http://technology.newscientist.com/article/dn14124-compressed-web-phone-calls-are-easy-to-bug.html
By David Robson
NewScientist.com news service
12 June 2008
Plans to compress internet (VoIP) phone calls so they use less bandwidth
could make them vulnerable to eavesdropping. Most networks are currently
safe, but many service providers are due to implement the flawed
compression technology.
The new compression technique, called variable bitrate compression
produces different size packets of data for different sounds.
That happens because the sampling rate is kept high for long complex
sounds like "ow", but cut down for simple consonants like "c". This
variable method saves on bandwidth, while maintaining sound quality.
VoIP streams are encrypted to prevent eavesdropping. However, a team
from John Hopkins University in Baltimore, Maryland, US, has shown that
simply measuring the size of packets without decoding them can identify
whole words and phrases with a high rate of accuracy.
[...]
_______________________________________________
Attend Black Hat USA, August 2-7 in Las Vegas,
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.
Visit product displays by 30 top sponsors in
a relaxed setting. http://www.blackhat.com
Comments