>>> On 2/4/2010 at 12:27 PM, Christopher Morrow <morrowc.li...@gmail.com> wrote: > On Thu, Feb 4, 2010 at 3:19 PM, Gadi Evron <g...@linuxbox.org> wrote: >> >> "That peer-review is the basic purpose of my Blackhat talk and the associated > paper. I plan to review Cisco’s architecture for lawful intercept and explain > the approach a bad guy would take to getting access without authorization. > I’ll identify several aspects of the design and implementation of the Lawful > Intercept (LI) and Simple Network Management Protocol Version 3 (SNMPv3) > protocols that can be exploited to gain access to the interface, and provide > recommendations for mitigating those vulnerabilities in design, > implementation, and deployment." > > > this seems like much more work that matt blaze's work that said: "Just > send more than 10mbps toward what you want to sneak around... the > LEA's pipe is saturated so nothing of use gets to them"
The Cross/XForce/IBM talk appears more to be about unauthorized access to communications via LI rather than evading them, "...there is a risk that [LI tools] could be hijacked by third parties and used to perform surveillance without authorization." Of course, this has already happened, http://en.wikipedia.org/wiki/Greek_telephone_tapping_case_2004-2005
