Thread: VOIP over Wi-Fi subject to eavesdropping?
View Single Post
  #43 (permalink)  
Old 08-09-2005, 03:19 AM
jnitron
Guest
  
Posts: n/a
Default Re: VOIP over Wi-Fi subject to eavesdropping?
On Sun, 07 Aug 2005 18:39:38 -0700, Jeff Liebermann
<jeffl@comix.santa-cruz.ca.us> wrote:

>On Mon, 08 Aug 2005 00:35:53 +0100, jnitron
><jnitron-nospam@hotmail.com> wrote:
>
>>My point exactly. If the caller is not the subject of attention, then
>>security is irrelevant.
>
>I'm sure all the law abiding citizens with government files of their
>activities will be gratified to know that the government will not use
>the information against them.

Big brother is not yet completely concerned yet ( I believe) about
the trivial lives of the majority of its citizens, and what they
discuss in their VOIP conversations. Skeletons in your
cupboard?...sure, then don't discuss them on the phone. Would Reagan
have said what he did if he knew that the microphone was switched on?

>>Paranoia is the hallmark of somebody who has something to hide and he
>>believes others have reason to be concerned about.
>
>Ignorance is the hallmark of someone about to get hacked. Someone who
>is informed of the mechanics of how privacy intrusions, wireless
>sniffing, general hacking, and wireless-tap recordings are done, is
>less likely to find themselves compromised than the ignorant. I'm not
>suggesting that paranoia should be some type of security measure, but
>awareness of exploits and techniques will often do more to prevent a
>security breach than all the automagic IDS systems.

I would postulate that there are 2 doors most likely to be of interest
to the intruder. Both the open door and the heavily secured door
beckon infiltration. Ignorance may leave the door open while the
Paranoid will go for the latter. Awareness will encourage the use of a
sensible and practical level of security. Exactly half of us have
doors which are less secure than the average - I'm sure that it'd be
interesting to know if the majority of intrusions take place against
better or less well secured premises, or more importantly, from which
half of the spectrum is most value taken?

>>Fortunately most of
>>us have nothing to hide.
>
>Oh? Could I trouble you for your bank ID, social security numbers,
>birthdate, mother's maiden name, credit card numbers, collection of
>passwords, and name of your mistress? Surely you don't think these
>should be kept hidden.

So why would you discuss them in a VOIP call ? Remember security has 2
key purposes - to keep out, and to keep in. Why worry about keeping
out when it is simpler and much more secure to keep in

>>We are more concerned about finding out about
>>what is hidden than trying to hide that which most people have no
>>interest in knowing.
>
>Well, the line between privacy and security is a thin and shifting
>line. The recent example of where Googles president had his privacy
>allegedly violated using his own Google search tools is a good example
>of the moving line:
> http://money.cnn.com/2005/08/05/technology/google_cnet/
>I have successfully horrified customers by digging through various web
>sites for their past information. (It's also called "ego surfing").
>Addresses and phone numbers are easy. Former employers can sometimes
>be found. Old email addresses are fairly easy. Birthdays are spotty
>but possible. Until recently, drivers license numbers, SSI numbers,
>and some medical records were possible. Whether someone is interested
>in this information really depends on what they have in mind to do
>with it. Identity theft comes to mind. Depending upon circumstances,
>the info itself can be quite damaging. For example, when I found a
>customers birthday online, he was almost in a state of panic because
>he was lying to his employer about his age.
>
>>Read
>>http://csrc.nist.gov/publications/ni...0-58-final.pdf
>
>Good advice.
>
>>or maybe you should read about the British achievements at Bletchley
>>Park 60 years ago, which probably saved America's ass at Midway.
>>Encoded wireless transmissions are not new and there will probably
>>never be a way of making them 100% secure.
>
>Drivel. The US and British were not exchanging decrypts or technology
>at that point in the war. While the British were well ahead of the US
>on German ciphers, the US had been working for years on Japanese JN-25
>ciphers at "station Hypo" in what much later became Arlington Hall.
>The Midway decrypts came strictly from US codebreakers. See:
> "Battle of Wits" by Stephen Budiansky
>for details of the US efforts.
>> http://www.amazon.com/exec/obidos/tg...51038?v=glance

