Sigillu

Secure Communications

Others tracking your location using your cell phone? Yeah, anyone can do it now.

July 29, 2010 | Dean Takahashi

Be prepared to be scared about your cell phone privacy. Two security researchers showed today how they can track down cell phone numbers, identify the person who owns the phone, and then track the whereabouts of that person. And they can do it with technology available to ordinary civilians.

That last part is the shocking part. Government investigators and police can do this. But Don Bailey and Nick DePetrillo (pictured) showed they were able to do it by collecting bits of information and then amassing them into a powerful tool that can invade your privacy. They showed off working code and other proof from Project Carmen Sandiego (named after a computer game where you tracked somebody down as part of a geography lesson) at the Black Hat security conference today in Las Vegas. (See our roundup of all Black Hat and Defcon stories).

“This is intelligence gathering for civilians,” said Bailey, speaking to a roomful of security researchers and hackers. “We can find out where you are, who you talk to, where you are most vulnerable.”

Bailey and DePetrillo joked that they could get actress Megan Fox’s cell phone number and sell it to the highest bidder. But they said the point of doing this isn’t to get the cell phone numbers of celebrities or executives like Apple’s Steve Jobs. They wanted to show how security should be stepped up for cell phones and how shockingly easy it is to do. If they could do it, they reasoned, then the bad guys with evil intent have probably already figured out how to do it. In effect, Bailey and DePetrillo said that they have enough information to put together a White Pages for cell phones, with home numbers for everybody’s cell phone.

Governments can pretty much afford the technology to do this now. But ordinary civilians can’t. One of the tools they exploit is a central database called a  Home Location Register, which records the phone number of every SIM (subscriber identity module) authorized to use the cell phone network based on theGSM (Global System for Mobile communications) standard, which is the standard used in about 80 percent of the world’s phones. You can access HLR data through various third-party resources, Bailey said. You can cross reference that with Mobile Switching Centerinformation that determines where you are, generally.

That data tells the researchers what city the user is in. They reverse engineered this data to get more information. In other countries, the MSC data has zip code data embedded in it, making it much easier to find someone’s location. U.S. data isn’t that easy to figure out. But the researchers say that can take a given MSC number and find out its location and its cell phone provider.

“That information should be privileged, but it isn’t,” Bailey said. “I shouldn’t know that you switched from AT&T to T-Mobile.”

You can buy CallerID information from companies such as Targus, which gets data from Verizon and other carriers. They add your name to the CallerID database with phone number data. If you buy a cell phone in the U.S., your name will wind up in a CallerID database. With this data, the researchers were able to reverse engineer the data to create a White Pages for mobile phones, which means they can put a name to a cell phone number. With the name and phone number together, the researchers can assemble other information.

“It’s extremely easy to build your own database,” DePetrillo said.

The databases are more expensive if you want to get the most current data, but older data is cheaper, costing only 0.0024 cents per name looked up. One of the things they can do with names is piece together who your co-workers are, because they will be using company-purchased phones with similar phone numbers.

Some of the techniques they use to glean information include backspoofing. But if you don’t want to do that, you can buy databases from Bulkcname.com for around $100 per 1,000 name lookups. The researchers say they can get 10,000 names identified for just $30. You can verify the data by cross referencing it with HLR data, which tells which carrier is associated with certain phone numbers.

During the talk, the researchers showed slides of text that showed phone numbers, names, locations and company affiliations. They can even make educated guesses about which banks of phone numbers are assigned to prepaid phones, which are phones bought at stores and can generally disguise their owners. The researchers say they can pinpoint people 99 percent of the time. With Google, Facebook and other tools, you can often then put a face to the name. You can find out if there are multiple phone numbers associated with one person.

“Our intent is to get people thinking about their actions and their vulnerabilities,” Bailey said. “You can target people. You can locate private individuals. You can locate groups of individuals. You can track where people are traveling. That’s a lot of information. It can be scary.”

Added DePetrillo, “This is simple stuff to understand. I have information I shouldn’t have. I didn’t do any crazy, insane hacker tricks. It requires very little intelligence.”

August 4, 2010 Posted by | Uncategorized | Leave a comment

Your smartphone is watching you

BEN GRUBB

July 29, 2010

ispyPhone ... Is your smartphone watching you? <I>Graphic: Liam Phillips</i>

ispyPhone … Is your smartphone watching you? Graphic: Liam Phillips

Australian security experts, consumer advocates and privacy campaigners have sounded the alarm over the hundreds of thousands of free smartphone applications that spy on their users.

