Stories
Slash Boxes
Comments
Search

News for nerds, stuff that matters

Slashdot Log In

Log In

Create Account  |  Retrieve Password

Guide to DIY Wiretapping

Posted by CmdrTaco on Thu Jun 19, 2008 10:16 AM
from the do-you-hear-what-i-hear dept.
Communications Security
Geeks are Sexy writes "ITSecurity.com has a nice piece this week on how wiretapping works and how you can protect yourself from people who wants to snoop into your life. From the article 'Even if you aren't involved in a criminal case or illegal operation, it's incredibly easy to set up a wiretap or surveillance system on any type of phone. Don't be surprised to learn that virtually anyone could be spying on you for any reason.'" Maybe I'm on the wrong track here, but I guess I assumed that wiretapping now happened in secret rooms at the telco, and not by affixing something physically to a wire in your home, but I'll definitely be aware next time I hear a stranger breathing next time I'm stuck on hold.
+ -
story

Related Stories

[+] Your Rights Online: AT&T Accidentally Leaks NSA Suit Information 274 comments
op12 writes "CNET has an article describing how AT&T accidentally leaked sensitive information involving the NSA lawsuit. From the article: 'AT&T's attorneys this week filed a 25-page legal brief striped with thick black lines that were intended to obscure portions of three pages and render them unreadable. But the obscured text nevertheless can be copied and pasted inside some PDF readers, including Preview under Apple's OS X and the xpdf utility used with X11. The deleted portions of the legal brief seek to offer benign reasons why AT&T would allegedly have a secret room at its downtown San Francisco switching center that would be designed to monitor Internet and telephone traffic. The Electronic Frontier Foundation, which filed the class action lawsuit in January, alleges that room is used by an unlawful National Security Agency surveillance program.""
Submission: DIY Wiretapping: The Ultimate Guide by Johnsnow (968151)
This discussion has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

Guide to DIY Wiretapping 50 Comments More /

 Full
 Abbreviated
 Hidden
More
Loading... please wait.

  • Hear a stranger breathing? (Score:5, Funny)

    by Anonymous Coward on Thursday June 19 2008, @10:18AM (#23857453)
    If someone is dumb enough to leave the microphone connected on an intercept phone, they deserve to get caught.

  • It was.. (Score:2, Informative)

    by f8l_0e (775982)
    The official, albeit illegal kind do occur at the telco, at least these days. Before modern switching a residential tap would have be the way it was done.

    • Re: (Score:3, Insightful)

      by omeomi (675045)
      They are legal when they bother to get a judge to sign a warrant. It's only when they don't get a warrant that they're illegal.

      • Re: (Score:3, Interesting)

        by blcamp (211756)

        They are legal when they bother to get a judge to sign a warrant. It's only when they don't get a warrant that they're illegal.
        It's only illegal if someone (or an entity) gets caught, you're able to prove it court, are able to get a ruling in your favor in court, and are able thereafter to enforce remedial action.

        Good luck with all that.

        • Re:It was.. (Score:5, Insightful)

          by omeomi (675045) on Thursday June 19 2008, @10:40AM (#23857995) Homepage
          It's only illegal if someone (or an entity) gets caught, you're able to prove it court, are able to get a ruling in your favor in court, and are able thereafter to enforce remedial action. Good luck with all that.

          Well, it's still illegal. Just because the powers that be think they can ignore laws, and have the power to keep from getting prosecuted doesn't change the legality. Maybe someday they'll be brought to justice. Doubt it, though.

          • Re:It was.. (Score:4, Insightful)

            by TheGratefulNet (143330) on Thursday June 19 2008, @11:08AM (#23858705)
            Well, it's still illegal. Just because the powers that be think they can ignore laws, and have the power to keep from getting prosecuted
            doesn't change the legality. Maybe someday they'll be brought to justice.

            legality is only for those of us who are NOT in law enforcement or the government.

            you can talk all you want about constitution this or law that; but while you rot in prison being raped by other guys, tell me again how 'illegal'it was that they tapped you.

            laws are an abstract concept. being locked away is the farthest thing from being abstract.

            they all know this and this is why we are kept in fear (ie, in check).

            (lovely country/world we got here, huh?)

