Copy Link
Add to Bookmark
Report
COMSEC Letter 1989
ComSec Letter
Volume VI, Number 1 YOGO 5.01
January, 1989
Prepared and Edited by James A. Ross
******************************************
SIXTH YEAR!
This is the first issue of the sixth year of the
ComSec Letter. Because it is a critical time in our growth,
I am bumping a very important topic to page 2, and starting
with something more personal __ something vital to the life
of the ComSec Association.
TURNING POINT
I have been the president of the this association
since it was formed in 1984. This long tenure is not by
choice. As the old joke goes, it's by default ---- default
of defact that nobody else has stepped forward to take the
reins.
Well, it's time.
We need some new blood at the helm. As our next
president we need, in my opinion, a leader who is a
security professional but not a specialist in
communications security. Also, we need to hire an executive
director to manage the day-to-day activities, and to
oversee our growth. (I've interviewed excellent prospects.)
In order to get this process started, I'm asking you
to send in nominations for the three vacancies on our board
of directors. (You may nominate yourself.) (Biographical
information needed also.) We do not yet have strict bylaws,
so we can run a legitimate election on an ad hoc basis. The
board will then elect officers.
For the time being I'll continue as the editor of the
ComSec Letter, but I'm looking forward to the day that we
have decent cash flow and can hire a real editor.
As usual, I'd sure like to have your ideas on all of
this. I'm ready to discus any aspect with any member. Call
me. Gosh, I'd love to have a caller say, "Ross, I'm a
tiger, and I'm going to run for president so that I can
make this association into a world force."
Are you out there tiger?
***********************************************
The ComSec Letter is the official organ of the Communications Security Association. Membership in the
association is open to all who have an interest in communications security. Dues are $50 per year for
individuals, and the membership year ends September 30. Life memberships are available for a limited time at
$500. Corporate memberships are available; full information on request.
***********************************************
DISA ABUSE AND THE WAR ON DRUGS
Last month we passed along the information that a
company had been ripped off for more than $50,000 in eight
days by outsiders making overseas telephone calls through
its DISA facility. This month we'll add some information
and a new dimension.
First, to review, one company with four trunks
available for access through DISA (Direct Inward System
Access) found that the language being spoken over their
facilities was not English. The reason that they listened
is that an executive had been unable to access the system
for days and complained. Good thing he did or they would
not have been aware of the theft until the bill came in. As
it was, they lost a lot of money through theft of service.
It is our considered opinion that these calls were
made by and to people involved in illegal drug business.
That conclusion is based partly on our knowledge of other
theft-of-service calls which were definitely involved with
drugs. Also, in this case, we considered that all of the
calls went to the same country, Pakistan, which has had a
problem with drug smuggling. Finally, because of the high
level of usage of the available trunks, we rejected the
idea that these were merely homesick students calling home
through some hacked access codes. True, we were predisposed
to believe that these calls relate to the illegal drug
trade. However, we believe that our conclusion is accurate,
namely that the abusers of the system were drug dealers.
Now let's consider some more information, and see what
conclusions we draw from it.
The Pakistani Embassy, even before our December letter
was published, had inquired of us as to how they could use
modern telecommunications technology to investigate illegal
drug trafficking. When we told them about the $50,000 worth
of calls to Pakistan in eight days, they were not certain
that drug smuggling is what was being discussed on those
calls. However, they are concerned, and asked our help.
Accordingly, we have provided to the Pakistani government a
list of all of the numbers that were called in Pakistan.
(If I were an investigator, I certainly would appreciate
starting my investigation with a list of telephone numbers
of probable suspects.)
Now, how about the US government? What has the
reaction been by our own people responsible for
investigating drug smuggling?
From where I stand, it looks as though the response
has been zero, maybe less than zero. The company asked for
help from AT&T and from law enforcement, and has
essentially been ignored. This newsletter has provided
information about this theft and possible drug connection
to a list of folks interested in communications security,
including many in law enforcement, but we have yet to hear
a peep from anyone in our government.
Hey! Wait a minute! What happened to the war on drugs
in the USA?
Is the Pakistani government sharper than the US
government?
THE WAR ON DRUGS, WHAT CAN WE DO?
FIRST
If your company has been burned through illegitimate
DISA access, please contact me. Let me have the details.
CDR printouts are best. Please send them along, but block
out any information that would identify your company.
I will not reveal the identity of your company without
your permission, but I'm volunteering to be a data
repository. Let's collect a lot of real data, and see if we
can't make a difference.
I see great benefits for government investigators in
getting access to this information. Also, there is some
slim chance that there might be some recompense for the
companies that have had to pay for the telephone calls of
others.
Its worth a try.
NEXT
If you have any influence with anyone in our
government who could wake up DEA or FBI (or whoever) to the
golden opportunity that awaits them when they begin to
cooperate with US business, then please do it.
The situation is that it is in their own self-interest
for these companies that have been burned to cooperate with
law enforcement in tracing the calling numbers. Maybe, just
maybe, they can recoup some of what they had to pay to
their long distance carrier or 800 supplier.
Law enforcement, on the other hand, by cooperating
with these companies and the long distance carriers, would
have the benefit of knowing the telephone numbers of
probable active US drug dealers.
A THOUGHT ABOUT PROCEDURE
It seems to me that the FBI (or DEA, whoever is
responsible) would be pleased to cooperate with companies
that are being burned. Maybe a system could be set up
whereby a company does not shut down its system but calls
for help as soon as it discovers DISA abuse. Then the
appropriate law enforcement entity would immediately agree
to pay for feature group D and all illegitimate calls in
order to collect the telephone numbers of suspected drug
dealers.
Don't laugh. How much do they spend on sting
operations? How much did they spend to catch some futures
traders in Chicago?
How much would it cost to pay for feature group D so
they can have the identity of all calling numbers? How much
would it cost to pay for the LD charges to drug smuggling
countries? Let's compare these costs, as a businessman
would, to the cost per lead in current drug dealing
investigations. I think that the cost would be peanuts
compared to what they spend on other programs.
CISA?
More and more, it becomes apparent that communications
security is intertwined with information and data security
in the modern age. Therefore, it has been suggested that we
change our name to "Communication and Information Security
Association".
What say ye?
SURVEILLANCE EXPO '89
It looks as though this event will take place in
Washington, DC late in '89. The ComSec Association will be
a co-sponsor and other organizations are invited to inquire
about becoming co-sponsors. Also, if you are interested in
talking on any related subject, give us a call, and we'll
see that the organizers contact you. We'll keep you advised
of progress through this letter.
CINCINNATI WIRETAP SCANDAL
Perry Lyle sent us copies of some newspaper clippings
which indicate that there is an interesting new twist in
this affair. (Thanks Perry.) The city attorneys have
succeeded in having some of the depositions of some of the
police officers sealed. This has upset the Mayor, among
others. Normally such information is available, but in this
case the prosecutors say that it deals with "sensitive and
confidential areas of investigative activities".
It seems that they are concerned that the public might
learn that police tap telephones.
From our perspective, we suggest that it would be a
good idea to wake everyone up to the fact that a phone tap
is a very simple procedure, and not just legal taps are put
on telephones.
HO, HO, HO
Keith Flannigan of Atlanta sent some interesting
information. A specialty retailer in a large shopping
center felt that certain competitors were taking advantage
of him during this past Christmas season. So he hired a
sweep, and ... Voila! There hanging on the store Christmas
tree was a Santa decoration with a radio transmitter
inside.
Our thanks to Keith, and Seasons Greetings to the
grinch.
STANDARDS
Some of us have been attempting for some time to get
some standards adopted in the field of TSCM. In the area of
terminology, I think that each time we hear a term we don't
recognize, we all should ask the speaker to define it. As
you know, some people try to impress by using words they
don't understand; let's pin 'em down. If you learn any new
terms, please pass them along. Thanks.
ComSec Letter
Volume VI, Number 2 YOGO 5.02
February, 1989
Prepared and Edited by James A. Ross
******************************************
SIXTH YEAR: WHAT'S BEHIND, WHAT'S AHEAD?
In January, 1984 this letter started as a freebie to
everyone on the Ross Engineering mailing list. During those
days, it was printed on a dot matrix printer, reproduced on
a Xerox in the Ross family dining room, collated, stapled,
folded, stuffed, addressed, and hauled to the post office
by family members. Complainers were easy to handle; we just
told them that we'd refund every penny they paid for the
subscription!
During that first year, Arnold Blumenthal of PTN
Publishing suggested that we make the letter into the
vehicle for starting the Communications Security
Association. After considerable discussion among security
professionals, we did just that. In addition to offering
the letter by subscription, it was mailed to members of
the newly-formed CSA. In 1984, 1985, 1986, 1987, and 1988
we put out 10 issues per year (with a short hiatus while we
were first recovering from injuries sustained in an auto
wreck). It was usually four pages, once six pages, once a
monster eight pages; and one time we only managed to get
out two pages. (We were in a hurry to get something out to
garner some support in our effort to make Congress make
sense out of their gobbledygook ECPA of 1986).
Your editor is aware that the letter has so far been
without glitz, and we apologize for the "plain-jane" look.
However, we'll never apologize for its content. Sometimes
irreverent, sometimes with a touch of wry humor, but always
honest; the facts and opinions in this letter have always
been intended to enlighten.
So, back to the heading: "What's ahead?"
Gradually, as our finances permit we've been upgrading
our hardware and software, and we recently added a scanner
so that we'll be able to run schematics, drawings,
pictures, etc. That will happen as soon as we can buy a new
laser printer with Postcript capability. Also, we expect
soon to again offer the letter by subscription. Our plan is
to expand to at least 16 pages monthly, with more original
and submitted content, letters, ads, etc. Your comments, as
always, are solicited.
***********************************************
The ComSec Letter is the official organ of the Communications Security Association. Membership in the
association is open to all who have an interest in communications security. Dues are $50 per year for
individuals, and the membership year ends September 30. Life memberships are available for a limited time at
$500. Corporate memberships are available; full information on request.
***********************************************
CCS IS NO MORE?????
We received a call from Don Miloscia, who said that
he's a retired US Marine and the president of Surveillance
Technology Group. He called because he read that my company
is looking for a telephone scrambler, and he said that he
has just what we need.
The shocker in the conversation came when he advised
that he had bought CCS. That's right, he said that CCS is
no more. He's the owner, and "....changes have been
implemented across the board".
It's really hard to imagine this world without CCS.
For one, I'll miss those full-color brochures with
fantastic claims and those ads in the airline and credit
card magazines. Ah well, the passing of an era.
Or is it? .... Your comments are solicited.
CREDITS
We've neglected to pass along our thanks to
contributors for so long that we have a whole letter tray
full of material. So let's start making up for lost time.
What's on top of the heap? Well, Tim Wilcox of
Indianapolis and Art Levaris in Maine passed along the ANI
numbers for their areas. (In Maine it's 220, and in Indiana
it's 7999.) Also, Ed Steinmetz called with good information
about digitized encrypted phones. His information is
valuable because he's listened to them and reports that the
higher sampling rate phone systems have much better voice
quality than the earlier 2400 baud units.
