dslreports logo
 story category
Cell Phones and VoIP Calls Easy to Hack
According to information presented at security conference
A security conference held this week brought up information from studies that indicate it’s really easy to hack into other people’s phone calls. The studies show that cell phones using GSM technology as well as most VoIP systems have security flaws which make it affordable and simple for someone to listen in on your calls as well as to track your location through the phone.
quote:
"For as little as $900, someone can buy equipment and use free software to create a fake network device to see traffic going across the network. You can see all the cell phones connected to the base station … You can't see calls, but people associated with the calls. You can also do location tracking. If you know somebody is on the network you can see how close to the base station they are."
Eavesdropping, forced calls, interrupted calls, fake voice messages and stalking are some of the problems people apparently face when using cell phones and VoIP services. Bear in mind, though, that the information is being presented at a conference specifically designed to exploit security flaws; we’ve heard a lot about VoIP security flaws in the past but most of the predictions about problems have not yet come to pass.
view:
topics flat nest 

en102
Canadian, eh?
join:2001-01-26
Valencia, CA

en102

Member

GSM was cracked

A long time ago... its TDMA based.
What does make things difficult are things such as frequency hopping, DTX and handoffs. I know that in my area, I have MANY handoffs between sites (at least once/minute). As an extra bonus, 3G (UMTS/WCDMA) is a lot more similar to CDMA which Verizon, Sprint, etc. use, and more difficult to 'hack'.

iLive4Fusion
Premium Member
join:2006-07-13

iLive4Fusion

Premium Member

Re: GSM was cracked

The encyption on GSM is weak. iDEN which is used by Nextel is encrypted better and much more secure. 3G uses a better encryption pattern though.

en102
Canadian, eh?
join:2001-01-26
Valencia, CA

en102

Member

Re: GSM was cracked

I would tend to agree. That end of GSM is quite old. At least 3G has a CDMA based interface which is much more difficult to hack.

iLive4Fusion
Premium Member
join:2006-07-13

iLive4Fusion

Premium Member

Re: GSM was cracked

said by en102:

I would tend to agree. That end of GSM is quite old. At least 3G has a CDMA based interface which is much more difficult to hack.
Yea. I don't feel unsecure talking on my AT&T phone. But I really have nothing to hide, I just fear stalkers.

If I want to keep something secret like my job stuff, I just use Nextel Direct Connect, which is over a secure encrypted ip network. But stuff really important, I do it the old fashion way. In person

N3OGH
Yo Soy Col. "Bat" Guano
Premium Member
join:2003-11-11
Philly burbs

1 recommendation

N3OGH to en102

Premium Member

to en102
Anyone who operates under the illusion of an expectation of privacy over any digital or analog common carrier network is walking through life with rose colored glasses on.

Cell phone? Assume someone is listening...

Land line? Assume someone is listening...

VoIP? Assume someone is listening......

Internet? Assume you're being tracked.....

If I want a private conversation with someone, I meet them in person someplace secret. If I want to keep something a secret, I keep it to myself. PERIOD.

Remember, 3 can keep a secret if 2 are dead....

DJMADfx
join:2002-02-27
Merrick, NY

DJMADfx

Member

Re: GSM was cracked

Just don't plan the meet up via cell phone, land line, VoIP, or the internet.

en102
Canadian, eh?
join:2001-01-26
Valencia, CA

en102 to N3OGH

Member

to N3OGH
Very true... privacy is mostly illusion these days.

fatmanskinny
Premium Member
join:2004-01-04
Wandering
·AT&T FTTP

fatmanskinny to N3OGH

Premium Member

to N3OGH
said by N3OGH:

If I want a private conversation with someone, I meet them in person someplace secret. If I want to keep something a secret, I keep it to myself. PERIOD.
Unfortunately, even meeting someone in a "secret" place does not guarantee a private conversation. With the onslaught of camera phones and other recording technology that can easily fit in your pocket and pick up a pin drop, privacy is pretty much out the window.

Like you said, if you want to keep something secret, don't tell anyone, including those closest to you. I always assume that what I say may eventually be told to someone else or recycled back to me in conversation....the latter I learned while getting into disagreements with the wife.
AquaSport
California - Sun, Surf, Traffic Jams
join:2007-05-03
California

AquaSport to N3OGH

Member

to N3OGH
yes, I have come to expect weird noises on my telephone line, internet connection problems ("unscheduled maintenance"), ususual GSM cell phone static ("the largest All-Digital network"? Ha! My ass it is!), and with anything else electronic, I assume that it is being publicized on the internet as I speak/type.