    • Re:It was.. (Score:4, Interesting)

      by N1ck0 (803359) on Thursday June 19 2008, @10:38AM (#23857947)
      Of course you can still tap any POTS line the good old fashion way. Its just a matter of accounting for the voltage drop on the line. Although yes if you are the telco it is just easier to capture everything while it is in digital format on the switch. Now if you don't use analog, inline (some random place between the CO and customer) tapping can be a bit harder. You basically either have to record the signals on the line and decode it later, or toss a non-terminating CSU/test kit in the line without making too much of a disruption in the signal.

  • voltage drop (Score:5, Interesting)

    by omeomi (675045) on Thursday June 19 2008, @10:24AM (#23857591) Homepage
    Most of the land line suggestions in that article don't seem to bother with taking care of the noticeable voltage drop caused by adding an extra phone to a call. You can tell when somebody else in your house picks up the phone while you're on it because the person on the other end gets quieter. The same thing would happen if you plugged a phone into the line outside your house. I thought professional surveillance systems did something to make up for this, so there's no noticeable change in volume when the wiretapper starts listening.

    • Re:voltage drop (Score:5, Insightful)

      by faloi (738831) on Thursday June 19 2008, @10:28AM (#23857697)
      The downside to some of the audible cues is that, at least amongst people I know, the use of cordless phones is prevalent. And most of the people I know tend to immediately write off any abnormality (shifts in volume, clicking, etc.) in their conversation as being because of the phone. Which is probably the case. Either that or I need a better class of acquaintances.

      • Re:voltage drop (Score:5, Funny)

        by smooth wombat (796938) on Thursday June 19 2008, @11:01AM (#23858499) Homepage Journal
        True story: I have a cordless phone and one time I was talking with my mom and the phone acted a bit weird. She sounded somewhat quieter and there seemed to be static. I shook the phone thinking there was a loose connection and the static was gone but her voice was still quieter.

        She asked me what was going on and I told her, "Eh, must be the wiretap on my phone."

        As far as I can tell, I have not had that problem since that time.

        *cue spooky music*

    • Re: (Score:2, Interesting)

      by f8l_0e (775982)
      If you were going to build your own tap, you could add a variable resistor inline to the hook switch. Before listening in on the call, you would dial the resistor up to its highest value, pick up the line, and then reduce the resistance until the audio was at a level you could understand. You could take it down to its minimum value as long as you did it slow enough that the volume drop wasn't noticeable. The professional taps would intercept as soon as the line was picked up though. You wouldn't notice
    • If your listening device uses capacitive coupling, then there's no current drain to draw down the nominal 50 volts across an on-hook POTS line. Radio Shack used to sell a little box that coupled like that and also would turn on a recorder when the line went off-hook. Also, since it's a listening only device, there's no risk of being overheard while breathing heavily.

    • Re:voltage drop (Score:5, Interesting)

      by mollymoo (202721) on Thursday June 19 2008, @10:52AM (#23858297) Journal

      If you use a normal phone, yes. Until recently I worked in telecoms and we were all issued with a near perfect bugging device - a butt phone with monitor mode. Monitor mode is high-impedance so undetectable without some clever kit. Connect it to the right pair, hit the button and you can listen in undetected at will. You can buy one [nimans.net] for a hundred quid ($200) or so, probably less if you shop around. Monitoring lines was standard practice, albeit briefly, when working on a line - you listen to make sure nobody is using the phone, then dial a test number using the line to make sure it's the right circuit, then do whatever you need to do. You aren't supposed to listen to people's conversations, merely ensure the line isn't in use, but that doesn't mean it didn't happen.

      Telecoms cabinets aren't all that secure, it's easy to break in and put a tap in one and with a little care it wouldn't be obvious to an engineer working in the cabinet there was anything amiss. You could make a tap with a microcontroller with an ADC and some external RAM. The hard part would be finding the right pair without access to the phone company records or target's premises.

    • Re: (Score:3, Informative)

      by Anonymous Coward
      The "professional" wiretap uses a buttset. These have bed-of-nails clips for monitoring without leaving any particularly obvious traces (a small hole is made through the sheath of the wire, that is all, no cutting or stripping is involved).

