greece

The widespread corruption at the heart of Greek culture

business, history, law, politics / /

From Michael Lewis’s “Beware of Greeks Bearing Bonds” (Vanity Fair: 1 October 2010):

In just the past decade the wage bill of the Greek public sector has doubled, in real terms—and that number doesn’t take into account the bribes collected by public officials. The average government job pays almost three times the average private-sector job. The national railroad has annual revenues of 100 million euros against an annual wage bill of 400 million, plus 300 million euros in other expenses. The average state railroad employee earns 65,000 euros a year. Twenty years ago a successful businessman turned minister of finance named Stefanos Manos pointed out that it would be cheaper to put all Greece’s rail passengers into taxicabs: it’s still true. “We have a railroad company which is bankrupt beyond comprehension,” Manos put it to me. “And yet there isn’t a single private company in Greece with that kind of average pay.” The Greek public-school system is the site of breathtaking inefficiency: one of the lowest-ranked systems in Europe, it nonetheless employs four times as many teachers per pupil as the highest-ranked, Finland’s. Greeks who send their children to public schools simply assume that they will need to hire private tutors to make sure they actually learn something. There are three government-owned defense companies: together they have billions of euros in debts, and mounting losses. The retirement age for Greek jobs classified as “arduous” is as early as 55 for men and 50 for women. As this is also the moment when the state begins to shovel out generous pensions, more than 600 Greek professions somehow managed to get themselves classified as arduous: hairdressers, radio announcers, waiters, musicians, and on and on and on. The Greek public health-care system spends far more on supplies than the European average—and it is not uncommon, several Greeks tell me, to see nurses and doctors leaving the job with their arms filled with paper towels and diapers and whatever else they can plunder from the supply closets.

A handful of the tax collectors, however, were outraged by the systematic corruption of their business; it further emerged that two of them were willing to meet with me. The problem was that, for reasons neither wished to discuss, they couldn’t stand the sight of each other. This, I’d be told many times by other Greeks, was very Greek.

Tax Collector No. 1—early 60s, business suit, tightly wound but not obviously nervous—arrived with a notebook filled with ideas for fixing the Greek tax-collection agency. He just took it for granted that I knew that the only Greeks who paid their taxes were the ones who could not avoid doing so—the salaried employees of corporations, who had their taxes withheld from their paychecks. The vast economy of self-employed workers—everyone from doctors to the guys who ran the kiosks that sold the International Herald Tribune—cheated (one big reason why Greece has the highest percentage of self-employed workers of any European country). “It’s become a cultural trait,” he said. “The Greek people never learned to pay their taxes. And they never did because no one is punished. No one has ever been punished. It’s a cavalier offense—like a gentleman not opening a door for a lady.”

The scale of Greek tax cheating was at least as incredible as its scope: an estimated two-thirds of Greek doctors reported incomes under 12,000 euros a year—which meant, because incomes below that amount weren’t taxable, that even plastic surgeons making millions a year paid no tax at all. The problem wasn’t the law—there was a law on the books that made it a jailable offense to cheat the government out of more than 150,000 euros—but its enforcement. “If the law was enforced,” the tax collector said, “every doctor in Greece would be in jail.” I laughed, and he gave me a stare. “I am completely serious.” One reason no one is ever prosecuted—apart from the fact that prosecution would seem arbitrary, as everyone is doing it—is that the Greek courts take up to 15 years to resolve tax cases. “The one who does not want to pay, and who gets caught, just goes to court,” he says. Somewhere between 30 and 40 percent of the activity in the Greek economy that might be subject to the income tax goes officially unrecorded, he says, compared with an average of about 18 percent in the rest of Europe.

The easiest way to cheat on one’s taxes was to insist on being paid in cash, and fail to provide a receipt for services. The easiest way to launder cash was to buy real estate. Conveniently for the black market—and alone among European countries—Greece has no working national land registry. “You have to know where the guy bought the land—the address—to trace it back to him,” says the collector. “And even then it’s all handwritten and hard to decipher.”

On he went, describing a system that was, in its way, a thing of beauty. It mimicked the tax-collecting systems of an advanced economy—and employed a huge number of tax collectors—while it was in fact rigged to enable an entire society to cheat on their taxes.

