The Communications Assistance for Law Enforcement Act (CALEA — I’ve written about this one before) requires “managed” VoIP operators to provide law enforcement agencies a point of interception so they can tap your VoIP calls. What’s a “managed” VoIP service? Packet8, Vonage, Comcast, and AT&T all certainly qualify, but does Skype? Yes, if you think of billing as management, now that there is SkypeOut and SkypeIn. And given the current management at the U.S. Department of Justice, “managed” could mean pretty much anything.
VoIP interception is usually done at the SBC/proxy. The network operator’s SBCs perform decryption/encryption on the “secure” packets as they go through the node. It is a matter of “trust,” as they say in the industry. If you want to encrypt you must also be willing to trust an SBC/proxy in China, Russia, wherever. That’s the attack point.
- May 22, ’13 How the Decline of the Traditional Workplace Is Changing Our Cities
- May 22, ’13 Whey Too Much: Greek Yogurt’s Dark Side
- May 22, ’13 The Secret Donors Behind the Center for American Progress and Other Think Tanks
- May 21, ’13 In defense of digital freedom
- May 21, ’13 Surveillance and the Internet of things