I use VOIP (Voicepulse) over my laptop while on the road, connected via
Wi-Fi hotspots.
My question- Are my phone conversations secure over these connections?
I am talking for "all practical purposes", absent CIA or KGB with
advanced technology.
"Steve" <billpritjr@spamhole.com> wrote:
>I use VOIP (Voicepulse) over my laptop while on the road, connected via
>Wi-Fi hotspots.
>
>My question- Are my phone conversations secure over these connections?
>I am talking for "all practical purposes", absent CIA or KGB with
>advanced technology.
Let me explain 10 important things about telephones to you...
which comes from 34 years, before retiring, in the telephone
long distance business.
1) Do *not* *ever* say *anything* on a telephone that you cannot
live with seeing on the front page of tomorrows local newspaper.
(Items 2 through 9 have precisely the same words as item 1.)
10) There is no such thing as a secure telephone connection,
unless *you* provide the encryption at both ends.
--
Floyd L. Davidson <http://www.apaflo.com/floyd_davidson>
Ukpeagvik (Barrow, Alaska) floyd@apaflo.com
>"Steve" <billpritjr@spamhole.com> wrote:
>>I use VOIP (Voicepulse) over my laptop while on the road, connected via
>>Wi-Fi hotspots.
>>
>>My question- Are my phone conversations secure over these connections?
>>I am talking for "all practical purposes", absent CIA or KGB with
>>advanced technology.
>Let me explain 10 important things about telephones to you...
>which comes from 34 years, before retiring, in the telephone
>long distance business.
> 1) Do *not* *ever* say *anything* on a telephone that you cannot
> live with seeing on the front page of tomorrows local newspaper.
>(Items 2 through 9 have precisely the same words as item 1.)
Since long range microphones are possible and bugs, I guess you should
change this to " Never say anything ever anywhere [that you would not want
to live to see published...].
Or since your actions could be filmed anywhere, do not do anything....
Or, the best way to cope with the uncertainties of life is to die.
Not for most of us very helpful advice and certainly not an answer to his
question.
> 10) There is no such thing as a secure telephone connection,
> unless *you* provide the encryption at both ends.
Similarly.
IF your VOIP is is not encrypted then yes it could be "overheard".
If the wireless link from your laptop to the access point is not encrypted,
then yes, it could be overheard. I have no idea if VoicePulse encrypts the
stuff.
In article <871x5az1qa.fld@barrow.com>, Floyd L. Davidson
<floyd@apaflo.com> writes
>"Steve" <billpritjr@spamhole.com> wrote:
>>I use VOIP (Voicepulse) over my laptop while on the road, connected via
>>Wi-Fi hotspots.
>>
>>My question- Are my phone conversations secure over these connections?
>>I am talking for "all practical purposes", absent CIA or KGB with
>>advanced technology.
>
>Let me explain 10 important things about telephones to you...
>which comes from 34 years, before retiring, in the telephone
>long distance business.
>
> 1) Do *not* *ever* say *anything* on a telephone that you cannot
> live with seeing on the front page of tomorrows local newspaper.
>
>(Items 2 through 9 have precisely the same words as item 1.)
>
> 10) There is no such thing as a secure telephone connection,
> unless *you* provide the encryption at both ends.
>
I assume that applies to the USA telephone system?
--
\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
\/\/\/\/\ Chris Hills Staffs England /\/\/\/\/
/\/\/ chris@phaedsys.orgwww.phaedsys.org \/\/\
\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/
Unruh <unruh-spam@physics.ubc.ca> wrote:
>floyd@apaflo.com (Floyd L. Davidson) writes:
>
>>"Steve" <billpritjr@spamhole.com> wrote:
>>>I use VOIP (Voicepulse) over my laptop while on the road, connected via
>>>Wi-Fi hotspots.
>>>
>>>My question- Are my phone conversations secure over these connections?