Tax Collector No. 2—casual in manner and dress, beer-drinking, but terrified that others might discover he had spoken to me—also arrived with a binder full of papers, only his was stuffed with real-world examples not of Greek people but Greek companies that had cheated on their taxes. He then started to rattle off examples (“only the ones I personally witnessed”). The first was an Athenian construction company that had built seven giant apartment buildings and sold off nearly 1,000 condominiums in the heart of the city. Its corporate tax bill honestly computed came to 15 million euros, but the company had paid nothing at all. Zero. To evade taxes it had done several things. First, it never declared itself a corporation; second, it employed one of the dozens of companies that do nothing but create fraudulent receipts for expenses never incurred and then, when the tax collector stumbled upon the situation, offered him a bribe. The tax collector blew the whistle and referred the case to his bosses—whereupon he found himself being tailed by a private investigator, and his phones tapped. In the end the case was resolved, with the construction company paying 2,000 euros. “After that I was taken off all tax investigations,” said the tax collector, “because I was good at it.”

The Greek state was not just corrupt but also corrupting. Once you saw how it worked you could understand a phenomenon which otherwise made no sense at all: the difficulty Greek people have saying a kind word about one another. Individual Greeks are delightful: funny, warm, smart, and good company. I left two dozen interviews saying to myself, “What great people!” They do not share the sentiment about one another: the hardest thing to do in Greece is to get one Greek to compliment another behind his back. No success of any kind is regarded without suspicion. Everyone is pretty sure everyone is cheating on his taxes, or bribing politicians, or taking bribes, or lying about the value of his real estate. And this total absence of faith in one another is self-reinforcing. The epidemic of lying and cheating and stealing makes any sort of civic life impossible; the collapse of civic life only encourages more lying, cheating, and stealing. Lacking faith in one another, they fall back on themselves and their families.

The structure of the Greek economy is collectivist, but the country, in spirit, is the opposite of a collective. Its real structure is every man for himself. Into this system investors had poured hundreds of billions of dollars. And the credit boom had pushed the country over the edge, into total moral collapse.

The Vatopaidi monastery, along with 19 others, was built in the 10th century on a 37-mile-long-by-6-mile-wide peninsula in northeast Greece, called Mount Athos. Mount Athos now is severed from the mainland by a long fence, and so the only way onto it is by boat, which gives the peninsula the flavor of an island. And on this island no women are allowed—no female animals of any kind, in fact, except for cats. The official history ascribes the ban to the desire of the church to honor the Virgin; the unofficial one to the problem of monks hitting on female visitors. The ban has stood for 1,000 years.

The ferry chugs for three hours along a rocky, wooded, but otherwise barren coastline, stopping along the way to drop monks and pilgrims and guest workers at other monasteries. The sight of the first one just takes my breath away. It’s not a building but a spectacle: it’s as if someone had taken Assisi or Todi or one of the other old central-Italian hill towns and plopped it down on the beach, in the middle of nowhere. Unless you know what to expect on Mount Athos—it has been regarded by the Eastern Orthodox Church for more than a millennium as the holiest place on earth, and it enjoyed for much of that time a symbiotic relationship with Byzantine emperors—these places come as a shock. There’s nothing modest about them; they are grand and complicated and ornate and obviously in some sort of competition with one another. In the old days, pirates routinely plundered them, and you can see why: it would be almost shameful not to, for a pirate.

Otherwise the experience was sensational, to be recommended to anyone looking for a taste of 10th-century life. Beneath titanic polished golden chandeliers, and surrounded by freshly cleaned icons, the monks sang; the monks chanted; the monks vanished behind screens to utter strange incantations; the monks shook what sounded like sleigh bells; the monks floated by waving thuribles, leaving in their wake smoke and the ancient odor of incense. Every word that was said and sung and chanted was Biblical Greek (it seemed to have something to do with Jesus Christ), but I nodded right along anyway. I stood when they stood, and sat when they sat: up and down we went like pogos, for hours. The effect of the whole thing was heightened by the monks’ magnificently wild beards. Even when left to nature, beards do not all grow in the same way. There are types: the hopelessly porous mass of fuzz; the Osama bin Laden/Assyrian-king trowel; the Karl Marx bird’s nest. A surprising number of the monks resembled the Most Interesting Man in the World from the Dos Equis commercial. (“His beard alone has experienced more than a lesser man’s entire body.”)

For most of the 1980s and 1990s, Greek interest rates had run a full 10 percent higher than German ones, as Greeks were regarded as far less likely to repay a loan. There was no consumer credit in Greece: Greeks didn’t have credit cards. Greeks didn’t usually have mortgage loans either.