      They also have both a regular and monitor mode. The regular mode makes it work like a normal telephone, with about 600 Ohms impedance, causing a voltage drop. The monitor mode has 100+ kOhms impedance, which will cause a voltage drop low enough to be indistinguishable

    • Re:voltage drop (Score:5, Funny)

      by noidentity (188756) on Thursday June 19 2008, @12:02PM (#23859943)
      It's even simpler in the USA to find out if the line is tapped. If the year is 2000 or later, it is.

      • Re:voltage drop (Score:5, Interesting)

        by bugnuts (94678) on Thursday June 19 2008, @10:52AM (#23858287) Journal
        The Ringer Equivalence Number is just the number of phones the ringer can drive. More than that, and they won't have the voltage to ring.

        It has nothing to do with talking on the phone.

        What you'd want to do is use an inductive microphone or even an inductive loop around the actual cable. It doesn't touch it, and is very difficult to detect if it's nearby the cable... Search for the USS Halibut, and how it tapped a Soviet military underwater cable by using a nearby inductive coil which never interfered with the cable.
  • And I posted it back in August:

    http://slashdot.org/~pegr/journal/180007 [slashdot.org]

  • No thanks... (Score:5, Funny)

    by Psmylie (169236) * on Thursday June 19 2008, @10:25AM (#23857625) Homepage
    I'll hold off on trying any of their wiretapping suggestions until they release guides on "DIY Legal defense" and "How to Avoid Getting Buggered in a Federal Prison".

    Still, if you're feeling paranoid, by all means check your phones. It's true, nosy neighbors could indeed be spying on you. Never underestimate the average person's voyeurism urges...

  • Hard lines went out when The Matrix went out of theaters. I know there is some frequency scanning intercept type things they can do, but I thought digital cells w/ voice privacy and all that were pretty good from phone to switch???
    • Because how can you wiretap something with no wires? It must be completely immune to wiretapping XD.
    • Cellphones are easily tapped... with the right equipment. That's the catch, the equipment is very expensive (last I checked, a few years ago).

      Analog cellphones were incredibly easy to listen to with a scanner, but this is no longer the case since most is digital.

      • Re: (Score:3, Interesting)

        by DRAGONWEEZEL (125809)
        Every method I have seen so far requires physical access.
        Quite frankly, it's a threat, but no more than the famous slashdot meme: If you have physical access you have root.

        Who would abandon their celly? I take mine to the bathroom w/ me. I don't let strangers in my house, and it doesn't leave my pocket unless I am making/recieving a call.

        I think this is really just FUD to freak people out. Hey whats that? Why does my phoen blink? Oh, it's just a reply to a post on /.!

      • Re:How do you wiretap a cell phone? (Score:5, Insightful)

        by GeckoX (259575) on Thursday June 19 2008, @11:04AM (#23858609)
        So true, though I'm about to have to add a land line back in the mix again unfortunately.
        Went out with my wife a couple weeks ago, got a baby sitter. Left our contact numbers with her. She asks "Where's the phone?". Er...
        Had to leave my cell phone behind for her to use in case of emergency.

        Won't be many more years before my son has friends calling. I either leave him unable to be contacted by phone, let his friends call my cell, or get a land line.

        Nope, landlines aren't dead yet and won't be for some time I'm sure.

  • A blast from the past (Score:5, Funny)

    by chemosh6969 (632048) on Thursday June 19 2008, @10:25AM (#23857635)
    It's the 90s bomb making/revenge/wiretapping text file guides all over again. Only this time it's Web 2.0
  • Not sure about strangers breathing, but I often hear several other conversations while on my cellphone (AT&T). If you can tap into other folks' lines by accident, I figure it's readily feasible to do so on purpose.

  • "Open up your phone's receiver" (Score:4, Funny)

    by Steauengeglase (512315) on Thursday June 19 2008, @10:32AM (#23857795)
    Yes, because corporate espionage is so often carried out by nefarious time travelers from the 70s and 80s. This gem should also include look for men with wavy hair and bright rays from the nearest time gate.
  • From TFA
    "Listen to other people's calls through your own basic telephone by hooking up your phone to a part of the original line that runs outside the house of your target."

    I can just see the Darwin awards on this one when some idiot mistakes the main power line for a phone line when looking for the "red and green wires". ZAP
  • In theory, couldn't you use a current loop probe? [fluke.com] You wouldn't even have to connect any wires. Just the right signal processing and you're done.