>>>I am talking for "all practical purposes", absent CIA or KGB with
>>>advanced technology.
>
>>Let me explain 10 important things about telephones to you...
>>which comes from 34 years, before retiring, in the telephone
>>long distance business.
>
>> 1) Do *not* *ever* say *anything* on a telephone that you cannot
>> live with seeing on the front page of tomorrows local newspaper.
>
>>(Items 2 through 9 have precisely the same words as item 1.)
>
>Since long range microphones are possible and bugs, I guess you should
>change this to " Never say anything ever anywhere [that you would not want
>to live to see published...].
>Or since your actions could be filmed anywhere, do not do anything....
>Or, the best way to cope with the uncertainties of life is to die.
>
>Not for most of us very helpful advice and certainly not an answer to his
>question.
*BULLSHIT*
Let me repeat that in terms you might understand:
Do not ever say anything on a telephone that you cannot live
with seeing on the front page of tomorrow's local newspaper.
You won't find anyone that has worked with the technical end of
the industry that thinks differently (unless they are brain
dead).
>> 10) There is no such thing as a secure telephone connection,
>> unless *you* provide the encryption at both ends.
>
>Similarly.
>
>IF your VOIP is is not encrypted then yes it could be "overheard".
>If the wireless link from your laptop to the access point is not encrypted,
>then yes, it could be overheard. I have no idea if VoicePulse encrypts the
>stuff.
So you are admitting it is exactly as I said. If *you* don't
provide the encryption, it is *not* secure.
And I *guarantee* you that on occasion there *are* people
listening.
--
Floyd L. Davidson <http://www.apaflo.com/floyd_davidson>
Ukpeagvik (Barrow, Alaska) floyd@apaflo.com
Chris Hills <chris@phaedsys.org> wrote:
>In article <871x5az1qa.fld@barrow.com>, Floyd L. Davidson
><floyd@apaflo.com> writes
>>"Steve" <billpritjr@spamhole.com> wrote:
>>>I use VOIP (Voicepulse) over my laptop while on the road, connected via
>>>Wi-Fi hotspots.
>>>
>>>My question- Are my phone conversations secure over these connections?
>>>I am talking for "all practical purposes", absent CIA or KGB with
>>>advanced technology.
>>
>>Let me explain 10 important things about telephones to you...
>>which comes from 34 years, before retiring, in the telephone
>>long distance business.
>>
>> 1) Do *not* *ever* say *anything* on a telephone that you cannot
>> live with seeing on the front page of tomorrows local newspaper.
>>
>>(Items 2 through 9 have precisely the same words as item 1.)
>>
>> 10) There is no such thing as a secure telephone connection,
>> unless *you* provide the encryption at both ends.
>>
>
>I assume that applies to the USA telephone system?
I would assume it applies to telephones everywhere in the world,
though my experience was specifically in the US. Off hand I'd
assume the security is worse in other places!
You've perhaps never heard just how automatic switching came to
exist in the telephone industry? Back in the good old days you
picked up the transmitter, rang the line, and told the operator
who to connect you to.
Well a fellow named Almon Strowger was an undertaker in Kansas
City, and he became convinced that the local telephone operator
was "misdirecting" business calls to his competitor. The
operator was the wife of the other undertaker in town! So he
went to work on what he later called the "Girl-less Telephone".
He spend a few years working on it, and in the early 1890's came
out with the first automatic telephone switch, designed to get
rid of that pesky telephone operator. A 1901 advertisement
read:
THIS SYSTEM OF TELEPHONING
INSURES ABSOLUTE SECRECY
--
Floyd L. Davidson <http://www.apaflo.com/floyd_davidson>
Ukpeagvik (Barrow, Alaska) floyd@apaflo.com
On Thu, 04 Aug 2005 11:32:36 GMT, CyberDroog
<CyberDroog@ClockworkOrange.com> wrote:
>On Thu, 04 Aug 2005 02:23:01 -0800, floyd@apaflo.com (Floyd L. Davidson)
>wrote:
>
>>Do not ever say anything on a telephone that you cannot live
>>with seeing on the front page of tomorrow's local newspaper.
