Is Security Holding VoIP Back?

phoneboy writes "Voxilla is running a piece I wrote on security issues present in Voice over IP. While an increasing number of people are ditching their ILEC in favor of using Voice over IP from companies like Vonage, VoicePulse, Packet8, and Broadvox Direct, there are a number of potential security issues to be aware of. Is VoIP secure enough to replace the PSTN as we know it?"

Theres a few things I don't like about viop

[headbulb]

First and this one goes for cell phones too.

With most voip app's they just shutoff the microphone when the person isn't talking. This produces an weird silence. Cell phones have to do the same thing to conserver power but what they do is, Place confort noise. This keeps the person thinking that the call is still going. (This is what really turns me off about VOIP)

Another beef I have with voip.. NOthing seems to be standerdised. One voip app does not work with another.

I just think its not the correct way of going about creating a network that is designed to be directly connected. The network that pstn is based on has a niche. Where else are you doing to get a virtual connection without having to bury your own lines to every office. (forgot the terms at moment)

It's extremly hard to talk to someone when A. You have a delay. B. You have missing packets that interupt the signal, Thus you get dropouts.

Now I do like voip in games.. That confort noise I was talking about, Is now takin over by the sound the game makes, and so the silence inbetween isn't so weird.

I have heard about sprint doing voip networks with their own network to get around the ping/packetloss/QOS that is not a garantee on public networks. But I view it as if They want to have a packet based voice network they need to design it from the groundup to just work instead of just layering it ontop of IP. They then need to submit this to the standerd association, So that phone companys don't have to convert/recompress and signal with eath in and out on the network. Otherwords a more lossless operation.

Well thats my beef.

Which way are we going?

[amigoro]

On the one hand, we want to use IP for our voice communications. On the other, we want to use our mobile phone for surfing the web (and installing Linux [mithuro.com] but that's another story).

So which way are we headed?

It's quite ironic that the internet spread as rapidly as it did because people were able to use internet over dialup, and today, the discussion is about how to replace the existing PSTN architecture with VoIP.

However, I think sooner, or later, people will make ALL there phone calls using internet enabled mobile phones. So what protocol are they going to use? Or is it going to be a mix of protocols, say, if a Canadian were to talk to a friend in Australia?

Re:As opposed to the security of PSTN?

[robslimo]

I agree. I also think the cost of POTS is still pretty cheap, especially so with today's low LD rates. Example: I live in Oklahoma and it's costs me $0.08/minute to talk to my in-laws in Beijing and $0.07/minute to talk to my sister in Minneapolis. Go figure.

There has to be a real economic incentive to a household or company to roll out new systems to implement VoIP. It ain't here yet, but it'll come.

-----------------
And now, for something completely off-topic:

As of 10:57:22 PST, the last contender(The Golem Group) went to status Disabled.

A total of 28 miles were collectively traversed, with no participants getting past the 7 mile mark.

Thank you all for participating; we hope to see you all back here in 2006 for another try.

The 2006 event should be a real treat as we'll have clowns, jugglers and dancing girls. We'll also be introducing a new competing class called "Autonomous Disabled Autonomous Vehicle Tranport." The race for this class will begin 1 hour after the start of the main competion.

Re:As opposed to the security of PSTN?

[hikerhat]

Well, you can't send an html email to a phone that tricks the user to click a link that installs a trojan that records all your phone calls and uploads them to an IRC chat room at midnight, all without leaving your parents basement. So even though there is no security on current phones, it takes a bit more effort to listen in on their calls. The minimal physical ability required to climb the phone poll rules out most chee-toe eating script kiddies from tapping your phone line.

Infrastructure not security is holding it back

[jobugeek]

The whole point of VOIP is not having two separate lines. But when we looked at doing at our company, the undertaking to prepare the data network(upgrading cabling, tweaking or turning on QOS on routers, etc) it became more work than what VOIP was advertised to solved.

And truthfully, many companies I talked to who converted to it haven't been all that thrilled with the results so far. It's either been flaky or was so expensive that it didn't justice the cost.

PGP Phone

[hikerhat]

Too bad PGP phone [mit.edu] never took off.

Bull!

[Anonymous Coward]

voip -- blowfish -- { internet } -- blowfish -- voip
Someone implement a cheap box that lets you plug a normal phone into your PC with that, and VOIP will take off and the telco's will become extinct
I've been saying this for 3 years now!

