Re: Q: Voice over IP security - anyone?

[Lincoln Yeoh <lyeoh () POP JARING MY>]

At 10:46 AM 10/6/00 +0200, Bluefish (P.Magnusson) wrote:
> Personly, I believe they are totally clueless. Take the weak GSM
> enctryption, why is it so weak? There is no point, really, as for the

For GSM it was not cluelessness.

It was public knowledge about a decade ago why it was weak, I believe it
came up in the major UK newspapers. The encryption was intentionally
weakened by request of the spy agencies (GCHQ etc). There was a bit of a
noise about it, then it died down.

Because of that I was very puzzled why there was such a big fuss about some
people cracking the crypto a couple of years ago. I mean, it's
intentionally weak, so why were people so surprised it was cracked? Also
don't know why some crypto people appeared to be surprised the crypto was
weak.

Anyway, you don't even need to crack GSM crypto to listen in. The
conversation is only encrypted from the phone to the tower (or was it the
exchange? anyway), from then on it's "clear text". So if the police did
things the "redtape" way they can listen in without having to crack
anything. I suppose it's too much of a hassle to get permission from the
necessary people?

Whatever it is you definitely can listen in to conversations at the phone
exchange level.

Cheerio,

Link.