Lookout, a smartphone security firm based in San Francisco, scanned nearly 300,000 free applications for Apple’s iPhone and phones built around Google’s Android software. It found that many of them secretly pull sensitive data off users’ phones and ship them off to third parties without notification.

That’s a major concern that has been bubbling up in privacy and security circles.

The data can include full details about users’ contacts, their pictures, text messages and internet and search histories. The third parties can include advertisers and companies that analyse data on users.

The information is used by companies to target ads and learn more about their users. The danger, though, is that the data can become vulnerable to hacking and used in identity theft if the third party isn’t careful about securing the information.

Lookout found that nearly a quarter of the iPhone apps and almost half the Android apps contained software code that contained those capabilities.

The code had been written by the third parties and inserted into the applications by the developers, usually for a specific purpose, such as allowing the applications to run ads. But the code winds up forcing the application to collect more data on users than even the developers may realise, Lookout executives said.

“We found that, not only users, but developers as well, don’t know what’s happening in their apps, even in their own apps, which is fascinating,” said John Hering, chief executive of Lookout.

Part of the problem is that smartphones don’t alert users to all the different types of data the applications running on them are collecting. iPhones only alert users when applications want to use their locations.

And, while Android phones offer robust warnings when applications are first installed, many people breeze through the warnings for the gratification of using the apps quickly.

Australian online users’ lobby group Electronic Frontiers Australia spokesman Colin Jacobs said the issue of applications spying on their users “was something that everybody needs to be aware of”.

Jacobs said that many did not think of their phone as a computer.

“Mobiles contain as much personal information as people’s everyday computers do,” he said.

“Ironically, Apple’s model of a very locked down app store which has caused a lot of controversy may provide more protection to users because each application is so carefully reviewed, but it has its downsides as well.”

Intelligent Business Research Services analyst Joe Sweeney said that many users had installed firewalls on their PCs, but weren’t doing so on their mobiles.

In many cases this is because they can’t. Apple, for example, doesn’t offer a firewall product on its iPhone.

“If the numbers in this report are correct, then obviously this is an issue,” Sweeney said.

“We may need to see firewall-type software on phones.”

However, he said that education of users had to come first.

“There are other ways of addressing this issue that doesn’t require a firewall.”

Sweeney said network providers, such as Telstra and Optus, could help out. Apple could as well, he said.

Choice spokesman Christopher Zinn questioned whether some of the apps using the code broke Australian privacy laws.

“One would ask whether it is a possible breach of some of our privacy laws,” Zinn said.

He said that, although Apple and some of the apps might stipulate in their contracts that they collect data and send it to third parties, “How many of us actually read the contracts and the small print that come with them?

“We know that people don’t read them. You just press OK,” he said.

“We know that, especially with Apple contracts – they’re so long – nobody reads them; you probably need a law degree to understand them.”

Zinn said that if something as significant as some of the data that was revealed in the report was being sent to a third party, it “shouldn’t be in small print”.

It should be something that a user has to consent to and be in “big print”, Zinn said.

Apple and Google did not respond to requests from the Associated Press for comment on Lookout’s research.

– with AP

August 3, 2010 Posted by | Uncategorized | , , , , , , , , | Leave a comment

Just because it is legal should I jailbreak my iPhone?

On July 26th, the US copyright office modified it rules to now make it legal to unlock your devices from a carrier.  So what?!  This does not change anything when it concerns your agreement with Apple, AT&T or anyone else.  They are not forbidden to honor the device warranty, continue service, not update your phones software if you do jailbreak your device.

So the question remains, “should I do it?”  The answer is “depends.”  If you NEED to have the function of a jailbroken phone for your personal or business use and you gain a greater value (money or satisfaction) from it, then “yes”.  If you want to be the “cool” kid that has a jailbroken phone, then “don’t be an idiot.”

Many of my Sigillu clients NEED and gain a greater value from jailbreaking an iPhone or any other device for that matter.  They will use the multi-tasking feature available to keep Gold Lock running in the background.  Additionally, the 3G Unrestrictor -Tricks their iPhone into thinking that it is on a wifi network so they can use 3G or edge without restrictions.  This lets them use Skype over 3G and also download files larger than 10MB on the AppStore.  Finally, they can use their iPhone on different networks if necessary.  For more discussion on pros and cons see http://limitededitioniphone.com/why-you-should-jailbreak-your-iphone-3gs-3g-and-2g/

They use these features for convenience but additionally for doing business that makes it worth the effort to jailbreak their iPhone.  Of course the phones can be reverted when they need to be taken in for repairs and what not, so what is the difference?  That is up to you to decide.

