CJS@cwru.bitnet (03/03/90)
I'm currently writing a short article on phone line security
for Computer Security Managers.
In the article I claim that it is fairly hard to tap the phone
system at microwave towers. I was wondering if this is really true?
Just how hard is it for someone to do? Does the complexity
and expense of the equipment to demultiplex time division and/or
digital multiplexing put this sort of ELINT out of range of amateurs?
What about phone employees? How easy is it to borrow a microwave
receiver and a demultiplexor?
Thanks in advance,
Christopher Seline
cjs@cwru.cwru.edu
p.s. The USENET propogation time for my node is nine days. Therefore,
I'd prefer if any responces were sent both to me and the digest. :->tjrob@ihlpl.att.com (Thomas J Roberts) (03/06/90)
From article <4690@accuvax.nwu.edu>, by CJS@cwru.bitnet: > In the article I claim that it is fairly hard to tap the phone > system at microwave towers. I was wondering if this is really true? > Just how hard is it for someone to do? There are two major impediments to tapping microwave systems that usually outweigh technical considerations. 1) The cost of obtaining space in the line of the microwave beam. 2) The risk of being caught, and the potential penalties (civil and criminal) that result. Note that (2) makes it very difficult for a business to pay for (1), as an audit of the books will show it. As such tapping is illegal, any officers of a corporation that knew about such tapping activities would be individually liable, something most boardroom members avoid like the plague. Note that for foriegn embassies/consulates that happen to be located within the beam, these considerations probably do not apply [in most countries, the GOVERNMENT can legally tap the phones, as long as the GOVERNMENT gives its permission - this includes the USA]. If these impediments are overcome (or ignored), then it is not really very difficult to tap many microwave signals - I would guess that $10,000-$20,000 of equipment would suffice in most cases. Note that it is not easy to reduce the class of monitored calls to just those of interest, but it can often be done. Some microwave links have been strengthened to make such monitoring very difficult or impossible. Two techniques are used, both on digital time-multiplex radios: a) The timeslots are shuffled every frame, according to a known, but difficult to figure out, algorithm. The shuffle is changed every frame, making it impractical to follow any given conversation. b) The data in each frame is encrypted. These links would probably require millions (or billions) of dollars of equipment to sort out (or a direct link to the NSA :-). Tom Roberts AT&T Bell Laboratories att!ihlpl!tjrob