Our thanks to all who have written, and we intend to
work our way through all of the back submissions.
INTELLIGENCE IN BUSINESS
We're indebted to one of our regular anonymous
contributors for a copy of a speech made by a retired
intelligence officer to a convention of people with the
same background. I really got a chuckle out of it.
What a speech! Here's a man who probably never met a
payroll in his life, talking to a group whose members
probably share that same lack of business experience, and
what does he say? Why, he tells them how great it has been
for the business community since the whiz kids from the
pentagon lectured at the Harvard Business School, and
taught them all about the value of intelligence. Wow!
How does he suppose that those businesses prospered
before their enlightenment? Does he really think that they
had been ignorant of the value of intelligence? Further,
can you imagine any competitive business that could even
stay alive if they burned money on intelligence activities
the way governments do, and received so little in return?
Frankly, I like Jay Lubkin's assessment of the whiz
kids better. I don't remember his exact words, but it had
to do with their insistence that everything had to be
purchased at the lowest offered price. As Jay said, "They
never did figure out that the oats had a different value
before and after the horse used them."
VIRUS (WORM?) FEVER
Boy, the press has sure been full of information and
misinformation since that fellow Morris introduced that
worm into some systems. Some comments from our observation
post seem to be appropriate. Even though we make no claim
to being expert in this field, we have confidence that
these thoughts are valid.
First. It was not a virus. Our knowledge of such
things is limited, but we understand from reading some
experts that there is a big difference between a virus and
a worm. It is our belief that this was a worm because,
after entering a system, it replicated itself until memory
was full; but it did not destroy or damage any resident
files. A virus would have eaten up all of the files on all
of the infected systems.
Next. Published reports are saying that it did ten
million dollars worth of damage because of the time wasted
to fix the affected systems. I somehow feel that that
number is being bandied about because it is the largest
number that any of the reporters have heard, and, of
course, each one of them can't stand the thought that
someone else might report a higher number. Does it stand up
to analysis? I don't think so. Each of the systems reported
some loss of time but they were all functioning within days
at full speed. I personally think that improper placement
of some lane barriers on I-270 (that's one of the main
routes into DC from the north used by commuters) caused
more lost time by several orders of magnitude. The worm may
have amounted to a few hundred man hours of non-productive
time, but the 270 fiasco wasted thousands of man hours
daily for several months.
This is a fascinating subject, and next month we plan
to offer some new ideas for combatting such problems. Stay
tuned.
FACSIMILE TRANSMISSIONS SECURE?
Some folks have assumed that transmitting information
by fax assures privacy. I guess they think that, because
it's not a voice transmission, it can't be intercepted.
'Tain't so; never has been.
A recent issue of the CII Councillor reported the
results of some experiments by Gerry Linton of Calgary.
Gerry recorded some fax transmissions from a phone line,
and played them back into a fax, demonstrating that fancy
equipment or techniques are not needed to eavesdrop on this
mode of transmission. Of course, the same is true of data
transmissions sent via modem over phone lines. If they are
recorded, even on a cheap tape recorder, they can be
printed out on another computer system.
(Comment on my use of "eavesdrop" is coming next
month.)
HIT, WITH QUESTIONS
Recently a transmitter was found in a Philadelphia
area business. It seems that two partners had agreed to
"unpartner", and the sweep activity was precipitated when
one became suspicious of the other's special information
about his activities.
In any event, the installation was unusual. First, the
frequency used is one used by DEA, I'm told. Next, the
transmitter was powered by mains power. Also, the
microphone and transmitter were separated, and, last but
not least, the antenna was fed through a hole in the side
of the building so it was mostly outside.
These facts give rise to many questions. Was this an
installation by a government man moonlighting with
government equipment? Was it a former government man using
some device that he "liberated" upon his retirement? Why
the remote transmitter? (It had enough power to be detected
by the simplest field strength meter, even at its remote
location.) Why hang the antenna outside? Was the installer
one of those who was taught that the antenna should be
vertical if at all possible? Hmmm.
There seem to be more questions than answers. Anybody
have any valid information?
NO MORE CSA BBS
Well, it was a great effort by Ned Holderby. The fact
that the board did not become a smashing success is in no
way his fault.
In case you don't know what I'm talking about, let me
recapitulate. Last September our member Ned Holderby set up
a computer bulletin board system for the ComSec
Association. It was to be a meeting place for members, a
repository of information for members, a source of
information about the association for prospective members,
and so on. He operated this BBS using his own time,
equipment, and money for four months.
Unfortunately, he set it up at a time when our
personal computer facilities were in turmoil, and our
travel schedule had us out of the office for all but eight
days in its first three months. I never did log on, and did
not properly promote the capability through this letter, or
in any other way. So, the blame is all mine for the lack of
publicity and use of the board.
So, Ned, I apologize. It was a great idea and a great
effort, and I'm sorry that I could not help to get it off
the ground.
OFF AGAIN
This letter is being mailed late in February, and on
the 28th we'll be leaving for Europe for two weeks. Frost
and Sullivan is again sponsoring my seminar in London, and
we plan to visit with manufacturers in four countries while
over there. So look for the next ComSec Letter late in
March. CUL.
ComSec Letter
Volume VI, Number 3 YOGO 5.03
March, 1989
Prepared and Edited by James A. Ross
******************************************
BOARD OF DIRECTORS MEETING
The next meeting of the board will convene at 10:00 AM
on April 29, 1989 at the Holiday Inn Crowne Plaza in
Crystal City, VA. The primary purposes of this meeting are
to introduce our Executive Director, David Schmidt, and to
discuss plans for the future of the association. David has
started work on a major membership drive, and is planning a
ComSec Association conference and meeting for
August/September.
As is the case with all board meetings, members are
encouraged to come and to participate.
MEMBERSHIP CERTIFICATES
Recently, we've heard from some members who have not
received their membership certificates. In checking we
found that the initial supply has been totally used up.
Because of this, and also because some had expressed less
than enthusiastic delight at the original design, we have
started afresh.
So, if you have not received a certificate, or lost
it, or just plain don't like the original one, just drop us
a line and we'll see that you get a new one as soon as they
are ready. (If you're entitled to a special one such as
Charter or YOGO Charter, please indicate that in your
message. Thanks.)
PHONE TO LOOK OUT FOR
Doug Ralph and a few others have commented from time
to time on telephone sets which have the speaker connected
to the talk pair while the phone is on hook. This, of
course, means that the phone is a room bug. In order to
hear room audio all you have to do is connect to the pair
with an audio amplifier. (Certainly makes the bugger's job
easier, doesn't it?)
In any event, I'm sure that there are many such
telephone sets in use in the world, but our recent
conference in Tampa identified one for us positively. The
Northern Telecom model 2018 has the speaker across the talk
pair while the phone is on hook.
If you do countermeasures, look for it. Warn your
clients.
DRUG DEALERS OR ENTREPRENEURS?
After the recent letter in which I commented that the
$50,000 worth of calls to Pakistan in eight days were, in
my opinion, made by drug smugglers to drug smugglers, we
heard from an old friend.
Fred Fisher, who works in security for NY Tel in
Manhattan, called to opine that the calls were made through
street vendors who make a great living (tax free!) selling
long distance service on the streets of New York (among
other places). (Fred even invited me to visit the Port
Authority building to observe the action, but I told him
I'm too chicken to even walk through that place unless I
absolutely have to.)
Anyway, as friends sometimes do, I didn't agree with
him, and he didn't agree with me.
He may be right. I know that stolen or hacked credit
card numbers are being used every day by street vendors,
but I think the pattern of the calls (on the printout that
I have) relates to organized business. I don't think that
so many calls going to the same number several times per
day for eight days represent homesick students calling
mamma.
In fact, if you have the ability to do an analysis of
the calling patterns, I'll send you a copy of the printout.
What say?
INTERESTING PRODUCTS
DynaMetric, Inc. offers the COM-205 which is an
adapter that connects to your telephone handset, and
cuts it off when the handset is in its cradle. This
could be an exceptionally valuable item, but it looks as
though it would fit only the AT&T System 25 (etc.)
telephones. Anyone who has tried it is invited to send
along his evaluation. (In order to fully protect against
the phone being converted into a room bug, of course,
the speaker of the speakerphone would have to be removed
or rendered inoperable.)
MetroTel of Hicksville, NY offers the Digit Grabber
in two models. Each displays the numbers being dialed on
the telephone line to which it is connected. One sells
for $250 and the other for $695 (no decimal points
anywhere in there).
HACKER ANTIDOTE?
In our last letter we commented on the worms,
viruses, and what-have-you that have been causing so
many problems and promised to present an idea for
combatting such abuse. So here's the outline of the
thought.
I wonder why I have never heard or seen anything
which proposes an attack on hackers. That's right, tit
for tat, or, as my grandmother used to say, "What's
sauce for the goose, is sauce for the gander." Why
should the legitimate, above-ground world sit passively
awaiting the next hacker attack; why doesn't the
establishment recognize that the best defense is a
strong offense?
My thought goes like this. In order for a hacker to
infect another's computer, he must first establish two-
way communication with it. In the process of
establishing his bona fides he must provide information
to the target, and answer its queries. Is it not
possible for the target, if it determines that the
caller is not legitimate, to feed it a real virus? And I
mean a virulent virus, one which will eat up all of the
files in the attacker's computer in seconds. And I do
mean all of the files: program files, operating system
files, you name it.
I'm not a hacker, nor even experienced in this
field. However, in the world that I work in, I regularly
see the bad guys taking advantage of the good guys'
gullibility. Let's turn the tables; cause the hacker to
make his system accessible to the target computer and
introduce a short and sweet virus.
Unethical? I don't think so. I've been following
reports in the press about a situation that I think is
analogous in our neighboring state of Virginia. They
were vexed by the fact that some motorists were evading
radar speed traps through the use of radar detectors in
their cars. First they tried confiscating radar
detectors, but they learned that in this country
troopers are not allowed to be judge, jury and
executioner. Next, they simply made possession of radar
detectors a crime, but that was cumbersome, and would
probably have been shot down in court. So now they've
finally gotten smart. They have received FCC permission
to set up unmanned oscillators along the roads,
radiating on speed radar frequencies. This creates
frequent false alarms on the speeders radar detectors,
and will eventually make them worthless. Pretty shrewd,
I'd say.
I think turning the tables on hackers is a similar
situation; it is giving them a dose of their own
medicine. What do you think?
ON WORDS, ANOTHER QUESTION
Even though I know that it is not the right word, in
a recent letter I used the word "intercept" in referring
to an electronic eavesdropping system. I do not like to
use that word in this context because it means (as it
does in football) to seize something between the sender
and the intended receiver, preventing its arrival at the
intended destination. Electronic eavesdropping, except
in the case of very sophisticated spooking at the
government level, does not prevent the unaltered message
from arriving at its intended destination.
Barbara Rowan doesn't like the word eavesdrop
because it originally described someone standing next to
a thatched-roof dwelling, inside the line of rain
dripping from the eaves, in order to be able to listen
to conversations taking place within the building. I
don't like it because even today it seems to imply live
listening to human conversations by a human; and that
omits radio transmitters, tape recording, and other
significant electronic eavesdropping techniques.