>
>This thread reminds me of the novel The Light of Other Days (Arthur C.
>Clarke and Stephen Baxter.)
......<snip>
You might enjoy this short story:
<http://members.net-tech.com.au/alaneb/unknown.html>
CyberDroog <CyberDroog@ClockworkOrange.com> wrote:
>On Thu, 04 Aug 2005 02:42:39 -0800, floyd@apaflo.com (Floyd L. Davidson)
>wrote:
>
>>Well a fellow named Almon Strowger was an undertaker in Kansas
>>City, and he became convinced that the local telephone operator
>>was "misdirecting" business calls to his competitor. The
>>operator was the wife of the other undertaker in town! So he
>>went to work on what he later called the "Girl-less Telephone".
>
>Neat story regardless, but the part about the operator being the wife of
>his competitor is just weakly anecdotal and can't be verified. Other
>versions claim the operator was the cousin of a competitor, or that all the
>operators had conspired against him, suggesting bribery.
Could be, but I've never seen *any* of those versions! The only
variation that I've seen on it was whether he actually *knew*
she was doing it at the time, or just suspected and only
confirmed it much later.
>It is pretty much accepted that Almon was reportedly a paranoid nut. Either
>way, nice going Almon!
Well, I don't know about "paranoid nut", but he was
certainly a "little strange"!
I mentioned that he called it the "Girl-less Telephone", but I
left out the rest of the description. The whole bit was,
"girl-less, cuss-less, out-of-order-less, wait-less" telephone.
Obviously Almon had issues with the telephone company... But
gee, a hundred years later and that would *still* describe about
half the population in the US! (Maybe across the pond people
love telephone companies, but that isn't generally the case
here.)
--
Floyd L. Davidson <http://www.apaflo.com/floyd_davidson>
Ukpeagvik (Barrow, Alaska) floyd@apaflo.com
CyberDroog <CyberDroog@ClockworkOrange.com> wrote:
>On Thu, 04 Aug 2005 02:23:01 -0800, floyd@apaflo.com (Floyd L. Davidson)
>wrote:
>
>>Do not ever say anything on a telephone that you cannot live
>>with seeing on the front page of tomorrow's local newspaper.
>
>This thread reminds me of the novel The Light of Other Days (Arthur C.
>Clarke and Stephen Baxter.)
>
>In the story, science creates a wormhole camera - a device that can open a
>stable wormhole at any location on the planet, or in the universe, and
>observe the goings on. That idea is uncomfortable enough; having to be
....
>Then the technology became affordable on the consumer level...
>
>It was bad enough pondering the idea of God remembering everything you have
>done... now we can imagine science saying "Hey, why not?"
Fascinating!
Of course, I have to tell you that that reminds me of something too!
Traditional Eskimo culture was based on almost exactly that
concept! They didn't have wormholes, but something just about
as good. *Everything* has a spirit. If you can conceive of its
existence, it has a spirit. And of course all spirits have
moral sensitivities, and act according to what they perceive
humans are, or are not, doing by the rules.
Hence as young Eskimos became adults they moved into a world
that required them to be "aware". That is, aware that *every*
thought, *every* word, and *every* action, would have an effect on
the spirits of anything and everything involved. That effect
would be directly responsible for how various spirits react
towards all humans; hence, inappropriate actions could easily
cause all of the resources needed by an entire village to
disappear!
Talk about big brother watching! Same thing as a wormhole,
except it wasn't personal privacy that you might loose, but the
lives of your entire family and everyone in the village.
(I also believe that one of the distinctions between more and
less violent societies is that those who have a single "God",
can always either be forgiven or have God be on their side.
