VoIP Security

An anonymous reader writes "Whitedust are running an interesting article on the security aspects of VoIP. From the article: "The fact that VoIP operates across standard networks makes it vulnerable to all manner of IP hacking - including man in the middle attacks,sniffing, session hijacking, etc." Considering it's recent growth, how secure is VoIP?" PCM2 sent us a wired bit about Phil Zimmerman of PGP working on a privacy system for Voice over IP calling

The Dumbing-Down of America...part XXVII

[TripMaster+Monkey]

From TFA:

is an umbrella term used forthesoftware
some more introductionary information
Considerating the stability and reliability of the tradional telephony networks
so it's roll out is most likely inevidable.
particular relevence to most
VoIP and it's implementation.

And all these errors are in just the introduction.

Now, I don't expect perfection, but the sheer amount of errors present here is beyond the pale, and renders the reader incapable of trusting the subject matter presented, or taking the author seriously.

Mr. Anderson, about 98% of the errors in your article could have been avoided by the use of a simple spell-checker. Nowadays, people don't actually need to know how to spell, as we have software to do that for us...but you have to actually use the software.

Re:The Dumbing-Down of America...part XXVII

[ginotech]

hey, at least he's not writing it in 1337.

Re:The Dumbing-Down of America...part XXVII

introductionary = a dictionary of introductions

Re:The Dumbing-Down of America...part XXVII

Wow, who knew Bush wrote for Whitedust under the pseudonym "Mark Anderson"? Pity he couldn't mask his spelling as well as his identity.

Re:The Dumbing-Down of America...part XXVII

Perhaps he meant "interdictionary"?

Re:The Dumbing-Down of America...part XXVII

[Lifewish]

I note that the AC who submitted the story also abuses the apostrophe. Same person maybe?

Re:The Dumbing-Down of America...part XXVII

If your spell checker picks these up, I'll be impressed.

"VLANs can of course, also affect call quality especially across the open internet."

VLANS / accross the open internet ...

take control of telecom truck lines

a single trunk line is [..] dedicated [..] provides a very high degree of resilience.

nope, this is what makes the resillience difficult. Redundancy works despite this rather than because of it.

VoIP traffic, on the other hand, must pass through (in most cases) several different networks controlled by several distinct organizations.

How many organisations in an international call from Australia to Austria, do you think?? That's right, it's all done by "Ma Bell" just like all the other calls in the world.

Re:The Dumbing-Down of America...part XXVII

Withal, goode sire, an he bee writing in 1337, this spele-checker of which you rite be but six longge centyries hence. (Yet it mattereth not, for onely the monkes can rede or rite, and each monke speleth differently from hymmself.)

Re:The Dumbing-Down of America...part XXVII

[brianjcain]

Now, I don't expect perfection, but the sheer amount of errors present here is beyond the pale, and renders the reader incapable of trusting the subject matter presented, or taking the author seriously.

I can't tell if you're joking, but I find it a little ironic that you used "amount" where "number" is more appropriate (you can't have a partial error).

Re:The Dumbing-Down of America...part XXVII

[Calyth]

Perhaps he was thinking the article would be more secure by using illegibility through obfuscation...

Re:The Dumbing-Down of America...part XXVII

How come this one gets +2, and the immediately preceding one gets -1 ???

Re:The Dumbing-Down of America...part XXVII

[Penguin+Programmer]

"but the sheer amount of errors"

It is best, when correcting an article's spelling, not to make grammatical errors yourself.

"The sheer number of errors" would be correct, as errors are counted not measured.

Re:The Dumbing-Down of America...part XXVII

[Programmer_In_Traini]

As a bilingual french guy, I often have to write in english. I'm sure just about anything I write in english has errors in it but that doesn't mean I don't know what I'm talking about, it only means I lack the syntaxical and grammatical knowledge to write it properly in english.

I think it is not correct that you discredit the author about the seriousness of his article. After all, from what i can see, most mistakes in there are the usual typos and common mistake from those having english as their second/third/fourth language.

This doesn't excuse the fact the he didn't use a spellchecker but i certainly dont think it (and i quote) renders the reader incapable of trusting the subject matter presented.

Re:The Dumbing-Down of America...part XXVII

I think he stole his introduction from some alt.warez newsgroup. Here is the original.

iZ @N UmBr3lL@ 73rm u$3D f0r 7h3 50f7w@r3
50m3 MoRe iN7R0DuC7I0N@Ry inf0rm@7i0n
C0n5id3r@7ing 7h3 57@bili7y @nD r3li@bili7y 0F tHe 7R@Di0n@l TeLePhOnY n37w0rk5
50 i7'5 r0lL 0u7 iZ m057 LiK3Ly In3vId@bL3.
p@r7iCuL@R r3l3v3nC3 70 m057
V0IP @nd It'S iMpL3M3N7@7I0N.

Obviously he is a white hat so there were some mistakes.

Re:The Dumbing-Down of America...part XXVII

[SCVirus]

Now, I don't expect perfection,
liar.

Re:The Dumbing-Down of America...part XXVII

[Shanep]

I can't tell if you're joking, but I find it a little ironic that you used "amount" where "number" is more appropriate (you can't have a partial error).

amount (-mount') pronunciation
n.

      1. The total of two or more quantities; the aggregate.
      2. A number; a sum.
      3. A principal plus its interest, as in a loan.
      4. The full effect or meaning; import.
      5. Quantity: a great amount of intelligence.

I don't find that use of "amount" to be uncommon.

Re:The Dumbing-Down of America...part XXVII

Looks like they have fixed many of the problems with the article now. If you read the comments on the Whitedust site they claim that it was largely some kind of parsing rendering error; which given the fact that many of the words were together in groups of three seems to make sense.

They shoulda' checked it but a mistake is a mistake, I find it typical that a lot of readers just leap on such mistakes; it's like the Slashdot trolls have nothing better to do than have a go at peoples SPAG.

There is more to life...

Re:The Dumbing-Down of America...part XXVII

[brianjcain]

If you can think of a case where errors would be something that you can divide up, such that you might end up with five eighths of an error, then I'll withdraw my statement. Otherwise, you're wrong: it's improper English.

I don't find that use of "amount" to be uncommon.

Unfortunately, that's the problem.

Re:The Dumbing-Down of America...part XXVII

[Shanep]

If you can think of a case where errors would be something that you can divide up, such that you might end up with five eighths of an error, then I'll withdraw my statement. Otherwise, you're wrong: it's improper English.

Actually, I can. I worked with analogue computers with mostly US Navy documentation. With those and generically in measurement, there is a component, which is in error. An amount of error, which would have to remain within a certain tolerance to provide an acceptable signal or measurement. The error in that case is an amount. "The amount of error involved should be within acceptable limits".

Interesting page by the way.

Gentoo??

I use Gentoo; how does this affect me?

Re:Gentoo??

RTFM you GD n00b.

-Debian support

Man in the middle.

[matt21811]

I have never worried about man in the middle attacks on the internet. To be successful, it requires very good access to my ISP or the backbone carrier's network which is hard to do. Even if they can get that access all they can do is listen to my calls, have a chat with me and the other person or maybe hang up the call. Any attacker listening to my calls is going to get very bored very quickly. If they do the later two, it could cause them to get caught because I'll complain about the problem.

The only security problem I see is if the attacker can learn information that lets him make calls billed to my account. This becomes the VOIP vendors problem anyway. When I notice something wrong with the bill I'll do a chargeback on my credit card for the bill and simply change VOIP providers. If this happens a lot, the VOIP vendor will do something about their security problem.

Or am I missing something?

Re:Man in the middle.

[rednuhter]

and what about at the other end ?
If an attacker has access to a router beyond your isp/backbone but before the signals reciever then the contents can be subverted.
Admittedly, if all you do is argue about the sports scores then there is not much risk.
But if you were using VOIP as a transparent replacement to POTS (Plain Old Telephone Service) and were ordering a new car or dicussing your new pin number with the bank then things are quite different.

Re:Man in the middle.

[Tony+Hoyle]

If you're using VOIP as a transparent replacement to POTS there's no change.

POTS is wide open to MIM attacks.. in fact anyone with a cheap earpiece can do it - no need for a PC even.

Re:Man in the middle.

[matt21811]

"But if you were using VOIP as a transparent replacement to POTS (Plain Old Telephone Service) and were ordering a new car or dicussing your new pin number with the bank then things are quite different."

Even if bad people know I'm getting a new car or even know the PIN of my debit card, I'm still at low risk of a problem. Serious internet security problems have the symptoms that the attacker remains anonymous and often undetected until its too late and has virtually unlimited scale in implementing their crimes. Stealing individual debit cards has none of these features.

I'm not argueing against improved security for VOIP. I think it will come and be welcome. I'm just saying that its going to be a problem for the vendor more than it is for me.

Re:Man in the middle.

I don't worry about man-in-the-middle attacks either. I mean, what are the odds? And I'm not guilty of anything, so I don't have anything to YL#@^* ALL YOUR BASE ARE BEL@#W$^@##
  ***no carrier***

Re:Man in the middle.

[Shakrai]

POTS is wide open to MIM attacks.. in fact anyone with a cheap earpiece can do it - no need for a PC even.

Yeah because it's so much easier to pick the correct pair of wires out of several dozen or hundred on the local loop then it is to setup a router rule to capture VoIP packets.

Unless they are hanging off the pole outside your house (which would be rather brazen) I don't worry myself too much with MIM attacks on POTS. In fact unauthorized bugs on POTS can usually be detected fairly easy (they cause a voltage drop) if you are that paranoid about them.

Of course you can't do anything about central office taps (law enforcement) or the other end of the line -- but no matter which technology you use I don't think you can ever trust the remote end of the conversation to be secure.

Re:Man in the middle.

[ChrisF79]

Chargebacks are often a bad idea. When it is your word against theirs and the credit card company honors your word (its usually in their best interests to do so), often times the company will just turn you over to collections. That is horrible for personal credit, so sadly, you're often better off just paying the fees. Now, I can imagine if this were more than $100 or so, you'd have a problem on your hands. However, if it is one or two calls, you're likely put in a position where a chargeback isn't the answer.

Re:Man in the middle.

[suprchunk]

1. You don't have to "hanging off the pole outside" one's house to do this for POTS. 2. It is not hard to find a pair, they are twisted you know? Pick a pair and tap in. 3. Unless you were targeting one specific person, the above will work fine. Which would be the same way as trapping all kinds of VoIP packets anyway. You know Random. The article was dealing with security, and the security for both is the same. You would have to do the same for VoIP as you do for POTS if you want security. Harden the conduit, and encrypt and decrypt the message at the TX side and RX side.

Re:Man in the middle.

[Shakrai]

Unless you were targeting one specific person, the above will work fine

My whole point was that it's much harder to target one specific person with POTS then it is with VoIP. What's easier? Finding my pair or capturing packets from/bound for my IP address?

The article was dealing with security, and the security for both is the same. You would have to do the same for VoIP as you do for POTS if you want security. Harden the conduit, and encrypt and decrypt the message at the TX side and RX side.

