Eavesdropping on Internet Calls Is Easy

Researchers find potential encryption security problems
By Laila Weir,  Newser Staff
Posted Jun 17, 2008 7:00 PM CDT
Eavesdropping on Internet Calls Is Easy
ADTRAN's Voice Quality Monitoring Eases the Management of VoIP devices like the NetVanta 7100. (Photo: Business Wire)   (AP Photo)

Not only are most Internet phone calls not encrypted, but a bandwidth-saving technique could undermine encryption once it’s implemented. Researchers at Johns Hopkins found that a compression method called variable-bit-rate encoding makes it possible for eavesdroppers to identify given phrases in an encrypted VoIP call 50% of the time, reports Technology Review.

The research demonstrates that “you shouldn't feel safe just because you're using a security control,” said one VoIP-exploitation researcher not involved in the study. “You still have to validate it to ensure that it meets your requirements." Eavesdroppers would need to be listening for a particular phrase to crack the encryption, meaning the threat is more to business users than informal callers. (More Internet phone stories.)

Get the news faster.
Tap to install our app.
X
Install the Newser News app
in two easy steps:
1. Tap in your navigation bar.
2. Tap to Add to Home Screen.

X