The truth is, any communique that has no "encryption between parties" is unsecured regardless if your whispering in a phone or not.
Take a cell or landline phone, that's routed thru a VoIP service that travels over the internet or any a private network. Any person in the middle can easily decode the RTP stream and playback any voice from that transmission. Worst, you would have zero clue if this is happening !
So , yes calling your bank and providing Person information ( acct#, PIN,name, DOB, etc.... ) is all unsecured and you have no ideal what and where your call was routed and if it used any part of a unsecured ip-network.
Now the truth of the matter, anybody whos not in a military intelligence community frankly don't know about the risks of using a phone line. The days of wiretap or the spy hanging off the telephone or the use of directional mics point at you window, are pretty much just about gone.
We made it much easier to just tap into a audio stream over any VoIP network.
Why VoIP calls and encryption are overlooked is due primarily to any of the following;
1: the voice subscriber just don't care, or even know
2: the managing of key-exchange between devices would be difficult to perform
3: the managing of key-exchange between a call multi-party ( conference ) would be even more difficult
4: phone instrument have very little no encryption support for voice bear channels
5: calls that transverse multiple trunk types could be very hard to secured end2end
Ken
NSE ( network security expert) and Route/Switching Engineer
kfelix -----a----t---- socpuppets ---dot---com
^ ^
=( @ @ )=
o
/ \
No comments:
Post a Comment