voipnow.org — VoIP traffic flows across the Internet in unencrypted packets, which means anyone that has access to the network between sender and recipient can intercept them. Here are 5 methodologies to secure yourself against these attacks: Zfone, Built-in Encryption, Transport Layer Security and IP Security, Secure Real-Time Transfer Protocol and VPN.
Apr 24, 2007 View in Crawl 4
misxnApr 25, 2007
That would make it easier to spoof the origin. Not easy, but easier.
teatimegrommitApr 25, 2007
The article mentioned that Skype encrypts calls, but that's only going to count for Skype to Skype calls. Skype can also call landlines or potentially other VOIP services. Such calls won't be encrypted because Skype's method is unfortunately proprietary and so incompatible with other carriers.
teatimegrommitApr 25, 2007
WEP was an open standard and look at what happened to it! Openness does not equal security. That said, the programs recommended above (OpenPGP, etc.) are secure for a different reason. That is that the *math* behind them was opened up to public review *years* before the code was written. It takes a long time for the math guys to figure out if a new security protocol will really protect against hackers or not.Skype may be using a WEP-like method, or they may be using a more mathematically sound approach. They don't need to open source their model to prove its security, but they do need to publish the algorithm they use and the mathematical underpinnings of their approach. (Opening the algorithm also introduces the possibility of interoperability without exposing any hidden trade secrets like how Skype improves performance with their implementation)
surefootApr 25, 2007
This is ok for PC to PC calls.Just understand that none of this matters for PSTN calls. Thanks to CALEA, all providers on the PSTN network in the US must provide wiretapping capability, and they do. This includes land line, cell phones, and even services like Vonage.Even if this were not the case, you just can't do end to end encryption from your PC to your Mom's phone unless she's got some fancy spook equipment that works with your encryption. Anyone can still go to the copper pair outside her house and listen all they want. Even if you call her with Skype, they can listen in on her PSTN side.If you're totally paranoid and want total encryption, do it end to end and stay off the PSTN.
goosman99Apr 26, 2007
@TeatimeGrommitWhile the Skype call wouldn't be encrypted end to end it would be interesting to know if Skype encrypts the call to the interchange point (There may be another telecom term for this) where the VOIP call changes to a PSTN call. The PSTN part would of course be unencrypted, but I would hope that Skype encrypted the IP part of it.
wooteryApr 26, 2007
"I love how I am always the first to discover, support, and comment on these articles"Proud of getting first post?"but you guys always feel the need to bury my comments. Jeez..grow up."No. I will always bury useless waste-of-space comments like "Nice roundup - submitted in queue @ tweako.com", which is at worst spam for 'tweako.com' and at best says nothing at all.Whether it's the first post is unimportant to me. Your comment sucked - that is why we buried it.
xandrozJun 28, 2007
How to encrypt with VPN:<a class="user" href="http://www.jaec.info/Firewall/VPN%20Firewall/firewall-vpn-introduction-1.php">http://www.jaec.info/Firewall/VPN%20Firewall/firewall-vpn-introduction-1.php</a>