[IP] more on VoIP CALEA -- the NSF does work for guess who ? djf

To: Ip Ip <ip@xxxxxxxxxxxxxx>
Subject: [IP] more on VoIP CALEA -- the NSF does work for guess who ? djf
From: David Farber <dave@xxxxxxxxxx>
Date: Thu, 11 Aug 2005 06:31:11 -0400
List-help: <http://v2.listbox.com/doc/help_sub?list_name=ip@v2.listbox.com>
List-id: <ip@xxxxxxxxxxxxxx>
List-software: listbox.com v2.0
List-subscribe: <mailto:subscribe-ip@v2.listbox.com>, <http://v2.listbox.com/subscribe/?listname=ip@v2.listbox.com>
List-unsubscribe: <mailto:unsubscribe-ip@v2.listbox.com>, <http://v2.listbox.com/member/unsubscribe/?listname=ip@v2.listbox.com>
References: <20050811025307.52901.qmail@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
Reply-to: dave@xxxxxxxxxx



Begin forwarded message:

From: Tom Gray <tom_gray_grc@xxxxxxxxx>
Date: August 10, 2005 10:53:07 PM EDT
To: dave@xxxxxxxxxx

Subject: Re: [IP] more on VoIP CALEA -- the NSF does work for guesswho ? djf



Prof Farber

For IP if you think it suitable

In my original note, quoted below, I worote that it
would be relativley easy for SKYPE to tap Internet
only calls. Nothing in the reply below changes that.
The voice data is easily obtained at the packet
forwarder. SKYPE supplies the 'encryption' and could
provide means to defeat it.

If SKYPE is faced with the choice of developing a
CALEA capability or being legislated out of business,
they will have no great technical challenge to
accomodate the requirment.

Tom Gray


--- David Farber <dave@xxxxxxxxxx> wrote:

Begin forwarded message:

From: Brad Templeton <btm@xxxxxxxxxxxxxx>
Date: August 10, 2005 4:06:15 PM EDT
To: David Farber <dave@xxxxxxxxxx>
Cc: tom_gray_grc@xxxxxxxxx
Subject: Re: [IP] more on VoIP CALEA -- the NSF does
work for guess
who ? djf

Dave, you can add this note to my prior note if you
wish to
forward it or either.

On Wed, Aug 10, 2005 at 06:14:07AM -0400, David
Farber wrote:

There is no great difficulty in arranging for the
interception of Internet-only voice calls,

contrary to

what has been written in earlier messages in this
thread.

....

It would seem to be very simple for providers such

as

SKPE and Vonage to intercept Internet-only voice
calls. The intereception could be done at the

packet

forwarder. In most cases the packet forwarder is
required. Even in cases where it is not required,

the

client software could be set up to accept a

management

instruction amd silently send all packets thorugh

forwarder without infromting the user.

Tom Gray


Skype, as far as we know (they don't reveal the
details) encrypts
end to end.  The external PC which is recruited to
forward
packets for people behind NAT does not, as far as I
know, have
the ability to decode the voice.  If it does, that
would be a
surprisingly poor encryption design, and a provider
like Skype
could change it.

Skype is standalone software.  It queries Skype's
master servers
for information on where to do directory lookups and
find external
servers, but otherwise Skype's servers do not appear
to participate
in the calls, and thus, without modification of the
downloaded
software, could not interfere with or even be aware
of calls, short
of suborning the entire list of "volunteer"
forwarding computers
provided to the client.

And as I noted before, rerouting IP to IP calls adds
considerable
problems.   I am building a VoIP phone service which
connects two
people by ringing both their phones.  However, it
does not, as most
such services do, bridge the calls in a central
point.  Both endpoints
send their audio to one another directly.  A central
wiretap is
not workable on such a call.   The system could tell
both endpoints
to talk to a bridge, which would be detectable and
increase latency.

One could easily provide software to watch for this
and turn on an
indicator on the phone saying, "Your line is
tapped!"  In some ways,
criminals might find it more useful to have a phone
where they can
tell if it's tapped to provide disinformation,
rather than just
avoiding taps altogether as you would with Skype.


-------------------------------------
You are subscribed as tom_gray_grc@xxxxxxxxx
To manage your subscription, go to
  http://v2.listbox.com/member/?listname=ip

Archives at:

http://www.interesting-people.org/archives/interesting-people/



__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around
http://mail.yahoo.com


-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

Prev by Date: [IP] more on VoIP CALEA -- the NSF does work for guess who ? djf
Next by Date: [IP] Police trial electric bullets
Previous by thread: [IP] more on VoIP CALEA -- the NSF does work for guess who ? djf
Next by thread: [IP] DTV Beta: Internet TV
Index(es):
- Date
- Thread