Compressed VoIP phone calls are easy to bug

[Juha-Matti Laurio <juha-matti.laurio () netti fi>]

This was published in June already, but sounds interesting:

"12 June 2008
NewScientist.com news service
David Robson

Plans to compress internet (VoIP) phone calls so they use less bandwidth could make them vulnerable to eavesdropping.
Most networks are currently safe, but many service providers are due to implement the flawed compression technology.

The new compression technique, called variable bitrate compression produces different size packets of data for 
different sounds.

That happens because the sampling rate is kept high for long complex sounds like "ow", but cut down for simple 
consonants like "c".
This variable method saves on bandwidth, while maintaining sound quality.

VoIP streams are encrypted to prevent eavesdropping.
However, a team from Johns Hopkins University in Baltimore, Maryland, US, has shown that simply measuring the size of 
packets without decoding them can identify whole words and phrases with a high rate of accuracy."
--clip--

More at
http://technology.newscientist.com/channel/tech/dn14124-compressed-web-phone-calls-are-easy-to-bug.html
 
Juha-Matti
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.