Can't we find a better, more accurate word -- one
that conveys the exact meaning? How about it. Any ideas?
CINCINNATI BELL TAP SCANDAL
Our thanks to all who have been sending clippings.
Please keep them coming; it's a fascinating story. All
information that we get is valuable, so, if you have
some, please call, write or fax it to us. (You can reach
me on the Ross Engineering fax: 301-874-5100.)
In the latest chapter in this saga, the city has
hired a private investigator to study the allegations of
wholesale illegal phone tapping by Cincinnati Bell
employees under the direction of police and Cincinnati
Bell officers. The investigator, John Baber of Business
Risks International in Chicago, will be paid $75 per
hour with a cap of $25,000 to look into the affair.
At this time the investigator is limited in what he
can see because Bell has asked the court to seal all
records that have been turned over to the court and all
depositions taken in the case.
Well, we'll stay tuned, and pass along whatever
information that we can in this landmark case.
DOWN-UNDER BUGS
Thanks to Michael Dever for sending along a bug
catalog from Australia. Your editor is no expert on
Australian law, but it appears from a quick reading that
the use of radio bugs is not prohibited there. Creating
radio interference is proscribed, as is breaking and
entering, trespassing, etc., but possession and use of
radio bugs is not. (If you're interested, the catalog
has a price tag that says $3.25 which I would guess to
be Australian dollars. The address is: Talking
Electronics, 35 Rosewarne Avenue, Cheltenham 3192,
Victoria, Australia.)
BELATED THANKS
This latest submission from Australia reminds us to
send a long overdue "Thank You" to Dr. Jacqueline Morgan
of the New South Wales Privacy Committee. Some time ago
she sent us a copy of their annual report, and we found
it to be fascinating reading. The difference in laws
makes some of the details seem strange, but they
certainly do valuable work in examining and reporting on
various aspects of privacy. Some topics considered were:
a national identification scheme, telephone
interceptions, confidentiality in AIDS testing, credit
bureau reports, confidentiality of personnel files and
deletion of criminal conviction records. We live in
different hemispheres with different laws, but we
certainly have similar concerns. Again, our thanks to
Jacqueline Morgan.
2ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ
ÄÄÄÄÄÄÄÄ0
The ComSec Letter is the official organ of the Communications Security Association. Membership is open
to all who have an interest in communications security. Dues are $50 per year for individuals, and the
membership year ends September 30. Life and corporate memberships are available; full information on
request.
2ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ
ÄÄÄÄÄÄÄÄ0
ComSec Letter, POB 3554, Frederick, MD 21701 301-874-5311
ComSec Letter
Volume VI, Number 4 YOGO 5.04
April, 1989
Prepared and Edited by James A. Ross
******************************************
APOLOGIES
This issue, April, is being mailed in mid-May. I
wish I could say that the delay is somebody else's
fault, but I cannot. There is a lot happening, and I
just did not schedule my time correctly, and I
apologize.
DIRECTORS MEETING
As scheduled, the Board of Directors met on April
29. Many weighty issues were discussed, and many
decisions reached. For now, let me just give you a
thumbnail sketch.
The meeting was attended by Mike Brumbaugh, Chuck
Doan, Slick Poteat, Jim Ross, and David Schmidt. Absent
were Jack Mogus and Ken Taylor. The terms and conditions
of David's employment as executive director were
approved by the board. Corporate membership and
corporate sponsorship programs were discussed and
detailed. The most important decisions, from my point of
view, were related to research and publication of
information. First, the association will develop a
research capability, and its first area of study will be
the vulnerabilities of CBXs to outside manipulation to
allow theft of service and theft of information. Second,
a new publication, yet to be named, will be established
with a quarterly distribution schedule, first issue to
be the last quarter of '89.
There will be a full report coming as soon as Mike
Brumbaugh finishes his write-up. (Mike takes all of the
notes, so I'm dependent on him to be sure that my memory
doesn't cause me to present some erroneous material in
this letter.)
GOVERNMENT COMSEC TRAINING
In the past our government has always been very
quiet about its COMSEC training programs. However, the
GSA Information Security Training Center now offers
telecommunications security specialist courses. Offered
throughout the USA to US citizens, there is a five-day
version for the people who actually do the work, and a
four-hour overview for managers.
This training is primarily for threat assessment,
and not for learning how to do TSCM. However, it is
certainly a step in the right direction, and we applaud
the GSA. We'll be sending along more detail as we get
it.
THERE YOU GO AGAIN, ASIS
Yep, they're at it again. ASIS, the membership
organization whose constitution says "free and open
interchange of information among members", is again
promoting another meeting that is not open to more than
95% of the membership. Their 8th annual telephone
security course is open only to "those employed on a
full-time basis in security by legitimate communications
common carriers".
Last year, Kevin Murray raised sand about this
policy, and the meeting was opened to all ASIS members.
I attended, as did a few other telecom security
professionals who are not employed by a telco. Also,
there were some telco users, and some law enforcement
types, etc. who attended.
From my personal point of view, it was worthwhile.
Almost all of the three and a half days was spent on
subjects of no interest to me, but it was still
worthwhile. It was exceptionally well run by John
Cupples, and featured many speakers with excellent
knowledge of their topics. I met some folks who had had
their DISA facility burned badly, and some of the
participants let the telco professionals know how their
excellent telecommunications equipment was being used by
the bad guys for theft of information and theft of
service. Most important, some of us (telco, telco
suppliers, and consultants) now know each other, and
have agreed to share information in an effort to design
ways to protect legitimate users from such abuses.
So why is ASIS again allowing the use of the
resources of the entire organization for the benefit of
a tiny group? Why are members with a legitimate
interest in telecommunications security barred from
participating?
OUTRAGE
That may be a strong word, one to evoke strong
responses. I hope so. Outrage is what I feel when I
consider the intimidation of an honest businessman by
the FBI over a non-offense.
Did you think that the FBI mission was to
investigate federal crimes, and protect us from foreign
espionage? I did, and it is certainly a shock to learn
that this magnificent investigative organization can be
used for the selfish (and probably unethical) purposes
of a Washington lobbyist group.
To explain this properly I'll have to go back to the
time when the ECPA '86 was in its formative stages. (If
you're not familiar with the abbreviation, "ECPA '86"
stands for the Electronic Communications Privacy Act of
1986, one of the most unbelievable pieces of trash ever
served up by any legislature anywhere. And my senator,
Mac Mathias, was one of its sponsors!) Anyway, our
lawmakers in Congress were attempting to correct some
faults with the federal privacy laws.
The way they set out to do that was to assign some
people who don't understand the technology involved, and
arrange for them to be advised by some other people who
don't understand the technology involved. Next, they
grossly misquoted the old law regularly and
continuously, so we'd all feel good about their wondrous
development of the new law. Then they let some private
special interest groups help them draft the law.
One of those groups, The Cellular Telecommunications
Industry Association, apparently was very influential.
It seems that the manufacturers were becoming concerned
that the public would learn that information broadcast
by a radio transmitter is not secure.
Time for a short lecture. Contrary to the
assertions of cellular sellers, the content of
broadcasts by any radio transmitter can be
heard by other than the intended recipient.
And so, back to the story. The CMT (cellular mobile
telephone) salespeople were already lying through their
teeth to make sure that they didn't lose a sale, but the
lobbyists went all out to give them an even bigger lie
to tell. Voila! they had our (their?) (maybe we all
elected them, but they sure were in the pocket of the
CMT manufacturers) legislators write a provision into
this wondrous new law that makes it a felony to
intentionally listen to what has been broadcast on
cellular frequencies. Ah Ha! Now the seller can tell the
prospect: "No one can listen to cellular conversations.
It's against the law; it's a federal felony."
Small aside re the efficacy of the new law.
Its writers also made it a federal offense to
intentionally listen to what has been broadcast
"...on a subcarrier or other signal subsidiary
to a radio transmission." What that provision
means is that, if you intentionally listen to
the MUSAK music on the elevator, or in the
office, or anywhere else, you are committing an
offense because MUSAK is broadcast on a
subcarrier.
I made an effort to be heard way back then. I wrote
to every senator, called some, visited Capitol Hill with
my spectrum analyzer. Some senators answered. (None of
the answers was responsive.) I talked to some of the
administrative assistants. One returned my call after
his long and obviously liquid lunch. His response to my
comments about this part of the law was, "It must be
good. Both Motorola and Tandy favor it." One of the AAs
who had been writing the law about listening to that
which had been broadcast on a subcarrier asked me what
was meant by "subcarrier". (I showed him a subcarrier on
the screen of the spectrum analyzer, and I'm sure that
made him the dean of all the law writers -- he had
actually seen a subcarrier!)
Anyway, the bill passed, the president signed it,
and we're stuck with ECPA '86.
Now, to the point. While the law was still a bill
under consideration, Tandy was designing a great
scanner, the PRO-2004. Somewhere, probably at the
highest levels in Tandy, they had a marketing decision
to make. They supported the law, but they were about to
introduce a product, the 2004, that could be used to
listen to cellular phone calls. --- Their decision was
to add a diode to the unit so that the cellular
frequencies were blocked.
Well, the 2004 sold well, but American ingenuity
being what it is, there were soon many tips on how to
improve the 2004 -- make it scan faster, etc. Of course,
restoration of the removed block of frequencies was one
of the first improvements, and articles appeared in
popular magazines with step-by-step instructions, with
photos, on how to restore the "forbidden" frequencies.
Again, it's time for a mini-lecture. It is
important to understand that, even though some
lobbyists would have had it otherwise, THERE IS
NO LAW FORBIDDING MANUFACTURE OR POSSESSION OF
A RADIO CAPABLE OF RECEIVING THAT WHICH HAS
BEEN BROADCAST ON THE FORBIDDEN FREQUENCIES.
Bob Grove, of Monitoring Times (a hobbyist
periodical) and Grove Enterprises (a dealer in
communications equipment), advertised the PRO-2004 in
its original state, or modified with cellular
frequencies restored at a slightly higher price. (I am
absolutely certain of this because I bought a modified
2004 from him.) (It works fine, by the way.)
So the FBI called on Bob Grove. The agent who called
on him, according to Bob, couldn't have been more polite
and gracious. (Bob said he very much appeared anxious to
get back to real FBI duties like espionage
investigations.) What was said, I don't know; but the
result is that Bob no longer advertises a modified PRO
2004.
To all of my friends who are current FBI
agents, and all who are retired: "How does it
feel to learn that your once proud organization
is now a lackey, running scurrilous errands for
a lobbying group?
To all: I'm outraged. I'm ashamed for my country. To
think that such stupidity could take place is appalling.
How can we stand before the world as the model of a free
nation, and allow such a thing to happen? Who in the FBI
ordered such a silly activity?
It is an especial shock to realize that the FBI
agents who are sworn to uphold the law are not even
aware of what it says. They spent their time enforcing a
non-law; serving the interests of a lobbying group.
Also, they either don't know or don't care that the
Justice Department, for whom they work, has said
publicly that they will make no attempt to uphold the
"non-listening" portion of the law.