To me, nothing is "Private", so don't tell anyone anything you don't want the entire country to know, unless it's face-to-face. At first it was creepy to think that someone is listening in on your phone calls, but now when i hear that little clickey noise, I invite them to join the conversation!

the world (or, at least the U.S. of A) is a messed up place, sometimes.

jester121
Premium Member
join:2003-08-09
Lake Zurich, IL

jester121

Premium Member

Re: GSM was cracked

You may not be paranoid, but it doesn't mean everyone's not out to get you.
AquaSport
California - Sun, Surf, Traffic Jams
join:2007-05-03
California

AquaSport

Member

Re: GSM was cracked

said by jester121:

You may not be paranoid, but it doesn't mean everyone's not out to get you.
oh I'm not saying that I'm not paranoid - I've just given up with the whole "privacy" thing.

various government agencies have passsed so many laws that are an invasion of privacy (the wiretapping "protect america" or whatever - law, for example), that I just now expect that someone is listening to my phone call, and that I probably shouldn't talk about my illegal drug trafficking from Venezuela (just kiddin'!) over the land line or cell phone (prepaid or otherwise).

remember that story about comcast implementing "face recognition technology" into your cable boxes so that they can "open your DVR recordings list to your preferred list of shows". Total BS. It's gotten so rediculous that I don't expect privacy anymore, see?

link to story: »Your Comcast DVR Is Watching You

cowboyro
Premium Member
join:2000-10-11
CT

cowboyro to N3OGH

Premium Member

to N3OGH
said by N3OGH:

Anyone who operates under the illusion of an expectation of privacy over any digital or analog common carrier network is walking through life with rose colored glasses on.

Cell phone? Assume someone is listening...

Land line? Assume someone is listening...

VoIP? Assume someone is listening......

Internet? Assume you're being tracked.....

If I want a private conversation with someone, I meet them in person someplace secret. If I want to keep something a secret, I keep it to myself. PERIOD.

Remember, 3 can keep a secret if 2 are dead....
So true!
In the military we had a label on all "field" phones: "ATTENTION! THE ENEMY IS LISTENING!"
ricep5
Premium Member
join:2000-08-07
Jacksonville, FL

ricep5 to N3OGH

Premium Member

to N3OGH
Everyone who fears that someone is listening also assumes that what they talk about is interesting or desirable.

In most cases they are neither, therefore most people have nothing to worry about.
AquaSport
California - Sun, Surf, Traffic Jams
join:2007-05-03
California

AquaSport

Member

Re: GSM was cracked

ricep5,

second point - absolutely true. the first one, though, i have to disagree.

even if i'm having the most boring conversation on earth with someone over the telephone, i should still take note if something unusual happens, right?

i'm basing my opinion off of odd experiences, not frivilous daydreaming, and if I act like an arrogant fool and don't realize that some things are no longer private, then some day, if I'm having a conversation that needs to remain private, and I don't take that into note, then my arrogance might just come back and bite me in the ass.

Security is living in Antartica
Kearnstd
Space Elf
Premium Member
join:2002-01-22
Mullica Hill, NJ

Kearnstd to en102

Premium Member

to en102
the most secure data is that which can only be accessed in person and has no network or outside connection and is in a vault with a smaller AC vent then the one in Mission Impossible.

Telco Tech
@verizon.net

Telco Tech

Anon

More Yellow Journalism

As usual, the press is trying to manufacture news.

Landlines have always been tappable to some degree.
VOIP lines are no different.

Primarily, the author is discussing access to meta-data. As if billing data was never available to illegitimate parties? *This* is "easily hacking into your call"?

This "reporter" must yet believe that "Bushco" tapped millions of phone lines (without a court order!), never bothering to calculate how much manpower would be required for such a fantasy.
IndyDoug
join:2003-10-26
Indianapolis, IN

IndyDoug

Member

Re: More Yellow Journalism

Bushco had the assistance of the telcom companies along with the US PATRIOT ACT to spy on citizens. It's not the millions of phone lines that he wanted to tap into but the random innocent citizen whose civil liberties are being undermined.

Dogfather
Premium Member
join:2007-12-26
Laguna Hills, CA

Dogfather

Premium Member

Re: More Yellow Journalism

Here we go again...

Warrant Me This to IndyDoug

Anon

to IndyDoug
said by IndyDoug:

Bushco had the assistance of the telcom companies along with the US PATRIOT ACT to spy on citizens. It's not the millions of phone lines that he wanted to tap into but the random innocent citizen whose civil liberties are being undermined.
Could you, would you, actually document more than one or two "random citizens" whose civil liberties were undermined, and how the US PATRIOT ACT actually facilitated this?

I thought not.

(And for the record, I HAVE been an unknowing party to conversations tapped by the feds in times past. It didn't faze me then. It wouldn't bother me now. Computer-aided speech-to-text scanning or not, my telephone calls would put anyone to sleep. Not that I have much faith in government. I just don't see any reason to be any more paranoid about W versus the Clintons, or any other predecessors.)