Either way, it's do what's necessary and worry about the
consequences later. As opposed to that, in cultures with
multiple Gods a person cannot live long enough to round up
forgiveness... so they learn to be more respectful first, and
do not expect forgiveness later.)
--
Floyd L. Davidson <http://www.apaflo.com/floyd_davidson>
Ukpeagvik (Barrow, Alaska) floyd@apaflo.com
> My question- Are my phone conversations secure over these connections?
> I am talking for "all practical purposes", absent CIA or KGB with
> advanced technology.
If you are worried about the security of the link between
your laptop and the Hotspot access point, you should use
the strongest encryption supported by the system you are
using. WPA is more secure than WEP, but only if you
use a strong password/key. Because hotspots often have
to cater for large numbers of users, many of them using
older equipment, they usually need to use the weakest
security options. WEP 40 bit key based on an easily
guessed password like 'megalomart'.
No calls made over the public telephone network can be considered
secure. Some VOIP systems offer end to end encryption, which
should result in a reasonably secure line. Skype claim to use
strong encryption (AES 256 bit).
In article <87zmryvv8g.fld@barrow.com>, Floyd L. Davidson
<floyd@apaflo.com> writes
>Chris Hills <chris@phaedsys.org> wrote:
>>In article <871x5az1qa.fld@barrow.com>, Floyd L. Davidson
>><floyd@apaflo.com> writes
>>>"Steve" <billpritjr@spamhole.com> wrote:
>>>>I use VOIP (Voicepulse) over my laptop while on the road, connected via
>>>>Wi-Fi hotspots.
>>>>
>>>>My question- Are my phone conversations secure over these connections?
>>>>I am talking for "all practical purposes", absent CIA or KGB with
>>>>advanced technology.
>>>
>>>Let me explain 10 important things about telephones to you...
>>>which comes from 34 years, before retiring, in the telephone
>>>long distance business.
>>>
>>> 1) Do *not* *ever* say *anything* on a telephone that you cannot
>>> live with seeing on the front page of tomorrows local newspaper.
>>>
>>>(Items 2 through 9 have precisely the same words as item 1.)
>>>
>>> 10) There is no such thing as a secure telephone connection,
>>> unless *you* provide the encryption at both ends.
>>>
>>
>>I assume that applies to the USA telephone system?
>
>I would assume it applies to telephones everywhere in the world,
>though my experience was specifically in the US. Off hand I'd
>assume the security is worse in other places!
In some places yes, others no.
>You've perhaps never heard just how automatic switching came to
>exist in the telephone industry? Back in the good old days you
Yes I know. I worked on System X and some of the call re-routing stuff
for the special prefixes
--
\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
\/\/\/\/\ Chris Hills Staffs England /\/\/\/\/
/\/\/ chris@phaedsys.orgwww.phaedsys.org \/\/\
\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/
"Floyd L. Davidson"
| >
| >IF your VOIP is is not encrypted then yes it could be "overheard".
| >If the wireless link from your laptop to the access point is not
encrypted,
| >then yes, it could be overheard. I have no idea if VoicePulse encrypts
the
| >stuff.
|
| So you are admitting it is exactly as I said. If *you* don't
| provide the encryption, it is *not* secure.
|
| And I *guarantee* you that on occasion there *are* people
| listening.
Do not assume that if it is encrypted that at some point it will not be
decrypted, either today, tomorrow or some n-th day after tomorrow.
| >Let me explain 10 important things about telephones to you...
| >which comes from 34 years, before retiring, in the telephone
| >long distance business.
| >
| > 1) Do *not* *ever* say *anything* on a telephone that you cannot
| > live with seeing on the front page of tomorrows local newspaper.
| >
| >(Items 2 through 9 have precisely the same words as item 1.)
| >
| > 10) There is no such thing as a secure telephone connection,
| > unless *you* provide the encryption at both ends.
| >
|
| I assume that applies to the USA telephone system?
