dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
8281
Cloneman
join:2002-08-29
Montreal

Cloneman

Member

How secure are modern cordless phones?

Let's try to avoid "common sense" advice for this question. I'm wondering in general how easy it is for a nosy neighbor to listen in to your modern-ish cordless phone. Let's say he's motivated and doesn't mind spending close to 1000$ on equipment to listen in on people's conversions.

I'm referring to 5.8Ghz Digital phones, and DECT Phones. What's the relative security of these devices... compared to say the decent security offered by WPA2 w/ strong password (wps off)

SoonerAl
MVM
join:2002-07-23
Norman, OK

SoonerAl

MVM

I'm guessing the neighbors are the least of your worries.

»www.usatoday.com/story/n ··· 3902809/

If they can spy on a cell phone I am sure they can do the same with your wireless home phone. They would certainly have the resources and $$$ to do so.
Cloneman
join:2002-08-29
Montreal

1 recommendation

Cloneman

Member

I don't give a shit about the government or cell phones.
tobicat
Premium Member
join:2005-04-18
Tombstone, AZ

1 recommendation

tobicat

Premium Member

Attitude! If it is a DECT there is little chance he can buy anything to listen with unless he is a real geek.

»netsecurity.about.com/od ··· cked.htm
Cloneman
join:2002-08-29
Montreal

1 recommendation

Cloneman

Member

sorry, I realize I snapped a little bit there.

I'm rather annoyed at how long it takes me to get "useful" information for just about anything in recent years, with SEO whoring bringing nothing but rubbish to the top results, and everyone being a "journalist".

In any case, that article isn't of particular interest. It doesn't allow wiretapping of any kind, as far as I understand. It's just police being able to track the location of cellphones, and later correlate it with the carrier's databases with a warrant.

DaMaGeINC
The Lan Man
Premium Member
join:2002-06-08
Greenville, SC

1 recommendation

DaMaGeINC to Cloneman

Premium Member

to Cloneman
People still use house phones?
Cloneman
join:2002-08-29
Montreal

3 recommendations

Cloneman

Member

Unlimited Cell phones are expensive.

Despite people in the media/forums liking rave about cell phones, VoIP, and cord cutters, many, many people still use home phones and watch traditional television. The substitutes for these things aren't quite at their maturity yet.

gwalk
Premium Member
join:2005-07-27
West Mich.

gwalk

Premium Member

The topic wasn't about cell phones, it was about the security of of cordless handset landline phones.

I agree, while both types "transmit", they are not the same animal.

SoonerAl
MVM
join:2002-07-23
Norman, OK

1 recommendation

SoonerAl

MVM

I would fully expect that given the capabilities of the various security services any wired and wireless phone (mobile or home/business cordless) is fully susceptible to interception legally or otherwise...
twixt
join:2004-06-27
North Vancouver, BC

twixt to Cloneman

Member

to Cloneman
said by Cloneman:

Let's try to avoid "common sense" advice for this question. I'm wondering in general how easy it is for a nosy neighbor to listen in to your modern-ish cordless phone. Let's say he's motivated and doesn't mind spending close to 1000$ on equipment to listen in on people's conversions.

I'm referring to 5.8Ghz Digital phones, and DECT Phones. What's the relative security of these devices... compared to say the decent security offered by WPA2 w/ strong password (wps off)

Two issues:

Q1. Is there a backdoor to the phone's security - imposed by Government fiat - such that the phone can be tapped by anyone who is aware of the backdoor?

A1: We don't know. We aren't supposed to know. The Government agencies who have their fingers in stuff like this - disapprove of any information on the subject being released into the public domain. See: Mushroom Disease.

-

Q2: Is there a security hack that allows a simultaneous connection - IOW two different phonesets can use the same keyset by exploiting a weakness in the security system's key-generation-diversity?

A2: Yes. This is definitely possible. On one of my older cordless home phones with "digital security" - I would occasionally pick up the phone to hear a conversation from a completely different person. This conversation was as clean as if I had initiated the call myself.

I suspect this occurred because of insufficient keyset-diversity in the phone's keygen-algorithm. There have been multiple reports in the past of supposedly-secure schemes that were rendered insecure - not because of mathematical weaknesses in the encryption scheme itself - but because of mathematical weaknesses in the keygen routine - that limited the diversity of the keys generated to a small subset of the theoretical diversity possible. This is fatal as far as real-world-security is concerned.

-

Consequences of the above:

The only way to reliably tell if keygen-diversity is as broad as it should be is to test a particular make and model of cordless phone in a constellation of similar phones to see if they cross-connect. If they do - then keygen-diversity is insufficient. If they don't - then keygen-diversity is sufficient.