Douglas Haskins, 8/2/2010

doug@sigillu.com

August 2, 2010 Posted by | Uncategorized | , , , , | Leave a comment

GSM Phone Hack FAQ: What You Should Know

By Tony Bradley, PC World

A researcher at the Def Con security conference in Las Vegas demonstrated that he couldimpersonate a GSM cell tower and intercept mobile phone calls using only $1500 worth of equipment. The cost-effective solution brings mobile phone snooping to the masses, and raises some concerns for mobile phone security.

How does the GSM snooping work?

Chris Paget was able to patch together an IMSI (International Mobile Identity Subscriber) catcher device for about $1500. The IMSI catcher can be configured to impersonate a tower from a specific carrier. To GSM-based cell phones in the immediate area–the spoofed cell tower appears to be the strongest signal, so the devices connect to it, enabling the fake tower to intercept outbound calls from the cell phone.

What happens to the calls?

Calls are intercepted, but can be routed to the intended recipient so the attacker can listen in on, and/or record the conversation. To the real carrier, the cell phone appears to no longer be connected to the network, so inbound calls go directly to voicemail. Paget did clarify, though, that it’s possible for an attacker to impersonate the intercepted device to the wireless network, enabling inbound calls to be intercepted as well.

But, aren’t my calls encrypted?

Generally speaking, yes. However, the hacked IMSI catcher can simply turn the encryption off. According to Paget, the GSM standard specifies that users should be warned when encryption is disabled, but that is not the case for most cell phones. Paget explained “Even though the GSM spec requires it, this is a deliberate choice on the cell phone makers.”

What wireless provider networks are affected?

Good news for Sprint and Verizon customers–those networks use CDMA technology rather than GSM, so cell phones on the Sprint or Verizon networks would not connect to a spoofed GSM tower. However, AT&T and T-Mobile–as well as most major carriers outside of the United States–rely on GSM.

Does 3G protect me from this hack?

This IMSI catcher hack will not work on 3G, but Paget explained that the 3G network could be knocked offline with a noise generator and an amplifier–equipment that Paget acquired for less than $1000. With the 3G network out of the way, most cell phones will revert to 2G to find a viable signal to connect to.

Should I be worried that my mobile phone calls are being tapped?

Yes and no. The hack demonstration at Def Con proves it can be done, but it doesn’t mean that it’s in widespread use. $1500 is a relatively low investment, but it’s still enough to be out of range of most casual hackers that just want to experiment.

Now that the information is out there, though, hackers with the financial resources to put the IMSI catcher together could start intercepting calls. But, as noted earlier–if you are a Sprint or Verizon customer you don’t need to worry.

If you are on a GSM network like AT&T and T-Mobile, though, it is possible that an attacker could intercept and record your calls. The range of the IMSI catcher is relatively small, so the odds of your phone connecting to a random IMSI catcher are almost negligible, and it would only be an issue as long as you stayed in close proximity to the IMSI catcher.

However, if a user is specifically targeted, the rogue GSM tower could be an effective means of intercepting calls. The IMSI catcher could be used by corporate spies to target specific high profile individuals in a company to gain corporate secrets or other sensitive information.

August 2, 2010 Posted by | Uncategorized | , , , , , , , , , , , , , , , , , , , , , , , , , | Leave a comment

Legal spying via the cell phone system

Two researchers say they have found a way to exploit weaknesses in the mobile telecom system to legally spy on people by figuring out the private cell phone number of anyone they want, tracking their whereabouts, and listening to their voice mail.

Independent security researcher Nick DePetrillo and Don Bailey, a security consultant with iSec Partners, planned to provide details in a talk entitled “We Found Carmen San Diego” at the Source Boston security conference on Wednesday.

“There are a lot of fragile eggs in the telecom industry and they can be broken,” Bailey said in an interview with CNET. “We assume the telecom industry protects our privacy. But we’ve been able to crack the eggs and piece them together.”

The first part of the operation involves getting a target’s cell phone number from a public database that links names to numbers for caller ID purposes. DePetrillo used open-source PBX software to spoof the outgoing caller ID and then automated phone calls to himself, triggering the system to force a name lookup.

“We log that information and associate it with a phone number in a (caller ID) database,” DePetrillo said. “We created software that iterates through these numbers and can crawl the entire phone database in the U.S. within a couple of weeks… We have done whole cities and pulled thousands of records.”

