DeepSec Video: A Death in Athens – The inherent Vulnerability of “Lawful Intercept” Programs
In politics it is en vogue to create new words by connecting them. The words „cyber“ and „lawful“ come to mind. You can add „crime“ and „intercept(ion)“, and then you got something. Actually you can combine both of the latter words with the first two. Either combination makes sense if you take a look at the Athens Affair. More than ten years ago the lawful interception modules of Vodaphone Greece were used to eavesdrop on the Greek government. Kostas Tsalikidis (Κώστας Τσαλικίδης) , Vodaphone’s network planning manager, was found dead in his apartment. At DeepSec 2015 James Bamford talked about what the Athens Affair really was and shed light on the many uses of the lawful intercept systems which are mandatory for most telecommunications equipment.
We don’t know how many Athens Affairs are still active. There is no better way to illustrate how dangerous (government) backdoors are and how they can be abused. This also applies to the crypto backdoors which recently gained more popularity. Bear in mind that technically any backdoor will give access to anyone. The word „lawful“ does not apply in all cases.