Who wants to listen to the phone conversations of officials in the Greek government including the Prime Minister?

They'd like to know that too.

Unknown eavesdroppers tapped the mobile phones of Greek Prime Minister Costas Karamanlis, five cabinet members and dozens of top officials for about a year, the government said on Thursday.

Illegal software installed at Greece's second biggest mobile phone operator, Vodafone Greece, allowed calls to and from about 100 phones to be recorded. Most belonged to the government but one was owned by the U.S. embassy in Athens, officials said.

"The phones tapped included the prime minister's, the whole leadership of the defence ministry and the whole leadership of the public order ministry, some foreign ministry phones, one former minister, now in opposition, and others," government spokesman Theodore Roussopoulos told a news conference.

The reasons for it and who did it are undoubtedly fascinating, but so it HOW they did it.

The eavesdropping was accomplished by means of a few lines of malicious software code inserted into Ericsson telephone software that accessed the conference calling feature, conferencing in 14 prepaid mobile phones (which because they are prepaid, are largely untraceable...)

Technically, this isn't very hard to do, but it does require some remarkable access to administration and possibly even root access username/password combinations, not to mention physical access to the phones themselves.

The implications of this story are far more extensive that would appear at first glance. We are used to the idea of "computer viruses", but the new reality is that many new kinds of devices are providing a range of eavesdropping opportunities and other potential malicious activities. If you have TiVO, you basically have a computer running Linux OS with an unattended dial-out. TiVO or Direct TV already uses it to catalog your viewer preferences, but someone with access to administrative or root access permissions could very easily reprogram the unit to dial an illicit outside number to dump your logs, or plant logs falsely indicating a preference for hardcore porn.

DSL routers, PDAs and even celluar phones are all basically the same generalized hardware design running commerical operating systems. Its a remarkable technological development, with interesting ramifications for privacy issues.

I said it was easy, but that is misleading--what's hard is getting into the system, which generally requires inside knowledge and even then is restricted to a hierarchy of access permissions. Over and above that, a malefactor has nearly an impossible job insuring that no one else discovers the modification. There is little doubt that Ericsson employees discovered the malicious code through existing security precautions such as system log entries or internal diagnostics.

Its important to consider the total security paradigm, which usually extends well beyond the device itself.

Take for example the wing-nut conspiracy theory that the Republicans stole the 2004 election by rigging electronic voting machines. Technically its possible, practically it would require a conspiracy of immense proportions with absolutely no leaks ever. There are four or five vendors of voting machines, and states generally have an inventory that consists of models from many vendors, some older, some new. To cover the bases, evil Republicans would have to, not just inflitrate, but completely restaff the engineering departments of every voting machine manufacturer with podpeople. Software development is usually done in teams of several people, so you can't just have one guy in there sticking in malicious code--everyone has to be in on it, including managment, service personel and every other person that could conceivably run across the anomaly.

As the Greek experience suggests--eventually someone notices something and the jig is up.

Nevertheless, the increasing prevalence of innocuous electonic appliances with generalized hardware and operating systems does provide evil-doers with some new tricks.

Sappho Manifesto: Greeks say Its Bush's fault...

Spy.org: Suspicious suicide by Vodafone employee...

Blue Life or Green: The receivers were all located downtown...near the American embassy...

Discarded Lies: Cell phones of the PM and his wife were tapped.

It bears mentioning that the U.S doesn't need to insert malicious code into your phone--it can already listen to every cell phone conversation in Greece simultaneously and have a super computer isolate, catalog and store the conversations of individuals, including of course the PM and his wife.