NotMe wrote:
> "Chris Hills"
>
> | >Let me explain 10 important things about telephones to you...
> | >which comes from 34 years, before retiring, in the telephone
> | >long distance business.
> | >
> | > 1) Do *not* *ever* say *anything* on a telephone that you cannot
> | > live with seeing on the front page of tomorrows local newspaper.
> | >
> | >(Items 2 through 9 have precisely the same words as item 1.)
> | >
> | > 10) There is no such thing as a secure telephone connection,
> | > unless *you* provide the encryption at both ends.
> | >
> |
> | I assume that applies to the USA telephone system?
>
> Two words: Patriot Act
>
>
And one acronym: CALEA (US "wiretap" legislation that [VERY
roughly] requires providers to be able to let law enforcement
listen into anything. This preceded the Patriot Act.)
If legalities interest you, you might also want to search on
"Council of Europe Cybercrime". Among many other things, this
applies to VoIP, if the relevant jurisdiction has signed and
ratified the treaty.
On 8/4/2005 5:23 AM, Floyd L. Davidson wrote:
> Unruh <unruh-spam@physics.ubc.ca> wrote:
>
>>floyd@apaflo.com (Floyd L. Davidson) writes:
>>
>>
>>>"Steve" <billpritjr@spamhole.com> wrote:
>>>
>>>>I use VOIP (Voicepulse) over my laptop while on the road, connected via
>>>>Wi-Fi hotspots.
>>>>
>>>>My question- Are my phone conversations secure over these connections?
>>>>I am talking for "all practical purposes", absent CIA or KGB with
>>>>advanced technology.
>>
>>>Let me explain 10 important things about telephones to you...
>>>which comes from 34 years, before retiring, in the telephone
>>>long distance business.
>>
>>> 1) Do *not* *ever* say *anything* on a telephone that you cannot
>>> live with seeing on the front page of tomorrows local newspaper.
>>
>>>(Items 2 through 9 have precisely the same words as item 1.)
>>
>>Since long range microphones are possible and bugs, I guess you should
>>change this to " Never say anything ever anywhere [that you would not want
>>to live to see published...].
>>Or since your actions could be filmed anywhere, do not do anything....
>>Or, the best way to cope with the uncertainties of life is to die.
>>
>>Not for most of us very helpful advice and certainly not an answer to his
>>question.
>
>
> *BULLSHIT*
>
> Let me repeat that in terms you might understand:
>
> Do not ever say anything on a telephone that you cannot live
> with seeing on the front page of tomorrow's local newspaper.
>
> You won't find anyone that has worked with the technical end of
> the industry that thinks differently (unless they are brain
> dead).
>
>
>>> 10) There is no such thing as a secure telephone connection,
>>> unless *you* provide the encryption at both ends.
>>
>>Similarly.
>>
>>IF your VOIP is is not encrypted then yes it could be "overheard".
>>If the wireless link from your laptop to the access point is not encrypted,
>>then yes, it could be overheard. I have no idea if VoicePulse encrypts the
>>stuff.
>
>
> So you are admitting it is exactly as I said. If *you* don't
> provide the encryption, it is *not* secure.
>
> And I *guarantee* you that on occasion there *are* people
> listening.
>
I always joke to my friends to explain tele snooping that they just need
to talk about killing the president and watch the FBI show up at their
door step. But yes to guarantee privacy use a encrypter before the tele
mic and be in a sound proof room, etc,,,
Leythos <void@nowhere.lan> wrote:
>In article <871x5az1qa.fld@barrow.com>, floyd@apaflo.com says...
>>
>> Let me explain 10 important things about telephones to you...
>> which comes from 34 years, before retiring, in the telephone
>> long distance business.
>>
>> 1) Do *not* *ever* say *anything* on a telephone that you cannot
>> live with seeing on the front page of tomorrows local newspaper.
>>
>> (Items 2 through 9 have precisely the same words as item 1.)
