Telephone tapping
From Wikipedia, the free encyclopedia.
(Redirected from Wiretapping)
Telephone tapping or Wire tapping/ Wiretapping (in US) describes the monitoring of telephone conversations by a third party, often by covert means. The Telephone tap or Wire tap received its name because, historically, the monitoring connection was applied to the wires of the telephone line of the person who was being monitored and drew off or tapped a small amount of the electrical signal carrying the conversation.
Contents
//
1 Legal status
2 Wiretapping methods
2.1 The official tapping of telephone lines2.2 The unofficial tapping of telephone lines2.3 Location data and mobile phones
3 See also
4 External link
[edit]
Legal status
Telephone tapping is officially strictly controlled in many countries to safeguard an individual's privacy; this is the case in all developed democracies. In theory, Telephone tapping often needs to be authorised by a court, and is, again in theory, normally only approved when evidence shows it is not possible to detect criminal or subversive activity in less intrusive ways; often the law and regulations require that the crime investigated must be at least of a certain severity. In practice however, permission for Telephone tapping is easily obtained on a routinely basis without further investigation by the court or other entity granting such permission. Illegal or unauthorised telephone tapping is often a criminal offence.
In the United States, federal agencies may be authorized to engage in wiretaps by the Foreign Intelligence Surveillance Court, a court with secret proceedings, in certain circumstances.
Generally, there is nothing illegal about one of the parties to a telephone call recording the conversation, or giving permission for calls to be recorded or permitting their telephone line to be tapped. However, some jurisdictions impose that the other party gives its consent to the recording; or they may require that a warning may be broadcast prior to and/or during the recording. Within that framework, many businesses record their telephone calls for legal reasons, so that they can prove what was said, train their staff, or monitor performance. This activity is not normally considered telephone tapping in some jurisdictions because it is done with the knowledge of at least one of the parties to the telephone conversation. Some businesses and other organizations even ask if a conversation can be recorded.
[edit]
Wiretapping methods
[edit]
The official tapping of telephone lines
The contracts or licenses by which the state controls telephone companies means that the companies must provide access for tapping lines to the security services and the police.
When telephone exchanges were mechanical, a tap had to be installed by technicians, linking circuits together to route the audio signal from the call. Now that many exchanges are being converted to digital technology installing taps is far simpler, and can be done by installing small plugs, or even by computer. Telephone services provided by cable TV companies are tapped in a similar way.
Unless the tap has been very badly installed, it is not possible to tell if your line is being tapped or not. The noises that some people believe to be telephone taps are really just noise created by the induction of signals from other phone lines. Because the tap is made at the exchange it is very difficult to tell if the line is tapped because there will be no appreciable difference in volume. But irrespective of the tapping of content, communications data will always be collected automatically, and stored for later use by the billing department of your phone company or the security services.
In addition to making billing information available to the security services, which contains details such as the numbers called from a certain phone line as well as the duration of these calls, the security services can also acquire information on which numbers called the monitored phone line and the duration of these calls. A Telephone tap during which only the former information is recorded but not the contents of the phone calls themselves, is called a Pen Register tap.
For telephone services run via digital exchanges, the information collected may additionally include a log of the type of communications media being used (some services treat data and voice communications differently to conserve bandwidth).
See also: Carnivore
[edit]
The unofficial tapping of telephone lines
It's also possible to tap conversations unofficially. There are a number of ways to monitor telephone conversations:
Recording the conversation - the person making/receiving the call records the conversation using a 'telephone pickup coil' attached to the ear-piece, or they fit an in-line tap with a recording output. Both of these are easily available through electrical shops. Most who record telephone conversations, such as journalists, will use the recording for their own private work. But be aware that anything you say to someone you don't know may be recorded and used for other purposes.
Direct line tap - this is what the state used to do via the telephone exchange. But unofficial tapping, where the user's line is physically tapped near the house, is also possible. The tap can either involve a direct electrical connection to the line, or a coil placed around the line to pick up the signal inductively. There will be some drop in signal levels because of the loss of power from the line, and it may also generate noise on the line. Direct taps usually require regular maintenance, either to change tapes or replace batteries, which may give away their presence.
Radio tap - this is like a bug that fits on the telephone line. The state does not normally do this because they have access via the exchange, though certain organizations exempt from the common framework of law that applies to the average citizen may use devices like this. It can be fitted to one phone inside the house, or outside on the phone line. It may produce noise (you might even get signal feedback down the line on amateur made equipment) to alert you, but probably not as modern state of the art equipment operates in the 30-300 GHz range. The unit is powered from the line so once installed it's maintenance free, and only transmits when there is a call in progress. These devices tend to be low powered because the drain on the line would become too great, however a state of the art receiver could be located as far away as ten kilometers under ideal conditions, but is usually located within a radius of 1-3 kms. Research however has also shown that a satellite can be used to pickup emissions in the range of a few milliwatts.
