there was pressure by the US for a lot
of the friendly countries to the US, allied countries to do as much
as they can in terms of domestic eavesdropping and this type of
equipment is most useful for that.
-- As you know, during the Olympics here in 2004, a lot of the US
intelligence agencies were here, based here, they had a lot of
equipment here, now do you imagine they were able back then to
monitor conversations between mobile phones here in Greece?
JB: Oh, the technology has been long in existence for them to be able to
monitor mobile phone calls, the US monitors phone calls all over
the
world, and it has the equipment, so I would imagine that especially
since there was a large US contingency at the Olympics in Athens,
that they would have, the NSA would have had a presence there with
an eavesdropping capability.
-- Give us a sense of you know, what an NSA operation would entail
here
in Greece.
JB: Well, what would have happened was, the US would fly over a team
plus equipment. They would first scan out the best places to maybe
put antennas to intercept microwave communications, communications
that would carry mobile phone signals, for example. On the other
hand they could have also worked out an agreement with Greek
telecommunications companies, or the Greek Government to install
NSA
equipment on their facilities in order to monitor the
communications, so it is hard to say but there is very little
question that the NSA did a lot of monitoring during that period of
time.
-- What you are saying is very important to us, so to my understanding
is that the NSA does strike, I suppose secret agreements, with
phone
companies around the world, is that what you are saying?
JB: Oh sure, it tries as much as it can to get phone companies around
the world to co-operate with the NSA in order to help its world-
wide
monitoring operations.
-- And would it be acceptable for them also, to try to recruit some
people from inside the companies, if they cannot strike such an
agreement?
JB: Yeah, NSA does that too it will try to make a deal, to get somebody
to co-operate. In the old days the NSA would try to get a code-
clerk
at an Embassy to co-operate, but these days they try to get people,
that have access to large databases, or telecommunications
facilities.
-- We have sent you e-mails, and you have an idea of what this Greek
system of interception looked like. Does it tell you something, I
mean how sophisticated is it, does it tell you it is a US
intelligence agency, a British, somebody else? What is your
assessment?
JB: Well I think it is pretty much a standard communications system, in
terms of mobile phone calls and so forth, they all pretty much
operate the same way, it is just that it is a different frequency,
maybe some different equipment, but the ideas are that the signals
go from the hand-held cell-phone to a repeater and from a repeater
to maybe another repeater, eventually making their ways back to
central telephone exchange where the information is retransmitted
out to wherever it is supposed to go, so the NSA is set up for one
reason and that is to eavesdrop on communications around the world
so this would not be a tremendous technological difficulty for
them.
-- But can you say with some certainty that this was an American
operation, or it could be somebody else?
JB: Well, I am just speculating because I don't know for sure, but if
the NSA was over there during the Olympics, and the US almost
always
sends a team consisting of people including NSA people to major
events around the world, where Americans are going to take part, to
try to find out if there is going to be any terrorism, and one way
of doing that is by monitoring the communications, that go through
the air, the communications that are communicated both internally
and externally from that country.
-- How many mobile phone-call-conversations could the NSA monitor in a
country like Greece on any given day?
JB: It is hard to say. What they would probably do , is to focus on the
key-links where they think that the bulk of the
communications-exchanges are going to be and probably intercept
those kind of communications. And once they intercept them,
the NSA would have computer-facilities so that the communications
would go through the computers and they are probably going to be
looking for calls from Afghanistan, information that they think is
very susceptible to terrorism, for example in other words numbers
that they have of previous terrorist contacts. They would all be
fed
in the computer, and then any e-mail or telephone-call with those
numbers or e-mail- addresses would be kicked out.
-- Now, who translates all of these things, because I imagine it is
like thousands of hours of conversations that are being transmitted
to NSA. everyday.
JB: Well it is, but they take in enormous amounts of communications,
but filters, computerized filters sort of get rid off by 98% of
it, and there is only a 2% that actually gets analyzed in the
end. And those 2% are whether names in the computer, people that
they are suspicious of, telephone numbers that they are looking
for, e-mail-addresses, and once they get down to those, and they
do have a number of people that speak a wide variety of languages,
including Greek at NSA.
-- What is the most technologically advanced way of intercepting
mobile phone conversations? Because for a while we are assuming
that the code of transmitting over the air is safe. Is it still
safe or has the NSA broken it?
JB: No, if the communications are traveling through the air, which
they do by a mobile phone call, they are going to go a very short
distance so they get to a repeater and they eventually go to a
central telephone office, so again if you are able to intercept
those signals as they go through the air, which you would
basically just need a microwave antenna, or if you have
co-operation of the company or the Government, then you can get
access of that. I mean they are not intercepting the entire
communications systems by entering or leaving the country,
certainly, but they are probably looking at certain key
communications-node, where they think there may be communications
coming from lets say places like Afghanistan, or Iraq or some
place like that.