And you still have the problem of the person at the other end who is on his speaker phone while the cubemate next door listens. Ultimately the only end of the line you know is secure is your end (POTS or VoIP) and this is all for highly paranoid people anyway.

As much as I am arguing against VoIP (and cell phones) security is not the reason why. I worry about more reliability and quality of service -- both of which seem to be lacking at this time.

Re:Man in the middle.

[SatanicPuppy]

The thing is, that person has to be physically out in the world, splicing himself into your line. Sure, it can be done, but the motivation needed to put someone to that kind of trouble is pretty intense.

Used to be that way with a lot of information crimes, but the internet makes them possible on a whole new scale. Imagine a mim attack that compromises a couple of major VoiP hops, and sorts out the calls to banks and creditcard companies based on phone number, or whatever. That can be automated now, so a guy who could have listened to 20 calls a night can now sort through thousands of calls an hour to find the one or two that are interesting.

All that being said, it's still a hell of a lot easier to steal that information some other way. Voice is a very inneficient medium for data.

Re:Man in the middle.

That doesn't square with my (admittedly limited) experience. If they unleash the collection agency, you dispute the "black mark" on your credit report. There's no impact on your credit score until the dispute is settled, and a lot of companies are not going to find it worthwhile to spend time and energy on a measly $20 charge. IME your credit can't just get "ruined" because of one disputed charge. A year ago, I charged back a sneaky $29.95 fee from a dot-com, and haven't seen anything from them since. Maybe the details depend on the state; I'm in California.

Chargebacks are a powerful - in some cases the only - weapon to fight back against unfair business practices and plain ol' fraud. I'm glad they exist and have no problem using them when someone tries to screw me.

Re:Man in the middle.

Or am I missing something?

Yep;

1. VoIP spam.

2. Training ground for both future black hats and tool kits.

Consider how email has gone to $#!T.

It started with curious people, moved on to black hats, from there viruses/trojans, ... and now organized crime. All from being able to send little messages passed back and forth.

Re:Man in the middle.

[...] with POTS then it is with VoIP.

Inie, minie, manie, moe. Thin, than, thun.

Re:Man in the middle.

[A_Known_Coward]

Of course, if that MITM attack were able to gather your IP username and password, they could make calls to East Timor at $2.45/min. That's $8,820 for a month's worth of calls at 2 hours/day.

Like you said, though, why do you care? It's the VoIP provider who will have to eat the charges. It's not like businesses actually pass on those charges to customers. ;)

Imagine is "VoIP zombie" boxes became as common and unpatched Windows boxes are today. That's millions of dollars a month in potential losses.

Maybe we should preempt that while the industry is still young by utilizing reliable encryption and standardizing security from major carriers down to the home brewers using Asterisk.

Re:Man in the middle.

[Mecha[drone]]

My whole point was that it's much harder to target one specific person with POTS then it is with VoIP. What's easier? Finding my pair or capturing packets from/bound for my IP address?
Umm, finding your pair is easier... Its in any wall jack, but that being said, its NOT your pair we are worried about, it someone elses (ie, someone without physical access to your house.) The equipment required to find a pair is much easier than the equipment necessary to find an IP address when you are talking about your local cross connect. As far as farther in goes, the problems are the same either way, there is some level of access needed, and some knowledge needed.

Re:Man in the middle.

[Afrosheen]

It's much, much easier than splicing into someone's line.

  Ever hear of an inductive amplifier? About $20 gets you one of these treats. You can walk up to someone's house and push the button on it once you find the phone line going into their home. Most phone lines are exposed on the exterior for at least a few feet. Anyone that's ever 'toned a line' knows what to do and how easy this is.

  Furthermore, with a lineman's test handset, you open a pedestal in the neighborhood and clip your alligator clips on your pair of choice. Make, take, or listen in on calls that way.

  The POTS phone system is by far the easiest thing to 'hack', ever. Physical access is all you need and depending on your bravery, you've got it all over the place.

Re:Man in the middle.

[SatanicPuppy]

Yea, but I'd still have to go to someones house, hope they don't have a dog, stumble around outside to find that bit of telephone wire that comes up out of the ground... What a pain in the ass. I'd have to be really into stalking someone to make that worthwhile.

But doing it from home, with a beer and a movie going in the background? Much easier.

Re:Man in the middle.

[Afrosheen]

Most of the time a dog isn't a concern. I installed cable modems before, and 90% of the homes I went to had the cable and telephone boxes within public reach on the side of the house, not buried in the back yard next to Cujo's doghouse.

Re:Man in the middle.

[That's+Unpossible!]

My whole point was that it's much harder to target one specific person with POTS then it is with VoIP. What's easier? Finding my pair or capturing packets from/bound for my IP address?

If you just have a person's name to go by, it's a hell of a lot easier to find out where they live (which doesn't change much) rather than what IP address they are currently connecting from.

Re:Man in the middle.

VoIP originally wasn't as vulnerable to man in the middle. A VoIP -> VoIP call was generally point to point, with the server just negotiating the call.

With the addition of POTS connectivity, and federal laws to enable wiretapping, this has changed.

But your call is typically encrypted. So it's about as big of a deal as SSL being vulnerable to man in the middle.

Re:Man in the middle.

Of course you can't do anything about central office taps (law enforcement) or the other end of the line -- but no matter which technology you use I don't think you can ever trust the remote end of the conversation to be secure.

Not true. There are special phones used to discuss classified information. I know very little about them, but I think they encrypt/decrypt in the phone and use standard POTS lines.

Never used one, probably never need to, but they do exist.

Re:Man in the middle.

[h4rm0ny]

There is one sense in which VOIP is much more secure than POTS and inherantly has to be, and that's in security from "Authority".

All POTs systems have wire-tapping built in for the Intelligence services and available to the police. There is next to nothing that can be done about that short of the telecoms joining the People's Revolution.

VOIP may not automatically be encrypted, but it's pretty easy to learn how and short of the NSA having some secret technology we don't know about, you can know that no-one is listening in unless they're bugging your house / cubicle / whatever.

Anyone who thinks their government has too much power, should realize that every additional encrypted VOIP stream out there is a little way of getting back.

Re:Man in the middle.

[Shakrai]

All POTs systems have wire-tapping built in for the Intelligence services and available to the police. There is next to nothing that can be done about that short of the telecoms joining the People's Revolution.

There's this thing called a judical branch. It issues other things called warrants. The bad guys (tm) need them before they can tap your phone line.

And if you think that an encrypted VoIP steam is secure from the government then you are deluding yourself. I wouldn't trust any encryption system short of a OTP up against the government. And as you pointed out they could merely bug your house instead.

Re:Man in the middle.

[Corpus_Callosum]

I have never worried about man in the middle attacks on the internet. To be successful, it requires very good access to my ISP or the backbone carrier's network which is hard to do. Even if they can get that access all they can do is listen to my calls, have a chat with me and the other person or maybe hang up the call. Any attacker listening to my calls is going to get very bored very quickly. If they do the later two, it could cause them to get caught because I'll complain about the problem.

The only security problem I see is if the attacker can learn information that lets him make calls billed to my account. This becomes the VOIP vendors problem anyway. When I notice something wrong with the bill I'll do a chargeback on my credit card for the bill and simply change VOIP providers. If this happens a lot, the VOIP vendor will do something about their security problem.

Or am I missing something?

Yes, you are missing something. If you want to experience man-in-the-middle attacks, stay at a cheap hotel that includes internet in a third-world country such as the philippines. In such places, you have pretty good odds that some form of organized crime has infultrated the hotel network and uses phishing scams to attempt to get your banking and other passwords. These attacks can be very sophisticated and can even include nameserver redirection that will reproduce banking front-ends without SSL for password retrieval - you won't even know it, because the moment the password is fetched, the *middle* will simply post those passwords and redirect you to the correct site. I have seen this firsthand.

These days, if you want to avoid such nonsense, you better be entering https://full-domain/ in your browser when you are on a network that has uncertain security.

Actually, it can be even worse than this (again, mostly in third-world countries where large scale systems have a higher risk of compromise). Again, in the Philippines, it is possible to call your bank from a hotel phone (or even your cellphone) and end up speaking with a fake call-center that is acting as a live man-in-the-middle. These sorts of things are very organized and very sophisticated. You are no-where near as safe as you think you are.

Be careful out there.

Re:Man in the middle.

[h4rm0ny]

Two things:

There's this thing called a judical branch. It issues other things called warrants. The bad guys (tm) need them before they can tap your phone line.

I never said that I was talking about security except where someone decides to secretly remove it. I was talking about security full stop, even if the government doesn't approve of you having it. With VoIP, you can have security regardless of what the police think.

Furthermore, before you accuse me of deluding myself, you might want to bring yourself up to speed on how things work in the present day. There is an arrangement between the UK and the USA whereby the US agencies listen to our conversations and the UK listens to yours (assuming you to be in the US). This sidesteps US wiretapping laws. It is frequent, semi-automated and has nothing to do with judicial oversight.

And if you think that an encrypted VoIP steam is secure from the government then you are deluding yourself. I wouldn't trust any encryption system short of a OTP up against the government. And as you pointed out they could merely bug your house instead.

If the government can break a strong SSL tunnel, then they have a significant leap on the corporate world. Given how integrated government, business and academia are in the US, I'd be very surprised at that. The NSA approach to something like this is to throw very heavy computing power at it. This is feasible with basic public-private key enctyption, but they certainly don't have anything like the resources to sustain the mass monitoring they do at present, should encryption become more common. This problem is compounded with something like SSL where the encryption is generated on the fly for a one time use.

I didn't point out that anyone would "merely" bug your house, either. There are many instances where this would not be possible and the power to counter it is in your hands anyway, whereas there's not much you can do about a phone exchange. Phoning from multiple sites / PCs, or while travelling with Wireless or satellite, or from another country where bugging becomes a much bigger pain in the arse are just simple examples.

I repeat. VoIP offers you security against the entrenched authorities, POTS does not.

Re:Man in the middle.

[suprchunk]

What's easier? Finding my pair or capturing packets from/bound for my IP address?

Finding your pair is easier. At least for me it is. I only have to get a readily available list of numbers for an area and a pair count. Pop a manhole (or climb a pole for the breakout box), open a case and find your pair, tap in and listen away. Your pair never changes. VoIP I can do the same, unless you have broadband, then I have to figure out your IP address from hundreds(thousands?) then listen in. I don't like VoIP, but it is picking up steam and I worked with a guy that always proposed this as a way for communicating. Guess he knew it would pick up, but that does not mean it is better.

Re:Man in the middle.

[Shakrai]

I repeat. VoIP offers you security against the entrenched authorities, POTS does not.

If your tinfoil hat is that large then I suggest you give up the computer and move to the woods and live off the grid.

That said, there's no reason why (if you are paranoid) that you can't encrypt a conversation on POTS either. The Government has had the technology to do it for years.

Re:Man in the middle.

[alexxw]

Fortunately you can't just 'pick a pair' because all modern telephone wires are optical fibres for three main reasons 1.They carry the signal much further without amplification needed 2.They can carry information for hundreds of calls each and 3. Have you ever tried 'tapping into' an optical fibre?