Um

[headbulb]

You try getting a trunk that has SS7. Oh wait you can't.

You say that you the pstn is insecure.. Have you tried lately to 'hack' into one, well besides being able to listen to whats on a analog line. Tell me how a cellphone is insecure (They have encryption and cdma is pretty secure by itself.), or how a isdn line is insecure.. Those are circuit based networks. (well cellphones are a hybrid)

Tell me how would you go about overhearing a circuit in this circuit based network? You can't. The fbi can, But that hardly makes it insecure. Circuit based networks by their very nature are actually highly secure networks. The only person you really have to worry about is the one in control of the line, if you dont' trust them you go with someone else and use encryption..

Now packet based networks are the ones you really should be worried about. Anyone that is on your network segment can sniff your packets. Now if they are encrypted or not is really kinda beside the point.

The modern ptsn network has out of band signaling (ss7) So you can't do alot of the attacks that the old phone networks were vurnable to. LIke playing your own tones (inband signaling.) So tell me again why a circuit based network out of band signaling is insecure?. (oh you can't get into the out of band signalling other then to dial and thats with isdn which uses isup for its out of band. Which is really limited and firewalled {for lack of a better term at the moment} the switch)

It's not security, it's quality

[Linegod]

Spend some time using VOIP and you'll want to poke yourself in the eye. And that's on an internal network with QoS. You can put up with a delay on your mail, web, ftp, etc, or even jitter on video, but when audio starts to fart and burp, you'll go mad (MAD I SAY).

And with the cost of long distance nowadays, why would you want to drive the cost of your Internet access up by overloading the network with traffic that is doing perfectly well on it's current medium? I guess it comes back to the question of 'What are you trying to fix anyway?'

A pet peeve: unencrypted cordless phones

[WoTG]

It bugs me that the vast majority of cordless phones for sale and purchased are unencrypted mini-radios.

Digital Spread Spectrum phones provide a reasonable amount of security, certainly orders of magnitude better than 'regular' cordless phones. DSS phones have been around for years, but for the sake of a few bucks and a lack of product knowledge, way too many people buy the $49.99 special at Walmart.

One of these day's I should buy or modify something to pickup analog signals so that I can scare/shock my friends/relatives/customers into buying better phones...

But...why ?

[veg]

Why replace PSTN, that uses proven, stable technology, with another technology designed for something completely different.
OK, within an organisaion it makes sense if you have CAT 5 going to everyone's office already, and you have assured bandwidth in your network infrastructure, it can, and does, work. But over the Internet ? Forget it.

ATM is such a good networking medium for the phone. It was designed to allow QoS and pacing, and is therefore perfect at multiplexing audio and video. That's why the packets all hold 48 bytes!

IP was NOT! When you've got VoIP, the web, Real, P2P, pr0n etc etc etc all competing for the same bandwidth, you really start to see why telephones have no business on the internet.

The only reason there is a national/international VoIP industry is cost. If VoIP really does become a serious threat to telephone companies, all they need to do is drop the cost (for a while) and the VoIP businesses drown.

Security ? Whoever wrote that article clearly doesn't understand what telephone networks are.

Re:As opposed to the security of PSTN?

[lussmu]

Well, the problem is a bit more difficult than that. IPSec can be used with VoIP, but it isn't particularly efficient. There are special IPSec for VoIP specifications, so the problem isn't encryption, but the lack of certificates. Public key encryption is always vulnerable to man-in-the-middle attacks, be it SSH or SSL web traffic [sourceforge.net].

I'm guessing this might hold VoIP back for a little while, but when VoIP will be deployed large-scale, we will for sure see people having personal certificates. Right now, a real non-test certificate from verisign for a company web server costs 895 $ [verisign.com] but I could see the prices going down for personal certificates, when markets for those would start to appear.

Or then there's the Finnish model, where you can get an electronic ID just like you can get a regular ID from the government. The electronic ID is the regular plastic ID card with a smart card chip. You get two certificates from the government-operated CA. All this for the measley price of 40 euros [fineid.fi]. This would be a viable choice for private persons too.

There is also a SIM card version (a WIM card) designed that will come out in the future.

Re:I see it like this

[NTmatter]

I'd say the problem isn't really the NAT/Firewalls - it's just the NAT that's a hindrance to bidirectional communication. It's simply impossible to create a connection to something behind a NAT box when you only have one IP to work with.

