|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: Q: Voice over IP security - anyone?
From: Cold Fire (coldfire
CLOSED-NETWORKS.COM)Date: Sun Oct 08 2000 - 17:40:13 CDT
- Next message: Simple Nomad: "Re: Windows file problem"
- Previous message: Andrew Griffiths: "Re: Non-priv'ed users able to reboot RH 7.0?"
- In reply to: Lincoln Yeoh: "Re: Q: Voice over IP security - anyone?"
- Next in thread: Bluefish (P.Magnusson): "Re: Q: Voice over IP security - anyone?"
- Next in thread: Guilherme Mesquita: "Re: Q: Voice over IP security - anyone?"
- Reply: Cold Fire: "Re: Q: Voice over IP security - anyone?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Sun, Oct 08, 2000 at 03:13:30PM +0800, Lincoln Yeoh wrote:
>
> It was public knowledge about a decade ago why it was weak, I believe it
> came up in the major UK newspapers. The encryption was intentionally
> weakened by request of the spy agencies (GCHQ etc). There was a bit of a
> noise about it, then it died down.
Funnily enough, most people in the UK use analogue landlines, with no
encryption, people do not care because most peoplehave nothing to hide.
<SNIP>
>
> Anyway, you don't even need to crack GSM crypto to listen in. The
> conversation is only encrypted from the phone to the tower (or was it the
> exchange? anyway), from then on it's "clear text". So if the police did
> things the "redtape" way they can listen in without having to crack
> anything. I suppose it's too much of a hassle to get permission from the
> necessary people?
GSM ecnryption is, in my opinion, there to stop the average joe in
the street listening in, and as an add on to the authentication
encryption built in to stop cloaning. This said there are already
sophisticated devices, ala CellTrak, for listening to, and tracking
GSM mobiles on the black market.
There are very few 'wiretap' warants issued in the UK, I think the last
figures I saw were less than 200 a year, I'm sure there are far more actual
incidents than this, but the important thing is, if there is no warant,
its not admissable in court, the moral of this is: Criminals buy pre-pay
mobile of the shelf in the supermarket, use them for a few weeks then
buy a new one, this gives authorities (GCHQ or otherwise) little time
to identify the phone, install taps, work out who 'Mr White' wanting
to 'go out for a drink' is amongst the other traffic.
This has little to do with computer security anyway, moderator feel to
kill this post.
Steve
NB. In the interests of full disclosure I have a conviction for
cell phone fraud.
-- 'Cold Fire, Britains most notorious hacker' Observer, July 1997 'The most recent conviction was that of [Cold Fire] whose On-line escapades spanned from hacking into educational sites to more sinister activities such as tapping into industrial and United States military sites.' DC Paul Cox, SO6 Scotland Yard CCU
- Next message: Simple Nomad: "Re: Windows file problem"
- Previous message: Andrew Griffiths: "Re: Non-priv'ed users able to reboot RH 7.0?"
- In reply to: Lincoln Yeoh: "Re: Q: Voice over IP security - anyone?"
- Next in thread: Bluefish (P.Magnusson): "Re: Q: Voice over IP security - anyone?"
- Next in thread: Guilherme Mesquita: "Re: Q: Voice over IP security - anyone?"
- Reply: Cold Fire: "Re: Q: Voice over IP security - anyone?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]