Re:Man in the middle.

i'm working at your isp. matt.

Re:Man in the middle.

[cg]

They are not neccessarily twisted pairs, and not color coded.

Look at an old 25 pair line in the middle of the run and tell me which one has your number on it.

Re:Man in the middle.

[suprchunk]

by old do you mean lead cable???

Re:Man in the middle.

[suprchunk]

Yes I have. And it works. Although it would be a little more difficult to do it out in the field without causing at least some sort of damage to the rest of the fiber "wires".

Re:Man in the middle.

[jesup]

a) they can trivially break your VoIP security if they do a MITM attack, unless you have a functioning PKI (that you can verify), or you trust a central authority (and can you?) Yes, you exchange keys with them, but who is "them"? The original Zimmerman PGPhone used user-read english words to verify that the keys used for the session were the keys each side thought were in use, thus in theory detecting MITM attacks. That's not directly part of any modern VoIP security. Check the cert/keying stuff for SIP used to choose keys for SRTP. To do it securely at all, you need a functioning PKI or a TLS connection to the SIP server - and you need to trust that TLS connection and that SIP server.

Ditto for SSL - you accept the certificate because it's signed by Verisign and it says they are who they say they are. In theory, you can examine it and verify if out-of-band, but no one does. I'd be shocked if the NSA didn't have the ability to "sign" certs as Verisign and so institute a MITM attack on someone thinking an SSL connection is sacrosanct.

b) You can encrypt audio in POTS phone calls. The HW for it isn't trivially available, but it's certainly doable. I had friends who made virtually uncrackable digital audio telephone scramblers back in 1983ish at RPI, and tried to start a company to sell them.

c) CALEA - the VoIP provider is being required to allow tapping of calls. Currently that's targetting calls that go through their equipment aka POTS gateways.

Re:Man in the middle.

It's only harder if your domain of knowledge is greater in IP rather than POTS. Both are incredibly easy for knowledgeable people and very difficult for others. Just consider that most people wouldn't be a target anyway because most of what they say on the phone is boring.

Also, finding modern tapping devices on a line is virtually impossible except by physical inspection. Line quality, particularly in older and densely populated areas, is far from ideal.

Re:Man in the middle.

[Shanep]

Yeah because it's so much easier to pick the correct pair of wires out of several dozen or hundred on the local loop then it is to setup a router rule to capture VoIP packets.

If you are a man in the middle at a Telco, then you probably have the knowledge of what pair to listen to. That assumes someone who is specifically targetted. You could just be unlucky enough to be the one which is randomly listened to at the Telco.

Unless they are hanging off the pole outside your house (which would be rather brazen) I don't worry myself too much with MIM attacks on POTS. In fact unauthorized bugs on POTS can usually be detected fairly easy (they cause a voltage drop) if you are that paranoid about them.

A good powered tap can cause no measurable voltage drop, since they have extremely high input resistance.

Of course you can't do anything about central office taps (law enforcement) or the other end of the line -- but no matter which technology you use I don't think you can ever trust the remote end of the conversation to be secure.

I personally have suffered MIM from my Telco twice. I was in the middle of a conversation with a friend, telling him how crap the local Telco is which I worked for and someone joined in and abused me!

BTW, for someone who has worked at a Telco, choosing the right pair is trivial. Whether it is at the local telco or a junction box in the street or block of appartments.

Re:Man in the middle.

[alexxw]

Just out of interest how did you manage to receive the signal without disrupting the data flow and then single out a single conversation? I can't understand how this is possible

Re:Man in the middle.

[suprchunk]

There is an instrument you use that bends the single fiber. The microbend that it puts into the fiber does actually interrupt the flow, but barely. some of the light actually escapes from the bend instead of refracting as normal. While not perfect in the sense that the end user will continue receiving all of the information, it is mainly used to intercept all the data that would be sent, thereby allowing someone to "spy" on sensitive data that "enemies" are sending. The time we used it was quite awhile ago and very rudimentary, but did work. Technology might have improved on it since then, but I am no longer in the field and have little interest of returning to it.

Re:Man in the middle.

[h4rm0ny]

If your tinfoil hat is that large then I suggest you give up the computer and move to the woods and live off the grid.

Sorry if my rational arguement has driven you to retreat into strawmans. Tinfoil hat refers to absurdities - mind-control satellites, etc. I think the belief that the US and UK governments spy on people is somehow not quite in that category.

Re:Man in the middle.

[h4rm0ny]

First off, thank you for a much more informed rebuttal than the other one.

My more serious answer to your points are as follows:
a) they can trivially break your VoIP security if they do a MITM attack, unless you have a functioning PKI (that you can verify),

That's not an unlikely 'unless.' Exchanging public keys (or fingerprints, I should say) would be quite easy unless you are initiating a call with a complete stranger. Even if you haven't had a chance to swap details with your partner beforehand, you can always begin the conversation with "my fingerprint is ..."

Ditto for SSL - you accept the certificate because it's signed by Verisign and it says they are who they say they are

Ah, that's slightly different (authentication). I meant an SSL tunnel established using a href=http://en.wikipedia.org/wiki/Diffie-Hellman_k ey_exchange>Diffie-Hellman Key Exchange. With this technique, you are ruling out a man in the middle technique. The tunnel has only two ends. It doesn't establish who you're talking to if you don't know them, but you do know there's no-one in between.

b) You can encrypt audio in POTS phone calls. The HW for it isn't trivially available, but it's certainly doable. I had friends who made virtually uncrackable digital audio telephone scramblers back in 1983ish at RPI, and tried to start a company to sell them.

I know very little about this, though I've heard it has been done. Perhaps this is a way of making POTs nearer to the security level of VoIP. What happened to your friend, btw? Did he get anywhere with them?

CALEA - the VoIP provider is being required to allow tapping of calls. Currently that's targetting calls that go through their equipment aka POTS gateways.

Absolutely - and I'd be pretty certain that Skype already does. But that doesn't take away my ability to do it myself through any computer I own. I use OSS software to do this rather than Skype - I don't want the market to close with barriers to entry. Cost would increase and flexibility would decrease. The Skype business plan is to make a network closed to non-Skype VoIP users, much like Microsoft tries in other areas.

So, on the principle of the Bellman, I say for the third time, that VoIP is much more secure than POTs. ;)

Re:Man in the middle.

[jesup]

a) they can trivially break your VoIP security if they do a MITM attack, unless you have a functioning PKI (that you can verify),

That's not an unlikely 'unless.' Exchanging public keys (or fingerprints, I should say) would be quite easy unless you are initiating a call with a complete stranger. Even if you haven't had a chance to swap details with your partner beforehand, you can always begin the conversation with "my fingerprint is ..."

Telephones are often used for calling strangers. Also, this basically devolves to the original PGPhone security model - unless you have an out-of-band secure channel for exchanging certs, you can't easily avoid MITM attacks, except by a PGPhone-like "read off some words that authenticate the session key" trick. And who will do that at the start of every call? And that assumes the certs are visible and easily read off/verified, which normally they're not.

As for SSL tunnels, as I said, it depends on trusting Verisign (or whomever) to authenticate the other side. From the Diffie-Hellman wiki page you pointed to:

the Diffie-Hellman exchange by itself does not provide authentication of the parties, and is thus vulnerable to man in the middle attack.

As for encrypting POTS calls: take audio. digitize. Encrypt*. Translate back to audio (modem chipsets are fine). Send. At the other end, do the reverse. The issue is encryption and keys and key exchange, of course. My friends were using some fancy method to provide a pseudo-OTP and avoid having to do serious encryption in HW/SW in realtime (this was ~1983, remember). Never went anywhere, and some of them got paranoid after the "business" guy (perpetual student/MBA type) met with eastern european officials. MUCH easier to do today. Back then, even the modem chips I suggested would have been a stretch for doing full audio - 2400 baud was good back then.

As for CALEA, I suspect Skype does it for SkypeOut (or will, or rather their partners do/will). Regular Skype - perhaps not, but you have to trust them...

Hmm...

[gcnaddict]

Cant we just stick to regular telephones? I dont want my 911 call to be interrupted by a denial of service attack...

Re:Hmm...

[Shakrai]

Cant we just stick to regular telephones? I dont want my 911 call to be interrupted by a denial of service attack...

Indeed. I have spoken about this before. In fact from TFA:

Considerating the stability and reliability of the tradional telephony networks - a product of decades of work - it seems foolhardy to replace it.

I couldn't agree more! All the power to people who use VoIP or cell phones as a primary line. But anyone who completely abandons POTS at this point is jumping off the diving board with no idea of how deep the water is. POTS is damn near 100% reliable (short of drunk guy hitting pole outside your house), it survives power outages and I don't think it can be brought down by a buggy TV in your neighbors house. A friend of mine lost Roadrunner and TW's digitial phone service for two days because of a TV next door that was leaking RF onto the coax network.

More to the point, if these services are going to be sold as a replacement for your POTS line then they damn well ought to be regulated like your POTS line -- with requirements for reliability and appeals processes if you get hosed.

Re:Hmm...

[daviq]

I humbly agree because even though I like the idea of Voice over IP, it needs more development. Just remember when cellphones were new and alot of people died because 911 couldn't be reached by the cell phone.

Re:Hmm...

[Chaotic+Spyder]

Fair enough.. "if it aint broken don't fix it" but seriously.. how old are those phone wires that are laying in the ground??? The advantages of VoIP is amazing... the cost on Long Distance is ridiculous... POTS might not be broken.. but what happens when those wires do need to be replaced... i'm positive nobody is going to be jumping in and re-laying the wire..

Re:Hmm...

[Shakrai]

The advantages of VoIP is amazing... the cost on Long Distance is ridiculous... POTS might not be broken.. but what happens when those wires do need to be replaced... i'm positive nobody is going to be jumping in and re-laying the wire..

And exactly what kind of wires do you think your internet connection is coming in on? Do you worry about the wires when you talk about VoIP? And, yes, they will replace the wires. Pretty much the only copper part of the PSTN left is the local loop from the CO to your house. And Verizon is even trying to fix that. Who do you trust more to deliver bulletproof service? The phone company who has a history, experienced people and several layers of regulation -- or the cable company who has no history in telecommunications, not as many experienced people and absolutely no regulatory oversight whatsoever.

I think it's somewhat telling that even Time Warner isn't yet brave enough to offer their VoIP service to businesses. Businesses tend to complain and sue when they lose communications.

Re:Hmm...

" I dont want my 911 call to be interrupted by a denial of service attack"

But what if a boulder rolls over the telephone poles? What if a hijacker flies a plane into your phone box? what if a earthquake wrecks the local phone company office?
Better get a cel phone, but what if a massive blackout knocks that out? Maybe you better get some carrier pigeons just in case.

My VOIP service costs 1/3rd what i was paying for bare-bones service from the local phone co. When i call support, my VOIP co has a human being on the other end. They have never slammed me with unwanted services, and they have never charged me for someone elses phone calls.

VOIP is better than landlines in every concievable way as far as I'm concerned. Why everyone harps on 911 service so much is beyond me. Why does everyone think the world is going to end if they cant immediately get ahold of the layabouts at the local 911 office?

