VoIP Wiretapping

pisqon writes "VoIP News has an article discussing a U.S. government decision that will extend wiretapping regulations to the Internet. From the article: 'The Federal Communications Commission voted 5-0 last week to prohibit businesses from offering broadband or Internet phone service unless they provide police with backdoors for wiretapping access. Formal regulations are expected by early next year.'" Update: 03/28 04:52 GMT by Z : As several readers have pointed out, this story is a mite out of date. Good conversation in the comments, though.

Who is approving these?

[Fudge.Org]

Date: August 9, 2004

Why is this "news"?

Re:netmeeting

[PedanticSpellingTrol]

That's what the Justice Department was asking for, but the FCC ruled that the wiretap laws only apply to systems that interface with the PSTN.

For now....

Re:Uhh, VoIP is digital

[paul248]

We have Vonage at home, and I know that it's definitely not encrypted. I've played with using Ethereal to record a conversation, and it's able to decode the RTP streams into plain audio files, one for each direction. So, all you need to wiretap Vonage is a computer sitting between the source and destination.

Boring!!!

[ImaLamer]

It's already been done... /joking

Re:Only makes sense

[nmb3000]

How can wiretaps even be remotely useful anymore?

Very simple. Phones are still very widely used and as others have pointed out, wiretaps often still provide evidence to be used in a trial. Preventing VoIP phones from being able to be tapped is just inhibiting our ability to prosecute criminals effectively.

Just because there are other, better ways to communicate secretly, it certainly doesn't mean your average theif, drug dealer, income tax evader, or whatever uses them. Phones are easily accessible, cheap, a very large majority of people have them. Obviously they are an ideal and often the first thought of way to communicate.

With a warrant they can...

[Kjella]

They can't open personal letters, can they?

Sure they can. A warrant is a temporary suspension of your normal rights, after having proven reasonable suspicion to a court of law. If you're going to quote me the amendment, it is unlawful search and seizure. As long as they go through the proper channels, they can know what toothpaste you use, and how many condoms are left in your bedroom drawer. [Bad geek joke] For anyone here, that means all of them [/joke]

Kjella

End-to-End Protocols, Man-In-The-Middle providers

[billstewart]

Most VOIP protocols, like most P2P file-sharing programs and many Instant Messaging systems, use some kind of centralized directory server to handle database lookups and initial connection messages, and end-to-end connections directly between the end users to carry the actual conversation. For VOIP-to-telco gateways, wiretapping is easy, because you can do it at the telco end and just add some database support.

For pure IP telephony, though, the obvious way to wiretap is to tweak the call setup, so instead of the voice channel going from Alice to Bob, there are two voice channels, from Alice-to-KGB and KGB-to-Bob. Even if there's end-to-end encryption on the voice channel (which is sadly lacking in too many implementations), that doesn't stop the wiretap from working, because the KGB is an endpoint and has the key. If you have an adequate public key infrastructure, you can prevent this by authenticating the call setup messages. But if you don't have that, you're toast; in some cases you can use SSH-like "remember the signature key they used last time" protocols, or you can read your Diffie-Hellman authentication message over the phone if you recognize the other person's voice, but for tricks like that, your VOIP software needs to give you visibility into and ideally control over that process.

So regulatable VOIP service providers, who handle the database lookup portion of calls in countries with wiretap-greedy spooks, may be forced to pay extra to develop wiretap-friendly control software. An intermediate step, which the FBI has been all too successfull in getting US regulators to approve, is to get visibility into the call setup process, similar to old-fashioned pen registers, so they at least know who's talking to whom, and can often get that from the telcos without a formal warrant, using some less-stringent process like an administrative subpoena, and often with gag orders forbidding the telco to tell the wiretap victim.

That's a big problem with closed applications such as Skype, by the way - even if they use some good crypto algorithms, which they say they do, you can't tell what they're doing with them, and whether they're leaking authentication information. (Too bad, because they're a non-US provider who might be harder to bully, at least if they build some corporate separation between their software developers and their VOIP-to-Telco service providers, which I'm not sure if they have.)