Note that simple cordless-phone channel-diversity-limits may prevent a larger number than "x" phones being able to co-exist and work successfully within a certain area. However, this would NOT mitigate an insufficient-keygen-diversity problem. It would only extend the time it takes for a matching-keyset-condition to be generated.

-

Your mission Mr. Phelps, is to create a testlab where the aforesaid conditions can be replicated - and thus security-reliability can be rigorously tested. As usual, the Secretary will disavow any knowledge of the existence of such facility. It will be your responsibility to fund, design and implement such enterprise - and then publicly release the results - all at no cost to the consumer. Good Luck, Jim.

Anonymous_
Anonymous
Premium Member
join:2004-06-21
127.0.0.1

2 edits

Anonymous_

Premium Member

said by twixt:

said by Cloneman:

Let's try to avoid "common sense" advice for this question. I'm wondering in general how easy it is for a nosy neighbor to listen in to your modern-ish cordless phone. Let's say he's motivated and doesn't mind spending close to 1000$ on equipment to listen in on people's conversions.

I'm referring to 5.8Ghz Digital phones, and DECT Phones. What's the relative security of these devices... compared to say the decent security offered by WPA2 w/ strong password (wps off)

Two issues:

Q1. Is there a backdoor to the phone's security - imposed by Government fiat - such that the phone can be tapped by anyone who is aware of the backdoor?

A1: We don't know. We aren't supposed to know. The Government agencies who have their fingers in stuff like this - disapprove of any information on the subject being released into the public domain. See: Mushroom Disease.

-

Q2: Is there a security hack that allows a simultaneous connection - IOW two different phonesets can use the same keyset by exploiting a weakness in the security system's key-generation-diversity?

A2: Yes. This is definitely possible. On one of my older cordless home phones with "digital security" - I would occasionally pick up the phone to hear a conversation from a completely different person. This conversation was as clean as if I had initiated the call myself.

I suspect this occurred because of insufficient keyset-diversity in the phone's keygen-algorithm. There have been multiple reports in the past of supposedly-secure schemes that were rendered insecure - not because of mathematical weaknesses in the encryption scheme itself - but because of mathematical weaknesses in the keygen routine - that limited the diversity of the keys generated to a small subset of the theoretical diversity possible. This is fatal as far as real-world-security is concerned.

-

Consequences of the above:

The only way to reliably tell if keygen-diversity is as broad as it should be is to test a particular make and model of cordless phone in a constellation of similar phones to see if they cross-connect. If they do - then keygen-diversity is insufficient. If they don't - then keygen-diversity is sufficient.

Note that simple cordless-phone channel-diversity-limits may prevent a larger number than "x" phones being able to co-exist and work successfully within a certain area. However, this would NOT mitigate an insufficient-keygen-diversity problem. It would only extend the time it takes for a matching-keyset-condition to be generated.

-

Your mission Mr. Phelps, is to create a testlab where the aforesaid conditions can be replicated - and thus security-reliability can be rigorously tested. As usual, the Secretary will disavow any knowledge of the existence of such facility. It will be your responsibility to fund, design and implement such enterprise - and then publicly release the results - all at no cost to the consumer. Good Luck, Jim.

I had a older 2.4GHz phone that had a built in channel jammer or Denial-of-service attack

so if you were on the same channel with WiFi 2.4ghz you would get kicked off and would not be allowed to connect tell the phone was hung up
Kearnstd
Space Elf
Premium Member
join:2002-01-22
Mullica Hill, NJ

1 recommendation

Kearnstd to Cloneman

Premium Member

to Cloneman
»en.wikipedia.org/wiki/DE ··· Security

WPA2-AES is stronger by nature of being a higher bit encryption.

Even if both used a 32 character code, the WPA2-AES would be tougher to crack because its 256bit I believe and the DECT is only 64bit.

Something to research would be is do cordless phones have static keys once paired or are they like GDOs, once paired they follow a pattern of rolling codes. If its rolling codes that makes it much harder for someone to have a continuous hack, If its static it means once locked in they can listen endlessly.
lutful
... of ideas
Premium Member
join:2005-06-16
Ottawa, ON

1 recommendation

lutful to Cloneman

Premium Member

to Cloneman
said by Cloneman:

how easy it is for a nosy neighbor to listen in to your ... 5.8Ghz Digital phones, and DECT Phones.

Older 900Mhz and 5.8Ghz phones are not secure. I have accidentally listened to conversations while playing around with spectrum analysis tools.

DECT 6.0 phones, which operate near 1.9Ghz, use reasonable strength digital encryption. It can be broken using powerful computers, but not in real time, and probably not by your typical neighbour.

If you want more security, use Skype or another peer-to-peer VoIP service which has been configured properly for end-to-end security.