“It’s not illegal, nor is it a breach of terms of service,” Bailey said.

Next up is matching the phone number with a geographic location. The SS7 (Signaling System) public switched network routes calls around the world and uses what’s called the Home Location Register to log the whereabouts of numbers so networks can hand calls off to one another, DePetrillo said. Individual phones are registered to mobile switching centers within specific geographic regions and they are logged in to that main register, he said.

Only telecom providers are supposed to have access to the location register, but small telcos in the EU are offering online access to it for a fee, mostly to companies using it for marketing data and cost projections, according to DePetrillo.

“Using previous research on the subject as a starting point, we’ve developed a way to map these mobile switching center numbers to caller ID information to determine what city and even what part of a city a phone number is in” at any given moment, he said. “I can watch a phone number travel to different mobile switching centers. If I know your phone number, I can track your whereabouts globally.”

For instance, the researchers were able to track a German journalist talking to a confidential informant in Serbia and follow his travels back to Germany, as well as obtain the informant’s phone number, Bailey said.

Bailey said he had contacted telecom providers with the information on how industry outsiders were able to get to information believed to be privileged to the providers, but said the hands of GSM providers in the U.S. are tied.

“The attack is based on the assumption of how the networks work worldwide,” he said. “For interoperability and peer sake, the larger providers in the U.S. have to hand out the information to other providers.”

Asked what cell phone users can do to protect themselves, Bailey said, “people are just going to have to be made aware of the threat.”

It’s also relatively easy to access other people’s voice mail, a service that’s been around for years from providers like SlyDial. They operate by making two nearly simultaneous calls to a target number, one of which disconnects before it is picked up and another that goes straight into voice mail because of the earlier call. This enables the caller to go directly to voice mail without the phone ringing. DePetrillo and Bailey re-created that functionality for purposes of their legal spying scenario.

“If I want to find Brad Pitt, I find his number using the caller ID database, use Home Location Register access to figure out what provider he has. T-Mobile is vulnerable to voice mail spoofing so I get into his voice mail and listen to his messages,” said DePetrillo. “But I can also have the system tell me the numbers of the callers and I can take those numbers and look them up in the caller ID database and use the Home Location Register system to find their providers and break into their voice mail, and so on.”

This can allow someone to make a social web of people, their cell numbers, the context of their voice mail, and their relationships to others, he said.

“These attack scenarios are applicable to corporations and individual users alike,” DePetrillo said. “Corporations specifically should start to take a look at their security policies for executives as this can impact a business very hard, with insider trading, tracking of executives, etc.”

July 7, 2010 Posted by | Uncategorized | , , , , , , , , , , , , , | Leave a comment

iPad users on Windows targeted with malware

Spammers are distributing e-mails designed to trick iPad owners into downloading software that they think is an iTunes update, but which turns out to be malware that opens a back door on the computer, researchers warned on Monday.

The e-mails have a subject line that says “iPad Software Update” and offer a link to a Web page that looks like a legitimate iTunes download page, according to BitDefender. Instead, the link installs malware identified as Backdoor.Bifrose.AADY, according to the BitDefender blog.

The malware injects itself in to the “explorer.exe” process and , the post said. It also attempts to read the keys and serial numbers of the various software programs installed on the computer and logs passwords to the victim’s ICQ, Messenger, and POP3 mail accounts, and protected storage, BitDefender said.

Mac users are not affected by this piece of malware, according to the post.

July 7, 2010 Posted by | Uncategorized | , , , , , , , , , , | Leave a comment

Your Phone Number Can Be Easily Hacked, and Here’s How

“It’s really interesting to watch a phone number turn into a person’s life,” security researcher Nick DePetrillo told the Los Angeles Times in a report published yesterday. According to Petrillo and fellow expert Don Bailey, the mere digits of your cell phone number can betray your name, your travel itinerary, and your work and home address; it can also allow others to listen in on your voice messages and personal phone calls.

Using “widely available information and existing techniques,” DePetrillo and Bailey reportedly were able to construct detailed files on a cellphone user. Find out how after the break.

As “white hat hackers,” meaning the good guys that hack you to expose security gaps and then figure ways to patch them, DePetrillo and Bailey have learned that by using special software to spoof a call from the target number, tricking the cell phone company into thinking the call is coming from the target’s cell phone: The Caller ID system then identifies the victim’s name for you. As the LA Times points out, a hacker could create their own phonebook of numbers and corresponding identities.

