Illicit wiretapping of Greek politicians was done through legitimate code

Bruce Schneier reports on the technical details of how about 100 Greek politicians and offices, including the U.S. Embassy in Athens and the Greek prime minister, were illictly tapped. What was originally referred to as "malicious code" turned out to be eavesdropping code in Vodafone's mobile phone software that was present for law enforcement interception. The same kind of code is present in U.S. phone switches as required by CALEA. As Schneier points out, "when you build surveillance mechanisms into communication systems, you invite the bad guys to use those mechanisms for their own purposes."