Last time I called the cops it took 3 hrs for them to arrive anyway, and I live 4 blocks from the station.

Re:Hmm...

[BackInIraq]

POTS is damn near 100% reliable (short of drunk guy hitting pole outside your house)

I live in a college-heavy neighborhood, in a DUI-heavy state...you'd be surprised just how often this can happen (though I lose power more often than phone).

I once had drunk drivers crash into some box two houses down that apparently my home power runs through twice in three weeks. Same box. Different cars. No joke. And it wasn't even the snowy season.

Of course, this has nothing to do with VoIP security... :) (and the rest of what you said was good)

Re:Hmm...

"The phone company who has a history, experienced people and several layers of regulation -- or the cable company who has no history in telecommunications, not as many experienced people and absolutely no regulatory oversight whatsoever."

Well the VOIP provider has one important motivator that the phone company lacks.

Competition.

The bells seem to think that whatever they want to do is okay. Youre stuck with them, they dont have to be honest in their billing, It costs the telcos nothing to enable caller-ID, indeed it is an integral part of the POTS system, so why do they charge extra for it? Because they can.
They can slam you with extra services you never asked for, and then endlessly transfer you from department to department when you try to cancel.

The phone company has a long history of fraud, lackluster service, and hostile customer service. I'm glad im no longer stuck with them.

TW's serice sucks? Try vonage or any of a dozen other providers.
TW charges too much for their VOIP anyway.

Re:Hmm...

[Shakrai]

I live in a college-heavy neighborhood, in a DUI-heavy state...you'd be surprised just how often this can happen (though I lose power more often than phone).

Hahaha, nice. I should have pointed out that odds are the drunk guy hitting the pole would also knock out your VoIP service too -- unless you have a wireless internet connection and a laptop/UPS. My main point was that in my 30 some years on this earth the only time I can ever recall the phone not working was when somebody hit the pole and ripped the wires down.

YMMV with ice storms/t-storms/what have you. But the big point is that short of physical destruction of infrastructure your POTS line is going to have dial tone and is going to work as advertised.

Re:Hmm...

I don't know what this fuss is about. Over here, people have been abandoning POTS in masses since years and moving to ISDN, with similar consequences in case of a power outage. Most people don't use an ISDN telephone, but a small PBX which usually requires external power for itsself and the phones connected to it. Everyone else is using wireless phones (DECT) with a base station that requires power. People don't seem to care about the availability of their phone system, 99.something pwercent availability seems to be good enough for most. I'll stick with my nearly indestructable 1948 bakelite phone.

Re:Hmm...

[Shakrai]

Well the VOIP provider has one important motivator that the phone company lacks.

Yeah, because between VoIP, the cable company and cell phones (none of which are regulated or held to the same standard) the baby bells have no competition at all. Do you really beilive that?

The bells seem to think that whatever they want to do is okay. Youre stuck with them, they dont have to be honest in their billing, It costs the telcos nothing to enable caller-ID, indeed it is an integral part of the POTS system, so why do they charge extra for it?

Really? It's been my experience with Verizon that they are a million times more responsive to me then Time Warner. You think they purposefully screw people on billing? What fantasy world are you living in? The FCC, FTC and PSC would come down on them like a ton of bricks.

The phone company has a long history of fraud, lackluster service, and hostile customer service. I'm glad im no longer stuck with them.

As opposed to the cable company (your other main provider, lest you forget) who has a long history of being honest, great service and friendly people that put Wal-Mart greeters to shame. And even if your local phone company still has these monopolistic attitudes you have an appeals process through your state regulatory agency. The NYPSC has never once failed me and the three times I've gone to them I had my problem solved within two hours. Try that with VoIP or cable.

TW's serice sucks? Try vonage or any of a dozen other providers.

And where do you think the internet connection for vonage is coming from? Oh, that's right! DSL or cable!

Re:Hmm...

[Shakrai]

People don't seem to care about the availability of their phone system, 99.something pwercent availability seems to be good enough for most.

Cell phones might be at 99% but VoIP isn't even close. And those people will care when they have a heart attack during that 1% of the time.

Think that's a remote chance? Take a 1% downtime and apply it across a couple hundred thousand users. It's only a matter of time.

Re:Hmm...

[Chaotic+Spyder]

... sorry the point i was trying to get across but failed at was that VoIP is independent of the media.. you can use VoIP if you have wireless internet, Cable Internet, Fibre Internet.... POTS is dependant on the media...

Re:Hmm...

[rbarreira]

Considerating the stability and reliability of the tradional telephony networks - a product of decades of work - it seems foolhardy to replace it.

[sarcasm] Yeah, fuck progress! [/sarcasm]

Re:Hmm...

"Yeah, because between VoIP, the cable company and cell phones (none of which are regulated or held to the same standard) the baby bells have no competition at all."

Yes thanks to VOIP they have competition now, which you seem to think is a bad thing.

"Really? It's been my experience with Verizon that they are a million times more responsive to me then Time Warner. You think they purposefully screw people on billing? What fantasy world are you living in?"

Im living in a fantasy world where my phone bill went up 25% every year despite no appreciable improvement of services. Im living in a world where i found out one month i was paying $15 extra every month for voicemail service i had not asked for, and indeed wasnt even getting. Im living in a world where when i called to complain about this practice i was told that there was nothing the phone company could do about it but continue to charge me for services i wasnt getting.

Poo poo TW all you want, after the ice storm they had my lines back up the same day, whereas it took nearly a week to get the phone company out here. And then they charged me for the visit.

True, you can get a response from the phone companies if you contact your lawyer, the state attorney general, a few congressmen, and the pinkerton boys, but i prefer to do business with people who are hungry for my business and eager to satisfy their customers.

TW has been good to me, but if they hadnt, well i have alternatives there too. I guess im lucky to have more than one cable company in my area.

If it all came down to it, i would go without phone service altogether before i went back to my local phone company.

Re:Hmm...

[pete6677]

Failure of a VOIP line is generally not a life-threatening event. For a backup, use your cellphone. For a backup to that, use your neighbor's phone. If your VOIP or digital phone fails, along with your cellphone, along with your neighbor's phone, and you have a life-threatening emergency, then you're just screwed, but how often does that happen?

Keep risk management in perspective. In the case of a business, I think it would be a good idea to keep at least one POTS line, to prevent a total outage of phone service. VOIP would be very useful in the business world to keep down the cost of long distance calls, and the quality is good enough.

Considering risks vs. rewards, VOIP is a good idea in most cases, although it is worth remembering that it is not 100% reliable although nothing really is.

Re:Hmm...

[morgan_greywolf]

POTS is damn near 100% reliable

Unless you live in an older neighborhood where the lines are still on poles and squirrels chew through the cables and the infrastructure is damned near 100 years old. My experience with POTS is something significantly less than 100% reliable.

it survives power outages

Under some conditions, yes. In some areas, a power outage may bring down your phone line if the telco has installed certain types of equipment, such as boosters to overcome the fact that the network is way over capacity and aging.

Furthermore, lots of people have cordless phones and don't have a wired phone as a backup. Cordless phones do not work in the event of a power outage.

I don't think it can be brought down by a buggy TV in your neighbors house

Electrical noise can certainly bring down a cordless phone, even the nifty new 5.8GHz ones. Wired phones are definitely less vulnerable to noise, but not completely impervious. High amounts of electrical noise can generate interfernce and affect voice quality and even reliablility -- even on a wired phone.

More to the point, if these services are going to be sold as a replacement for your POTS line then they damn well ought to be regulated like your POTS line -- with requirements for reliability and appeals processes if you get hosed

I disagree. Much of the regulatory infrastructure is based around the idea that phones are 'hard-wired' into the PTSN. With VoIP, I can use my phone anywhere in the world that has high-speed Internet access. What happens if I have an outage while I'm on vacation in another state or even another country? Who's responsible? My VoIP provider probably can't be held liable...

Re:Hmm...

Let's face it, cell phones can't be relied on either. They drop or fade out seemingly at random, and I know for a fact coverage in certain residential neighborhoods just plain isn't up to snuff anyway. And I'm talking the fairly dense Bay Area suburbs, not Pigsknuckle, Arkansas here. And what happens if/when the neighbor doesn't have a real landline either? Isn't that the logical goal of the hard-core VoIP pimps? To bring down that evil Ma Bell? If VoIP really does take off at the consumer level, your next three neighbors may not have a real landline. What would you propose to do then? Hope there's a payphone around?? (remember THOSE??)

Re:Hmm...

[BrianRoach]

" In the case of a business, I think it would be a good idea to keep at least one POTS line, to prevent a total outage of phone service. VOIP would be very useful in the business world to keep down the cost of long distance calls, and the quality is good enough."

It is good enough, and that's exactly what we do. I have a VoIP "line" from AT&T at our business for outgoing long distance, plugged right into our phone system. It saves us probably $200 - $300 a month in long distance (You should see what business LD costs - it's ridiculous).

- Brian Roach

Re:Hmm...

[c0n0]

The way I see it, the biz model of bells is long gone. What should be happening is that we should pay a flat fee to call anywhere in the world, and telcos will have to use that fee to do maintenance on the lines, and stuff like that.
VoIP is driving us there, it'd be a smart move of the bells to get there as well. They just have to understand that the pay-for-long-distance is not a valid biz model anymore.

Re:Hmm...

But anyone who completely abandons POTS at this point is jumping off the diving board with no idea of how deep the water is.

Oh, get a grip. I have Vonage and a cell phone. Maybe you're terrified enough to think that the triple-redundancy a POTS line would provide is worth the cost ... but not me.

Now, go wipe down your counters with your bleach-impregnated wet-wipies. The commercial said there are mi-cro-org-an-isms there, and they could make you sick!!!

Knucklehead.

Re:Hmm...

[Shakrai]

Yes thanks to VOIP they have competition now, which you seem to think is a bad thing.

I didn't say competition was a bad thing. My point is that the playing field is skewed away from the POTS providers (who ironically have the more reliable and battle-hardened product).

You pay fees on your POTS line (the FCC line charge) to provide for number portability (amoungst other things) in the name of competition. Yet that POTS provider can't take numbers from the local cell carrier all the time. Whereas the cell carrier can always take a POTS number.

Furthermore they aren't held subject to the same regulations, the same surcharges (USF, FCC line charge or even local taxes) and they are allowed to advertise as if they have a bulletproof solution that completely replaces your home line.

What I want is a level playing field and the VoIP/celluar providers held to the same standards of reliablity and uptime. Until that happens I don't see my landline going anywhere.

Re:Hmm...

[Shakrai]

The way I see it, the biz model of bells is long gone. What should be happening is that we should pay a flat fee to call anywhere in the world, and telcos will have to use that fee to do maintenance on the lines, and stuff like that. VoIP is driving us there, it'd be a smart move of the bells to get there as well. They just have to understand that the pay-for-long-distance is not a valid biz model anymore.

Yeah because it's a lot more fair if Grandma down the road who only uses her phone to call her neighbor next door has to play a flat fee to subsidize your international phone calls. It's always a great pricing model to have everybody play a flat rate. 10% of the customers get to use 90% of the resources and pay the same as everybody else. Ever try to run a small town ISP with limited bandwidth resources in the post P2P world? Flat rate pricing is often times quite unfair to the majority of the customers and to the business owner.

