Interesting People mailing list archives
more on VoIP CALEA -- the NSF does work for guess who ? djf
From: David Farber <dave () farber net>
Date: Wed, 10 Aug 2005 19:51:08 -0400
Begin forwarded message: From: Brad Templeton <btm () templetons com> Date: August 10, 2005 4:06:15 PM EDT To: David Farber <dave () farber net> Cc: tom_gray_grc () yahoo comSubject: Re: [IP] more on VoIP CALEA -- the NSF does work for guess who ? djf
Dave, you can add this note to my prior note if you wish to forward it or either. On Wed, Aug 10, 2005 at 06:14:07AM -0400, David Farber wrote:
There is no great difficulty in arranging for the interception of Internet-only voice calls, contrary to what has been written in earlier messages in this thread.
....
It would seem to be very simple for providers such as SKPE and Vonage to intercept Internet-only voice calls. The intereception could be done at the packet forwarder. In most cases the packet forwarder is required. Even in cases where it is not required, the client software could be set up to accept a management instruction amd silently send all packets thorugh a forwarder without infromting the user. Tom Gray
Skype, as far as we know (they don't reveal the details) encrypts end to end. The external PC which is recruited to forward packets for people behind NAT does not, as far as I know, have the ability to decode the voice. If it does, that would be a surprisingly poor encryption design, and a provider like Skype could change it. Skype is standalone software. It queries Skype's master servers for information on where to do directory lookups and find external servers, but otherwise Skype's servers do not appear to participate in the calls, and thus, without modification of the downloaded software, could not interfere with or even be aware of calls, short of suborning the entire list of "volunteer" forwarding computers provided to the client. And as I noted before, rerouting IP to IP calls adds considerable problems. I am building a VoIP phone service which connects two people by ringing both their phones. However, it does not, as most such services do, bridge the calls in a central point. Both endpoints send their audio to one another directly. A central wiretap is not workable on such a call. The system could tell both endpoints to talk to a bridge, which would be detectable and increase latency. One could easily provide software to watch for this and turn on an indicator on the phone saying, "Your line is tapped!" In some ways, criminals might find it more useful to have a phone where they can tell if it's tapped to provide disinformation, rather than just avoiding taps altogether as you would with Skype. ------------------------------------- You are subscribed as lists-ip () insecure org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- more on VoIP CALEA -- the NSF does work for guess who ? djf David Farber (Aug 10)
- <Possible follow-ups>
- more on VoIP CALEA -- the NSF does work for guess who ? djf David Farber (Aug 10)
- more on VoIP CALEA -- the NSF does work for guess who ? djf David Farber (Aug 11)