Asterisk is open-source, which has the advantage that you can see if something like that is built in, and also has the advantage that it's usually operated by end-users, not by service providers. The SIP protocol family is designed to support proxies and indirection which are useful in building services where some bits are managed by one entity and some by another, e.g. PBXs at both ends, a directory service provider or two in the middle, maybe some voicemail providers or conferencing servers or whatever - it's a big step up from the old H.323 protocols, which pretty much required building closed systems.

Re:netmeeting

[Whyte]

Depending on the circumstances, DoJ can always apply for a FISA pen trap and trace warrant. Due to FISA changes by the non-sunsetting sections of Title 2 of the USA PATRIOT Act, the procedural differences between PSTN and "other" communications mediums have pretty much disappeared entirely. Even content warrants under FISA can avail themselves of these changes (which is scary seeing as how what electronic content actually is isn't well defined in law).

Re:Only makes sense

[Atzanteol]

That only makes sense if you believe that unrestricted monitoring of private communications between U.S. citizens is legitimate.

Then it's a good thing that we don't. Read up.

Bill of Rights, Crypto Communication Tools

[QuietRiot]

US Bill of Rights

[ Amendment IV ]
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

Want to read my stuff? Go ahead and crack it - no warrant necessary.

Get the rabbit installed on a machine behind your firewall
==> http://freenet.sourceforge.net/
Faster than freenet
==> http://www.i2p.net/
Encrypt Jabber
==> http://www.vanemery.com/Linux/Jabber/jabberd.html
Onion Routing
==> http://tor.eff.org/
Emerging Network To Reduce Orwellian Potency Yield
==> http://entropy.stop1984.com/
Free Internet telephony
==> http://skype.com/
GNU-ified P2p
==> http://www.gnu.org/software/gnunet/


DO NOT DENY yourself about 2 hours @ InfoAnarchy.org
OMG! ==> http://www.infoanarchy.org/wiki/index.php/Main_Pag e
LearnLearnLearnLearn ==> http://en.wikipedia.org/wiki/Cryptography

=================EMAIL ENCRYPTION===============
GPG (Free PGP)
==> http://gnupg.org/
Integrated with Thunderbird
==> http://enigmail.mozdev.org/
Mutt can't be beat as a mailreader and integrates GPG wonderfully.
==> http://mutt.blackfish.org.uk/
==> http://www.mutt.org/links.html
==> http://wiki.mutt.org/index.cgi?UserPages

!!! Please do not immediately send newly created keys to the keyservers (as many HOWTOs instruct new users to). They are already overflowing with "test keys" and other people's experiments from over the years THAT HAVE NO EXPIRATION and will never be deleted. These keys are "orphans" and most will never be used. As keyservers sync together, and most keys are never deleted once submitted - GET YOUR KEY SETUP CORRECTLY AND HAVE PRACTICE WITH IT BEFORE SENDING IT OFF TO THE KEYSERVERS!!! Otherwise storage requirements will continue to grow and using these in the future will become more difficult FOR ALL. Please, if you are just starting out with PGP or GPG or GnuPG or anything similar (the last two are in fact the same thing) use manual key distribution to begin (ascii armor your public key with

$ gpg --export --armor my@email.address.org

and copy and paste it into an email body or attach it to an email

$ gpg --export --armor my@email.address.org > myPubKey.txt

to gain practice with GPG before uploading your key. This way if you need to create another you won't have uploaded your mistakes. Many choices need to be made and it's worth getting things right before "going public" with your new digital ID. Experiment with yourself and a few different email accounts or with some friends first.)

SET AN EXPIRATION OF 2-5 YEARS OR SO AND MAKE SURE YOU HAVE YOUR PREFERENCES THE WAY YOU LIKE THEM BEFORE SENDING TO A KEYSERVER! Better yet is to HOST YOUR KEY ON YOUR WEBSITE (or try using http://biglumber.com/ instead to host your key and help c

Re:Uhh, VoIP is digital

[digitalchinky]

Monitoring most voice and data communications has always involved capturing two individual pathways. (Radio signals, trunk lines, etc, etc.)

Often networking or geography prevent monitoring both sides by a single entity - more commonly the reply path is monitored by a remote site on the other side of the country/globe and matched back up after a short delay.

If fabrication were to occur (and I'm sure it has) then it wont be a new thing with VoXX, which itself has been around for a couple of decades now.