The best analogy to work with would be calling a large department store, wanting to talk to the clothing department, but being confronted by a receptionist or an automated machine telling you to "Enter the extension of the department you would like to dial." This is sadly impossible in the context of VoIP without having a server on the NAT box, or a hack in the NAT's rules that is capable of inquiring which "extension" to forward the call to. While this is plausible, it also raises the problem of exactly how to standardize the process. Too many people have an interest in VoIP for any sort of final standard to be released.

The only practical solution, in this case, (at least from a networking standpoint) is to eliminate NAT altogether. Fortunately, such a solution already exists. Its name is IPv6. If everyone can have their own globally routable IP address (and thus a globally unique iPhone#), then there would be no compelling need for NAT outside of obscure load-balancing setups.

Sadly, the switch to IPv6 brings its own set of problems. Namely, the Telcos and government, who have been fighting for the taxation of the internet and internet telephony services, or at least their providers. IPv6 + VoIP will eat into the profits of Telcos once they start becoming widespread. Why pay a perfectly reasonable 10 cents a minute for long distance, when you can pay $30/month (or however much internet access costs you) for unlimited calls to anywhere in the world.

As for roaming, there's no real problem in having a bit of software on your VoIP box that forwards your calls to a VoIP mobile phone sitting on some wireless network out at the office, as long as there's a way to let the VoIP box know the correct IP to transparently route calls to. Think of it as call forwarding for networks.

So, there's no real problem with the replacement of PSTN, aside from the IPv6 transition, whose problems have already been beaten to death on Slashdot in the past. If only we could get corporations to just shut up and die when they become obsolete for the greater public good, life would be so much easier, wouldn't it?

DISCLAIMER: The author will not be held responsible for any negative aftereffects that may or may not result from the usage of this opinion as fact.

Security

[secolactico]

Screw security. It does not need to be implemented on the network. It can be implemented on the endpoints, and there are already devices to encrypt plain old telephone calls.

Reliability is the key. PSTN are not more secure except for the fact that is controlled by a few and has limited application besides voice (your fax machine is not going to contract a virus that will in turn disrupt communications for everyone).

VoIP is feasible, but not over plain old internet, and it doesn't have to be. There are several telcos that use IP on their voice backbone, on a network isolated from the internet.

Imagine the slashdot effect taking down not only your company's webserver, but your phone lines as well... ;-)

Re:Theres a few things I don't like about viop

[Effugas]

headbulb--

Comfort noise is missing on less advanced VoIP implementations.

Here's a link to the RFC that specifically describes how to send packets with comfort noise. Note that there's actually some work done to make sure the noise matches the spectral shape of what should actually be there. This prevents the noise from seeming "unusual" the the listener (i.e. it's not just random fuzz):

RFC3389 [sunsite.dk].

In terms of conversion and recompression, G.711 -- the "high bandwidth" version of VoIP, at around 64kbit per direction -- isn't even converted when it's passed to the PSTN network. It's only the higher levels of compression -- G.729, G.723 -- that need to be transformed at the proxy. And it turns out most of the failures happen one hop up from the DSL/Cable modem, because there's a huge amount of bandwidth coming in and relatively little to each endpoint. Something needs to be done about this, but it's not entirely clear what. Designing from the ground up -- yeah, we did that with the PSTN, and it's great, but there's so many legacy taxes that people are going to IP just to avoid regs written before the new tech was born.

That's the story.

--Dan

Not held back!

[Anonymous Coward]

The large phone companies as MC*, AT*T, etc actually channel the international phone calls thru VOIP. In some countries, this is done illegally via private contractors in that foriegn county. This way, the US based company pays that contractor (or corrupt official) a lower ammount than they have to pay the local government, and that contractor will channel the calls thru their servers to the local network.

If you happen to be in one of these countries (as Lebanon), you will notce that some of the international phone calls you receive have a local "caller ID" number.

Large companies are already using this to rip the third world countries and pay less international fees.

Tha said. I do not think VOIP is heal back. It just takes time. I do not hink that the PSTN systems took off overnight.

How secure are landlines...

[SmackCrackandPot]

In the last apartment complex I lived in, the telephone lines to all the neighbors living above me, travelled down a conduit that went through one of the inside walls of each apartment, which could be accessed simply by removing the faceplate to the socket. The builders didn't exactly have security in mind.