From there, the hacker can then query the cellphone network to discover the location of the phone. Websites such as InstaMapper are openly accessible and free to use. With this, one can hypothetically track and generate a general schedule of your movements.

Moreover, there is always the possibility of malicious applications, which appear to do one thing but in reality can collect private information. For example, security expert Tyler Shields created an application called “TXSBBSPY,” which when installed on a Blackberry, could read text messages, listen to voice mail, and even turn on the phone’s mic at will.

Today, smartphones including the iPhone, Blackberry, and Android devices comprise about 21% of the cell phone market, and often contain sensitive information like other phone numbers, e-mails, and banking information. Nielsen Co. estimates the smartphone to become the new standard by 2011. However, as the smartphone is a recent development, Shields says that we are only living in the “late ’90s” when it comes to mobile security.

The obvious solutions, of course, are to 1) keep your cell phone number private; 2) shield your number with services like Google Voice; 3) use common sense – don’t access suspicious software and links.

July 7, 2010 Posted by | bugging devices, cellular phone, countersurveillance, eavesdrop, email, English, Uncategorized, USA | , , , , , , , , , , , , , | Leave a comment

Hacker Unleashes BlackBerry Spyware

Proof-of-concept demonstrates ease at which mobile spyware can be created to pilfer text messages and email, eavesdrop, and track victim’s physical location via smartphone’s GPS.

Tyler Shields, senior researcher for Veracode’s Research Lab, also released proof-of-concept source code for a spyware app he created and demonstrated at the hacker confab in Washington, D.C., that forces the victim’s BlackBerry to hand over its contacts and messages. The app also can grab text messages, listen in on the victim, as well as track his physical location via the phone’s GPS. The spyware sits on the victim’s smartphone, and an attacker can remotely use the app to dump the user’s contact list, email inbox, and SMS message. It even keeps the attacker updated on new contacts the victim adds to his contact list. “This is a proof-of-concept to demonstrate how mobile spyware and applications for malicious behavior are trivial to write just by using the APIs of the mobile OS itself,” Shields says.{hwdvideoshare}id=23|width=|height={/hwdvideoshare}Smartphones are expected to become the next big target as they get more functionality and applications, yet remain notoriously unprotected, with only 23 percent of its users deploying security on these devices. And smartphone vendors for the most part have been lax in how they vet applications written for their products, security experts say.

“Personal information is traveling from the PC to the smartphone. The same data they are attacking on the PC is now on a lower-security form factor where security is less mature,” Shields says. “It makes sense that [attackers] will follow the money to that new device.”

His spyware app, TXSBBSpy, could be plugged into an innocuous-looking video game or other application that a user would download. Then the bad guys could harvest contacts they could sell for spamming purposes, for instance, he says. Although Shields’ spyware app is only a blueprint for writing a spyware app, writing one of these apps is simple, he says.

“If we try to tell ourselves that the bad guys don’t already know how to do this, we’re lying. This is trivial to create,” he says. Shields has posted a video demo of his BlackBerry spyware tool.

Indeed, smartphone apps were a hot topic last week: A researcher at Black Hat DC demonstrated his own spyware app for iPhones, SpyPhone, which can harvest email addresses as well as information from the user’s Safari searches and his or her keyboard cache. Nicolas Seriot, a software engineer and scientific collaborator at the Swiss University of Applied Sciences, says Apple iPhone’s review process for apps doesn’t stop these types of malicious apps from being downloaded to iPhone users.

Veracode’s Shields says app stores such as BlackBerry’s, where users download free or fee-based applications for their phones, can be misleading to users. “The app store makes the problem worse by giving customers a sense of security, so they don’t necessarily screen for this ‘trust’ button,” Shields says.

The problem is that mobile spyware is “trivial” to create, and the security model of most mobile platforms is inadequate because no one uses the security features and sandboxing methods that protect user data, he says.

Shields recommends that enterprises using BlackBerry Enterprise Server set policies that restrict users from downloading third-party applications or whitelist the ones that are vetted and acceptable.

Users can also configure their default app permissions so that when an app tries to access a user’s email or contact list, the OS prompts the user for permission. Shields says to avoid setting an app to “trusted application status.”

As for app store owners like BlackBerry AppWorld, Apple iTunes, and Google Android Marketplace, Shields recommends the vendors check the security of all applications in these stores. That way, apps would undergo a rigorous vetting process before they hit the stores. “Some are [doing this], but I’m not sure to what degree,” he says. “Regardless of what they are catching or not, they are not telling us what they are looking for.”