But this question of whether Greece will repay its debts is really a question of whether Greece will change its culture, and that will happen only if Greeks want to change. I am told 50 times if I am told once that what Greeks care about is “justice” and what really boils the Greek blood is the feeling of unfairness. Obviously this distinguishes them from no human being on the planet, and ignores what’s interesting: exactly what a Greek finds unfair. It’s clearly not the corruption of their political system. It’s not cheating on their taxes, or taking small bribes in their service to the state. No: what bothers them is when some outside party—someone clearly different from themselves, with motives apart from narrow and easily understood self-interest—comes in and exploits the corruption of their system.

The widespread corruption at the heart of Greek culture Read More »

How the Greek cell phone network was compromised

business, politics, security, tech in changing society / /

From Vassilis Prevelakis and Diomidis Spinellis’ “The Athens Affair” (IEEE Spectrum: July 2007):

On 9 March 2005, a 38-year-old Greek electrical engineer named Costas Tsalikidis was found hanged in his Athens loft apartment, an apparent suicide. It would prove to be merely the first public news of a scandal that would roil Greece for months.

The next day, the prime minister of Greece was told that his cellphone was being bugged, as were those of the mayor of Athens and at least 100 other high-ranking dignitaries, including an employee of the U.S. embassy.

The victims were customers of Athens-based Vodafone-Panafon, generally known as Vodafone Greece, the country’s largest cellular service provider; Tsalikidis was in charge of network planning at the company.

We now know that the illegally implanted software, which was eventually found in a total of four of Vodafone’s Greek switches, created parallel streams of digitized voice for the tapped phone calls. One stream was the ordinary one, between the two calling parties. The other stream, an exact copy, was directed to other cellphones, allowing the tappers to listen in on the conversations on the cellphones, and probably also to record them. The software also routed location and other information about those phone calls to these shadow handsets via automated text messages.

The day after Tsalikidis’s body was discovered, CEO Koronias met with the director of the Greek prime minister’s political office. Yiannis Angelou, and the minister of public order, Giorgos Voulgarakis. Koronias told them that rogue software used the lawful wiretapping mechanisms of Vodafone’s digital switches to tap about 100 phones and handed over a list of bugged numbers. Besides the prime minister and his wife, phones belonging to the ministers of national defense, foreign affairs, and justice, the mayor of Athens, and the Greek European Union commissioner were all compromised. Others belonged to members of civil rights organizations, peace activists, and antiglobalization groups; senior staff at the ministries of National Defense, Public Order, Merchant Marine, and Foreign Affairs; the New Democracy ruling party; the Hellenic Navy general staff; and a Greek-American employee at the United States Embassy in Athens.

First, consider how a phone call, yours or a prime minister’s, gets completed. Long before you dial a number on your handset, your cellphone has been communicating with nearby cellular base stations. One of those stations, usually the nearest, has agreed to be the intermediary between your phone and the network as a whole. Your telephone handset converts your words into a stream of digital data that is sent to a transceiver at the base station.

The base station’s activities are governed by a base station controller, a special-purpose computer within the station that allocates radio channels and helps coordinate handovers between the transceivers under its control.

This controller in turn communicates with a mobile switching center that takes phone calls and connects them to call recipients within the same switching center, other switching centers within the company, or special exchanges that act as gateways to foreign networks, routing calls to other telephone networks (mobile or landline). The mobile switching centers are particularly important to the Athens affair because they hosted the rogue phone-tapping software, and it is there that the eavesdropping originated. They were the logical choice, because they are at the heart of the network; the intruders needed to take over only a few of them in order to carry out their attack.

Both the base station controllers and the switching centers are built around a large computer, known as a switch, capable of creating a dedicated communications path between a phone within its network and, in principle, any other phone in the world. Switches are holdovers from the 1970s, an era when powerful computers filled rooms and were built around proprietary hardware and software. Though these computers are smaller nowadays, the system’s basic architecture remains largely unchanged.

Like most phone companies, Vodafone Greece uses the same kind of computer for both its mobile switching centers and its base station controllers—Ericsson’s AXE line of switches. A central processor coordinates the switch’s operations and directs the switch to set up a speech or data path from one phone to another and then routes a call through it. Logs of network activity and billing records are stored on disk by a separate unit, called a management processor.

The key to understanding the hack at the heart of the Athens affair is knowing how the Ericsson AXE allows lawful intercepts—what are popularly called “wiretaps.” Though the details differ from country to country, in Greece, as in most places, the process starts when a law enforcement official goes to a court and obtains a warrant, which is then presented to the phone company whose customer is to be tapped.

