Tuesday, May 3, 2016

Voice phone calls how secured are they?

I was doing my company "advance security awareness training " and had to laugh at this slide presentation

The truth is, any communique that has no "encryption between parties" is unsecured regardless if your whispering in a phone or not.

Take a cell or landline phone, that's routed thru a VoIP service that travels over the internet or any a private network. Any person in the middle can easily decode the RTP stream and playback any voice from that transmission. Worst, you would have zero clue if this is happening !

So , yes calling your bank and providing  Person information ( acct#, PIN,name, DOB, etc.... ) is all unsecured and you have no ideal what and where your call was routed and if it used any part of a unsecured ip-network.

 Now the truth of the matter, anybody whos not in a military intelligence community frankly don't know about the risks of using a phone line. The days of  wiretap or the spy hanging off the telephone or the use of  directional mics point at you window,  are pretty much  just about gone.

We made it much easier to just tap into a audio stream over any VoIP network.

Why VoIP calls and encryption are overlooked is due  primarily to any of the following;

1: the voice subscriber  just don't care, or even know
2: the managing  of  key-exchange between devices would be difficult to perform
3: the managing of  key-exchange between a call multi-party ( conference ) would be even more difficult 
4: phone instrument have very little no  encryption support for voice bear channels
5: calls that transverse multiple trunk types could be very hard to secured end2end

NSE ( network security expert) and Route/Switching Engineer
kfelix  -----a----t---- socpuppets ---dot---com

     ^      ^
=(  @  @ )=
        /  \

No comments:

Post a Comment