dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
459
share rss forum feed


SwedishRider
Rider on the Storm
Premium
join:2006-01-11
not Sweden
kudos:1

Phone security

I've been researching this for a bit with no clear, consistent answer. What would be considered more secure: a DECT cordless phone over a VOIP system like Charter has, or an iPhone on VZ's network. If a sensitive, private call needed to be made, which is more secure?

PX Eliezer
Premium
join:2013-03-10
Graustark
kudos:6

1 recommendation

Neither is totally secure.

You actually may want to also ask this in »VOIP Tech Chat


SwedishRider
Rider on the Storm
Premium
join:2006-01-11
not Sweden
kudos:1
Thanks. I figured here would be best as I'm interested in the comparative security. I realize neither is 100% secure, but was wondering which would be the better choice of the two options.


tigerpaw509

join:2011-01-19
reply to SwedishRider
Nothing is secure.There I said it


dib22

join:2002-01-27
Kansas City, MO

1 edit

1 recommendation

reply to SwedishRider
said by SwedishRider:

I've been researching this for a bit with no clear, consistent answer. What would be considered more secure: a DECT cordless phone over a VOIP system like Charter has, or an iPhone on VZ's network. If a sensitive, private call needed to be made, which is more secure?

Depends on the threat vector.

If you are worried about local eavesdropping then the Verizon would be more secure... that is it would be harder to tap the over the air portion of the call (from the cellphone to the tower) on the verizon call due to the CDMA system in use.

The DECT cordless phone can be made very secure, but most mfgs don't bother to implement the proper security.

If you are worried about "friendly" 3 letter agencies I would guess the verizon call is less secure due to the fact that we know they are handing over data constantly without a warrant... but since we also know they are watching everything on the internet, and since most VOIP has dubious encryption... I would say this is a draw.

If you are just worried about the call itself (ignoring the 3 letter agencies) then I would shift it back to verizon... especially if the call is going to another verizon phone... while I love VOIP in general, it is passing through a lot of random points on the network... the verizon call will stay in the verizon system if it can, and will jump to the phone system interconnect if it can't. The phone systems interconnected network is pretty secure.

tl;dr: if your worried about the wireless, the verizon would be more secure; if your worried about the backhaul it's a draw if worried about govt, verizon is more secure if worried about random 3rd parties.


SwedishRider
Rider on the Storm
Premium
join:2006-01-11
not Sweden
kudos:1

1 recommendation

Thanks for that dib22 See Profile. I was thinking along the lines of using a phone for banking, financial, or medical calls that I wouldn't want someone to eavesdrop for identity theft purposes. I've always thought of a hardline phone as the best option, but with VOIP and cordless phones as common as they are now, I wasn't sure if a smartphone on a major carrier would be a better or worse choice.

Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:5

1 recommendation

I use a WIRED (not cordless) phone connected to my landline provider for all banking (I pay credit card bills this way) and for medical calls and financial ones.
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson


SwedishRider
Rider on the Storm
Premium
join:2006-01-11
not Sweden
kudos:1
said by Mele20:

I use a WIRED (not cordless) phone connected to my landline provider for all banking (I pay credit card bills this way) and for medical calls and financial ones.

I agree a corded phone would be better than a DECT 6.0, but I would still have to route the call through Charter's VOIP system. What kind of security should I expect in that case?


DrDrew
That others may surf
Premium
join:2009-01-28
SoCal
kudos:16

1 recommendation

said by SwedishRider:

said by Mele20:

I use a WIRED (not cordless) phone connected to my landline provider for all banking (I pay credit card bills this way) and for medical calls and financial ones.

I agree a corded phone would be better than a DECT 6.0, but I would still have to route the call through Charter's VOIP system. What kind of security should I expect in that case?

Better than landline but not much.

DECT encypts the wireless to the basestation, the analog phone signal back to the modem is in the clear. The DOCSIS network will often have it encrypted, but it'll probably be clear packets once the modem communications hit the CMTS back to their switch. It'll be most likely on its own VLAN though within your providers net. After the switch where it links to the POTS system it's just like any other landline or cell call. Landline will be in the clear pretty much end to end. A buttset at a splice point or cross connect box will get you all sorts of conversations.

Really it's not much to worry about on your side. Most identity thefts and breaches occur on the record holders side. Its a much bigger target or accident waiting to happen with thousands or millions of records available on their side vs just yours on your side.
--
Start with what you can do, solutions will follow...


SwedishRider
Rider on the Storm
Premium
join:2006-01-11
not Sweden
kudos:1
Thanks! Interesting that the VZ phone may actually be the most secure given the scenario. Years ago, I would have NEVER used a cell to conduct banking or other sensitive calls. And yet today, it looks to be a pretty solid method comparatively.
Expand your moderator at work


dib22

join:2002-01-27
Kansas City, MO
reply to SwedishRider

Re: Phone security

said by SwedishRider:

Years ago, I would have NEVER used a cell to conduct banking or other sensitive calls.

It is true since you are on verizon who uses CDMA... the same truth doesn't hold up for GSM providers in the usa (att and tmo)... due to a problem with the old 2G GSM systems.

The issue is that if the GSM device can't find a 3G system it will fall back to the 2G setup which is easy to monitor... in fact there are devices that act as fake towers drowning out 3G signal to force phones onto the 2G system to eavesdrop on them.

So while the security of verizon and sprint phones is very tight from device to tower, the same can't be said for att and tmobile phones so be warned (and it is due to the same old system that was in place years ago)