>>
>> 10) There is no such thing as a secure telephone connection,
>> unless *you* provide the encryption at both ends.
>
>11) Never say anything in E-Mail or Usenet or other medium that you
>would not want to see in public/news/by your mother.
Different list, so that should be item 1. However, you're not
quite getting the picture (probably too young?).
1) Don't post anything to Usenet that you don't want your
*grandchildren* to see, because they probably will.
You worry about what you mother will see... I'm amazed at what
my grandchildren know about.
--
Floyd L. Davidson <http://www.apaflo.com/floyd_davidson>
Ukpeagvik (Barrow, Alaska) floyd@apaflo.com
>"Floyd L. Davidson"
>| >
>| >IF your VOIP is is not encrypted then yes it could be "overheard".
>| >If the wireless link from your laptop to the access point is not
>encrypted,
>| >then yes, it could be overheard. I have no idea if VoicePulse encrypts
>the
>| >stuff.
>|
>| So you are admitting it is exactly as I said. If *you* don't
>| provide the encryption, it is *not* secure.
>|
>| And I *guarantee* you that on occasion there *are* people
>| listening.
>Do not assume that if it is encrypted that at some point it will not be
>decrypted, either today, tomorrow or some n-th day after tomorrow.
And the conclusion anyone is to draw from this? /do not assume that time
travel or mind reading cannot occur in the future. So what does that mean?
One lives life rationally by examining alternatives and the liklihhod of
them. One does not live by simply listing all possibilities no matter how
outlandish and stopping at that point.
> And the conclusion anyone is to draw from this? /do not assume that time
> travel or mind reading cannot occur in the future. So what does that mean?
> One lives life rationally by examining alternatives and the liklihhod of
> them. One does not live by simply listing all possibilities no matter how
> outlandish and stopping at that point.
Without wishing to get into the issue of what is possible now or in the
future, capturing and playing back VoIP is NOW:-
> >Do not assume that if it is encrypted that at some point it will not be
> >decrypted, either today, tomorrow or some n-th day after tomorrow.
>
> And the conclusion anyone is to draw from this? /do not assume that time
> travel or mind reading cannot occur in the future. So what does that mean?
> One lives life rationally by examining alternatives and the liklihhod of
> them. One does not live by simply listing all possibilities no matter how
> outlandish and stopping at that point.
Now I'm afraid to LEAVE THE HOUSE!
Now I'm afraid to TOUCH THE COMPUTER!
AAARRRGGGHHH!
There are some technical difficulties with wiretap via wireless which
are obvious to anyone that has ever tried to actually obtain useful
data from a wireless sniff or capture. I won't mention what they are
as I believe that aspiring criminals should learn such things the hard
way.
Leythos <void@nowhere.lan> wrote:
>In article <87y87hrltg.fld@barrow.com>, floyd@apaflo.com says...
>> Leythos <void@nowhere.lan> wrote:
>> >In article <871x5az1qa.fld@barrow.com>, floyd@apaflo.com says...
>> >>
>> >> Let me explain 10 important things about telephones to you...
>> >> which comes from 34 years, before retiring, in the telephone
>> >> long distance business.
>> >>
>> >> 1) Do *not* *ever* say *anything* on a telephone that you cannot
>> >> live with seeing on the front page of tomorrows local newspaper.
>> >>
>> >> (Items 2 through 9 have precisely the same words as item 1.)
>> >>
>> >> 10) There is no such thing as a secure telephone connection,
>> >> unless *you* provide the encryption at both ends.
>> >
>> >11) Never say anything in E-Mail or Usenet or other medium that you
>> >would not want to see in public/news/by your mother.
>>
>> Different list, so that should be item 1. However, you're not
>> quite getting the picture (probably too young?).
>>
>> 1) Don't post anything to Usenet that you don't want your
>> *grandchildren* to see, because they probably will.
>>
>> You worry about what you mother will see... I'm amazed at what
>> my grandchildren know about.