Which isn't to say that there isn't a place for it sometimes. But why should I have to pay for your long distance phone calls if it's a service I rarely use?

Re:Hmm...

[99BottlesOfBeerInMyF]

Cant we just stick to regular telephones? I dont want my 911 call to be interrupted by a denial of service attack...

Police arrive in time to arrest a suspect less than 3% of the time when 911 is called and a much smaller percentage of the time in order to actually stop a crime. Fire departments have a little bit better track record, but usually if you don't get out yourself, they aren't going to save you. Basically, don't overvalue the 911 system. It is not really very useful in most emergencies and the chances that it will be useful and you will be suffering a DoS attack at the same time are pretty damn slim. If an attack is directed at you to actually disable your 911 service how much easier is it to just cut your phone line?

Now I'm not saying that VoIP should not be regulated, I'm just saying that 911 service is not a priority for a lot of us. I think internet access as a whole should be regarded as a utility that should be made available and regulated across the nation.

Re:Hmm...

[c0n0]

Well, there aren't many technical differences between a local call and a long distance call. Yes, the number of switches involved in a long distance call may differ from the ones involved in a local call, but my point is that paying by the minute is stupid, no matter where you are calling. Metered calls is a biz model that no longer works. What is it exactly that one is paying when paying by the minute? power consumption on the switches?

I don't see why I have to pay by the minute on certain calls and why others are for a flat fee, other than a corporate move to subsidize the absurd burocracy they have to actually send you a bill.

In any case, many people think like you, and if you like paying for exactly what you use to avoid paying for what the other 10% is using, try moving to europe or south america, where you pay by the minute on ALL CALLS. If the call is considered a 'local' call, you get a lower rate/minute, but you still pay according to the time you use the line.

What I am trying to say is, why is there a distinction between local and long distance? Why can a celphone provider provide free flat access within their network and POTS can't?

Re:Hmm...

[sapped]

You pay fees on your POTS line (the FCC line charge) to provide for number portability (amoungst other things) in the name of competition.

Yes, and then funny enough when I try to use that capability by wanting to transfer my number from ATT to Vonage then suddenly ATT is incapable of doing this and have been dragging their feet for 2 months already.

It has now reached the point where if ATT became the only phone supplier in the world then I would have to go back to snail mail. Idiots.

Re:Hmm...

actually, i do pay an FCC charge on my VOIP service, & its still only a fraction of what my phone bill used to be.

How about we level the playing field by REDUCING the amount of regulations & such that the phone companies have to deal with. If they still want to provide this mythical rock-solid service (although my POTS service was anything but) the people who think its so all-important can pay extra for it.

I am perfectly happy with my VOIP which isnt rock-solid (although its MUCH more reliable than my landline ever was) Why shouldnt I have that choice?

When i was fighting with the phone co over the voicemail service i was slammed with, part of the reason they couldnt help me was because they were barred from doing so by heavy-handed regulation. They could not disconnect the service that had been attached to my bill, even though it was clearly fraudulent, even though i was very adamant that they remove it. I, as their customer, had no control over it & the service had to be terminated by the company who had slammed me. I'm sure you can imagine how eager that company was to comply (or even answer the phone) And so my only recourse was to have the telephone service terminated entirely.

Sure, level the playing field, but dont do it by transferring all the bloated regulations to other fields & ruining them as well.

Wheres the personal responsibility? Why have we all come to assume that the world stops turning if we pick up the phone & the dialtone isnt there? 911 IS NOT the matter of life & death that everyone seems to think it is. If you really want to be able to save your family from disaster, screw 911, learn CPR, and stop expecting the rest of the world to save your ass every time you get a boo-boo.

Re:Hmm...

[Shakrai]

And so my only recourse was to have the telephone service terminated entirely.

Umm, I'm calling bullshit on that. Your recourse could have been to just stop paying for it. Your telephone company will not disconnect your service for failure to play an unrelated part of your bill. Hell, I can refuse to pay my long distance bill and they still can't disconnect my (local) service. Ditto for my DSL bill. These are the protections you have thanks to the regulations that you want to see abolished. Think you'll have an appeals process to your state public service commission when Vonage messes up your bill?

Wheres the personal responsibility? Why have we all come to assume that the world stops turning if we pick up the phone & the dialtone isnt there? 911 IS NOT the matter of life & death that everyone seems to think it is. If you really want to be able to save your family from disaster, screw 911, learn CPR, and stop expecting the rest of the world to save your ass every time you get a boo-boo.

You think the world doesn't stop if you pick up the phone and there's no dialtone? You think 911 is bullshit? What about the few hundred other arguments I could make about needing rock solid phone service. Do you have kids? What happens if there is an early dismissal from school or they get hurt? Think you might want your dialtone then? What happens if you get called into work but your boss gets a fast busy signal because the VoIP provider messed up... next thing you know you get fired.

911 isn't the only reason (though it is a big one) that I think phone service needs to be rock solid. Besides the minor little fact that it's a service that I'm paying good money for -- so I'd better have a dialtone when I pick up that phone.

Re:Hmm...

[Shakrai]

I don't see why I have to pay by the minute on certain calls and why others are for a flat fee, other than a corporate move to subsidize the absurd burocracy they have to actually send you a bill.

Actually I think it has more to do with the fact that if I call you and you are on the same central office as me then the call doesn't need to use any long distance lines. Typically the central office switches are 90% idle -- whereas the long distance trucks can hit 100% utilization at times.

Granted that's less of a problem these days and not all local calls are within the same CO -- but there was a basis for it. Furthermore a long distance call (even in this day and age) requires infrastructure and that infrastructure has to be paid for.

I still maintain that flat rate pricing isn't fair. I'm not going to debate the merits of charging per minute but it's simply stupid for somebody who makes two long distance calls a month to pay the same as somebody who makes several hundred.

Perhaps a more fair solution would be a per call charge. Verizon has "message rate" service where you pay a charge ($0.09 in my area) for each local call connected. As you pointed out once the switches have established the call that's the bulk of the work. I still think that flat rate pricing doesn't pay for most people and it's inherintly unfair.

What I am trying to say is, why is there a distinction between local and long distance? Why can a celphone provider provide free flat access within their network and POTS can't?

I've always been told by people in the industry that it has to do with the fact that most of them control a nationwide network and can deliver the call closer to it's destination on their own equipment (without relying on outsiders to transport it) then most POTS providers. But even so I've never seen a "free flat" cell phone. You just go from paying for long distance to paying for airtime. Even the cheapest plan (without enough minutes to order pizza) still costs more then most ghetto level POTS plans. That kind of proves my point about people who barely use it playing for people who live on it.

Lest you think I'm only picking on the telecommunications industry I could also point out that it's somewhat unfair for it to cost me the same amount of money to mail a letter to my girlfriend ($0.37) two blocks away as it costs to mail a letter to my aunt in Alaska (4,000 miles away - $0.37).

Re:Hmm...

[ihaddsl]

You convientently ignore the largest reason for 911 calls - health or injury related

For example, my son was choking, while I performed the Heimlich, my wife dialed 911. Emergency personel on site within 3 minutes. As it turned out just as they were walking in I cleared the obstruction. But it was good to know they were there and could respond quickly

Now imagine if you are home alone, and have a heart attack/stroke. You are able to dial 911, but not to communicate effectively.

Beleive me, there are plently of reasons why having POTS 911 is worth it.

Re:Hmm...

Ha Ha Ha.

I make my living repairing the supposedly close to 100% reliable POTS system and, I must admit, I have a different opinion of the situation than you do.

I also disagree with regulation of VoIP service. Regulating the infrastructure is one thing, regulating a service that anyone with a computer and an internet connection can provide would be silly IMO. If you want reliability you will have to find a provider that promises it and pay accordingly. I don't think we need to create artificial barriers to entry via the government, particularly with a service that could be provided from outside of your government's jurisdiction anyway.

Paranoia

[tod_miller]

Hi Hun, I am gonna be a bit late tonight

I thought you were going to give me a lift to Tinas?

Thats tomorrow, have you been taking my pain killers again?

No... erm... ok I'll see you later

*click*

Wait, we are being line-tapped

Oh my god! Execute the Omega 13 Device!

*end of world*

Really - if you want security, talk in tongues, or use a third party audio scrambler, plus encrypt the session. (then unencrypted it will just sound like noise). Plus standon one foot while you talk, and occassionally look through the venetian blinds for snipers across the rooftops.

Re:Paranoia

[DarthVain]

Shhh! THEY can hear you! Besides everyone knows the best protection is your standard issue tinfoil hat!

Re:Paranoia

[mwilliamson]

-SNIP-
and occassionally look through the venetian blinds for snipers across the rooftops.
-SNIP-

Dude, why not stick your head out the door for a few seconds too while your at it? If you take paranoia seriously, you seriously need to set up outdoor pinhole cameras, like I have. I love the espressions of frustration on the sniper's faces. Also, keep in mind your location can be determined by a tempest brainwave triangulation attack, so wear the proper protection. (you have been warned)

VOIP!!!

http://www.homestarrunner.com/tgs1.html

Kristin, you look burnt or DEAD.

So much safer.

[MyLongNickName]

Because there is no way in the world I could just go to you telephone access box with a phillips head screwdriver and pull your connection.

Re:So much safer.

[tomstdenis]

remotely over the net while in your underware listening to Ska?

Really?

Oh ok.

SHUT UP.

Re:So much safer.

[gunpowda]

Whereas on the Internet you could just take your time - as long as you need - with relatively little fear of discovery and all kinds of freely available sniffing software.

Hrm. Tough call.

Re:So much safer.

[Shakrai]

Because there is no way in the world I could just go to you telephone access box with a phillips head screwdriver and pull your connection.

Your welcome to try it at my house. The lines are underground and all of the NIDs are in the utilities room downstairs which only the teleco and my landlord have a key too.

Despite that your point would be valid if it wasn't for the fact that a VoIP phone can be brought down the same way. And a cell phone can be jammed. If somebody is out to get you then you have bigger problems then which type of phone to use.

The point the grandparent was making is that a POTS line is just about bulletproof. Whereas a VoIP line can be brought down by a DDoS on your ISP, the script kiddie with kazaa using all the bandwidth or just the stupidity of your ISP.

Re:So much safer.

SHUT UP.

Awwww -- does that make you feel like a big man? In real life, you would probably get your skinny ass kicked.

Re:So much safer.

[tomstdenis]

Dude, I wish I was skinn[y|ier].

In reality if you stood on a soap box spouting crap like that I'd tell you to shut up as well.

And it doesn't make me feel better, it makes me sad that there are people like you living amongst us. It makes me weep for the future, do you have or plan on having kids? Seriously consider giving them up for adoption.

Tom

Re:So much safer.

I AM your father. Next time I will use a condom.

Re:So much safer.

[MyLongNickName]

Actually, I could. How hard is it to set up an auto-dialer to lock up your phone line? Ever try hanging up on someone who has dialed your number? I get the freaking "this is a thinly veiled political announcement wrapped in a cheesy poll" phone calls. I hang up. I pick up thirty seconds later... still blabbing away.

