By Ryan Paul
March 06, 2008
Computer security analyst Babak Pasdar says that a major mobile telecommunications carrier has a built-in backdoor that provides an undisclosed third-party with unfettered access to its internal technical infrastructure, including the ability to eavesdrop on all calls through its network. In an affidavit that describes the circumstances and basis for the allegations, Pasdar provides evidence which could indicate that the FBI is on the other side of the secret line, engaging in warrantless surveillance of mobile communications.
Pasdar discovered evidence of the backdoor when he was part of a rapid deployment team that was brought in to facilitate a large-scale network security hardware migration for the mobile carrier. During the migration, Pasdar was instructed not to migrate the traffic for one particular DS-3, which was referred to as the “Quantico Circuit” by consultants who worked closely with the carrier (the FBI Academy is based in Quantico, Virginia).
According to Pasdar, the consultants informed him that the Quantico Circuit is supposed to have no firewalls of any kind and no access control—it is given complete access to everything in the carrier’s internal network and there is no way to tell conclusively what has been accessed through it. The consultants indicated that they knew who was at the other end of the Quantico Circuit, but they refused to divulge this information to Pasdar.
When Pasdar insisted that the Quantico Circuit should at least have the minimum level of security access logging if not access control, the consultants called the company’s Director of Security, who threatened Pasdar, telling him that he would be replaced if he didn’t forget about the circuit and continue with the migration.
In the affidavit, Pasdar says that the absence of access control systems and basic access logging for the Quantico Circuit represents a deviation from industry-acceptable use scenarios and notes that such a serious breach of security would generally be considered a breach of organizational policy. He also points out that even the internal offices and systems of the carrier don’t have the same level of unfettered access to the network as the Quantico Circuit.
Although Pasdar has refused to name the carrier, and those working for the carrier who have knowledge of the Quantico Circuit’s user aren’t saying what they know, Wired’s Threat Level blog connected the pieces and points us to the 2006 wiretapping lawsuit against the telcos, which alleges that Verizon “has engaged and maintained and still does maintain a high speed data transmission line from its wireless call center to a remote location in Quantico, Virginia, the site of a U.S. government intelligence and military base.” The lawsuit also asserts that “the transmission line provided the Quantico recipient direct access to all content and all information concerning the origin and termination of telephone calls placed on the Verizon Wireless network as well as the actual content of calls.”
Providing any third party with unfettered network access to such a broad spectrum of sensitive consumer data would seem to constitute a very clear violation of the Communications Act, which broadly forbids disclosure of such information. The lack of access controls and logging undermines safeguards against abuse by enabling the recipient of the data to operate entirely outside the realm of accountability. This is particularly disturbing if the recipient of the Quantico Circuit is the FBI, because the agency has a long history of intelligence abuses and has been found to have a serious lack of meaningful internal oversight.
Related Stories:
* Unpaid bills lead phone companies to hang up on FBI wiretaps
* ISP blunder exposes entire domain’s worth of e-mail to FBI
Source URL: http://arstechnica.com/news.ars/post/20080306-whistleblower-cellular-carrier-giving-fbi-unfettered-access.html