Shields’ TXSBBSpy spyware, meanwhile, isn’t the first such tool for the BlackBerry. There’s the controversial tool FlexiSPY, aimed at tracking employees, children, or cheating spouses, but considered by anti-malware companies as malicious code. And there has been at least one documented case of a major spyware infiltration on the BlackBerry: Users in the United Erab Emirates last year were sent a spyware-laden update to their BlackBerrys on the Etisalat network.

Written by :

June 22, 2010 Posted by | bugging devices, cellular phone, countersurveillance, eavesdrop, email, encryption, English, espionage, illegal, mobile, phone tap, privacy, security, spy, surveillance, tap, technology, text message, Uncategorized, USA, wireless, wiretap | , , , , , , , , , , | Leave a comment

AT&T-iPad security breach may be worse than first thought

By Peter Bright | Last updated about 23 hours ago

Researchers looking into the security of GSM phone networks are suggesting that the recent breach, which saw tens of thousands of e-mail addresses and ICC-IDs inadvertently disclosed by AT&T, could have far more significant implications than a bit of extra spam: attackers can use the information to learn the names and phone numbers of the leaked users, and can even track their position.

The problem is that ICC-IDs—unique serial numbers that identify each SIM card—can often be converted into IMSIs. While the ICC-ID is nonsecret—it’s often found printed on the boxes of cellphone/SIM bundles—the IMSI is somewhat secret. In theory, knowing an ICC-ID shouldn’t be enough to determine an IMSI. The phone companies do need to know which IMSI corresponds to which ICC-ID, but this should be done by looking up the values in a big database.

In practice, however, many phone companies simply calculate the IMSI from the ICC-ID. This calculation is often very simple indeed, being little more complex than “combine this hard-coded value with the last nine digits of the ICC-ID.” So while the leakage of AT&T’s customers’ ICC-IDs should be harmless, in practice, it could reveal a secret ID.

What can be done with that secret ID? Quite a lot, it turns out. The IMSI is sent by the phone to the network when first signing on to the network; it’s used by the network to figure out which call should be routed where. With someone else’s IMSI, an attacker can determine the person’s name and phone number, and even track his or her position. It also opens the door to active attacks—creating fake cell towers that a victim’s phone will connect to, enabling every call and text message to be eavesdropped.

The iPad’s SIMs are going to be used for data, rather than voice, connectivity, which does reduce the impact of the problem a bit—attackers can’t eavesdrop on phone calls that don’t even exist, and encrypted Internet traffic will remain protected—but the breach does still leave iPad users trackable, and vulnerable to hijacking or eavesdropping of any unencrypted traffic.

This makes AT&T’s security problem much more serious than initially thought. The loss of e-mail addresses is annoying for its spam and social engineering opportunities, but given that most of us receive a lot of spam anyway, is unlikely to be disastrous. The loss of the ICC-IDs should have been harmless. But it now seems that that isn’t the case. AT&T should send every affected customer a new SIM (that is, one whose IMSI hasn’t been disclosed to the world at large). And all phone companies should stop generating IMSIs from ICC-IDs, and instead use database lookups like they’re supposed to.

We asked AT&T if the company had plans to replace the SIM cards of customers affected by the hack and were told by a spokesperson that the company has no comment at this time.

June 16, 2010 Posted by | Uncategorized | Leave a comment

Uribe blames wiretap scandal on plot by ‘mastermind’

Colombian President Alvaro Uribe says that a “mastermind” has been “plotting against the government in the issue of illegal wiretaps,” following reports by Semana magazine which implicated the government in the wiretapping scandal enveloping security agency DAS.

The information obtained by Semana indicates that the results of illegal wiretapping of Colombian judges, politicians, journalists and trade unionists were reported to the government. A former official in DAS’s analysis department alleges that he “received orders with the objective of working on issues that were sensitive for the government.”

Uribe claims that the allegedly incriminating documents presented to Semana by DAS officials featured forged signatures, such as that of the president’s lawyer, Jaime Lombada, who Uribe says was “astonished” by the news.

“Where is the proof that the president of the republic or the palace officials have given an illegal order? Who had given it? And when? There is all this pursuit to discredit the government,” Uribe said on radio station, Ondas del Meta.

The president said that on another occasion “someone from DAS delivered a tape to Semana magazine, which featured a DEA agent talking to an assistant court judge, to discredit the government.”

“Why are they doing this illegal recording and immediately taking it to the media to try to discredit the government? How do they that?” the president asked…

May 24, 2010 Posted by | Uncategorized | Leave a comment

« Previous Entries