    Disclaimer: I'm not an EE

  • Encrypted VOIP not secure... (Score:4, Insightful)

    by bugnuts (94678) on Thursday June 19 2008, @10:40AM (#23857987) Journal
    They recommend Skype, which encrypts its traffic.

    But the computer is even more vulnerable than a phone to bugs. Tons of malware exists that can "own" a computer, which has given rise to an entire new security market. A phone is easy to tell if it has a bug ... you can simply open it up and look at it. Computers not so much.

    It also recommends using a cellphone for confidential calls. Just make sure neither provider uses ATT.

    • Re: (Score:3, Interesting)

      by WK2 (1072560)
      I agree that recommending Skype for security is a bad idea, but for entirely different reasons. I consider my computer safe. Nothing is perfect, but my computer is much safer than the mess at the phone company. However Skype is not secure. It is not even open source. Just like people can do weird stuff at the phone company, they can do weird stuff at Skype. The creators have gone on record saying that the encryption code probably will not stand up to crackers over time.
      http://en.wikipedia.org/wiki/Skype [wikipedia.org]

  • What a load of crap. (Score:5, Informative)

    by chill (34294) on Thursday June 19 2008, @10:44AM (#23858105) Homepage Journal
    The 80s called and their want their wiretapping tech back.

    This is great if you're worried about the neighbor kid listening in, but not for anyone serious. Wiretapping is done at the telco level and you can't tell you're being tapped. In the digital age there is no clicking, breathing, voltage drops or any other indication. There is a big long checklist when implementing a CALEA node for making certain there is no way the target can tell they're being monitored.

        • Re: (Score:3, Insightful)

          by idontgno (624372)

          Well then thank $DIETY that business conversations never occur outside the secure premises of a place of business. Certainly, what manager, executive, or board member [techlawjournal.com]* would use a home phone line to conduct confidential business.

          Dang, I left my sarcasm tags at home this morning.

          *Yes, the link is not about phone tapping, it's about pretexting. But note that some of the target phone numbers were home phone lines. If someone can be troubled to illegally access your home phone records for a business investigat

  • Maybe I'm on the wrong track here, but I guess I assumed that wiretapping now happened in secret rooms at the telco, and not by affixing something physically to a wire in your home, but I'll definitely be aware next time I hear a stranger breathing next time I'm stuck on hold.
    The type of surveillance you describe is indeed occuring, but it's not particularly selective in many cases. What's concerning is the fact that wiretapping occurs a lot more than people realize, for a variety of reasons, by private and public sector parties. As I'm sure you're aware, physical access is rarely required to accomplish the task these days.

  • WTF?? (Score:4, Interesting)

    by f8l_0e (775982) on Thursday June 19 2008, @10:53AM (#23858333)
    The article also links to this product [toysrus.com]. They never had toys this fscking cool when I was a kid.

  • Wireless phone = more fun (Score:5, Funny)

    by Chyeld (713439) <[moc.yugswen] [ta] [dleyhc]> on Thursday June 19 2008, @11:07AM (#23858675)
    Couple of years ago, one of my neighbors narced on me because they thought I was playing video games too loud. This led to me getting a set of wireless headphones to listen to TV with.

    It completely surprised me the first time I put them on and couldn't get them to tune into the TV's transmitter because all the channels were full of wireless phone conversations.

    Sadly, none of my neighbors have any secrets worth listening to. And even worst, most of them seem to have no issues with taking the phone into the shitter with them :/

    In revenge, I've hooked up the transmitter to a cheap dvd player and leave anime porn running on a loop just before going to work, every few days....

    • Re:Wireless phone = more fun (Score:5, Funny)

      by apparently (756613) on Thursday June 19 2008, @12:20PM (#23860341)
      In revenge, I've hooked up the transmitter to a cheap dvd player and leave anime porn running on a loop just before going to work, every few days.

      But at the end of the day, you're still a dude who owns anime porn. FAIL.

