Security Flaw Allows Wiretaps To Be Evaded, Study Finds

Telephone wiretapping systems used by law enforcement agents can be defeated by off-the-shelf equipment due to a security flaw in the systems, according to computer security researchers at the University of Pennsylvania.

The finding means that people who are being wiretapped can use “devastating countermeasures” to disrupt the recording, says lead researcher Matt Blaze. The wiretapping technology can be foiled by stopping the recorder remotely, and the numbers dialed can even be falsified, raising “implications not only for the accuracy of the intelligence that can be obtained from these taps, but also for the acceptability and weight of legal evidence derived from it,” according to the researchers’ report.

The most vulnerable wiretapping systems are older ones, many of which are still used by state and local law enforcement, but an FBI spokeswoman says that only about 10 percent of state and federal wiretaps have the security flaw, making it a non-issue.

The researchers’ paper recommends that the FBI conduct a comprehensive review of its wiretapping technologies for security threats because the discovered security flaw threatens “law enforcement’s access to the entire spectrum of intercepted communications.”

The researchers defeated the wiretapping systems by having the wiretapping target send the same “idle signal” that the tapping equipment transmits to the recorder when the telephone is not being used, which turns the recorder off and allows that targets to continue their conversation while sending the signal.
Abstracted by the National Law Enforcement and Corrections Technology Center(NLECTC) from the New York Times (11/30/05) P. A21; Schwartz, John; Markoff, John .