To guard against unofficial amateur line taps you should regularily inspect your phone itself, and your telephone line for new joins, or small wires connected to the line. If you have reason to suspect your phone has been tapped consult a Technical Surveillance Countermeasure (TCSM) specialist. Never contact a TCSM specialist from a phone you suspect is tapped or on any other phone on the premises or any other phone that is linked to you or your organization (home phone, company cellular etc.)
[edit]
Location data and mobile phones
Mobile phones are, in surveillance terms, a major liability. This liability will only increase as the new third-generation (3G) phones are introduced. This is because the base stations will be located closer together.
For mobile phones the major threat is the collection of communications data. This data not only includes information about the time and duration of the call, but also the geographical location where the call was made from and to whom. This data can be determined generally because the geographic communications cell that the call was made in is stored with the details of the call. But it is also possible to get greater resolution of a person's location by combining information from a number of cells surrounding the persons location. This additional precision must be specifically enabled by the telephone company - it is not part of ordinary operation. There is no counter-measure against the state/telephone companies doing this.
The old first generation mobile phones could be easily monitored by anyone with a 'scanning all-band receiver' because the system used an analogue transmission system - like an ordinary radio transmitter. The second generation digital phones are harder to monitor because they use a digitally compressed transmission. However the state can tap mobile phones with the co-operation of the phone company. It's also possible for organisations with the correct technical equipment, such as large corporations, to monitor mobile phone communications and decrypt the audio. A special device called an "IMSI-catcher" pretends to the mobile phones in its vicinity to be a legitimate base station of the mobile phone network. This is possible because while the mobile phone has to authenticate itself to the mobile telephone network, the network does not authenticate itself to the mobile phone. This blatant flaw in GSM security was intentionally introduced to facilitate eavesdropping without the knowledge or cooperation of the mobile phone network. Once the mobile phone has accepted the IMSI-catcher as its base station the IMSI-catcher can deactivate GSM encryption using a special flag. All calls made from the tapped mobile phone go through the IMSI-catcher and are then passed on to the mobile network. Up to now no phone is known which actively alerts the user when a base station or an IMSI-catcher deactivates GSM encryption. Some phones include a special monitor mode (activated with secret codes or special software) which displays GSM operating parameters such as encryption while a call is being made. But no matter whether GSM encryption is active or not, users should not trust the encryption to be secure enough that an eavesdropper can not decrypt the encrypted data. The GSM specification refers to the encryption algorithms used for encrypting voice/data services as algorithms A5/1,2,3. Today a ciphertext-only attack (an attack without knowledge of some of the originally unencrypted plaintext) requires a few milliseconds to find the correct A5 decryption key allowing the attacker to eavesdrop on any GSM phone conversation within less than a second. Other exploits on GSM security easily allow call hijacking, altering of data messages and call theft.
There were proposals for European mobile phones to use stronger encryption, but this was opposed by a number of European states, including the Netherlands and Germany. They are some of the world's most prolific telephone tappers. (Over 10000+ phone numbers in both countries 2003.)
Mobile phones can be used anonymously, but it is very expensive to do. Pre-paid mobile phones can be bought without having to give details of your name or address, and because you insert cards there is no billing information. However, once you have been identified as using a certain phone, you can be tracked with the unique built-in IMEI (International Mobile Equipment Identification) that is burned into each mobile phone. The IMEI emitted by the phone does not change, regardless what SIM is inserted into the phone. It is even transmitted when no SIM at all is present in the phone. If you require longer-term anonymity it is necessary to change the phone and SIM every few days. Sometimes, for complete anonymity it is not advisable to have a mobile phone on your person at all. Some phones may still transmit information to the network or be accessible from the network even though the user has switched them off. It is therefore strongly recommended to remove the batteries from the phone.
[edit]
See also
Mass surveillance
[edit]
External link
The first version of text of this article was taken from http://secdocs.net/manual/lp-sec/scb7.html which is licensed under the GFDL, and hence can be used in Wikipedia.
Retrieved from "http://en.wikipedia.org/wiki/Telephone_tapping"
Categories: Telephony Law enforcement Surveillance
Views
Article
Discussion
Edit this page
History
Personal tools
Create an account or log in
Navigation
Main Page
Community portal
Current events
Recent changes
Random page
Help
Donations
Search
Top of Form
Bottom of Form
Toolbox
What links here
Related changes
Special pages
· If the data on the SIM card is extracted from the Mobile after the mobile has been in the custody of the Police for some time, it is possible for the defense to take a stand that the data has been manipulated.
· Mobile Forensics..A New Challenge
.
The increasing use of Mobile phones by the population as a personal means of communication has made Mobile Phones an important piece of evidence in many legal cases. In the coming days, Mobiles will be used for e-commerce and the relevance of Mobile Evidence will assume greater importance.
Since Mobile phone is an electronic device there are several aspects of ITA-2000 that apply to the Mobile phone transactions.
These are early days of using of Mobile evidence and there is a very high possibility that an imperfect understanding of the technology by the Police, the Lawyers and the Judges may lead to wrong judicial decisions.
In view of the importance of the Mobile devices as Cyber Evidence we shall discuss some key elements of Mobile evidence for academic understanding and debate.