It appears that, in this instance, the FBI got its
orders from the CTIA, and charged off to subdue a
dangerous enemy of the state.
Meanwhile, here in Washington, foreign espionage
agents are busy as bees, but we can all rest well in our
beds. The mighty FBI has subdued that awful menace on
Dog Branch Road, in Brasstown, North Carolina.
2ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ
ÄÄÄÄÄÄÄÄ0
The ComSec Letter is the official organ of the Communications Security Association. Membership is open
to all who have an interest in communications security. Dues are $50 per year for individuals, and the
membership year ends September 30. Life and corporate memberships are available; full information on
request.
2ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ
ÄÄÄÄÄÄÄÄ0
ComSec Letter, POB 3554, Frederick, MD 21701 301-874-5311
ComSec Letter
Volume VI, Number 5 YOGO 5.05
May, 1989
Prepared and Edited by James A. Ross
******************************************
NEXT BOARD OF DIRECTORS MEETING
The ComSec Association Board of Directors will meet
at 10:00 AM at the Tyson's Corner (Virginia) Marriott
Hotel on June 10. The agenda includes defining the
categories of corporate membership and sponsorship,
planning the development of a research capability,
discussing the ways and means of starting a quarterly
publication, planning our next annual meeting,
brainstorming various methods of making money, and
discussing changes in our Constitution and By-Laws.
Members are invited to attend, and to participate.
TRAINING AND EDUCATIONAL PROGRAMS
In the past the US government has been very quiet
about its training programs having to do with
communications security. (As a regular army signal
officer, I went through the many courses that were
required, but I don't recall that we ever had any
intensive training relating to the TSCM aspect of
COMSEC. Maybe some readers can bring me up to date on
current practice in the services.) Now however, there is
a movement to train people in this field.
The Information Security Training Center of the
General Services Administration has established two
courses, to be offered throughout the USA to US
citizens. These Telecommunications Security Specialist
Courses are offered in five-day and four-hour versions.
(The longer course is for the people who actually do the
work, and the short course is an overview briefing for
managers.)
"Do the work" in the above does not refer to TSCM;
it refers to doing self-assessments of systems,
equipment, and procedures. The course is designed to
assist government and government contractor employees to
meet contractual requirement relating to
telecommunications security, specifically, National
Communication Security Instruction (NACSI) 6002.
Graduates should be able to properly perform the
appropriate self-assessment and then prepare a
Telecommunications Security Program Plan (TSSP).
Certainly, this is a move in the right direction.
The more training and education the better. For
information contact GSA, Symbol KVIST, 1500 E Bannister
Rd, Kansas City, MO 64131-3088. Telephone: 816-926-6921.
Autovon: 465-6921. FTS: 926-6921.
6ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ
ÍÍÍÍÍÍÍÍ4
Copyright, 1989. Ross Engineering, Inc., Adamstown, MD,
USA
PREVIOUS BOARD MEETING
As reported in the April letter, the board
considered many important and far-reaching topics at its
April meeting. Some definite decisions were reached, and
some topics introduced for later decisions.
Positive decisions:
1. The constitution and by-laws will be expanded.
Details will be added to provide: means for expansion of
the board of directors, method of removal of non-
participating board members, establishment of a board of
advisors, election of officers, etc.
2. For the sake of continuity, the current working
members of the board will continue on the board until
the annual membership meeting in 1991. The board will be
expanded during that time, and new members added, but
current working members will stay on through membership
year 1991.
3. The board will meet at least quarterly.
4. Ross will search for a qualified person to replace
him as president at the annual meeting. His guidelines
are that the person should have a national or
international reputation in the security field, but
should not be a practitioner in the TSCM or data
security field. He/she should be a generalist in
security.
5. Ross will no longer be the editor of the
association's organ as of October 1. The organ, yet to
be named, will be a quarterly with expanded content on
association affairs, technical articles, advertisements,
etc.
6. David Schmidt will submit at least one proposal for a
new logo to the board. He will also start work on new
membership cards and certificates, to have them ready as
soon as possible.
7. At the next meeting David Schmidt will present the
board detailed proposals for the new classes of
membership and sponsorship. Ideas include an initiation
fee for new individual members (promotes prompt
renewals), different levels of corporate membership
depending upon the size of the business, and different
levels of corporate sponsorship with differing benefits.
8. The association will sponsor a series of seminars or
workshops on topics related to communications and data
security. The objectives are to establish the
association as a national educational resource, and to
make some money so that we can afford to pay for all of
our expanded activities. (By the way member, if you have
an idea for a topic you could present (or a topic you'd
like to learn about), drop me (Jim Ross) a note on my
business fax, 301-874-5100.)
9. The next annual meeting of the membership will be
held in conjunction with Surveillance Expo '89 in
Washington, DC.
10. The association will cosponsor Surveillance Expo
'89.
11. If at all possible, future annual meetings will be
held in October, immediately after the membership year
ends. (The idea is to provide a good incentive for
renewal of memberships.)
12. Prior to the next meeting, Ross will propose an
arrangement to the board for compensation for his
efforts over the years, and for continuity of
publication, and for the use of published material.
13. Poteat will continue to develop the data base on who
works in the TSCM field, and what their qualifications
are.
14. The association will develop a research capability.
The idea is to establish a data bank with the full
details of capabilities, vulnerabilities, etc. of
various equipment, systems, software, etc. At the top of
the list for attention are the vulnerabilities of CBXs
to manipulation for theft of service and theft of
information. Also, the association should have a data
bank available to members so that they can get facts and
figures on equipment and systems relating to
communications, data and information security. These
data banks must not be repositories for manufacturers
data sheets and press releases; they must have full
unbiased technical detail on all aspects for the benefit
of members.
15. In consideration of the fact that the association
plans meetings at various places around the country, a
suggestion was made to approach a hotel chain to see if
special arrangements could be made. The Marriott chain
was suggested.
16. The DC area members will give attention to
establishing a program for development of local
chapters, with Washington, DC being the first chapter.
17. The next board meeting will be held on June 10.
ANOTHER PHONE TO LOOK FOR
Last month we commented on the NT 2018 telephone. It
has the speaker connected to the talk pair while the
phone is on hook, making it a room bug.
Another telephone that is a room bug is the Comdial
Executech II. It also has the speaker connected to the
talk pair while the phone is on hook. Your editor
recently checked an office complex with twenty-eight of
these bugs in place. After the audio feedback test
identified them as bugs, we used a Radio Shack audio
amplifier to demonstrate that room audio was being
conducted out to the telephone closet while the phone
was on hook. True, the audio had a lot of interference
from the fluorescent lights, but room audio could be
easily heard, and a little filtering would clear up the
audio.
So, take heed; some modern telephones are room bugs.
If you come across any of these beauties, please
call, fax, or write us with the make and model and we'll
pass the word.
'NOTHER WILD JUDICIAL DECISION
I think I'll write a book. a book full of crazy
decisions. This one will have to head the list.
The situation was that some people figured out a way
to make some money. They decided to establish a pirate
radio broadcasting station on board a ship anchored in
international waters off New York City. Not a bad idea,
really. Let's say that you want to give this idea a try.
If you can put up with the rolling of the ship 24 hours
per day, and don't need money until you have a following
and have sold some ads; you might just have a good
business.
Whoops. Forgot about the bureaucrats, didn't you.
But how can the FCC bother you when you're not even in
the United States?
Simple. The FCC gets you in front of US District
Court Judge John J. McNaught in Boston, and tells him
that 47 USC 705 gives it authority over stations whose
signals are received in the United States! He believes
them, and orders you not to transmit!!
Hey, judge, sir. Did you ever listen to shortwave?
Signals from all over arrive here continuously. Do you
think that the FCC should have authority to shut down
Radio Moscow?. How about a ham in Egypt, or the BBC from
London? How about other countries' satellites beaming RF
down on us? C'mon judge, try thinking!
By the way, the reason the FCC is concerned, they
say, is that the pirate might interfere with a licensed
station. (I think the real reason is that they fear for
their fiefdom; pirates do not have to kowtow to them.)
However, as it often is with government people, they
don't understand free enterprise. The pirate has no
interest in interfering with another station. That would
mean that, for the most part, his signal could not be
heard. Certainly, he's going to pick a spot in the
spectrum which will allow his audience to hear him.
(That's not too hard to figure out, is it FCC?)
SPECIAL MESSAGE TO NEW SUBSCRIBERS
The ComSec Letter was created by Jim Ross in 1984,
the year of George Orwell, and it became the official
organ of the ComSec Association shortly thereafter. As
such, it was available only to members. Now, however, it
is being offered by subscription at $35 per year (10
issues).
This issue has a lot of association news because
many changes are taking place at this time. Future
issues will contain more on communications and
data/information security.
2ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ
ÄÄÄÄÄÄÄÄ0
The ComSec Letter is the official organ of the Communications Security Association. Membership is open
to all who have an interest in communications security. Dues are $50 per year for individuals, and the
membership year ends September 30. Life and corporate memberships are available; full information on
request. ComSec Association, 10060 Marshall Pond Rd, Burke, VA 22015. Subscriptions: $35/year from Ross
Engineering, Inc.
2ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ
ÄÄÄÄÄÄÄÄ0
Ross Engineering, Inc, 7906 Hope Valley Ct, Adamstown, MD 21710 USA
Tel: 301-831-8400 Fax: 301-874-5100
ComSec Letter
Volume VI, Number 6/7 YOGO 5.06/7
June/July, 1989
Prepared and Edited by James A. Ross
******************************************
TO ALL NEW MEMBERS OF COMSEC
This may be the first response that you have
received since you joined the Communications Security
Association, so I say, Welcome!
As you'll read in the following paragraphs, the
organization is undergoing many changes. You've joined
at a time when many exciting things are just beginning.
Read on.
NEW EXECUTIVE DIRECTOR, ETC.
As we had announced earlier, David Schmidt has
joined us as executive director. That means that the
association has gone from an all-volunteer force (mostly
the Ross family) to a professionally run operation. The
Comsec Letter phone that used to sit on my desk in my
office has been taken out. Calls are now referred to the
new number in David's office. (703-503-8572) All of the
queries that come to the box in Frederick, Maryland are
passed on to David at his office, 10060 Marshall Pond
Road, Burke, VA 22015.
MEMBERSHIP CARDS, CERTIFICATES, ETC.
At the last board meeting a new logo was approved,
and David is having new certificates and membership
cards designed. Also, he has acquired the program that
I've been using to keep membership records so as to
facilitate transfer of information from computer to
computer.
If you have any questions, call David. However,
please be patient. He has a lot of catching up to do. We
have not even published a roster of members for the last
three years, and that will be one of his priorities.
Also, some members have decided to start local chapters,
and he's involved in designing just how that gets done.
Also, he and Ron St. Jean have been drafting new by-laws
to replace the sketchy ones that I wrote, and may
reincorporate in the state of Virginia for the sake of
convenience and simplicity.
As if all of the other things weren't enough to keep
him busy,
David has the major task of creating a new publication
as the official organ of the organization.
6ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ
ÍÍÍÍÍÍÍÍ4
Copyright, 1989. Ross Engineering, Inc., Adamstown, MD,
USA
DISCLAIMER
The person named Ross who wrote the article for
Radio Electronics on how to build a bug detector is not
your editor. Although his name is Ross and he knows a
lot about electronics; he is not Jim Ross, and he
obviously doesn't work in the real world of bug
detection.
He says he created the device "to solve a problem
that law enforcement personnel were having when using
frequency counters to locate bugs". So here's a message
from Ross to Ross: Using any frequency counter or field
strength meter in the search for bugs is a waste of
time. In the first place, most bugs are wired bugs,
radiating no RF energy. Secondly, if you use a field
strength meter searching for RF bugs in a metropolitan
area, the reflections of legitimate RF signals will
drive you crazy. As you move through a target area,
you'll see variations in field strength all right, but
you'll have no way of determining what is causing those
variations.
No, Mr. Ross, you haven't solved the problem that
those law enforcement officers have; you haven't even
identified their problem.
The idea is very simple. If you want your shoes
repaired, you go to a shoe repairman. If your car breaks
down, you take it to an auto repair shop. Similarly, the
lawyer takes care of legal problems, and the doctor
takes care of medical problems. --- Are you getting the
drift?
It's simple. Their problem is that they are trying
to work in a field in which they are not competent.
Period.
If you have an eavesdropping problem, hire someone
who has education and experience in communication,
electronics, and eavesdropping detection. There's more
to the art than walking around a room with a magic wand.
Far more.
To all police and former police: I promise to leave
the law enforcement tasks to those trained in law
enforcement. I will do no murder investigations, I will
do no crime scene searches, I will direct no traffic or
give out parking tickets, etc. Please, stick to your
business and leave this business to those of us who know
what we're doing.
THE END OF AN ERA
This is the next-to-last ComSec Letter for all
members of the Communications Security Association. CSA
will begin publishing a quarterly periodical, and
members will be receiving the premier issue in the last
quarter of this year.
If you have material to submit for publication, or
want to get involved in any way, contact David Schmidt,
Communications Security Association, 10060 Marshall Pond
Road, Burke, VA 22015. (Tel: 703-503-8572 Fax: 703-425-
6079)
WHAT IS THE DEAL WITH CCS?
Now that we've passed along the information given to
us by Don Miloscia, and SECURITY picked up on it and ran
it as fact; we find that what we were told -- and
reported -- is not fact. (Don told us that he had
purchased CCS, replaced all of its people and policies;
and renamed it Surveillance Technology Group.) Since
that first conversation and our reporting of it, we've
had additional information provided by the original
source, and we're more perplexed than ever. The best we
can do at this point is present all of the details that
we have, and hope that someone will help us sort it out.
The story goes this way. In my business's newsletter
(which goes to everyone on the Ross Engineering mailing
list) I stated that I was looking for a digitized,
encrypted telephone with certain specific
specifications. Shortly thereafter I received a phone
call. A voice which identified its owner as Don
Miloscia, a retired US Marine, told me that he had
exactly what I needed. When he identified the company as
Surveillance Technology Group, I told him that there was
no way that I could afford to buy from CCS -- I could
not afford the dollars, but more important, I could not
afford to lose credibility in the professional community
in which I work.
That's when he, Don Miloscia, told me that he had
bought CCS, that all of the old people were gone, that
all of the old ways were gone, and that he had
completely reorganized the operation. He assured me that
it was a whole new ball game, and volunteered to send me
information on the product that was just what I needed.
I wondered if this was the end of an era, and I ran
an item under the heading "CCS IS NO MORE ?????". That
item solicited comments, and we have received many,
including several from Don Miloscia himself.
At the recent COPEX show in Baltimore, after I
advised Don Miloscia that some people had been quoted as
saying that CCS was still alive and that STG was a
front, he admitted that CCS is still alive. However, he
continued to claim that he had purchased CCS, but he
also said that CCS sells to non-government, and that
Surveillance Technology Group sells to government
organizations.
If anyone can provide factual information, we'll run
it in this newsletter.
(And Don, if you decide to offer some clarifying
information, please explain why you were trying to sell
me a telephone; I'm not a government.)
COMSEC LETTER SUBSCRIPTIONS
Yes, there will be a new official organ for the
ComSec Association. However, this letter will continue,
and will again be available by subscription directly
from Ross Engineering, Inc. The rate will be $35 per 10-
issue year.
TO ALL NEW SUBSCRIBERS:
If you are reading your first ComSec Letter as a
result of participating in the Interest Survey for
Surveillance Expo, I say, Welcome! (If you did not
choose any desired reward, or if your entry was received
late, the default award is this subscription -- it is
the only prize that we had an unlimited supply of.)
(We're aware that you may be receiving duplicate
copies if you are already a member of the Communications
Security Association. However, the pressure of meeting a
deadline did not allow time for us to screen for dupes.)
After the next issue (August/September), this
newsletter will cease to be the official organ of the
ComSec Association. If you are a member of CSA, you will
begin to receive the association's new quarterly
magazine.
To recap: if you submitted an interest survey for
Surveillance Expo '89 and did not qualify for any of the
other awards, your name has been entered into our
computer for a one-year subscription to this newsletter.
We will continue to publish ten times each year. The
letter will be, if anything, a bit more informative
about the technology because there will be no
association ad
ministrative matters to cover. It'll still
be terse, and sometimes irreverent; but always
straightforward with no hidden agendas. Again, Welcome!
TELEMANAGEMENT
If you are involved in telecommunications, I
recommend that you take a look at this publication. It's
a Canadian periodical, but it always has something of
interest to this Yank. Give 'em a call. (Please tell
them that Jim Ross sent you.) The editors are Ian and
Elizabeth Angus. Angus Telemanagement Group, Inc, 1400
Bayly St, Office Mall Two, Suite 3, Pickering, Ontario
L1W 3R2. Tel: 416-420-5050; Fax: 416-420-2344.
This publication is usually very serious, but they
put some rib ticklers into the current issue under the
heading, "Son of elephant jokes". Included are a series
of daffy LAN definitions, such as:
a LAN which behaves strangely ..........a Loco Area Network
or,
a broken LAN ..........................a Local Area
Notwork.
You get the idea. See if you can invent some that
they didn't include. Our offering:
a barren LAN(d) ......................a Locust Area Network
By the way, they are sponsoring the first world
conference on Incoming Call Center Management. If you
are any way involved in this activity, it looks like a
conference that you won't want to miss. It's scheduled
to be held in Toronto August 28 & 29 with an optional
session on August 30. Call or fax them for full details.
-30-
ComSec Letter
Volume VI, Number 8/9 YOGO 5.08/9
August/September, 1989
Prepared and Edited by James A. Ross
******************************************
ALOHA
In the Hawaiian Islands, I'm told, they use the same
word, "Aloha" for both a greeting and a farewell, and
your editor is not one to pass up a chance to save a few
words. So, I bid Aloha to two different groups who are
receiving this late summer ComSec Letter.
The first group, to whom I bid Farewell, comprises
those members of the Communications Security Association
who choose not to subscribe to the ComSec Letter at this
time. (In case you hadn't noticed: this is the last
issue of the ComSec Letter which will go to members of
the association as a benefit of membership. The board
has decided to start a quarterly publication to be
created under the aegis of the new executive director.)
(Of course, if you wish to continue to receive this
letter, all you have to do is send us a renewal order
with a check or credit card information.)
The next group, to whom I bid Hello, comprises the
few hundred people who have become subscribers since the
letter was again made available through direct
subscription. Welcome! This letter has been evolving
since 1984 (the year of George Orwell), and we plan a
few more changes in the next year. As always, anyone
with a pertinent (or impertinent!) comment or question
is invited to phone, mail, or fax it to us.
REMINDER!
The membership year of the Communications Security
Association ends September 30. If you are currently a
member, but have not taken advantage of the wonderful
life membership offer, or renewed through September
1990; your membership will expire at the end of
September. To renew, send the mailing label from the
envelope that this came in (or your name, address,
phone, etc. typed or printed legibly) with appropriate
dues payment to Communications Security Association, POB
3554, Frederick, MD 21701. If you have any questions,
call Jim Ross on 301-831-8400 or fax to 301-874-5100.
If you are a new subscriber to this newsletter, and
not a member of CSA, I urge you to consider joining.
Until we hire a new executive director (see Help Wanted
on page 4), you can contact Jim Ross, President, for
information. (contact information above).
6ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ
ÍÍÍÍÍÍÍÍ4
Copyright, 1989. Ross Engineering, Inc., Adamstown, MD,
USA
NON-COMMERCIAL VS. COMMERCIAL
In the September, 1984 issue of this letter, I
commented that, as a consequence of becoming the
official organ of the Communications Security
Association, this letter would of necessity have to
become non-commercial. Through 1985, 1986, 1987, 1988,
and so far in 1989, I have tried to keep this newsletter
non-commercial. And, as I look back through the issues
of those years, I think that I can honestly give myself
good grades for my performance in that regard. I see
many places where I really had to hold my tongue for
fear of presenting information or opinion that would
have rebounded to the benefit of my commercial business.
As a matter of fact, a business partner, Ken Taylor,
several times pointed out that my efforts on behalf of
the association were only using my time and my family's
time and causing us a lot of aggravation, but not making
any money. His advice: chuck the whole effort;
concentrate on your own business.
Well Ken, CSA decided to hire an executive director,
and to develop its own quarterly magazine. So Jim Ross
will soon be free to spend his time on his business.
Except for the periodic meetings of the Board of
Directors, my time will again be my own.
So this is the transition letter. It has some
information about the Communications Security
Association, and some about Ross Engineering. As the
editor of the CSA's organ, I tried to cover
communications security objectively, and for the best
benefit of the members. (For many months we even carried
announcements of training offerings sent in by
competitors of my business.) In the future the emphasis
will be on communications security as we see it from our
perspective as eavesdropping detection professionals.
One point, first made when we started in 1984: this
letter is about the security of communications. However,
you'll often find segments which emphasize good
communications because I feel that its a silly waste to
use any effort to try to protect ambiguities, inanities,
and stupidities.
BRITISH TELECOM
Your editor is under contract to Frost and Sullivan
to present his "Eavesdropping Detection" seminar in
London from time to time. Recently, I suggested to them
that we could liven up the presentation if I could have
access to a working telephone so that I could
demonstrate how very easy it is to tap a phone and also
to modify it to make it into a room bug. Frost and
Sullivan, in turn, sent the idea along to their
headquarters in London, and they passed it on to British
Telecom.
British Telecom responded with two comments. First,
if I showed anyone how to tap a telephone, that would be
a crime. Second, if I modified a British telecom
telephone with American components, it would cause the
telephone to cease to function!
If you're old enough, and ever got involved with Ma
Bell in the old days, you'll recall that that is exactly
the kind of garbage that they used to put out. (By the
way, that's not a criticism of the people who say such
things; they've been so brainwashed that they actually
believe that those are truisms.)
Let's be specific.