>
>I was on Usenet in 84, on the older net before that, getting paid for
>code in the 70's, so I don't think I'm "younger".
>
>Most people respect their mother more than their children and many
>people don't have children - it's about the age thing, what we find
>unacceptable in our moral values the newer generation is more tolerant
>of, and so it goes.
You are *still* missing the point.
It isn't just what your contemporaries can see (which in the
case of a perspective employer can in fact be significant,
though I suppose your concern about your mother is equally
valid), but the fact that we are leaving a legacy that will
outlive us individually.
If posters want to be taken seriously by anyone, today or
tomorrow, they need to write for an audience that includes "your
*grandchildren*", and that is true for people who are 15 years
old just as well as it is for people who a childless at 85 years
of age.
--
Floyd L. Davidson <http://www.apaflo.com/floyd_davidson>
Ukpeagvik (Barrow, Alaska) floyd@apaflo.com
On Fri, 05 Aug 2005 17:32:21 GMT, David Taylor <djtaylor@bigfoot.com>
wrote:
>> The industry has a variety of commercial vendors who sell VoIP test,
>> quality monitoring, and call analysis tools. For example:
>
>Jeff, you're dangling that word "sell" again! ;)
Well, yes. I'm in the business of separating my customers from their
money. As a greedy businessman, I consider it appropriate for
customer to help subsidize my decadent and lavish lifestyle. So far,
one person sent me $15 via paypal for my sage advice. It's a start.
I just wanted to point out that sniffers and monitors are commonly
available, even if you do have to pay for them.
>I don't think too many of dubious intent will be rushing to buy when
>there's something for free which I took as the initial concern.
Well, Ethereal is free as are the various plug-in decoders.
>Yep, quite.
>However either way, my point was that VoIP capture is NOW not something
>that may happen in the future.
Agreed. Wireless VoIP sniffing is easy enough and can be done. Also,
there's a problem with some clients. The voice payload might be
encrypted but the SIP setup data is by necessity unencrypted.
Therefore, I can extract what phone numbers or IP's are being called,
and who's originating the call, which is quite useful information.
C'mon, Google translation services are always fun! ;)
> Agreed. Wireless VoIP sniffing is easy enough and can be done. Also,
> there's a problem with some clients. The voice payload might be
> encrypted but the SIP setup data is by necessity unencrypted.
Yes, frustratingly I have both Vonage and an alternate service. Only
Vonage was their router to be connected to the cable modem and my Sipura
wants to be connected there too. I asked Vonage what the SIP account
details were as the firmware is crippled and doesn't display the SIP
page and although their router is a 2 POTS port, I couldn't enter my
second provider for the same crippled firmware reason. I was going to
simply sniff the Vonage auth data but in the end just did a bit of
reconfiguration and the result works.
CyberDroog <CyberDroog@ClockworkOrange.com> wrote:
>On Fri, 05 Aug 2005 10:05:05 -0800, floyd@apaflo.com (Floyd L. Davidson)
>wrote:
>
>>If posters want to be taken seriously by anyone, today or
>>tomorrow, they need to write for an audience that includes "your
>>*grandchildren*", and that is true for people who are 15 years
>>old just as well as it is for people who a childless at 85 years
>>of age.
>
>Wouldn't that kind of ruin the stew? It's like going out on a first date
>having pre-conceived every line you will speak so that you make a good
You do not need to "pre-conceive" every line before the date
starts. But *thinking* before talking is clearly a good idea on
first dates as well as in Usenet posts.
>impression. That is perhaps useful as a means to an end, but rarely
>anything approaching the truth. Maybe our descendents would prefer a more
>realistic view of us just being ourselves.
If the "real you" spouts off without thinking, go for it! ;-)
>Sometimes I wish we had some stories of America's founding fathers getting
>soused and falling off their horses. Not that I believe that having myths
>and legends is necessarily bad. But would we value the Declaration of
>Independence any less if we were to find out that Thomas Jefferson was
>wearing a dress and six petticoats when he wrote it?
