Tuesday, April 15, 2003

Wiretapping VoIP

Bruce Schneier's 15 Apr 03 CryptoGram (required reading for me) alerted me to a story on wiretapping. This quote blew me away:

Unlike a traditional phone call, where a line is dedicated between two parties, VOIP slices each call into millions of tiny digital packets, each of which can take a discrete route over the Internet. That means surveillance equipment must either be installed permanently on a network or calls must be routed through FBI surveillance equipment before being delivered to the caller, which experts say can create a suspicious delay. "Our tactical people are trying to plug every hole. But it's like playing the field short one player," says Szwajkowski. "A call that is not [able to be intercepted] is a major public-safety and security dilemma."


Danny Lieberman said...

Yikes - carpet bombing in cyberspace using computers inside the Air Force network? Shocking thought.

I am not sure that projection of power and deterrence is enough post 9/11. I live in Israel and looking at the resilience of the civilian population and continued attacks by Palestinian terrorists on civilians suggests that there is a fundamental difference in currency in the utility function used by terrorists and nation-states. It is also proof that reliance on current terror policy models that assume that terrorists are rational actors is not working.

Regarding massive DDOS attacks it might be a good idea if done right, but I think that mutually assured destruction may not be an acceptable corporate or government business objective.

Read my posting - What hackers want that discusses some of what I consider the root issues.
Danny Lieberman

alex said...

But I thought that all telephony numbers were tied to user account provided by a company and all companies keep record of their numbers. Couldn't then the person who used the number or let it reasonably get stolen be held liable?