Nowadays, all wiretaps are carried out at the central office. In AXE exchanges a remote-control equipment subsystem, or RES, carries out the phone tap by monitoring the speech and data streams of switched calls. It is a software subsystem typically used for setting up wiretaps, which only law officers are supposed to have access to. When the wiretapped phone makes a call, the RES copies the conversation into a second data stream and diverts that copy to a phone line used by law enforcement officials.

Ericsson optionally provides an interception management system (IMS), through which lawful call intercepts are set up and managed. When a court order is presented to the phone company, its operators initiate an intercept by filling out a dialog box in the IMS software. The optional IMS in the operator interface and the RES in the exchange each contain a list of wiretaps: wiretap requests in the case of the IMS, actual taps in the RES. Only IMS-initiated wiretaps should be active in the RES, so a wiretap in the RES without a request for a tap in the IMS is a pretty good indicator that an unauthorized tap has occurred. An audit procedure can be used to find any discrepancies between them.

It took guile and some serious programming chops to manipulate the lawful call-intercept functions in Vodafone’s mobile switching centers. The intruders’ task was particularly complicated because they needed to install and operate the wiretapping software on the exchanges without being detected by Vodafone or Ericsson system administrators. From time to time the intruders needed access to the rogue software to update the lists of monitored numbers and shadow phones. These activities had to be kept off all logs, while the software itself had to be invisible to the system administrators conducting routine maintenance activities. The intruders achieved all these objectives.

The challenge faced by the intruders was to use the RES’s capabilities to duplicate and divert the bits of a call stream without using the dialog-box interface to the IMS, which would create auditable logs of their activities. The intruders pulled this off by installing a series of patches to 29 separate blocks of code, according to Ericsson officials who testified before the Greek parliamentary committee that investigated the wiretaps. This rogue software modified the central processor’s software to directly initiate a wiretap, using the RES’s capabilities. Best of all, for them, the taps were not visible to the operators, because the IMS and its user interface weren’t used.

The full version of the software would have recorded the phone numbers being tapped in an official registry within the exchange. And, as we noted, an audit could then find a discrepancy between the numbers monitored by the exchange and the warrants active in the IMS. But the rogue software bypassed the IMS. Instead, it cleverly stored the bugged numbers in two data areas that were part of the rogue software’s own memory space, which was within the switch’s memory but isolated and not made known to the rest of the switch.

That by itself put the rogue software a long way toward escaping detection. But the perpetrators hid their own tracks in a number of other ways as well. There were a variety of circumstances by which Vodafone technicians could have discovered the alterations to the AXE’s software blocks. For example, they could have taken a listing of all the blocks, which would show all the active processes running within the AXE—similar to the task manager output in Microsoft Windows or the process status (ps) output in Unix. They then would have seen that some processes were active, though they shouldn’t have been. But the rogue software apparently modified the commands that list the active blocks in a way that omitted certain blocks—the ones that related to intercepts—from any such listing.

In addition, the rogue software might have been discovered during a software upgrade or even when Vodafone technicians installed a minor patch. It is standard practice in the telecommunications industry for technicians to verify the existing block contents before performing an upgrade or patch. We don’t know why the rogue software was not detected in this way, but we suspect that the software also modified the operation of the command used to print the checksums—codes that create a kind of signature against which the integrity of the existing blocks can be validated. One way or another, the blocks appeared unaltered to the operators.

Finally, the software included a back door to allow the perpetrators to control it in the future. This, too, was cleverly constructed to avoid detection. A report by the Hellenic Authority for the Information and Communication Security and Privacy (the Greek abbreviation is ADAE) indicates that the rogue software modified the exchange’s command parser—a routine that accepts commands from a person with system administrator status—so that innocuous commands followed by six spaces would deactivate the exchange’s transaction log and the alarm associated with its deactivation, and allow the execution of commands associated with the lawful interception subsystem. In effect, it was a signal to allow operations associated with the wiretaps but leave no trace of them. It also added a new user name and password to the system, which could be used to obtain access to the exchange.

…Security experts have also discovered other rootkits for general-purpose operating systems, such as Linux, Windows, and Solaris, but to our knowledge this is the first time a rootkit has been observed on a special-purpose system, in this case an Ericsson telephone switch.

So the investigators painstakingly reconstructed an approximation of the original PLEX source files that the intruders developed. It turned out to be the equivalent of about 6500 lines of code, a surprisingly substantial piece of software.

How the Greek cell phone network was compromised Read More »