Quis custodiet ipsos custodes?
Now we know, the hackers do.
National security boosters have just taken a kick to the ego, with revelations that hackers can access exactly the kind of wiretap kit they believe should be deployed in every ISP and telco around the world. The zero-day that's turned up in kit from New Jersey outfit NICE would give attackers access to wiretapped voice …
@article: "NICE's Recording eXpress voice recording product <...> targets police and law enforcement agencies."
Huh? Isn't it a call centre recording product? You know, "some calls may be recorded to improve customer service"? Plus for compliance to all sorts of non-security-related regulations?
http://www.nice.com/compliance-call-recording ?
Err, these computers would be inside service providers buildings, aka the switch floor. Dunno if you've ever worked in a telco but I can't recall any cops with guard dogs around when I did.
Also, should you manage to compromise the internal network of Virgin Media, for instance, you could potentially route through to one of these devices. Going in through internet facing webservers or mail gateways could be tricky, so probably some form of targeted phishing on middle-managers with laptops might be in order. Not easy, sure, but not impossible either.
And that would be completely ignoring the curiosity of existing network engineers actually employed by these companies, when they see an accessible interface on that dark-room kit...
And they really can't afford any decent help in the techie department - at least not at the rates that decent tech want to be paid for crummy work like this.
Even our fine U.S.A. over-funded "intelligence" agencies are having trouble maintaining the best and brightest (witness Mr. Snowden) or hiring the whiz kids (witness dropping drug tests for wanabe FBI positions.)
These clowns really shouldn't be allowed near any real technology. Leave them to play with their guns and badges.