I just posted this to the CU (Computer Underground) digest in response to a most interesting series of items about the newsletter Full Disclosure's public mention of a Harris Corporation device marketed to law enforcement agencies for intercepting cellular telephone conversations named "Triggerfish". Harris responded with an amazing threat to sue the newsletter for a variety of offenses, including trademark infringement (for merely mentioning the product in a brief "new products" editorial). The CU digest can be read on the usenet newsgroup comp.society.cu-digest; the issue in question is Volume 5, Issue 46. Phil To: tk0jut2@mvs.cso.niu.edu Reply-To: karn@servo.qualcomm.com Subject: Re: Cu Digest, #5.46 In CU Digest 5.46: |> Harris Law Enforcement Products |> |> TRIGGERFISH has a number of cellular phone based applications: |> determining a suspects phone number, dialed number recorder, and |> wiretapping. According to Harris, ``for the first time, law |> enforcement is not at a disadvantage in tracking the high-tech |> criminal.'' Additionally, the unit ``collects and integrates all |> relevant data, including voice, directly from the ether.'' |> Reprinted from Full Disclosure, Box 903, Libertyville, Illinois 60048 I find the phrase "directly from the ether" *most* illuminating given a rather heated exchange I had with Mr. Jim Kallstrom of the FBI at the recent CPSR Cryptography Conference in Washington DC earlier this month. Kallstrom is the FBI's chief public advocate for their "Digital Telephony Initiative". Among other things, they want the ability to intercept suspects' cellular telephone calls at the MTSO (switch). Only with a valid warrant, naturally. At the meeting, I made the following comments. I had seen the standards-setting process for the new digital cellular telephone systems from the inside as they related to security and privacy. And I was wondering why the government (specifically NSA, through its export control reviews) was so strongly opposed to meaningful air link encryption, even if the encryption were to stop at the switch as it would have to in order to be compatible with existing telephones on the land side of a cellular call. Such encryption would secure the air link, the most easily intercepted portion of a cellular telephone call, while leaving the conversation in the clear at the MTSO where it could be tapped, if necessary. In a private conversation, one of the senior members of the committee who didn't want his name mentioned told me why. "It's very simple", he said. "Anybody can intercept the radio link. It's easy. But tapping a call at the switch requires the cooperation of the telephone company, and they generally require warrants. And law enforcement says that sometimes, warrants are, well, just too damn inconvenient." This really set Kallstrom off. He shouted me down, attacking my unwillingness to name my source. I challenged him, unsuccessfully, to back up *his* shrill claims for the absolute necessity of Digital Telephony with anything more than handwaving. After tempers cooled a bit, in a one-on-one conversation during a break, he insisted to me that the FBI was never interested in intercepting the air link portion of cellular calls - "too difficult, too labor-intensive", he said. He agreed that he'd like to see cellular air links encrypted. They only wanted the capability to tap in at the switch, and he couldn't care less if the air link were securely encrypted (though he still wanted the keys to be escrowed for some reason...hmmm...) Perhaps it was a desperate attempt to maintain this "we're not interested in the air link" fiction that triggered Harris's silly overreaction to the public mention of TRIGGERFISH. Phil