Try clicking the receiver a bunch of times... no good. If there is a way to free the line, I don't know what it is. Since you are such a brilliant fellow, I am sure you know.

Point is... if you are getting a denial of service attack when needing 911, the odds are it ain't a coincidence. Someone is breaking into your house, and preventing you from calling the cops. A DOS attack can be thwarted. Someone clipping your outside phone line really can't be.

Does VOIP have flaws? Yes. But the ggp post wasn't an example of a VOIP weakness.

But thanks for your well-thought out response. It really made me sit and thing.

Re:So much safer.

[Shotgun]

Bulletproof?!

I don't think that word means what you think it means.

DoS attack? Want to take out a neighborhood? Piece of rope tied to a car bumper and the little 2ft post on the side of the road. Or just knock the lock off with a cheap hammer, then reach in and pull out a handfull of wires.

Hit a big box with your car to cause real havoc.

How about listening to cell calls with a scanner? Ask Newt Gingrich about that one.

Monitoring a POTS line is still as simple as climbing a pole and attaching a couple of clips.

911? Don't you have a cell if the power fails? Does your neighbor? If the power is out for everyone, do you think the fire department really needs a phone call from you? What did people do before 911 was available? Can't they do it now?

Why do people scream about faults in new technology that were much worse in the old?

Re:So much safer.

[tomstdenis]

Um if you hang up and 30 seconds later are still connected it means someone else on the line [on your side] is still off hook.

Check your house for nosy people and failing that call your telco to have it looked at.

Of course I've never heard of that problem before. Doesn't mean you're making it up but more than likely the reason is more than a "remote DoS" attack.

Mostly call-centers can only fake their CID information [but not ANI] which makes call display all fucked up [but not their billing]. That's about it. They don't have magical technology to jam your phone line. Once you hang up the call is released and both sides are disconnected.

Tom

Re:So much safer.

[MyLongNickName]

Tell you what. Try it yourself. Grab a cell phone and call your land line (assuming you have one). Pick up the land line. Hang up. Pick it back up a few seconds later... unless things are handled differently in your part of the world, your cell will still be there.

If your experiment doesn't work as I predicted, let me know. I've had it happen on more than one line, and yes, I am sure no one on my end picked up a receiever.

Maybe call-waiting would get around it, but if you didn't have it, I know I could tie up your line to where you couldn't make an outgoing call. Same as VOIP.

Re:So much safer.

[tomstdenis]

"few seconds". It usually takes 3-4 seconds to hang up. Anything longer and your phones and/or telco is broken.

Tom

Re:So much safer.

[PhilippeT]

Hey smart ass, I just tried it for shits and giggles and guess what? haging up my land line closed the call... even tried it land line to land line and you're still wrong. So unless your using some ancient phone lines that have some major problems you seem to be the one with the problem

Re:So much safer.

[Tony+Hoyle]

It depends on the phone system in use.

It's normal behaviour for the caller to control the state of the call - it's actually useful - for example if someone phones you and you pick it up on an extension you can hang up and go to the another phone and pick up.. and the caller will still be there.

In this country all phones work like this, even the new digital exchanges. I'd expect in the US it's more varied as there isn't one telco running everything.

Re:So much safer.

[MyLongNickName]

Nice interpersonal skills.

It's "you're" by the way ;)

Re:So much safer.

What did people do before 911 was available? Can't they do it now?

What did people do before sanitation? Can't they do it now?

The whole, "what did people do before" argument is pointless. Yes people lived without 911 but more people died that way.

Re:So much safer.

[MyLongNickName]

Which country, out of curiosity? I'd figured phones all just behaved like this, not giving it a second thought. With my fax machine friend (caller id blocked... gotta get a cheap fax machine), and the stupid Republican "Do you support pedophiles and international terrorism by voting Democrat" polls, I'd love to be able to hang up and have my phone back :)

Re:So much safer.

[MyLongNickName]

N/M... Read your profile... UKer.

Re:So much safer.

[batkiwi]

Both in the US and in Australia this is not the case. Chances are something is either wrong with your phone or your line.

What country are you in?

Re:So much safer.

[tomstdenis]

I'm from Canada and have been to the US and France. In all three countries if the receiver hangs up the call is disconnected usually within seconds.

The CALLER can hang up quickly ... it's called three-way calling.

But on EITHER end a hangup of more than 3-4 seconds is enough to totally disconnect the call.

Maybe you are confusing "hang up" with "put on hold"? Calls on hold are still off-hook just the audio has been muted.

Tom

Cain and VoIP Sniffing

There is a program called Cain that can sniff VoIP traffic (as well as other things) and turn it into a wav file if it understands the codec. There is a video on how it works at: http://www.irongeek.com/i.php?page=videos/cainvoip 1

Re:Cain and VoIP Sniffing

[BlackCobra43]

The next evolution of Wardriving...war-wiretapping (which I propose we shorten to "wartapping" or perhaps "Warping")

Re:Cain and VoIP Sniffing

[mpeg4codec]

Last I heard, Ethereal can do the same thing.

Re:Cain and VoIP Sniffing

[Irongeek_ADC]

Well, there went my bandwidth for the month. There is a mirror here:

http://www.infonomicon.org/irongeek/videos/cainvoi p1.swf

Re:Cain and VoIP Sniffing

[glimt]

You can get both sides of the conversation by putting two NICs in your winxp box and creating a bridge. 1. Plug a cable into your hub (not necessary) or ca ble/DSL modem and the other end into one of your laptop's NICs. 2. Plug a cable into the VOIP modem and the other end into the other NIC. 3. Network Connections and create a bridge that uses both NICs. This will run all packets to/from the VOIP box across the bridge. 4. Fire up CAIN and sniff the bridge

PacketCable VoIP security

[N7DR]

This is why the PacketCable 1.0 VoIP security spec runs to nearly 400 pages. (www.packetcable.com)

Of course, now ask how many cable compaines are actually deploying fully PacketCable-compliant systems with all the security turned on the way it was designed to be.

No discussion about this, w/out VoIPsec list

[papaia]

Please visit the VoIPsec archives, before assuming that any one article could cover it all. There you could find links and comments from some of the most pertinent contributors to this subject.

Re:No discussion about this, w/out VoIPsec list

[Pandora's+Vox]

I've been on this list for a few months and it's an excellent resource.

PGPfone

[laptop006]

Was a neat little app a few years back for simple IP-IP VoIP that was (supposedly, never checked) well encrypted, it converted the key in to english words that you could say in your own voice to confirm that you weren't a victim of a MITM attack

http://web.mit.edu/network/pgpfone

What about...

[bigtallmofo]

I think you're mostly correct. The only thing I worry about is the casual call to a company you do business with that requires you tell them your SSN over the phone to set up or make changes to your account.

Damn hippies....

[Linegod]

The majority of people are going to be getting their VOIP service from someone sitting in their basement, or from Skype or somesuch. Their going to get it from their ISP, which will provide a security layer of some sort - separate VPN, encrypted trunks, etc.

Anyone who believes that this is some 'golden age' of free communications is on crack. And cheap crack at that.

POTS is also vulnerable

[BrianRoach]

If you have a set of aligator clips and a phone. Or a set of diaganol cutters (DoS attack).

I mean, really ... it's MUCH easier to access any of the copper lines strung all over than hacking anyone's VoIP connection.

- Brian Roach

One has to wonder...

Wouldn't it be simpler, more effective and thus cheaper to secure IP communication instead of securing Voice over IP, HTTP over IP, SMTP over IP, FTP over IP and whathaveyou over IP? There even is a standard for secure IP communications, inconspicuously called IPSec. Stop the nonsense and start using encryption where it benefits all protocols.

Re:One has to wonder...

[j-tull]

Simply throwing encryption at a security problem is often NOT the best answer. Although IPSec helps with the security side of the problem, it exaserbates other VoIP issues: latency and throughput. From the VOIPSEC list:

IPSEC overhead with VoIP is a real concern, given a typical 20 byte audio codec payload and 12+8+20 byte headers of RTP+UDP+IP (before we talk about IPSEC overhead). Even with CRTP inside of IPSEC (compressing 40 bytes down to 2-4 bytes depending on UDP checksums), still have serious IPSEC overhead with abysmal VoIP throughput.

Re:One has to wonder...

[eimsand]

Plain ol' IPSec is not a cure-all in this situation.

In fact, if you want to believe NIST, most of the hardened encryption algorithms can all verge on introducing too much delay into the process. The solution is to introduce a priority scheduling component into encryption engines, but given the language of the report, I'm not sure that's widely done at the moment.

NIST has a nice technical report regarding all (or most) of the VoIP security approaches. It's quite lengthy, though, so use the ToC. http://csrc.nist.gov/publications/nistpubs/800-58/ SP800-58-final.pdf

Re:One has to wonder...

IPSec is a poorly designed entity. Among other things, it pulls crypto and complex key storage systems into Ring 0, breaks under interesting situations (try sending an ICMP ECHO REQUEST from and to ISAKMP-enabled hosts with key autodiscovery... key exchange will not work as ICMPs are mishandled; some implementations triggered an infinite loop at the protocol level that was only saved by giving up after a timeout), has oracle attacks against it (ICMPs emitted in response to errors in the tunnel mode are not sent encrypted), and has two subtly different sub-protocols which do different things (ESP and AH), each of which can operate in two modes (transport and tunnel) and exceptionally little design rationale.

Also IPsec doesn't authenticate the user, just the machine.

What about something like OTR?

[Ikester]

Can't something like OTR (Off The Record messaging - http://www.cypherpunks.ca/otr/) be applied to SIP or IAX conversations? I know it was designed for slow, IM-type packet traffic, but the crypto is there. It can't be that hard :)

PGPFone?

[fcs-error]

There was once a product called PGPFone that would do VOIP with PGP encryption. I have not seen anythign about this is wuite a while. Is the project still around?

Anonymous Diffie-Hellman would be "good enough"

[pp]

I mean, negotiating a private key between two hosts is trivial, just use the good old DH key exchange thing. Could even use IPSEC for the actual encryption, no need to reinvent the wheel and add crypto to the VOIP protocols, just do those security associations when you setup a call.

The downside is, that a MITM is possible to get the key, but that's pretty damn unlikely compared to people just sniffing and listening to your call or blindly injecting data to an existing one. From what information is available about Skype, it does something like this, I believe.

But, designing horribly complicated systems that cover the corner cases seems to be the norm, and those get ignored due to complexity and thus everyone does the unencrypted thing in the end :(

Re:Anonymous Diffie-Hellman would be "good enough"

I have implemented this in a VOIP system before. It's really a nice solution because you can use a symmetric cipher that retains the size of the original packets and you can encrypt just the payload. You decrypt it right before it hits POTS and all of the other pieces of your network like packet scheduling or whatever -- anything that just looks at headers -- can operate unchanged.

Re:Anonymous Diffie-Hellman would be "good enough"

[SeeTheLight]

Doesn't encryption generate overhead that could be detrimental to VoIP calls?

Re:Anonymous Diffie-Hellman would be "good enough"

[jesup]

As you imply, though, anonymous (no working PKI infrastructure (that you can trust)) DH will NOT protect you from MITM attacks. As others have mentioned, security agencies certainly can MITM you (hell, they can just tell Comcast or Verizon to give you DHCP pointing your DNS servers to ones they control). So can organized crime (read the post about 3rd-world hotels (Phillipines) where they will use captive DNS servers to direct you to sophisticated phishing sites). Etc.

Not to say that anonymous DH w/ SRTP isn't worlds better than in-the-clear RTP, modulo call setup time.

A clue as to why...

[mindaktiviti]

Their website lists their numbers as: "Tel: 00353 - (0)87 - "...etc numbers, so they're not in North America.

This: (Mon, 14 Feb 2005 16:57:12 +0000) also suggests a European country (I think). So maybe English isn't their first language.

Re:A clue as to why...

[Tony+Hoyle]

00353 is Ireland.

They may speak with a funny accent there but they're pretty likely to know English..

Re:A clue as to why...

[pancake_lover]

00353 is Ireland.

So then we should be talking about the dumbing down of Ireland then, not America.

I blame Guinness.

Re:A clue as to why...

Which of course is funny, considering your sig

speakeasy's VoIP service

[bad_outlook]

Anyone have experience or opinion on Speakeasy's VoIP service? They claim it all takes place inside their 'private network', but is it really safe? As an alternative to the bells it's very attractive, plus it's less expensive. It would be handled through my DSL, which I get from them, and it hasn't been down since we got it in feb of this year.

Re:speakeasy's VoIP service

[Frying+Ferret]

I currently use speakeasy's VOIP for my home phone. I have their OneLink package, so I have no POTS line from SBC. I find the quality very good, and their QoS seems to work very well.

I'm pretty confident that they don't run the calls outside of their network, but maybe my trust in them is too far reaching? I'm not sure what that means in terms of security though. Granted for a pure TCP/IP hack you'd have to get into their network, but at some point at the other end it has to leave their network and go across the telco's lines.

Re:speakeasy's VoIP service

[bad_outlook]

Excellent, I'm going to call them later today then. I appreciate your comments. So when will we be using VoIP solely through an SSH tunnel? ;)

Re:speakeasy's VoIP service

[Greyfox]

I seem to recall seeing mention of this in a couple of FAQs. IIRC (And I may not, as I was looking for something else and just happened to notice it) VOIP traffic is UDP so tunneling through ssh doesn't work as expected. To have it work as expected you have to set your client up to do voip over TCP, but not all clients support this. I'd suggest investigating before setting up tunnels and assuming that they'll keep you safe.

Cisco / Encryption

[wschalle]

The Cisco callmanager can set up calls to be encrypted end-to-end.

Re:Cisco / Encryption

[Pandora's+Vox]

Great thing about this - in a Call Manager environment you can do encrypted, or recorded / monitored (system side, not talking MITM here) - never both. So in a contact centre environment... no encryption if you're going to do any call logging / monitoring.

It makes sense on one level - you're preventing /everyone/ from monitoring the call, right? But you'd think that Cisco could figure out some way of sharing the encryption keys between the Callmanager and whatever does the recording, as well as the phone.

Anyway, that's my rant for the day.

Re:Cisco / Encryption

[bhiestand]

Unless you have a phone with a recorder builtin, or do your own splicing to have the speaker wires going into a recorder first... Hence it is STILL subject to one of the simplest attacks on POTS.

get ready for SPAM

My biggest concern for VOIP is SPAM. Imagine the network sniffing your VOIP (or data) traffic and deriving the hours you are most likely to be at home. Useful info for direct marketeers or for your bombardment with pre-recorded audio advertisements per VOIP. Your VOIP phone will pollute as quickly as your email inbox. Icreased nuisance at a yet unknown magnitude.

So what?

[j-tull]

Since when have good old fashioned telephone systems been secure? I can't count the number of times I've picked up a neighbor's conversation from their cordless phone. Although I'll agree that the scope of the attack may be broader with VOIP (after all, my neighbors phone only puts out enough power to be picked up within a certain proximity), I think an expectation of privacy on any current phone system is a flawed assumption at best.

taxes and fees

[tom75646437]

>POTS is damn near 100% reliable

My phone company charges $12 for my no-frills service. Somehow the bill I pay is $45 after all the fees and taxes. Those extra charges are the main reason I'm considering bailing from POTS to VoIP. They'll catch up sooner or later, but for a time, I can keep some of my money.

Heck I might have some cash to enter the sucker mill^H^H cell phone subscriber pool.

Re:taxes and fees

[Shakrai]

My phone company charges $12 for my no-frills service. Somehow the bill I pay is $45 after all the fees and taxes

Care to itemize those charges for us? My no-frills service with Verizon is $8.61 a month and my bill (before calls) is less then $20 a month even with all the taxes and fees. I think last month it was about $19 and change.

My biggest beef is that it hardly seems fair to impose all these fees on regular phones and not on VoIP/cell phones. Either the fees are required for a public good (debatable with the FCC fee -- better argument with USF and e-911) and they should apply to everybody -- or they are outdated and should be dropped from POTS.

Besides that, the tax rates on phone service (of all flavors) is insane and something needs to be done about this. In this day and age telecommunications is not optional and there's something wrong about taxing stuff you need for daily life. If food isn't subject to sales taxes (it's not in my state) then phone service shouldn't be either.

And that's coming from a left-wing liberal such as myself!

what?

VoIP not secure?! Oh noes!

Next they'll be telling us that crazy things can happen like getting your regular phone line tapped...I mean, total crazy talk here.

Nice introduction to VOIP security

http://www.acmqueue.org/modules.php?name=Content&p a=showpage&pid=209

How secure is the PSTN?

[Sketch]

Considering I can walk up to 90% of the houses on the street. open up the phone box, and plug a lineman's handset (or anything else) into the phone line...how secure is the PSTN?

If you think the PSTN is really secure, you might want to look through some old issues of 2600...

Spelling errors vs. grammatical errors

It's all about communications. Some will argue that we should overlook the errors. I try to do this, and I sometimes succeed when there is enough meat on the article to make it worthwhile to mask out all the bad spelling and grammar "noise." When the article is as basic as this one is, however, I find myself in your shoes -- very unhappy about how hard it is to read the darn thing.

On the other hand, I find your complaint somewhat hard to read as well, because (IMHO) the mistake of writing "amount of errors" when you should write "number of errors" is almost as egregious as the original spelling mistakes.

YUo FAIL IT.\.

ARE YOU GAY WASTE OF BITS AND one common goal - I thought It Was my core team. They some of you have are looking very were compounded

VOIP Vulnerable?!

[rawyin]

Wow, I *never* realized that you could do all of the same things to VOIP that you could do to a regular phone line with a couple alligator clips.

Nomadic vs Non-Nomadic VoIP

[isecore]

Folks, you have to remember that this article talks about the so-called nomadic voIP-services.

I've been using VoIP for the better part of two years now, and it's maintained by my ISP. I run it over the Ethernet hookup I have, and as far as functionality is concerned I hardly notice the difference from POTS.

Outages? I've had two. Once when my apartment lost power (thus the VoIP-box lost power) and once when some major link in my ISP's chain went down. As a matter of fact, I've had FEWER problems with VoIP than POTS. My ISP/Telco also didn't charge for the days (two) of outages, of course.

As for packet priority, I can max my line, and since the phone is a non-nomadic VoIP the sound is still crystal clear since the ISP uses traffic-shaping (or something) to always put priority on the VoIP-packets.

To Be Banned

[duerra]

I wonder how long it will be until things like VoIP encryption is illegal to implement on the user-to-user end. Once the government catches wind via some wacked-out organization, they're going to be pushing legislation to ban such products - all in the name of preventing terrorism, of course.

Heck, my opinion is it's only because of the history of the open nature of computing that this industry is allowed to have encryptions like SSL where the government can't tap the line.

And if you don't believe me, see the recent treaty discussions going on in the senate right now that requires participating nations to take up laws which include wiretapping.

Why not to try Skype

Why not to try Skype and then talk about VOIP security? Skype uses AES (Advanced Encryption Standard) - also known as Rijndael - which is also used by U.S. Government organizations to protect sensitive, information. Skype uses 256-bit encryption, which has a total of 1.1 x 1077 possible keys, in order to actively encrypt the data in each Skype call or instant message. Skype uses 1024 bit RSA to negotiate symmetric AES keys. User public keys are certified by the Skype server at login using 1536 or 2048-bit RSA certificates. It's really strong VOIP encription. I think skype is great, and skype community is growing, thank to share.skype.com blog. Skype gives free SkypeOut day's, two more left. And I use http://skype.i-loveyou.info/ to don't miss any of that days.

Re:Why not to try Skype

[MikePlacid]

This is the most informative article in the thread. Skype-hype notwithstanding...

Why not to try Skype?

[tomasvilda]

Why not to try Skype and then talk about VOIP security? Skype uses AES (Advanced Encryption Standard) - also known as Rijndael - which is also used by U.S. Government organizations to protect sensitive, information. Skype uses 256-bit encryption, which has a total of 1.1 x 1077 possible keys, in order to actively encrypt the data in each Skype call or instant message. Skype uses 1024 bit RSA to negotiate symmetric AES keys. User public keys are certified by the Skype server at login using 1536 or 2048-bit RSA certificates. It's really strong VOIP encription. I think skype is great, and skype community is growing, thank to share.skype.com blog. Skype gives free SkypeOut day's, two more left. And I use http://skype.i-loveyou.info/ to don't miss any of that days.

Re:Why not to try Skype?

as long as the source isn't open (i'm not talking about opensource but about the possiblity to get the source in order for a security review) the best crypto algorithm isn't worth anything. how do you know that the implementation is secure too?

Security as a Business Liability issue

[dachshund]

POTS is wide open to MIM attacks.. in fact anyone with a cheap earpiece can do it - no need for a PC even.

Try telling this to a judge. In the event that a security breach does take place (resulting in, for instance, loss of customer data), businesses don't want to be in the position of saying "but you could have sniffed that traffic just as easily on a POTS network, your Honor." Using POTS is the standard for security, and as bad as it is, you don't unduly expose yourself to liability by using traditional telephone lines.

If you run a business and dicuss sensitive information over the phone, you're exposing yourself to an unncessary risk by using VoIP. The addition of encryption would make VoIP more appealing to businesses, and (done properly, ideally with end-to-end capability) would even be a significant selling point.

SIP/SSL?

[ajs318]

I would have thought the obvious solution would be something like SIP over SSL {which should be easy enough to set up, if Asterisk doesn't already have such a feature}, but maybe I'm missing something obvious about SSL that would preclude it.

PGP-type encryption would be good {key servers, if you use them properly, are incredibly powerful: post your out-of-date private keys and now nothing you ever signed using any of them can be authenticated!}, but it isn't transparent.

Whatever solution is adopted, it must be network-transparent, and the user must have the right to view the source code. The Authorities no doubt would love us to be using something they can tap, on the basis of "protecting" us from terrorists and drug dealers; but if terrorists and drug dealers are known not to be using the system because they know it can be tapped, then there's no point tapping it in the first place!

Re:SIP/SSL?

SIP already supports SSL, and an arbitrary way to patch in your own encryption.

Also, from the Slashdot blurb ...

Considering it's recent growth

"its".

Killer Crypto Application - secure SIP

[mwilliamson]

Here's what I want:

1. something that will work with existing SIP devices. I don't want to be tied to my computer to make a call.
2. something that will encrypt each UDP packet separately, so voice robustness is not lessened. A single dropped encrypted packet shouldn't screw up the call any worse than a single dropped unencrypted packet.
3. Something that will provide adequate security, but still run on something small and low-powered, such as a linksys wrt54gs router
4. No significant latency...voip is already bad enough as is in this area
5. BSD licensed (what's wrong with making a little money...this is a great business app too)

Re:Killer Crypto Application - secure SIP

I implemented something like this on the Mac. Latency is of course the issue - it's a given... minimizing it is a tradeoff in CPU performance (Ie: smaller datum chunks = less latency, but more CPU demand). On G3, am getting 90 - 100 ms average, max theoritical limit is 85 ms, and 25% CPU usage using CoreAudio. Not that shabby actualy...

Most was written in Cocoa...

AES Rulz, but adds more CPU demand.. If coded properly, the additional encryption factor can parhaps add another 10 - 20 ms to the delay... still not bad. It beats the pants off of Skype, which sits about 250 - 550 ms depending on connection.

Choose your encryption method carefully.... so far, only AES and RC4 are suitable for VIOP real time encryption. I'm sure there are others I don't know about...

Usually much stronger encryption is used in call setup and authentication.

AIX is also becoming popular because it seperates signalling from the voice path - ALWAYS a good idea... ASK ATT about why "out of band" signalling is important as Capn Crunch once demonstrated with the blue box.

Re:Killer Crypto Application - secure SIP

[muonzoo]

Oh, so you just want SIP. SIP is secure. Current deployments might not be. http://www.ietf.org/rfc/rfc3261.txt Read all those parts about SRTP, TLS and SIPS.

Re:Killer Crypto Application - secure SIP

[cullenfluffyjennings]

not to mention open source (wiht BSD not GPL like license) for open source, proxies, SRTP, etc.

So what's wrong with SRTP?

[Beryllium+Sphere(tm)]

There's already an encryption spec for VOIP. Nobody seems to use it.

I'd worry about the market for a new product when the demand has already been tested and found wanting.

Then there's always the option of running your calls on a VPN, as several people have pointed out already. That's what I would suggest to a potential client in an initial consultation.

*sigh*

[matth]

VoIP is *more* secure then your PSTN... with the PSTN any doofis with a butt-set can climb the pole outside your house... or worse yet go OUTSIDE your house and tap into your line.

With VoIP you have to actually be on the network.. and not just on the network.. but IN the packet stream.

Hacker A who is on a server off the switch can't listen to your conversation... they woudl have to interrupt the packet stream flowing through the router.

telephone security is an oxymoron

[couch_warrior]

WTF mate! I found out my ex-wife was cheating on me by picking up the extension phone in the other room and listening to her talk to her boyfriend. With POTS, anyone with a $10 Walmart phone set and a set of alligator clips can open the phone box on the side of your house and listen to (or for a few dollars more record) your conversations. And anyone who understands Signalling System 7 can conference themselves into your calls through the phone company switch.
Calling VOIP insecure is by comparison like a nudist complaining that a woman's skirt is too short.

VPN

[prisoner]

We work with a bunch of local phone vendors who always dictate that for site to site voip to be used, we need to setup a site to site VPN (or point to point circuit). It is my suspicion that they do this so that

1. they don't have to be bothered with trying to figure out what ports to forward on the firewall and

2. they have so much difficulty in troubleshooting their own systems that they love to blame everything on us.

In any event, I picked up the new o'reilly book on voip and they talk a lot about avoiding vpn as it creates lag. They also indicate that sending all of your QOS flagged traffic down a VPN tunnel eliminates the ability of the upstreams to "see" the QOS flags as they are encrypted. Anyone else have experience with this?

Re:VPN

[jesup]

VPN and VoIP: BAD

If it's a TCP tunnel, you add really bad delay and jitter in response to packet loss.

If it keeps UDP as a form of UDP (IPSEC might do this), you only lose the QOS flags plus any VPN-related delay (which may be non-trivial, or may be no worse than direct SRTP encryption).

You could

[phorm]

If you have physical access, you can do a lot. The problem otherwise with anything-over-IP is the potention that a kid in Russia can hack your connection while you are in Canada....

The Crux of the Biscuit

[Doc+Ruby]

We all abuse the apostrophe, just by posting on Slashdot.

Not an Afterthought

[CowboyRobot]

This article http://acmqueue.com/modules.php?name=Content&pa=sh owpage&pid=209 covers the subject of VoIP security nicely

False

[WindBourne]

It is far easier to intercept the middle than you could ever believe (though, about 3 years ago, I would have agreed with you).

The real problem is that the man in the middle may handle the conversation in any way that they see fit. They can then place any set of words in your mouth (and the other parties). It becomes possible for various groups to total misdirect you or the other parties into certain directions. Interestingly enough, this can be used to provide for false convictions. And yes, this is very doable.

Think of somebody doctoring a photo. 7 years ago, it was hard to do, but it was doable. Now, it is trivial to do so. The same is true of VOIP.

VOIP security should have been designed in (with a clean policy/implementation seperation), but it is never too late to start.

Connection vs. Connection-less

[kvnflynn]

The key difference between traditional telephony and VoIP is the way the calls are handled across the network. Traditional POTS telephony uses circuit switched connections, meaning that an attacker needed physical access to some piece of copper along the called path to perform a man-in-the-middle attack. With IP communications it is possible for attackers to "touch" the path of the call from a remote location. http://ettercap.sourceforge.net/ Both methods are insecure and suffer from physical security issues. It's just that without proper network security the physical area of an IP network is easily extended and therefore susceptible to more attackers.

Patriot Actions

[Doc+Ruby]

"Who could blame him [Phil Zimmerman] for laying low for a while after the Justice Department launched a three-year criminal investigation of him in 1993? Officials accused him of violating a ban on exporting cryptography when he made PGP available for download on the internet. The government finally dropped its investigation in 1996."

The Justice Department officials who "investigated" Zimmerman (persecuted him) set back the availability of privacy tech by at least half a decade, right when the Internet exploded into everyone's private and professional lives. They never found anything bad on Zimmerman, and crypto export restrictions were sensibly lifted in light of the extremely favorable cost:benefit to American economic security (the basis of all national security). But those officials, who did such damage, suffered no repercussions for their fruitless persecution of Zimmerman.

How long, after Zimmerman's VoIP privacy tech gets some buzz, will it take for some new Justice Department freak to target Zimmerman this time? With the context of "cyberterrorists", portrayed as "out of government reach" with Internet cryptophones, so easily saleable to the American public terrorized daily by government actions in the Terror War? Zimmerman's willingness to reenter that war, after being burned, shows that he's the kind of patriot that the government can only pretend to be when naming laws and missiles.

Man in the middle is easy with VoIP

[Ungrounded+Lightning]

To be successful, it requires very good access to my ISP or the backbone carrier's network which is hard to do.

Actually it's trivial - by subverting the call setup negotiation. They don't even need to subvert the carrier's servers - replacing or inserting a SIP proxy via, for instance, DNS cache poisoning would do the job. With call setup corrupted the actual streams can be routed through any machines and paths they want.

Even if they can get that access all they can do is listen to my calls, have a chat with me and the other person or maybe hang up the call.

I take it you're OK with, say, a spook agency, police departnemt, business competitor, or foreign government agent recording all your conversations (and their endpoints) and feeding them through voice recognition algorithms to identify those of interest. Also with a phisher tapping your conversations with your bank and credit card company?

And with anybody with adequate tech carefully putting words in your mouth - but only as heard by the ear of the person you're talking to (or words apparently from THEIR mouth to YOUR ear)? Maybe your rival for the other person's affections? Or with a new COINTELPRO operation by the FBI convincing your Significant Other that you're cheating (as they did to a number of '60s/'70s activists)?

I could go on listing potential bad stuff all day. The more tech, the worse it gets.

You want security?

[andreyw]

...Then create SSL VPN tunnels with OpenVPN (X509 PKI, TLS) between PBXs and enjoy.

It's amazing what good design can do to improve security.

"Oh you mean just setting up random SIP connections over the net is a bad idea?"

Voice Security

[caller9]

I care about security as much as the next guy but comparing POTS or even centrix security to VoIP is ridiculous. What about physical security that many have mentioned? I want to maintain 99.999 without having to worry about some jagoff with a backhoe whether he is driven by some virulent strain of Islam or is just a stupid ass. Much less a single leaky capacitor that has no backup system in place. So far it seems that even above ground, in my area, the ISPs have put more into redundant paths than the PSTN.

Hell, we ran into a single point of failure 120 miles away at a NOC on a cellular data network back haul router. Which took 6 hours to pinpoint by AT&T -> Sprint -> SBC -> Cingular -> AT&T/Cingular -> AT&T finger-pointing. At which point it was determined that the endpoint (AT&T GPRS private APN firewall router middleman) was flaky.... but they were totally able to loop up the T1 from the TELCO which proved there was no problem, bah!

The tech support were friendly but clueless and equipped with all the right info from the first minutes of the outage by myself...which WE detected 30 min after it happened through our own standard public safety system troubleshooting, and they were still totally unaware of it. Yeah 30 minutes is quite a lag time but consider I had to dial in from 3 towns away(26,400) after 10 minutes on the phone to verify dispatch wasn't just crazy. It took 10 minutes for them to notice the problem and qualify it for emergency service.

Yet a simple ISP with some nagios running would've found it faster but had dual paths to prevent (more than 30 seconds of) downtime. We intentionally took down our Internet link in an infrastructure replacement and the poor guy in the ISP NOC dug through outdated contact info for a while until he called his boss and eventually my cellphone to report the outage THAT'S SERVICE. He was actually concerned when he called too, could've been related to his boss but still. *I* had to calm *him* down, and there was definitely a sigh of relief on his end when I explained. I felt bad for not notifying him. He insisted I call back when we were done to verify connectivity. Where do you find that type of service?

TELCO didn't see the problem, or go to the trouble of calling us if they had. When we called them they were courteously-flippant and blamed us at every turn until they found they were wrong. Guilty until proved innocent is definitely their modus operandi.

Maybe my region is better, but I'm pretty much in Podunk. My vote is for VoIP. I realize that the cost is much more significant for the telco to do the same thing with available technology and infrastructure, that is my point exactly.

Avaya Phone SNMP

The author failed to mention that the Avaya SNMP community string can be changed using the "SNMPSTRING" parameter. Even though the MIBS are read-only, SNMP access can also be restricted to administered IP addresses using the "SNMPADD" parameter in the phone configuration file. For more information see the following: http://support.avaya.com/elmodocs2/4600/233507_2_1 .pdf