JamesB7
@sbcglobal.net

JamesB7 to Telco Tech

Anon

to Telco Tech
Not much manpower. Text to speech, and use call records to build graphs of which people are linked. That's what I'd do if I were an evil President. It doesn't take a genius and it doesn't take manpower. It takes computers.
ccb056
join:2002-04-05
Victoria, TX

ccb056

Member

I want to play too

Where can I get some of this equipment?

knightmb
Everybody Lies
join:2003-12-01
Franklin, TN

knightmb

Member

Re: I want to play too

said by ccb056:

Where can I get some of this equipment?
Radio Shack, $25 worth of parts. Don't know where they came up with the $900 figure, but I'll be glad to sell the same for $899.99

supergirl
join:2007-03-20
Pensacola, FL

supergirl

Member

Re: I want to play too

said by knightmb:
said by ccb056:

Where can I get some of this equipment?
Radio Shack, $25 worth of parts. Don't know where they came up with the $900 figure, but I'll be glad to sell the same for $899.99
Yes, but the gov't pays $10,000 for that equipment.
compuwizz
join:2001-03-05
Las Vegas, NV

compuwizz

Member

Voice is in the clear...

Most all voice calls have been in the clear and easily tapable for ages. LD calls travel over channelized T1s or T3s between COs. Each CO probably has at least 1 if not more T1 test sets. They plug up to the T1 port and can scroll through each channel without being detected. So since a cell phone, VoIP or landline call will go through a switch at some point, eavesdropping is going to happen.

The only time Voice could be secure is if you own the network it is on and the person you're calling is also on the same network. Then I'd throw in some sort of VPN to encrypt it along the way.

I believe there is a type of secure ISDN that encrypts the audio, but I haven't seen it in use.
AquaSport
California - Sun, Surf, Traffic Jams
join:2007-05-03
California

AquaSport

Member

Encryption for ISDN phone calls?

I bet the encryption keys are sent to the NSA for "security reasons"!

white
@verizon.net

white

Anon

house

white house: lost over 5 million emails over a 2 year period form March 2003 (what was going on then?) to October 2005.

congress: turn over all data containing emails

white house: they're erased, we don't have them.

congress: you don't have them?

white house: no

months go by.

white house it: we have backups
white house: backups?
white house it: yes, we have archived all information on disc, flash memory and hard drives.

congress: turn it over, now.
white house: no

Hmm.... However, keep in mind... once information goes onto public airwaves, or semi private networks such as cell, internet, or other mediums, the potential for it to be compromised is there. However, some secrets are held so long, that time makes them nearly worthless by the time they're released (such is politics).

battleop
join:2005-09-28
00000

battleop

Member

Re: house

Out of the 5 Million missing emails 4,999,500 are spam.
supertech315
join:2006-03-01
Perris, CA

supertech315

Member

Give that technology ( the $25 radio shack eq) to voip Co's

so they can track e911 and there is no more excuses

CUBS_FAN
2016 World Series Champs
join:2005-04-28
Chicago, IL

CUBS_FAN

Member

To make it worse

Just when we hear about an influx of identity theft victims claims, we now hear even more issues about this cancer called "hackers".

Info on VoIP
@youtele.com

Info on VoIP

Anon

No means is safe

The functioning of wireless VoIP phones is similar to that of regular VoIP phones but Wireless VoIP phones combine VoIP technology and Wi-Fi (wLAN) systems. Users need to be in the range of the wireless node in order to make and receive calls. And when they are in the Wi-Fi’s reach, they are able to do a lot of the same calling functions enabled by regular desktop VoIP phones. When one is already equipped with a wireless local area network as well as VoIP phones, adding wireless VoIP phones can be a logical step.

Wireless VoIP phones are also known as VoWLAN or voice over wireless local network areas and Wi-Fi phones. The working of wireless VoIP phones involves a data network to which Wi-Fi equipment is connected. The network itself can either be independent, or connected to the Internet or the public phone system. The equipment enables high-speed wireless connection to unlimited access points.

Each access point has an antenna to catch the signal from the Wi-Fi equipment and broadcast it in a 300-foot radius or a hot spot. Within the radius all Wi-Fi enabled laptops, personal digital organizers and wireless phones can tune into the signal.

In wireless VoIP phones, the voice is converted into segments of data for transmission from the phone antenna to the Wi-Fi radio waves and then received by the data network. Here the data segments reverse the process to reach an extension or the traditional phone network. In other words, an extension can be carried around.

Although there is no argument about wireless VoIP phones being advantageous, they have their share of shortcomings as well. Fore one, they can not yet completely replace hard-wire VoIP phones mainly due to lack of reliability and the limited functions of wireless phones currently available in comparison to desktop phones.

However the biggest disadvantage in wireless VoIP phones is the limit on the number of simultaneous calls that can be made. The maximum number of calls in each wireless system cannot exceed five or ten. This seriously undermines its call handling capability in a large corporate environment.

Nevertheless, the dramatic reduction in operational costs has made it possible for wireless operators with high quality compressed VoIP to bring the ease and comfort of cordless calling to the VoIP world.

voip phone systems
I guess using good quality hardware can do the trick.By this i mean good phone systems. Panasonic is making good phones i checked out some at »www,panateldirect.com and i guess you got to take some risks. isnt it?
If you need so much of privacy, please speak in person!!!1