Posted: 23rd Nov, 2007 By: MarkJ
UK Voice-over-IP (
VoIP) expert, Peter Cox, has announced a new program -
SIPtap, which is capable of eavesdropping on
VoIP based phone calls. Cox hopes that doing this will help to raise awareness of just how dangerously vulnerable
VoIP phone calls can be:
While telephone calls on the standard phone network (PSTN) may be monitored, access to the telephone companies networks is tightly controlled making unauthorized wiretapping virtually impossible. In most countries even the law enforcement authorities need to obtain the correct legal authorisation. Voice over IP (
VoIP) changes all this. As the name suggests,
VoIP calls run over an IP network. IP networks are much more open than the PSTN, this means that
VoIP calls can be intercepted and monitored much more easily than PSTN calls.
The real threat will be intercepts by organised crime, hackers, and anyone else who wants to listen to your
VoIP phone calls. All they have to do is to monitor the IP network at some point between the caller and call recipient. The monitoring point can be the corporate network, an unscrupulous ISP or a local PC infected with spyware. The recordings of monitored calls can be organised, indexed and remotely browsed from anywhere in the world.
VoIP is fast becoming an essential service for many broadband Internet users and businesses, making this latest news somewhat disturbing. However it is possible to encrypt such calls, making them much more difficult to intercept.
Unfortunately many telecoms operators fail to recognise the importance of encryption and there are fears that a culture of naivety may be causing security to be put on the backburner.