Patrick’s Blog(2)

New Scientist has an interesting article about the vulnerability of encrypted VoIP packets: “Security researchers at Johns Hopkins report that a variable bit-rate compression scheme being rolled out on VoIP systems leaves encrypted calls vulnerable to bugging. Simpler syllables are squeezed into smaller data packets, with more complex ones taking up more space; the researchers built software that uses this to spot phrases of interest in encrypted calls simply by measuring packet size.”. Time to disable those VBR codecs when making TLS/SRTP calls.

This entry was posted on Friday, June 13th, 2008 at 18:47 and is filed under VoIP. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.