CounterStrike: Lawful Interception

Presented at 30C3 (2013), Dec. 29, 2013, 11:15 p.m. (45 minutes)

Lawful Interception is a monitoring access for law enforcement agencies, but also one of the primary data sources of many surveillance programs. (Almost?) every Internet service provider needs to provide LI functionality in its routers. However, LI exposes a larger attack surface to the one being surveilled than any router should. Could this be a mistake?

This short talk will cover the standards, devices and implementation of a mandatory part of our western Internet infrastructure. The central question is whether an overarching interception functionality might actually put national Internet infrastructure at a higher risk of being attacked successfully.

The question is approached in this talk from a purely technical point of view, looking at how LI functionality is implemented by a major vendor and what issues arise from that implementation. Routers and other devices may get hurt in the process.

Presenters:

• Felix Lindner / FX   as FX
  FX is the leader of the Phenoelit group and loves to hack pretty much everything with a CPU and some communication, preferably networked. He looks back at around thirteen years of (legal) hacking with only a couple Cisco IOS and SAP remote exploits, tools for hacking HP printers and protocol attacks lining the road. In his day life, FX runs Recurity Labs GmbH, a security consulting and research company in Berlin, Germany.

Links:

• https://fahrplan.events.ccc.de/congress/2013/Fahrplan/events/5304.html

Similar Presentations:

• Black Hat USA 2019 / Behind the Scenes of Intel Security and Manageability Engine
• 31C3 (2014) / Beyond PNR: Exploring airline systems
• Still Hacking Anyway (SHA2017) / Tor & Configuration Management