And there are always stories of people finding unexplained telephone calls billed to their account, only to find out someone else had jacked a patch cable to their line on an outside wall.

Re:insecure network - insecure services

[bigberk]

What we need is a simple and fast encryption method for VoIP

I wish I could post more details but I'm holding back because of potential patent issues. Anyway, my colleagues and I have implemented an entirely peer to peer VoIP system that uses Blowfish [wikipedia.org] with its maximum 448 bit keys. It works great, and modern PCs have enough processing power to handle it.

Re:Not lack of security

[Anonymous Coward]

Pricing People think that VoIP is cheap compared to normal telephony. Average people spend around USD 200 per year on land line telephony

I don't know where you are from, but in MA, with no paid features on my phone line and usage of less than 500 minutes total (including long distance, local and in state long distance), I was paying about $60 a month at a minimum. That's $720 a year.

In the same location, with a cable modem and Vonage, I page $25 a month. That's $300 a year. Yes, the service quality was unacceptable entirely.

During the time I was in MA, I paid $44.95 a month for a cable modem. That's $540 a year.

In Florida, I've paid no less than $80 a month, including unlimited long distance. I make upward of 2000 minutes a month long distance alone. Thats $960 a year.

I pay $39.95 a month for 1.5/256 ADSL. That's about $480 a year. I'd pay $49.95 a month with the combination of services I have or $600 a year. However, because I am require to have a phone line for my DSL, I am roped into a variety of fees that are bare minimum for DSL. The cheapest I could get DSL including this is about $70 a month or $840 a year.

VoIP would cost me, because I telecommute, $50 a month for unlimited or $600 a year.

• Cable + Land line cost: $1260/year
  
• Cable + VoIP (500 min) cost: $840
  
• Cable + VoIP (unlimited min) cost: $960
  
• Cable + VoIP (small business min) cost: $1140
  
• DSL + VoIP (500 min) cost: $1140
  
• DSL + VoIP (unlimited min) cost: $1260
  
• DSL + VoIP (small business min) cost: $1440
  
• DSL + Land line cost: $1440
  

VoIP on a cable modem was reasonable at best, though it sounded like a so so cell phone. At worst, it sounded like I was calling from Australia with a cup attached to a string. One day, there was over a 2 second delay in the time I spoke and the time I heard a simple "yes" response. I always assumed this was because of the nature of cable. However, the savings is significant. There are ways to do it even cheaper than Vonage. If you need to save money, can get or have a cable modem and don't mind the possibility of low quality of service in your phone calls, this is what I'd use.

VoIP with DSL doesn't perform any better. I regularly check my DSL speed and it peaks out right near the advertised speeds. The cost savings isn't as significant, but not trivial either when comparing plan to plan. However, given BellSouth offers unlimited plans and discounts for combined services, the small business VoIP plan costs about the same as my land line services, all things considered.

Simply adding in the cost of bandwidth to make VoIP look more expensive is misleading. Personally, the cost of bandiwdth is a basic utility I'd have with our without VoIP. VoIP for the customer ain't so great in my experience, but in some cases, it really is significantly cheaper.

Re:As opposed to the security of PSTN?

[Grant_Watson]

...only the telecom could be the "man in the middle".

I hope there's a better way. I realize that this is an improvement over the current system, but why settle for that? I don't think they're going to run around selling trade secrets, but still, does anyone trust telecoms?

Re:As opposed to the security of PSTN?

[Rick the Red]

The difference is that Hoover didn't care if what he learned wouldn't stand up in court, because he was only interested in blackmail to keep his job. Same with Nixon. Ashcroft wants to use what he learns in court, so he wants Congress to legalize the crap Jedger and Tricky D. used to pull.

He also doesn't want to bother with all that nasty detective work to decide whose phones to tap, he wants to read all the mail and listen to all the phone calls and sort it out later. Personally, I have no problem with this, as long as John Ashcroft's mail and phone calls are all made public so we can play, too.

Re:As opposed to the security of PSTN?

[Anonymous Coward]

I wouldn't necessary state that. There were people in the 80s who "warred" with other groups by making the group member's phones busy.

However with the phone system being mostly digital now, there's very little chance of that happening. It's simple to figure out who's doing what and for law enforcement to slap them. Usually. If you bounce through several PBXs in and out of the country it may take a while, but everything's recorded now so you're generally pretty screwed...