A U.S. government office in Quantico, Virginia, has direct, high-speed access to a major wireless carrier’s systems, exposing customers’ voice calls, data packets and physical movements to uncontrolled surveillance, according to a computer security consultant who says he worked for the carrier in late 2003.
“What I thought was alarming is how this carrier ended up essentially allowing a third party outside their organization to have unfettered access to their environment,” Babak Pasdar, now CEO of New York-based Bat Blue told THREAT LEVEL. “I wanted to put some access controls around it; they vehemently denied it. And when I wanted to put some logging around it, they denied that.”
Pasdar won’t name the wireless carrier in question, but his claims are nearly identical to unsourced allegations made in a federal lawsuit filed in 2006 against four phone companies and the U.S. government for alleged privacy violations. That suit names Verizon Wireless as the culprit.
Pasdar has executed a seven-page affidavit for the nonprofit Government Accountability Project in Washington, which on Tuesday began circulating the document (.pdf), along with talking points (.doc), to congressional staffers hashing out a Republican proposal to grant retroactive legal immunity to phone companies who cooperated in the warrantless wiretapping of Americans.
FAIR USE NOTICE: This blog may contain copyrighted material. Such material is made available for educational purposes, to advance understanding of human rights, democracy, scientific, moral, ethical, and social justice issues, etc. This constitutes a ‘fair use’ of any such copyrighted material as provided for in Title 17 U.S.C. section 107 of the US Copyright Law. In accordance with Title 17 U.S.C. Section 107, the material on this site is distributed without profit to those who have expressed a prior interest in receiving the included information for research and educational purposes. If you wish to use copyrighted material from this site for purposes of your own that go beyond ‘fair use’, you must obtain permission from the copyright owner.