The important aspects for which Mobile evidence is being presently used are
a) To find out the numbers to which calls have been made from a given mobile with date and time
b) To find out the numbers from which the calls have been received in a given mobile with date and time
c) To know the contacts through the Phone book.
d) To know the details of recent SMS messages received
e) To know the details of SMS templates
f) To know the Ring tones and Games stored in the instrument
g) To know the Pictures and video clips stored in the mobile either on the SIM card or a flash memory card.
Of these, a) and b) are also available at the service provider's level. Also while the number of entries available on the instrument may be limited by the memory, the service provider has a more detailed and reliable data with timing for the purpose of billing.
What the service provider's data may provide is however the information as recorded at their system based on the SIM card recognized by the system.
If the data at the service provider's systems match the data of recently called and received numbers as found on the instrument, it could mean that the SIM card presently on the instrument has data matching with what is available at the service provider's level.
If the two data does not match it means that the SIM card data has been manipulated.
Manipulating SIM card data on the instrument is a very easy process and hence the data on the SIM card can only be taken as only an indicating evidence and has to be properly certified to be of any use in a court of law.
If the data on the SIM card is extracted from the Mobile after the mobile has been in the custody of the Police for some time, it is possible for the defense to take a stand that the data has been manipulated.
On the other hand the data at the service provider's level cannot be manipulated except with the connivance of the service provider or hacking into their system. Again here the data as found visible on the computers of the service provider can be taken as prima-facie evidence but if it has to be relied upon, there has to be a corroborative certification that the data is apparently not altered.
Since mobile conversations are not presently recorded by the service provider and they are not normally available for any evidence.
If the conversation is hacked and recorded, then it will be a case of illegal tapping and the quality of the evidence needs to be evaluated by other parameters including a voice recognition.
The phone book details only provides information about the persons whom the mobile owner has been in contact and nothing more.
A few of the incoming SMS messages are normally stored on the mobile and along with time data corroborated with the service provider's information, may be evidence of an incoming message. Templates may indicate the likely outgoing information and if it contains any spam or obscene message, may indicate the intention of the mobile user and nothing more.
Ring tones and Games may be relevant from the point of view of copyright violations.
Details of pictures and video clippings on an accompanying memory card indicates the intentions of the mobile user and if they can be matched with any outgoing data packets, may be used as evidence for the likely outgoing message. These can be of use in case of any obscene pictures being transmitted from the mobile.
However linking the stored data to a sent message requires certain Forensic testing and it is doubtful if such capabilities exist with the Indian Police as of date.
Identification of Mobile
Essentially there are two identification aspects of a mobile device. Firstly the SIM card identity which allows the transactions of a mobile to be recorded in the service provider's records.
The second is the IMEI (International Mobile Equipment Identifier) which is associated with the hardware.
Some service providers monitor IMEI numbers with call data. In such cases if a mobile is stolen and a new SIM card is being used, it would be possible to run IMEI filters to block the stolen numbers.
Spoofing:
It must be remembered that spoofing of SMS messages as well as voice messages is not impossible on a mobile.
Firstly it is possible to send SMS messages from a computing device with a false "Sender's Mobile Number".
Secondly, it is possible to pick a hand set and alter the SIM card data to make it look like a different SIM card and use it for sending offending messages or making calls which can be attributed to the original owner of the SIM Card.
For example a card belonging to Mr Fraud can be altered to match the SIM card of Mr Innocent and used for making calls to Targets 1 and 2 . Then if this SIM card is presented as evidence with or without the hand set of Mr Innocent, it is possible to create an evidence which appears as if Mr Innocent has made calls to Mr Targets 1 and 2.
Acceptance of SIM card data as evidence is therefore required to be accompanied by several collaborative Forensic certifications that eliminate the possibilities of such manipulation.
Even though the IMEI number is considered a good identification of the hardware, it is said that in India the existence of sets with duplicate IMEI numbers is wide spread and hence the service providers have been reluctant to use IMEI blocking as a solution to immobilize stolen mobiles.
[P.S: In CDMA phones the identification is through what is called ESN-(Electronic Security Number) numbers.]
Further both IMEI numbers and ESN numbers can be modified with the use of right equipments and such practices are being regularly practiced by those who deal in stolen mobiles.
It must therefore be considered possible to clone a mobile if the person so charged is shown to have sufficient resources and access to technology.
Future of Mobile Evidence
The first impact of the recognition that Mobile Evidence can be modified, will be felt by the law enforcement authorities since evidence gathered by them in many cases will be questioned in the courts of law.
Just when the judiciary in India is grappling with understanding the evidentiary aspects of Computer records, the focus being generated on the Mobile Evidence will be a further challenge to the Indian judiciary.
The undersigned is in the process of developing a Check list and Guidance Note to suggest the preferred procedure for Mobile Evidence Seizure, Preservation and Presentation as part of its activity to contribute to the "Mobile Forensics".
(Comments Welcome)
Naavi
November 22, 2004
Related Article:
BJP’s Naroda MLA says she wasn’t at riot site, cell phone records say she was there
Mobile phones - the new fingerprints
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment