Compressed VoIP Calls Vulnerable To Bugging

← Back to Stories (view on slashdot.org)

Compressed VoIP Calls Vulnerable To Bugging

Posted by kdawson on Friday June 13, 2008 @04:20AM from the say-that-again-slowly dept.

holy_calamity writes "Security researchers at Johns Hopkins report that a variable bit-rate compression scheme being rolled out on VoIP systems leaves encrypted calls vulnerable to bugging. Simpler syllables are squeezed into smaller data packets, with more complex ones taking up more space; the researchers built software that uses this to spot phrases of interest in encrypted calls simply by measuring packet size."

10 of 140 comments (clear)

Min score:

Reason:

Sort:

Re:Do what my grandparents do by smitty97 · 2008-06-13 04:26 · Score: 5, Funny

That or you could just learn Russian... I don't think they *have* any simple-syllable words in Russian :-) In Soviet Russia, VoIP bugs you!

--
mod me funny
Evasive, ummm, technology by martyb · 2008-06-13 04:30 · Score: 4, Funny

FTFA
In tests on example conversations, the software correctly identified phrases with an average accuracy of about 50%. But that jumped to 90% for longer, more complicated words. Wright thinks these phrases may be the most important. "I think the attack is much more of a threat to calls with some sort of professional jargon where you have lots of big words that string together to make long, relatively predictable phrases," he says. "Informal conversational speech would be tougher because it's so much more random."

So, ummm, what we should do to, umm, well, protect ourselves from, ummm, yaknow, eavesdroppers, heh-heh, is well, make sure there's enough, ummmmmmm, yaknow, like extra noise, like, mixed in, dude.
1. Re:Evasive, ummm, technology by gstoddart · 2008-06-13 05:18 · Score: 4, Funny
  
  So, ummm, what we should do to, umm, well, protect ourselves from, ummm, yaknow, eavesdroppers, heh-heh, is well, make sure there's enough, ummmmmmm, yaknow, like extra noise, like, mixed in, dude.
  
  Oh my god, thats like, totally, like, a great idea, yaknow. I mean, like, they'll never figure out what we're, like, saying, yaknow?
  
  Oryoucouldspeakreallyfastwithoutpausesbetweenwords. Thatwaythey'llneverknowwhatyousaid =)
  
  Or. We. Could. All. Speak. Like. Shatner. Random. Long. Pauses. Genius.
  
  Cheers
  
  --
  Lost at C:>. Found at C.
Re:Easy Solution: by Daimanta · 2008-06-13 04:44 · Score: 4, Funny

""Music in the background" is not a security solution. In fact, that's a freaking joke."

Yes, but a joke you can dance on.

--
Knowledge is power. Knowledge shared is power lost.
Re:Do what my grandparents do by markana · 2008-06-13 04:47 · Score: 4, Funny

>That or you could just learn Russian... I don't think they *have* any simple-syllable words in Russian :-)

Da!
Re:Do what my grandparents do by mlwmohawk · 2008-06-13 04:48 · Score: 3, Funny

Just speak arabic!! We already know the FBI and CIA don't have enough translators.
Re:Do what my grandparents do by hummassa · 2008-06-13 04:55 · Score: 3, Funny

That or you could just learn Russian... Which would give you an advantage, if you ever have to pilot a bleeding-edge mind-controlled Russian jet fighter.

--
It's better to be the foot on the boot than the face on the pavement. ~~ tkx Kadin2048
Re:Here's a thought by oodaloop · 2008-06-13 05:06 · Score: 3, Funny

Voice data just CAN'T be securely encrypted. Really? I have a Top Secret phone on my desk, and I can assure you it's pretty secure. (And no, it's not a shoe.)

--
Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
Re:Easy Solution: by martin_henry · 2008-06-13 05:12 · Score: 3, Funny

Awesome....a VOIP dance party.

--
www.purevolume.com/martyd
ode-cay by fahrbot-bot · 2008-06-13 05:37 · Score: 3, Funny

Ust-jay eak-spay in ode-cay.

--
It must have been something you assimilated. . . .