1. About crime. Tapping a phone is so simple that it can
be done by a child. The equipment necessary can be
purchased retail for one or two dollars. Only two
connections have to be made, and those can be made with
alligator clips. There is almost no danger of electrical
shock. (The only way a person could feel any shock is to
be in contact with the two wires at the time a ring
signal was on the line.) There is no way that the tap,
done right, will cause any deterioration of the quality
of transmission, or in any way affect the operation of
the telephone system.
2. About the effect of US components. It is very simple
to modify an analog telephone, and make it into a room
bug. I'm not familiar with British Telecom wiring and
instruments, but I'm willing to bet a pint that any of
their analog phones can be so modified in minutes.
Further, I'll bet my next ten years earnings that my
installation of US components will not cause the British
telephone to cease operating. Electrons don't change
characteristics when they cross political boundaries.
They're dependable little fellows; they always react the
same way to the same stimulus.
So, British Telecom, as Ma Bell used to, pats the
dim-witted dolt on the head, and says, "Go away child.
This is too complicated for anyone but a telephone
company person to understand." Jim Ross says, "Bah,
humbug!"
TELEPHONE ROOM BUGS
With regard to the sarcasm above, I'm moved to again
point out that some modern telephones are room bugs as
built. That's right, the phone sitting on hook on the
desk next to you right now might be sending all of the
sounds in your office out of the area where they can be
picked up by anyone who knows how.
How did this happen? Well, those same people who
have been assuring us that we can't possibly understand
how a simple DC circuit works, have been designing
telephones without considering communications security.
They apparently assume that the phones will be used by
nice people who have only nice people around them and
competing with them. Sorry fellows; that's not the world
that we live in. You're building bugs and the bad guys
know it.
ON WORDS
Earlier, we raised the question about what to call a
modern computerized PBX because the word "switch"
confuses people who don't work in telecommunications
every day. Well, after many discussions and much sober
reflection, we've decided to use "CBX". Many will think
that CBX stands for computerized business exchange
instead of computerized branch exchange, but who cares.
As long as we all see, in our minds eye, what is
referred to, we're OK.
CSA LOCAL CHAPTERS
Mike Brumbaugh has done an outstanding job of
putting together a complete program for the
establishment of local chapters. People with like
interests and concerns can meet and share information.
See the enclosed sheet for details on how to proceed.
SURVEILLANCE EXPO '89
The Communications Security Association is a
cosponsor of this affair to be held in Washington, DC
December 12 - 15, 1989. Members of CSA will be allowed a
$200 discount when registering for the conference.
Although there is no charge to preregister for the
exhibits, the fee for the full four-day conference is
$595 so here is a real payback for the $50 that you
spent on dues in CSA.
ComSec Letter is also a sponsor, and you'll be
entitled to a $50 discount if you are a subscriber at
the time of the expo.
CSA ANNUAL MEMBERSHIP MEETING
It's not really correct to call the December 1989
membership meeting an "annual" meeting because the last
full membership meeting was in 1985 in conjunction with
Comsec Expo '85. (Actually, we've held meetings, but
there was no draw like the expo so the meetings were
very sparsely attended.) In any event, there will be a
CSA membership meeting on December 13 at the Sheraton
Washington Hotel. Jack Mogus is putting together the
details, and you will be advised as the session firms
up.
FIRST HOME TSCM TRAINING COURSE
We'll be conducting a two-week, hands-on TSCM
training course starting September 18 at a facility near
Dulles Airport. Fee is $1,350. Call for information.
(This letter may arrive on your desk after the course is
underway, but we're announcing the course here in the
hope that it will reach some of our readers in time.)
HELP WANTED
The person who had been hired as executive director
of CSA abruptly quit. This leaves us in need of help.
Inquiries are being received daily about corporate
memberships, training classes, etc. There are a few
options open, but we'd like to hear any ideas from any
member or prospective member.
The ComSec Letter is published monthly (10 issues
per year) by Ross Engineering, Inc., 7906 Hope Valley
Court, Adamstown, MD 21710 USA. The letter covers
communications and information security concerns in the
modern world. Subscription price is $35/year for US,
Canada and Mexico; and $55/year for all other addresses.
-30-
ComSec Letter
Volume VI, Number 10 YOGO 5.10
October, 1989
Prepared and Edited by James A. Ross
******************************************
NAME CHANGE COMING
Soon the ComSec Letter will be no more. No, that
does not mean that we will not fulfill your
subscription. It only means that we will be having a
change of name.
The story is that the directors of the Communication
Security Association voted to establish a new
publication which will have COMSEC (or something like
it) in the name. They see continuing confusion with two
publications similarly named. Further, there has been
widespread confusion because everything that has come
out of the association has had my name on it. Jim Ross
has been identified as the association, and vice versa.
It's time for the association to establish its own
independent identity.
No, I did not want to change the name of the
newsletter that I write. I created it in 1984, the Year
Of George Orwell, and I enjoy writing it. However, I
agree with the other directors that a great deal of
confusion has existed; and, for the good of the
association, I will change the name.
Yes, you'll continue to receive a newsletter written
by Jim Ross on the subject of communications,
communications security, privacy protection, etc. It
will be issued ten times per year and will contain at
least four pages as in the past. It just won't be called
ComSec Letter.
The way it looks now, we'll continue to call this
publication ComSec Letter through the December issue,
and we'll carry CSA information till then. At that time
the association will begin publishing a magazine for
members of CSA, and this letter will have a new name
starting with the January issue.
If you have a zingy name to suggest, please give me
a call. Looking back, we see that we've covered
technical material, news, laws and legal decisions,
personnel, techniques, etc. We're interested in all
aspects of communications (especially good
communication), surveillance, countersurveillance,
privacy protection, eavesdropping detection technology,
telecommunications, data/information security, etc.
Your comments are solicited.
6ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ
ÍÍÍÍÍÍÍÍ4
Copyright, 1989. Ross Engineering, Inc., Adamstown, MD,
USA
CSA BOARD OF DIRECTORS
We've received a few calls from members asking just
what is the situation with the board, and when new
members will be elected by the membership. There is some
concern that the east coast is represented, and the rest
of the world is left out. Having been a member of
organizations that were run by a tight cabal, I'm
sympathetic to the concerns that have been expressed.
For the benefit of those who have not been privy to
the details, we have not had a big membership meeting
since 1985 when we put on ComSec Expo '85. Since then,
our meetings have been sparsely attended, and board
members have been added to fill vacancies by a very
small segment of the overall membership.
It appears at this time that it would be a good idea
to expand the board to nine members as had been the
plan, and to do this in conjunction with the December
membership meeting. Members with an interest in serving
on the board are invited to make themselves known. Our
new by-laws have not been formally adopted, but they
will probably require attendance at two meetings per
year as a minimum, with absence from two consecutive
meetings requiring dismissal. Our plan is to establish a
nine-member board, and to elect three new members each
year at the annual meeting.
SURVEILLANCE EXPO '89
This affair, to be held at the Sheraton Washington
Hotel in Washington, DC December 12 - 15, is being
sponsored by CSA and this newsletter. We expect many new
people to join the association because of the discount
offered to members, and we have tentative plans for even
more participation by the association next year.
Interested in the modern technologies of
surveillance and countersurveillance? This is the show
for you.
Wonder what the laws mean? Want to get straight
answers in layman's language? There will be four
sessions relating to the laws, and many other seminars
will include material on the laws.
Want to know the latest technical surveillance
systems found by TSCM teams? Visit one of the sessions
on TSCM reports from the field, and join in a discussion
with professional practitioners.
Heard about TEMPEST, SCIFs and STU-IIIs, but don't
really understand? Various seminars will cover these
topics, and there will be several exhibitors featuring
these products.
Read about computer viruses, but don't know how
vulnerable you or your employer are? Take in one or more
of the seminars on this topic. Visit the exhibitors
offering protection systems.
Have any kind of a question relating to these
technologies? Here's your chance to ask the experts.
Remember, as a member of CSA, you'll be entitled to
a $200 discount when you sign up for the conference.
GSA TELECOMMUNICATIONS SECURITY SPECIALIST COURSES
In our May issue this year we passed along some
information about two courses being offered to anyone by
the Information Security Training Center of the GSA. So
far we've had no feedback, and that's unusual. If you
have attended, we'd certainly like to hear from you.
If you are interested in the training being offered,
you can get information from: GSA, Symbol KVIST, 1500 E.
Bannister Rd., Kansas City, MO 64131-3088. Please let us
hear from you with any details about this unusual
offering.
MAIL
Fred Villella of La Jolla, CA wrote to correct his
address, and commented, "You appear to do good work.
Keep it up!" Thanks, Fred. We'll do our best.
Ramon Izaguirre of Buenos Aires, Argentina wrote to
ask the meaning of several of the terms that were
contained in the Surveillance Expo interest survey.
Thanks, Ramon. The terms that you do not understand may
not be understood by many readers of this letter, so
we've created a mini-glossary which will be mailed with
this letter. Thanks for your inquiry.
Thomas E Crowley wrote to advise that he has a
criminal justice data base on computer of 75,000 to
100,000 topics. You can contact him at 27450 Cottonwood
Trail, North Olmsted, OH 44070. Phone: 216-779-9295.
Alex Pacheco of Washington, DC wrote to ask about a
subject that has really gotten a lot of attention
recently; he wants to know about calling number
identification.
Well, Alex, many people are very interested in that
subject, and some are even buying the box that you
connect to your line which will display "Incoming Call
Line Identification, ICLID". Unfortunately, unless you
live in an area where the phone company offers this
service (at an extra charge), you'll get no help from
the black box. Nada. Zip. Nothing.
Because this is also a subject which would be of
interest to many of our readers, we're including
information on it in the mini-glossary enclosed with
this letter.
COMING SOON
CSA member Larry Rigdon has discovered a
manipulation of a modern electronic PBX (CBX) being used
by an employee to monitor the big boss's calls. Larry
has promised to send us a copy (sanitized) of his
report. We'll pass along the details.
As we've said many times before, if a vulnerability
exists, you can be sure that someone will take advantage
of it.
NEW EXECUTIVE DIRECTOR FOR CSA
Mike Brumbaugh, a member of the CSA board,
volunteered to become the new executive director,
effective immediately. He will continue in his full-time
job, and do this work part time.
Mike has great ideas about expanding the membership
and the benefits of membership. He has started a
campaign to get local chapters organized around the
country, and he is inaugurating a new magazine to be the
official organ of CSA.
If you have an article in your head that would be of
interest to members, now's the time to put it down on
paper and send it to Mike.
The new CSA address is: POB 7069, Gaithersburg, MD
20898-7069. Telephone: 301-670-0512.
If you have not received your membership certificate
or card, contact Mike. Please be patient. He's just
getting started, and we really were left in the lurch by
the abrupt resignation of the previous director -- with
many unfinished tasks.
TRANSITION
As we change names of the publications, and start
with a new executive director, there are bound to be
many questions. Let's all try to communicate and reduce
the confusion level as much as possible.
For instance, this letter will no longer be a
benefit of membership. Everyone whose membership expired
as of the end of September 1989 has been notified that
subscriptions to the ComSec Letter are available @
$35/yr in North America and $55 elsewhere. We've had a
very good response to that single notice; but, because
of all of the confusion, we have decided to send at
least one more issue with an expiration notice.