You will see in the following link and in other places that US /
British cooperation existed prior to the US entry into WWII. Also, and
contrary to the film, the British (not the Americans)
captured a 4 rotor Enigma machine from the submarine U110
http://www.guardian.co.uk/internatio...271027,00.html
http://www.history.navy.mil/faqs/faq97-1.htm
Here's a good article about Enigma, if you're interested.
http://en.wikipedia.org/wiki/Enigma_machine.
You'll note that the British designs for their code breaking equipment
(bombes) was made available after a US Navy visit to Bletchley Park
in July 1942.
JN25 was reportedly broken before Pearl Harbor by the Britosh at
Singapore where John Tiltman worked. Tiltman, who was born in London
on May 24, 1894, later worked at Bletchley Park. The Americans did
"break" JN25 but not untill many months later.
http://www.fpp.co.uk/online/00/09/Codebreaking1.html
Considering that Bletchley Park operations were kept secret up to 1989
I doubt if the full level of collaborative effort has ever been fully
published. I would guess that John Tiltman's achievements were shared
by the Allies - and this should cast some reasonable doubt about who
was first. Like the majority of VOIP conversations - it really does
not matter anyway.
If there is any relevance in what I am speaking about it is this: that
if JN25 was understood at the time of Pearl Harbor and at Midway - the
outcome of each occasion was not affected by whether or not Japanese
messages were encrypted, but by whether or not they were sent (and
intercepted) in the first place. There is only one way to keep secrets
and that is not to tell them, as demonstrated by the documented
Japanese radio silence prior to Pearl Harbour.
Apologies for getting (slightly) off topic on this.


>>Remember that the vast majority of email sent across public networks,
>>even outwith VPN's, is not encrypted.
>
>Did you ever wonder why it's not encrypted? You could easily have
>encrypted email and authenticated servers without much difficulty.
>There are RFC's describing the techniques in detail. The problem is
>that you lose anonymity in the process. It's impossible to encrypt
>and authenticate without point a finger directly at the source of any
>traffic. There are a large contingent of users that consider
>anonymity equivalent to privacy and don't want to lose that for fear
>of government or corporate reprisals. I consider this to be a real
>fear and the major stumbling block preventing universal encryption.

I don't agree... its not encrypted because it mostly does not need to
be encrypted. Pre Shared Keys for example, make it possible to have a
message encrypted without the recipient (or anybody else) knowing
where the message originated. If you're fast enough you might just get
there in time to know who the recipient is. SMTP mail headers are
easily forged and anonymity is practically assured. If that is your
argument against email encryption - why bother to encrypt VOIP when
the only real identifier and prevention of anonymity is possibly voice
recognition (or sitting next to the people having the VOIP
converssation).

>>Our reliance on the spoken
>>word is far less. (For example, President Reagan who said in a
>>wireless broadcast ....... "My fellow Americans, I'm pleased to tell
>>you today that I've signed legislation that will outlaw Russia
>>forever. We begin bombing in five minutes.")
>
>Reagan had quite a few better quotes:
> http://en.wikiquote.org/wiki/Ronald_Reagan
>If you've every listened in to an analog cellular conversation (before
>it was outlawed), you would wonder why anyone would even want to
>listen to that junk. 99.9% of everything I heard was garbage. Yet,
>when I yacked with a customer on the way to a server recovery, I
>stupidly announced the root password to their servers. For the next
>two weeks, someone was trying to break into their system using this
>root password (which I changed on arrival because it was time, not
>because I was paranoid).

Again, it is clear that your convesation would have not needed to be
secured apart from the fact that you decided to inappropriately
disclose a secret. Tell me...if your converstion had been encrypted
would you still have felt the need to change the password? If you
would - what would the point have been in the encrytion? If you
wouldn't - would you have relied on the encryption to keep your
secret, or, would it have been better not to have told the password in
the first place? Or was it just luck that the timing of the password
change coincided with your disclosure.

How many times do we return to find that we'd forgotten to lock the
car (but nothing thankfully is missing). Would the car have been more
secure if we'd locked it? If yes, then only because of the probability
of an intrusion and not because of something evidenced by facts.

You'll know the story about the person who was fed up of having his
car broken into - so he left a note on the dash saying "nothing
valuable inside". When he returned to the car he found it broken into
with a note beside his, which read, "just checking".

>>Remember that the question we are trying to answer was concerned with
>>"practical" security, not the level of security that might be needed
>>to prevent the interception of thought processes as if in a "Matrix"
>>dreamworld.
>
>The technology for doing that isn't here yet. I visualize a bad
>science fiction movie, where the victim wears a metal helmet full of
>wires, and where a rack full of hardware sucks the thoughts directly
>from his brain. Not this week, but maybe in the near future.
>
>>Get real everybody !
>
>I am. It's called "crime-think".

So... why did you reveal the root password? Crime-think is not built
into VOIP phones and probably shouldn't need to be. The Eskimo story
earlier in this thread sums it up. While we should (and do)
acknowledge human imperfections, the answer is not in phone
technology, but in how we use it.



Reply With Quote