-- Give us a sense of the Size of NSA, in terms of the budget of
people working for it and so on.
JB: NSA is the largest intelligence agency in the world, and it is
twice the size of the CIA, it is far more secret, and it has about
38.000 people. Again NSA's entire job, at least until recently,
was to spy overseas, to eavesdrop on communications in foreign
countries. So most of those people are either at the headquarters
at NSA, or else in countries around the world. NSA over the years
has had a number of facilities in Greece at various times, I am
not sure if they have one there now, but in the past they have had
bases in Greece.
-- And do you think they are focusing in that area from what you
know, from your research, was Greece always sort of an important
target for them?
JB: Well, Greece has always been a target, I think it depends on world
climate how important it is at various times, I mean right now it
probably has less importance than it did in other times, because
now they are focusing primarily on Iraq, Iran, Afghanistan,
N. Korea, areas like that, but if it looks like some terrorists
are coming into Greece, or are operating in Greece, or if it looks
like the Government may be communicating with countries that the
NSA is very interested in, such as Iran, Iraq or any places in the
Middle East than the NSA would be very interested.
-- Let me go back to what was the Greek system and so on.You had said
in previous answer that there are very few people in the world,
that could actually manipulate this Eriksson software in order to
gain access to this system. How many people in the world have this
kind of knowledge?
JB: I don't know how many people around the world, but NSA's job, that
is their entire job. This agency was created for one purpose and
that is to eavesdrop on the maximum matter of communications
around the world. NSA could find a way to get a trapped door or a
back door into say an Eriksson telephone system, you know they
would do it. Because those systems are used by people all over the
world.
-- In this case we are talking about a very big cell-phone- company,
VODAFONE, which is a multinational as you know, would they risk
you think their reputation, and you know, go ahead and co-operate
with NSA at that level?
JB: I would think that they would not co-operate at that level, but
what the NSA normally does, is it hires people that have worked
for companies like that, and these people tell them how the
systems work and then their job with NSA is to reverse engineer
these systems, to find ways into them, so although I doubt that
the head of Eriksson would co-operate with NSA, the NSA has
enormous technological capabilities to find sort of back doors, or
trapped doors, or ways by reversed engineering into these systems.
-- Knowing how these people work there is a legal investigation, a
judicial investigation here in Greece, do you think they will ever
find the answers, I mean who was behind this interception, any
physical evidence, any traces?
JB: Well, it is hard to say. This happened in the US several times,
where there has been a question, whether monitoring has been legal
or not, and they have looked into it occasionally and they have
found an answer as to who was involved with it, but a lot of times
they do not find him. Again with NSA, NSA keeps its information so
very-very secret, they wouldn't even let the judges on the
surveillance court, they are supposed to prove NSA warrants about
it, they wouldn't let Congress except for 8 people. Over 500 people
know about it, so NSA tries to keep it extremely secret.
-- You are one of the world experts in this kind of issues, so if you
had to take a bet today who was behind this kind of operations in
Greece?
JB: I just cant say, I don't know enough information about it , all I
can tell you is that NSA's job is eavesdropping on communications
around the world , Greece is a target occasionally whenever they
think there is something important. NSA has bases in Greece and
NSA looking for indications of terrorism during the Olympics, so
whether they are involved with this recent operation I don.t know
but certainly they have an interest in it.
-- Your advice to someone using a mobile phone, should they talk
openly or no?
JB: The problem, cell phones also, there is not kind of information
that the NSA cant eavesdrop on one way or another, this is why in
the USA there is a big debate right now about making the NSA go
through a quirk and get an authorization before they eavesdrop on
somebody, but overseas the NSA can eavesdrop on anybody they want,
there is no restriction on eavesdropping in Greece, even if there
was an American in Greece, NSA could eavesdrop on that person
without going through a quirk.
-- so you are saying even the crypto phones that the prime
minister/government/military are using they are vulnerable to this
kind of penetration you say.
JB: Well, crypto phones are probably NSA's biggest targets around the
world, whether or not the NSA was able to break the encryption of
the algorithm to get into those phones I don't know. I don't have
this information, but I know obviously NSA's key job, NSA's first
job is intercepting communications, and second job is breaking
codes such as the codes that encrypts that communications, and
third job is making USA encryption systems.
-- Thank you
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to
majordomo@xxxxxxxxxxxx
-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
http://v2.listbox.com/member/?listname=ip
Archives at: http://www.interesting-people.org/archives/interesting-people/