However, if you joined during '89 expressly to
receive the ComSec Letter, please let me know. I'll
continue to send the letter to you until the normal
expiration date of September 30.
Mike Brumbaugh will be contacting all who have not
renewed their memberships to remind them.
If you do not understand, or have any question about
these changes, I'd welcome a call from you. We certainly
don't want anyone to think that he has not been treated
fairly and honestly.
The ComSec Letter is published monthly (10 issues
per year) by Ross Engineering, Inc., 7906 Hope Valley
Court, Adamstown, MD 21710 USA. Tel: 301-831-8400; Fax:
301-874-5100. The letter covers communications and
information security concerns in the modern world.
Subscription price is $35/year for US, Canada and
Mexico; and $55/year for all other addresses.
-30-ComSec Letter Supplement
Volume VI, Number 10 YOGO 5.10
October, 1989
Prepared and Edited by James A. Ross
******************************************
MINI-GLOSSARY
ANI. Automatic Number Identification. This is a
telephone company facility, intended for their use
alone, but widely used by others. To take advantage of
this capability, you simply dial a code, and the
response, in a computerized voice, is the number
assigned to the pair that you are connected to. For
instance, in New York City and parts of Long Island, you
would dial "958" to determine the number assigned to the
pair that you are connected to. If you dial from your
home or office, you'll learn nothing that you didn't
already know. However, if you are in the process of
connecting a tap, this could save you a lot of time.
CNA. Customer Name and Address. Again, this is a
telephone company facility in this country by which
telephone companies help one another by providing the
name and address of a customer whose number is known. It
is widely used by investigators in the practice of their
profession.
DNR. Dialed Number Recorder. The first of these, built
50 or 60 years ago, used a fountain pen to make marks on
moving chart paper in response to the pulses of current
in the line as the phone was dialed. (They were called
"pen registers" because a pen was used to mark the
paper.) An operator or technician had to count the marks
to interpret the number dialed. Modern DNRs are much
more sophisticated, and do much more. (However,
journalists and politicians still use the outmoded and
antiquated name, pen register.) (Too lazy to learn
anything new?) Today's DNR (and Radio Shack's CPA-1000
is a low-cost marvel @ $99.95) records and prints time
off hook and time on hook for all calls. For incoming
calls, some of them print out the number of rings before
the answer. For outgoing calls, they also print out the
number dialed. It doesn't matter whether the dialing is
pulse or tone, or a combination of both. Also, some
provide a recap of all daily activity at midnight each
night. Some even format the number, putting in dashes US
style, making it easier to read.
LLLTV. Low Light Level Television.
SCIF. Secure Compartmentalized (Compartmented?)
Information Facility. This is a US government invention.
It is a facility that is built to government
specifications that assures that what is said in the
room is heard only by the people in the room. Government
contractors are being required to develop SCIFs for
sensitive and classified meetings.
STU III. Secure Telephone Unit number three (pronounced
"stew three"). AT&T, Motorola, and RCA (GE?) are
building these after a government sponsored development.
They are secure telephones to be used by government
contractors when talking about sensitive information on
the phone.
TEMPEST. This is the name that our government has given
to the field that relates to compromising emanations
from electrical and electronic equipment. In short,
electronic equipment radiates interference as it is
operated. Given close proximity, much expensive
equipment, trained technicians, and a lot of time; it is
possible, theoretically, to determine what has been
typed, for example, on an electronic typewriter nearby.
CALLING NUMBER IDENTIFICATION
Many, many people are very interested in this
subject. We get at least one telephone call per week
from a person who wants the service NOW. They have seen
something about it in the press, and they're ready!
Unfortunately, there are some mail order sellers who
offer boxes that they say will display the calling
number. People are buying these boxes, and learning, too
late, that they should have investigated before
investing. Sure the box is capable of displaying the
calling number. However, it cannot display anything if
the telephone company provides nothing. Unless you live
in an area where the phone company offers this service
(at an extra charge), you'll get no help from the black
box. It can only display "Incoming Call Line
Identification", "ICLID" in areas where that service is
offered, and then only to subscribers who have
contracted for the service.
Service is being offered in various localities, and
is spreading rapidly because of the free market forces
driven by the publicity that this technological advance
has generated. If you want this service, I suggest that
you call your telco's business office and ask when the
service will be available. As usual when dealing with
phone company people, don't allow yourself to be put off
by the first service rep who can't find the answer in
the "answers to every subscriber's questions" script.
Persist. Speak to a supervisor. If enough people ask
about it, maybe they'll will realize that they can make
some more money by offering the service.
Nationally, the service will someday be implemented.
It is a part of what is informally called "System 7",
the full name of which is "Common Channel Interoffice
Signalling System 7". On a local basis the facility has
been offered under the name "CLASS" which is an acronym
for "Custom Local Area Signalling System".
One final note about this wonderful new capability.
The American Civil Liberties Union (which I usually
agree with) has taken the stand that this system
violates the privacy of the calling party by revealing
his number to the called party. That's right, the ACLU
says that the person who dials you, causing your phone
to ring and interrupting your activity, is having his
privacy violated if you are allowed to learn his number.
ComSec Letter
Volume VI, Number 11 YOGO 5.11
November, 1989
Prepared and Edited by James A. Ross
******************************************
SURVEILLANCE EXPO '89
Just a reminder: This affair will take place in the
Sheraton Washington Hotel in Washington, DC December
12 - 15, 1989. The seminars start at 2:00 PM on the
12th, and the exhibits open at 9:00 AM on the 13th.
Each morning that the exhibits are open there will
be no-charge seminar sessions at 8:00 AM. Anyone with
any kind of a Surveillance Expo '89 badge will be able
to attend free.
As this is written, we have already received
conference registrations from Australia, Canada,
Denmark, and South Africa, as well as all over the
United States.
If you attend, you'll have to choose between
outstanding speakers. Many well qualified people
volunteered to speak, and the committee had to
disappoint many with excellent credentials. If you
cannot get to all sessions that you are interested in,
take heart, the Comsec Association is arranging to have
all sessions recorded with tapes available on site or by
mail. (If you are not able to attend at all, you'll
still be able to order tapes of the sessions you are
interested in.) It looks as though there will be about
fifty exhibitors and we have over thirteen hundred
people preregistered to visit the exhibits during the
three days. From the titles and company names on the
registration forms, we're convinced that this will be a
quality audience.
Certainly the members of the fourth estate are
interested. We've had requests for press passes from all
over. So far we are holding press passes for several TV
stations, trade press representatives, national news
magazines, etc. World News Tonight with Peter Jennings
has arranged for four passes (and we're delighted that
Jim Bamford, author of "The Puzzle Palace" will be one
of the ABC reps. If you haven't read his book, your
education on surveillance is not complete.) USA Today on
TV has interviewed the conference chairman, and National
Public Radio couldn't wait for the mail; they insisted
that we fax them a copy of the program.
See the highlights sheet enclosed in the envelope
with this letter for information on some of the exhibits
and some of the seminars.
Remember, if your membership in CSA is current,
you'll be entitled to a $200 discount.
6ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ
ÍÍÍÍÍÍÍÍ4
Copyright, 1989. Ross Engineering, Inc., Adamstown, MD,
USA
TECHNOLOGICAL ASSESSMENT PROGRAM
Frank McGuire sent us a mailing that he had received
from the Department of Justice Technological Assessment
Program (TAP). This document stated that TAP planned to
establish standards for pen registers.
Pen register!?? Please, fellows. Can't we use
modern terms to describe modern technology. The pen
register was modern technology forty years ago, and the
term is inappropriate for use in this day and age. The
modern term is DNR for dialed number recorder; and, if
an old fogy like me can step up to modern technology,
why can't you whippersnappers?
By the way fellows, contrary to what you printed,
the DNR prints only the number dialed, not "the specific
numbers of the telephones involved".
Question. Do any of the manufacturers have DNRs that
can also print out the calling number, where that
information is available?
ON WORDS
In the segment above we commented about the use of
"pen register" to describe a modern DNR. (It's akin to
calling a Corvette a horseless carriage.) Let's consider
some other words that, I believe, should be used
carefully and precisely.
The first set: "tailing" and "tracking". In my
usage, tailing means following, with or without the aid
of electronic or radio aids, keeping the subject in
sight, or within the range of the electronic equipment.
The process involves movement, the physical following of
the target. On the other hand, tracking means keeping
track of the target's movements while remaining at a
fixed location. Through electronic means the target's
position is recorded and/or displayed at some fixed
site.
And another set, the old bugaboo: "tap" and "bug".
These continue to be used interchangeably by members of
the press and even by some people who sell their
services in countermeasures. For the sake of good
communication, let me offer definitions. Very simply, a
tap is eavesdropping on what is carried over phone
lines, and a bug eavesdrops on all room audio. The
product of a tap is that which is being carried over
telephone lines, and the product of a bug is all target
area audio.
I do not find these definitions hard to understand,
and their careful usage makes for less ambiguous
communication. However, not everyone is ready to be
precise. One man in a recent seminar in London reacted
hotly to my statement that a telephone tap, properly
done, cannot be remotely detected by any
instrumentation. His question to me was, "Are you saying
that all of that equipment that they use out at Scotland
Yard is worthless?" It seems that he did not understand
that I was talking about a tap, a connection to a
telephone line. He could not differentiate between the
two words even with repeated instruction as to their
meanings.
While we're talking about being precise, it's time
to ask you to observe how many people will be expounding
about the next decade, the nineties, starting in 1990.
Each time you hear that or read it, think back. Did we
start numbering years with the year "zero"? No, we
didn't; we started with "one". That means that 1990 is
the last year of this decade, not the first year of the
next decade. (Yes, engineers can be picky, but the next
time you're at thirty thousand feet, thank your lucky
stars that a lot of aeronautical design engineers were
very thorough and very picky.)
SUBCARRIER
Subcarrier is a method of carrying more than one set
of information over a radio link. In short, the main
carrier, in addition to being modified by the main
modulating signal (which carries information), is also
modulated by another carrier, called a subcarrier. That
subcarrier, in turn, is modulated by another modulating
signal, also carrying information.
In the US there is a provision in the rules allowing
broadcast stations to transmit information on
subcarriers. Its called SCA for Supplemental
Communications Authority. FM broadcast stations use
three different frequencies for these (SCA)
transmissions. The subcarrier frequencies used for
analog (music, readings, etc.) information are 67 KHz
and 92 KHz. Digital (mostly paging) information is
carried on 57 KHZ.
If you are a scanner buff, and have a low frequency
receiver, you can tune to these subcarriers. Be careful
though. Big Brother may be watching. The Electronic
Communications Privacy Act of 1986 made intentional
listening to that which has been broadcast on a
subcarrier a crime.
OTHER STUPID LAWS
I remember when the old timer in a nearby small town
began to lose towing business from car wrecks because a
new operator was listening to police calls, and got to
the wrecks first. As I recall, the local govt passed a
law making it illegal to listen to police calls. How
dumb, and soon overturned.
Monitoring Times recently reported that a man in
Michigan was fined $500 for having a scanner in his
vehicle. Imagine! He was punished just for having a
scanner in his vehicle.
