Interesting People mailing list archives
more on Wiretapping Technology vs. Wiretapping Laws
From: David Farber <dave () farber net>
Date: Wed, 10 Aug 2005 16:09:47 -0400
Begin forwarded message: From: Brad Templeton <btm () templetons com> Date: August 10, 2005 3:22:46 PM EDT To: David Farber <dave () farber net> Cc: lauren () vortex com Subject: Re: [IP] Wiretapping Technology vs. Wiretapping Laws
1) VoIP call has at least one leg that terminates on the PSTN. The Internet portion of the call may or may not be encrypted (or strongly encrypted). Result: Tapping is possible and relatively trivial for that call. The tap can be located at
Much VoIP termination is done by routing the call over IP to a local termination provider in the LATA or even phone CO of the target PSTN number. In many cases, these termination providers are independent entities. Larger VoIP companies have individual contracts with these terminators, more rely on aggregators to have these contracts and handle the settlements. Some VoIP companies manage their own gateways to the PSTN through a small number of chokepoints (this gives you more control over the quality) but almost all of them rely on 3rd parties and aggregators to terminate the calls overseas. There are even bidding markets. As such it is far from trivial to tap a person's calls to the PSTN by listening at the interface, except for the companies which do all their own terminations. The requirement that it be possible puts serious burdens on companies designing services. Indeed, the only practical way to do it is to, for the target, reroute all their voice streams through centralized switches which can forward and record them, as is the case described below for IP to IP calls. Ideally, these termination providers will eventually support end to endencryption, with a DHM key exchange so even this technique will not work.
Rerouting the call to this switch is going to be visible to the target in two ways. If they know enough to look at where their voice is being sent, they could see that it's going to a router rather than to the citythey are calling. Worse, however, they will be able to hear this, in that
it will often increase the latency of the call -- the biggest complaint people have about the quality of voip calls. This also applies to IP to IP calls. While it is not commonly done this way, I could build a VoIP telco thatterminated to the PSTN and had no central switches or means of controlling
calls. I would give you software that, given a number, looked up ina static table downloaded with the software the IP address of the termination
provider best for that number, and I could give you account codes to get access to it. Billing records would come back to the telco in the end, most probably, but otherwise the telco would have no knowledge ofyour calls or any way to interfere or tap them. They would need to place
a tap at every termination provider you might call. However, is this distributed architecture of telco now illegal? ------------------------------------- You are subscribed as lists-ip () insecure org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- more on Wiretapping Technology vs. Wiretapping Laws David Farber (Aug 10)
- <Possible follow-ups>
- more on Wiretapping Technology vs. Wiretapping Laws David Farber (Aug 10)