  • possible != likely (Score:3, Insightful)

    by petes_PoV (912422) on Thursday June 19 2008, @11:09AM (#23858737)
    Even if someone did try one of these amateurish techniques, they are unlikely to come up with anything they can use against you. Apart from the fact that most people simply aren't that interesting, do you really care if they hear you talking to Aunt Ethel. Most people use their mobile phones for any discrete communication - far less chance of someone in your own house picking up an extension, or hitting redial.

    This is old information which didn't ever work properly and is increasingly irrelevant today.

    Coming up next: how to get free long-distance by whistling down the phone ...

  • When I was young... (Score:4, Funny)

    by javelinco (652113) on Thursday June 19 2008, @11:19AM (#23858989) Journal
    I remember when I was younger, going around with a handset with roach clips at the end of the wire, opening phone boxes and plugging in. It was always a bit of a surprise when we tapped an active line, but MAN! So easy to do. I don't know if things are still setup the same way these days - I know the phone boxes around here are locked - not sure if the same key opens all of them anymore, but yeah - easy to tap a phone line? Sure, as long as you don't mind sitting in the bushes! I'm sure there is technology that can make it easier than that, these days.

    Oh, the above story? Not me, of course. When I say I, I'm talking about someone else I heard stories about, of course. I'd never do anything remotely approaching illegal, such as making long distance phone calls on other people's lines. That's crazy!

    • going around with a handset with roach clips at the end of the wire
      You beige boxing pothead :)

  • DIY wire tapping? (Score:5, Funny)

    by Thelasko (1196535) on Thursday June 19 2008, @11:36AM (#23859367) Journal
    Why would I want to wiretap myself?

  • Listen for breathing??? (Score:5, Funny)

    by gatkinso (15975) on Thursday June 19 2008, @12:45PM (#23860883)
    That won't help me: all my calls consist of heavy breathing.

  • More useful (Score:3, Informative)

    by Thelasko (1196535) on Thursday June 19 2008, @12:51PM (#23861017) Journal
    Why only phone conversations, when a laser microphone can listen in on all conversations. They are also easy to build. [instructables.com]

  • stop glossing over Skype's problem (Score:4, Interesting)

    by Sloppy (14984) on Thursday June 19 2008, @01:12PM (#23861391) Homepage Journal
    Countermeasure suggested by article:

    Use an encryption VoIP service like Skype: Skype is an especially difficult service to tap, because of its encryption strategy. Slate reporter David Bennahum writes that "the company has built in such strong encryption that it's all but mathematically impossible with today's best computer technology to decode the scrambled bits into a conversation." You're more protected with this system.

    I sometimes feel bad about flaming Skype [slashdot.org]. They really are more resistant to eavesdropping than most everything else, and it's nice they used AES256. They almost got it right.

    But saying it's mathematically impossible to crack 'em is bullshit, because Skype's design is flawed (in at least one way that we know of -- and there's a lot we don't know about it, because it's closed and hasn't been really audited by crypto-nerds -- that's Skype first problem). AES256 is useless if the key itself has been compromised by MitM, and Skype's design allows that (that's Skype's second problem). Skype depends on a central server [wikipedia.org] to introduce identities to one another, and that central point is potentially subject to compromise (or coercion). There's no reason VoIP users can't (in many cases, at least) cert each other directly, but unfortunately, that's not how Skype works.

    Skype can be tapped, and all this talk about how its heavy crypto prevents that, is a smokescreen. AES is believed to be a strong link in this chain, but don't forget that we're talking about a chain.

  • Who's Interested In What You're Saying? (Score:3, Insightful)

    by Illbay (700081) on Thursday June 19 2008, @02:24PM (#23862661) Journal
    You might be surprised. The obvious culprit is the government, but consider...

    There have been numerous instances of "terrorist sympathizers" who hunt around online for people who say things they don't like, about their religion, their objectives, etc. They attempt to shut the blog down, even to discover the identity of the blogger to cause further trouble.

    Can you imagine if this grew to further proportion, where you would be in danger of being "discovered" by some amateur terrorist or terrorists, who decided to make your life a living hell, or even to cut it short?

    Sure, you had Theo van Gogh [nytimes.com] killed because he made a film that "they" didn't like, but what if they start aiming a bit "lower" on the food chain, start cyberstalking and tapping the phone lines of some guy who's an outspoking blogger or letter-to-the-editor afficianado?

    How do you protect yourself at that level of obscurity?

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.