Matt BlazeOct 5, 2024
We’ve been warning about this for literally three decades, ever since CALEA mandated wiretap-ready telecom infrastructure. And this is merely the latest example of how these dangerous interfaces can be turned against us by our adversaries.
https://mastodon.social/@fj/113253726161428151
Show threadMatt BlazeOct 5, 2024
Tl;dr: creating one-stop shopping for attackers is a bad idea.
Show threadMatt BlazeOct 5, 2024

Exploits of "lawful access" interfaces, such as the Chinese attack reported today by the WSJ, appeared almost immediately after they became standardized in the 90's. The most famous example is the case known as "the Athens Affair" https://spectrum.ieee.org/the-athens-affair .

It was a bad idea then, and still a bad idea now.

The Athens Affair

How some extremely smart hackers pulled off the most audacious cell-network break-in ever

IEEE Spectrum
Show threadMatt BlazeOct 5, 2024
The Athens Affair is interesting for a number of reasons, but it's particularly notable that the switch that was compromised didn't actually have the CALEA option installed from the factory (since it wasn't then required in Greece). But it was added through a software update (induced by the attacker), and then exploited.
Show threadMatt BlazeOct 5, 2024
Anyway, my "told you so" muscles are pretty weary at this point.
Show threadThe Doctor
@mattblaze On the other hand, they're jacked like Arnie in his prime.
Oct 6, 2024 at 12:33amWeb