OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: Q: Voice over IP security - anyone?
From: Bluefish (P.Magnusson) (11aGMX.NET)
Date: Fri Oct 06 2000 - 03:46:52 CDT

> I'd like to know if any product on the market can actually have it's data
> traffic recorded and played back. There's mention of encryption but I don't
> have the details. In the past companies have spun stuff off as secure and
> encrypted, yet it's only a bit operation, compression, or whatever.

Agree!
With american 'encrypted' mobile phones, the GSM encryption, and the
so-called wap encryption in mind... I'd assume all technology from phone
companies & alike to either be heavily stupid or police/spy-friendly
backdoored and dangerous solutions like the WAP enctyption.

The big question with companies is...
  * don't they care?
  * or are they totally clueless?
  * or do they build this crap intentionally?

Personly, I believe they are totally clueless. Take the weak GSM
enctryption, why is it so weak? There is no point, really, as for the
police to do their job they can sniff much easier at the unencenrypted
server channels. Or the XOR encrypted cellphones, shouldn't 40 bit DES be
a better and exportable solution?

If someone makes sense of these blunders, they're better person than me ;)

..:::::::::::::::::::::::::::::::::::::::::::::::::..
     http://www.11a.nu || http://bluefish.11a.nu
    eleventh alliance development & security team

             http://www.eff.org/cafe