Vulnerability Development mailing list archives
Re: Q: Voice over IP security - anyone?
From: Lincoln Yeoh <lyeoh () POP JARING MY>
Date: Sun, 8 Oct 2000 15:13:30 +0800
At 10:46 AM 10/6/00 +0200, Bluefish (P.Magnusson) wrote:
Personly, I believe they are totally clueless. Take the weak GSM enctryption, why is it so weak? There is no point, really, as for the
For GSM it was not cluelessness. It was public knowledge about a decade ago why it was weak, I believe it came up in the major UK newspapers. The encryption was intentionally weakened by request of the spy agencies (GCHQ etc). There was a bit of a noise about it, then it died down. Because of that I was very puzzled why there was such a big fuss about some people cracking the crypto a couple of years ago. I mean, it's intentionally weak, so why were people so surprised it was cracked? Also don't know why some crypto people appeared to be surprised the crypto was weak. Anyway, you don't even need to crack GSM crypto to listen in. The conversation is only encrypted from the phone to the tower (or was it the exchange? anyway), from then on it's "clear text". So if the police did things the "redtape" way they can listen in without having to crack anything. I suppose it's too much of a hassle to get permission from the necessary people? Whatever it is you definitely can listen in to conversations at the phone exchange level. Cheerio, Link.
Current thread:
- Q: Voice over IP security - anyone? Craig, Scott (Oct 05)
- Re: Q: Voice over IP security - anyone? Bluefish (P.Magnusson) (Oct 07)
- Re: Q: Voice over IP security - anyone? Lincoln Yeoh (Oct 08)
- Re: Q: Voice over IP security - anyone? Cold Fire (Oct 08)
- Re: Q: Voice over IP security - anyone? Bluefish (P.Magnusson) (Oct 10)
- Re: Q: Voice over IP security - anyone? Lincoln Yeoh (Oct 08)
- <Possible follow-ups>
- Re: Q: Voice over IP security - anyone? Guilherme Mesquita (Oct 08)
- Re: Q: Voice over IP security - anyone? Bluefish (P.Magnusson) (Oct 07)