These laws are stupid and repressive. "Let the buyer
beware" is valid, so let's coin: "Let the transmitter
beware". If you broadcast, you have no right to expect
privacy. If you broadcast your private information by
radio by using a cordless or cellular telephone, you are
acting irresponsibly, and our legislators are acting
stupidly when they pass laws to "protect" you. If you
transmit, others will receive, regardless of what any
law says.
Further, I think that passing laws limiting what
people can listen to is unbelievably repressive and akin
to the rules which forbad teaching slaves to read and
write.
WE KEEP GETTING THESE THINGS IN THE MAIL
"The Secure Phone II has the capability to defeat
any and all automatic telephone recording devices for
secure communications."
First, how in the world can anyone assert that
defeating an automatic recording device insures secure
communications? Of course, anyone with any experience in
this world (not just in electronics) will wonder about
the sweeping "any and all". That really takes the cake!
Wow! Let's all rush out and buy a few.
During this month and next, while Mike Brumbaugh is
getting the first issue of the ComSec Journal put
together, we'll be carrying information on association
activities as a service to the association. Remember
though, this is no longer the official organ of the
association. It is a newsletter available by
subscription to anyone any where in the world. If you've
let your association dues lapse, you'll be hearing from
Mike shortly.
COMSEC ASSOCIATION ANNUAL MEMBERSHIP MEETING
The annual meeting of the members of the
Communications Security Association will be held in the
Colorado Room of the Sheraton Washington Hotel from 6:00
till 7:30 PM on December 13. Jack Mogus is making the
arrangements, and, if you have questions, you can reach
him on 703-281-7400.
BOARD MEETING
At the board meeting held on November 18, there were
some interesting decisions made. The first is to make
every president of every local chapter a voting member
of the board while he/she is in office. This should
provide broad national representation on the board.
(These members will be exempt from the "miss two
consecutive meetings and you're out" rule which will be
adopted when our new by-laws go into effect.)
The plan for CSA to publish the program for
Surveillance EXPO '89 fell through. Mike learned that
getting advertisers is more of a job than he thought. Oh
well, maybe next year.
There is some possibility that CSA will enter into
some joint programs with The National Computer Security
Association, NCSA. They're headquartered in Washington,
DC, and have a decent sized membership and some
interesting programs.
The board asked Jim Ross to stay on for another year
as president, and he agreed because Mike Brumbaugh has
taken over as executive director, and Ross sees relief
ahead.
The ComSec Letter is published monthly (10 issues
per year) by Ross Engineering, Inc., 7906 Hope Valley
Court, Adamstown, MD 21710 USA. Tel: 301-831-8400; Fax:
301-874-5100. The letter covers communications and
information security concerns in the modern world.
Subscription price is $35/year for US, Canada and
Mexico; and $55/year for all other addresses.
-30-ComSec Letter
Volume VI, Number 12 YOGO 5.12
December, 1989
Prepared and Edited by James A. Ross
******************************************
A DAY LATE & A DOLLAR SHORT
Well, we're not really a dollar short, but we're
more than a day late. This December letter is being
mailed in January. I really wish that there was some way
that I could blame the delay on some uncontrollable
disruption, but the truth is that your old editor just
let time get away from him. I'm sorry, and I'll try to
do better in the new year.
SURVEILLANCE EXPOS
Your editor has been deeply involved (in many ways)
in developing this series of shows relating to
surveillance and countersurveillance. In fact, in this
letter we're reporting on the first Surveillance Expo,
and announcing the next one.
Some of the reactions that we've had so far really
surprised us, so we're using a little of our space to
detail those reactions and to explain our primary motive
in sponsoring these shows.
The press response to all of our information, and
even to exposure to the high-quality, professional-level
products and services amazed us. Most of the reporting
made us out to be some kind of a "spy shop" operation.
Seems to be some fantastic bias at work there.
Also, we were surprised that there were people who
were shocked that we had computer hackers making
presentations -- as if associating with hackers would
result in personal contamination!
So let's consider our motives. First, in simple
terms, Jim Ross thinks that the good guys should be
taught what the bad guys already know: "Strength through
education; and education through communication". A
philosopher said (as best I can remember his exact
words): "All that is necessary for evil to triumph, is
for good men to remain silent." I really believe in that
idea, and my efforts to develop this educational
activity are proof that I am willing to put my money and
my time where my mouth is.
Final thought: The primary emphasis during the
development of the seminar faculty was to find people
with hands-on experience. We did not want lofty
theoretical talks, nor government approved (read
sanitized) talks; we sought people with practical
experience. And who better than a hacker to explain the
threat from hackers?
6ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ
ÍÍÍÍÍÍÍÍ4
Copyright, 1989. Ross Engineering, Inc., Adamstown, MD,
USA
SURVEILLANCE EXPO '89
It is our opinion (prejudiced, of course) that the
first Surveillance Expo was the COMSEC, INFOSEC and
INVESTIGATIONS TECHNOLOGY event of the year. In two and
one-half days 642 people visited the exhibit hall with
forty-five booths filled with the latest in surveillance
and related technology products and services. In the
break-out rooms, we had fifty-six seminars presented
during three and one-half days.
We've heard from many of the participants, and we'll
try to pass along the essence of the commentary.
OVERALL
One observation that we heard from exhibitors, time
and again, was that we had brought in a quality
audience. There were decision level executives and very
sharp technical people, but no macho men in camouflage
fatigues with Soldier of Fortune sticking out of their
back pockets. One consultant lined up two contracts on
the first day, the surveillance vehicle exhibitor handed
out 542 brochures and is currently working 72 promising
leads, etc.
We expect to see all of the exhibitors back again
next year. We've also heard from some companies that
held back and did not exhibit because it was a first
show. Three of them urged us to put the event on again
in six months so they would not have to wait a whole
year to have the opportunity to exhibit! That's good
news.
Most of the speaker evaluation forms that we
received were very favorable, and we expect that the
committee will invite many of them back next year.
THE CHOICE OF DATES
We were chided by more than one participant for
holding the event so close to the holiday season.
Certainly we agree that the dates were not the best.
However, when we started looking for space in January we
learned that trying to find space in the Washington, DC
area is tough, and we took what we could get.
THE DECEMBER DATE, POSITIVES
There are two good things about holding a show in
Washington so late in the year. First, there is not that
much competition from other shows. Second, after
Congress adjourns for its holiday recess, there is not
that much news in DC, but a lot of hungry newsmen and
women.
This year we had over 40 press representatives cover
the expo. The Associated Press ran an article, Dan
Rather had a crew of four in the exhibit hall for hours,
NPR covered the show, Post Newsweek TV put on a special,
the Washington Post ran a feature article, etc.
(However, there may be a negative side to all of this
coverage; see the segment "MEDIA BIAS".)
THE DECEMBER DATE, NEGATIVES
One negative aspect of the late date is that many
people don't want to travel that close to the holidays.
Also, many companies have expended their travel and
promotional budgets. (However, one exhibitor pointed out
that he wasn't concerned with his company's fiscal year;
he was concerned with the federal government's which
starts on October 1!)
The most compelling argument against a meeting in
Washington in the winter, however, is the weather and
weather forecasters. Our local forecasters, burned a
couple of years ago by not predicting a crippling
snowstorm, tend to protect themselves by putting the
worst possible interpretation on data. (Also, scary
forecasts get attention.) For the Surveillance Expo '89
opening date they said, "sleet, freezing rain and snow",
and the same for the following night. What we actually
got was some snow each day. There is no doubt that
attendance was down due to the actual weather, and down
even further due to the gloom and doom forecasts.
MAKING IT BETTER
How can we make it better? Well, The Defense
Intelligence College was upset because they had not
heard of it until too late so we'll be sure that they
get plenty of notice for next year. A Canadian
businessman called to advise us to notify the embassies.
Also, we were told that we should have more exhibitors
and more big companies exhibiting, and that is a
sentiment that we agree with. Considering the success of
this show, from the exhibitors standpoint, we expect
that many of the "on-the-fence" firms will sign up for
next year. And, of course, the really big firms had
people in attendance, and will have plenty of time to
plan to participate in 1990.
To get more publicity, we'll be asking several
organizations to become cosponsors. So far we have the
Communications Security Association and the National
Computer Security Association, and we plan to talk to an
association of investigators. These outfits will help
with publicity, and also in selecting topics and
locating and screening speakers for the seminars.
Further, the registration contractor has provided us
with an hour-by-hour breakdown of registrations. We'll
use that information in planning next year's
registration hours and to schedule exhibit and seminar
hours.
SEMINAR PROGRAM
The Ross Engineering seminar has been slimmed down
to one day. It is aimed primarily at security managers
and investigators who need the overall big picture
without a lot of technical detail. (Those who need more
detail or hands-on practice with equipment can visit our
new training facility for those functions.) The kick-off
of the new one-day program will be in February. We're in
Miami on the 5th, Dallas on the 7th and Los Angeles on
the 9th. For more information, please call, write or
fax.
MEDIA BIAS
On the negative side of all of the expo media
coverage is the tendency for the journalists to tend to
see things with a jaundiced eye. It's our feeling that
the folks who work in the news business are the people
who took all liberal arts courses and no hard science
courses. Therefore, they don't understand any new
technological development, and so, see it as something
sinister. Sad. The masses depend upon them for unbiased
news.
Much of the coverage of this show tended to create
the impression that the exhibitors were a bunch of "spy
shop" people with simple doodads available to use to spy
on your neighbors.
That false impression brought calls from all over.
One lady called me, and said that her son had told her
to come to the expo and buy one each of each product! If
she had tried to do that, she would have found that she
couldn't buy the Motorola STU III secure telephone at
any price because sales are made only to approved
government contractors on classified government
contracts. However she could have purchased a pair of
AOE's top-of-the-line secure telephone for $39,000. But
that's just a start. She would have really needed a
strong bank balance to buy such things as the
surveillance vehicle, the closed circuit TVs, the
specialized lenses, the high power lights, the night
vision equipment, the countersurveillance equipment, the
system for transmitting pictures over phone lines or
two-way hand-held radios, etc. Too bad that she got the
idea that this was a dilettante type show. It wasn't.
SURVEILLANCE EXPO '90
Place: Hyatt Regency, Crystal City, Virginia
(adjacent to Washington National Airport.
Dates: November 28 - 30, 1990.
More detail soon.
OUT WITH THE OLD; IN WITH THE NEW
This will be the last newsletter under the name of
"ComSec Letter". As we've mentioned before, the
Communications Security Association is starting a new
publication with COMSEC in its title and we are changing
the name of this letter to minimize confusion. Care to
guess the new name? A subscription extension of one year
for a correct guess. Call, write or fax.
The ComSec Letter is published monthly (10 issues
per year) by Ross Engineering, Inc., 7906 Hope Valley
Court, Adamstown, MD 21710 USA. Tel: 301-831-8400; Fax:
301-874-5100. The letter covers communications and
information security concerns in the modern world.
Subscription price is $35/year for US, Canada and
Mexico; and $55/year for all other addresses.
-30-