Why not? J Edgar Hoover was wearing something like that when
he made the FBI into a legend...
>I don't think so. In fact that would really kind of drive home the concept
>of the individuals right to pursue happiness.
>
>Thomas Jefferson - a hell of a guy, and my kind of woman...
Well, apparently several Presidents felt somewhat that way about
Hoover too.
--
Floyd L. Davidson <http://www.apaflo.com/floyd_davidson>
Ukpeagvik (Barrow, Alaska) floyd@apaflo.com
>
> Sometimes I wish we had some stories of America's founding fathers getting
> soused and falling off their horses. Not that I believe that having myths
> and legends is necessarily bad. But would we value the Declaration of
> Independence any less if we were to find out that Thomas Jefferson was
> wearing a dress and six petticoats when he wrote it?
I think you need to read more history - there are plenty of such stories.
At about the time of 8/3/2005 6:45 PM, Steve stated the following:
> I use VOIP (Voicepulse) over my laptop while on the road, connected via
> Wi-Fi hotspots.
>
>
> My question- Are my phone conversations secure over these connections?
> I am talking for "all practical purposes", absent CIA or KGB with
> advanced technology.
>
> THANKS!
>
One thing that I want to point out is that if you are using a Wi-Fi
hotspot, then chances are that your conversations are *NOT* secure.
The FBI recently had a demonstration where they broke 128bit WEP
security inside of 5 minutes. No SSID was being broadcast and MAC
address filtering was turned on. And they did it using readily
available software and equipment that everyone has access to.
If you want security over a Wi-Fi link, then use a VPN or other
encryption agent.
--
Daniel Rudy
Email address has been encoded to reduce spam.
Remove all numbers, then remove invalid, email, no, and spam to reply.
On Sat, 06 Aug 2005 14:35:41 GMT, David Taylor <djtaylor@bigfoot.com>
wrote:
>> why were they wasting their time and your money on that. WPA etc were
>> invented precisely because WEP is known to be weak.
>
>Possibly because the vast majority of wireless LANs still run either WEP
>or no encryption.
>
>David.
The original question was, "- Are my phone conversations secure over
these connections? ... and referred to "all practical purposes".....
The easy answer which everybody seems to agree - is that nothing is
secure. Why?... because if information exists ( even for an
infintesimal amount of time, and even with the strongest encryption)
and it is possible to read the data stream, then the message
(conversation in this case) can be considered insecure.
But, lets's consider the qualifier, "all practical purposes".
What is the risk? If the contents of Fort Knox were housed in an old
dusty anonymous warehouse, which nobody knew about, then it would be
100% secure. Nobody would know about it so there would be no threat
and no risk.
If Steve's telephone conversations are similarly "dusty" and
"anonymopus"... lets say boring, then likewise, they are practically
secure because they will be of no interest to anyone, and even if
somebody happenned to overhear, the conversation would need to be of
interest to the eavesdropper to even begin to carry the threat of any
potential adverse consequence.
From a technical point of view, "WiFi" transmissions carrying VOIP
are far more secure than conventional analogue phone traffic. Even
with the proliferation of sophisticated consumer electronics,
eavesdropping on digitised sound is not simple. Specific packets have
to be captured then the contents have to be reassembled and using
appropriate codecs, have to be converted back to analogue. With the
addition of digital encryption the evesdropping process, especially if
carried out in real time, is impractical even if possible.
Consider that the WiFi eavesdropper also needs to be within reception
range and his task becomes even more difficult.
Finally, If Steve's conversations are highly confidential then he
would not be asking this question here.
My answer to " ..are MY phone conversations secure over these
connections?"..." for all practical purposes", ... .YES
VOIP over Wi-Fi subject to eavesdropping? 
Linear Mode
