On 2/4/2010 at 12:27 PM, Christopher Morrow <morrowc.lists@gmail.com> wrote: On Thu, Feb 4, 2010 at 3:19 PM, Gadi Evron <ge@linuxbox.org> wrote:
"That peer-review is the basic purpose of my Blackhat talk and the associated paper. I plan to review Cisco’s architecture for lawful intercept and explain the approach a bad guy would take to getting access without authorization. I’ll identify several aspects of the design and implementation of the Lawful Intercept (LI) and Simple Network Management Protocol Version 3 (SNMPv3) protocols that can be exploited to gain access to the interface, and provide recommendations for mitigating those vulnerabilities in design, implementation, and deployment."
this seems like much more work that matt blaze's work that said: "Just send more than 10mbps toward what you want to sneak around... the LEA's pipe is saturated so nothing of use gets to them"
The Cross/XForce/IBM talk appears more to be about unauthorized access to communications via LI rather than evading them, "...there is a risk that [LI tools] could be hijacked by third parties and used to perform surveillance without authorization." Of course, this has already happened, http://en.wikipedia.org/wiki/Greek_telephone_tapping_case_2004-2005