Slashdot Mirror

← Back to Stories (view on slashdot.org)

Snooping on VOIP

Posted by michael on from the nothing-better-to-do dept.

EvilAlien writes "SecurityFocus is running an article on a joint Justice Department and FBI filing to the FCC which asks for broader communications interception powers: FBI seeks Internet telephony surveillance. The move is very similar to the Lawful Access Consultation launched by the Canadian Government in August 2002. Both initatives discuss technological challenges and fears of communication "safe havens" for criminals on broadband services such as Internet, VoIP, and wireless services. Holes in existing legislation, such as Communications Assistance for Law Enforcement Act (CALEA), can provide unintended exclusions for services such as Free World Dialup."

9 of 141 comments (clear)

  1. Encryption? by byolinux · · Score: 3, Interesting

    What's the encryption like on VOIP? Would something like PGP be possible?

    --
    Join the Free Software Foundation
    1. Re:Encryption? by Max+Romantschuk · · Score: 5, Interesting

      What's the encryption like on VOIP? Would something like PGP be possible?

      In theory, the following applies... in practice I have no idea :)

      Since VOIP is transferred in IP packets and packets can be encrypted encryption should be possible.

      Since PGP is public key encryption and this is fairly standard there shouldn't be any problems there either.

      The real issue is that whatever the solution it has to be part of the standard... otherwise it's pretty meaningless, unless your dodgy friend also has a custom encryption solution, and then I guess one could tunnel VOIP through an SSH tunnel just as well.

      I suspect that VOIP technologies have incorporated encryption, but I'm not educated on the subject. Would someone care to fill in?

      --
      .: Max Romantschuk :: http://max.romantschuk.fi/
    2. Re:Encryption? by jackb_guppy · · Score: 3, Interesting

      Since it is packets.

      You can direct it though VPN or SSH tunnels to add another layer of encryption.

  2. What would they do if.. by 3.5+stripes · · Score: 4, Interesting

    people used ssh to tunnel their calls (assuming it's possible), or made calls over VPNs?

    --


    He tried to kill me with a forklift!
  3. And non-criminals by truthsearch · · Score: 2, Interesting

    "safe havens" for criminals

    Us non-criminals can't have a safe haven either? Thanks.

    --
    Developers: We can use your help.
  4. Remember when ... by wytcld · · Score: 2, Interesting

    Remember when we used to have sigs that included keywords that were designed to attract the attention of spooks using Echelon to monitor e-mail traffic? Well, we can easily add recorded voice clips to the end of our VOIP calls to similar effect. Go to the library, check out a book of war poetry, and start recording those keyword-rich sound bites. Or select passages from Gravity's Rainbow.

    Hmm, we could put this stuff on our answering machines too. As a way of supporting America's martial spirit, of course.

    --
    "with their freedom lost all virtue lose" - Milton
  5. Re:Free World Dialup? by rixster · · Score: 2, Interesting

    I use vonage as well. I live in the UK and my SO in NY. I get unlimited international (i.e. UK US) calling for 30 usd a month. Plus she can call me for the "cost" of a local phone call and the line is nothing short of excellent quality. OK - a few times they've had problems, but in the space of around 8 months I can only think of 2-3 times this has happened. It is definitely a fantastic server. (recommend me and get 40 USD free!!)

    --
    Two wrongs may not make a right, but three ....
  6. If you're interested... by GeorgeH · · Score: 3, Interesting

    You too can listen in to VOIP with voice over misconfigured internet telephones or vomit for short. It only works for Cisco IP phones, but I hear that this Cisco company may become a medium to large business in the networking industry.

    --
    Why can't I moderate something "Wrong" or at least "Grossly Misinformed"?
  7. Re:P2P VOIP? by jmagar.com · · Score: 2, Interesting

    VoIP is Point to Point already for on net calls. If you leave to the POTS them you are working with a media gateway in the middle.

    CALEA works on the call manager. Heres a quick and dirty run down:
    1)You pick up the phone
    2)the MTA (you IP phone) sends an off hook to the call manager
    3) the call manager send back dial tone.
    4) you dial
    5) the call manager hunts for a route either on net of to the SS7 network
    6a) if on net the call manager send ring to other MTA
    6b) if off net call manager send ring over SS7 (POTS)
    7) other end picks up
    8) call manager receives other end off hook
    9) call manager connects the call by sending directly to the other MTA (on net) of the media gateway (POTS)

    CALEA is implemented on the call manager by controling the MTA that is being "bugged" by forcing the call through a media gateway with recording capabilities, or by forking the stream and connecting an additional endpoint to the call.

    How do you beat it? First off you need to be able to tell the difference of end point so snooping the SIP (session initiation protocol) and watching for a change in MTA endpoint. If you know the other parties IP and you are going somewhere else then you are probably being bugged.

    The other way, is to build your own Call Manager. The SIP protocol is not too complex, and if you don't want to do funky telco stuff like call waiting... then a bare bones connection manager shouldn't be too tough. Your call manager would only work for on net calls, but I think you've already decided that P2P is what you wanted in the first place.

    --
    www.jmagar.com
    -