1 minute read

Ever since the early days of 2600, people have been learning what it takes to compromise voice conversations.

Starting with your standard telephone (POTS) line, one can still beige box you with cheap or free used gear.

Analog cell phones have always been easy to listen to, with any non-American frequency scanner. In Canada, it is legal to listen to these.

Modern digital cellular phones use GSM encryption, which can now be compromised with sufficient resources.

Skype, has a history of issues, and even without them trivially provides “security investigators” with personally identifiable information.

Most VoIP (SIP) traffic can easily be captured with a packet sniffer.

If you want your voice conversations to not be trivially compromised, it requires encrypted (preferably open source, to verify it’s been implemented correctly) solutions. Currently the only free solutions are zrtp (for SIP) or red phone (for Android). If you know of any other solutions, or if either of these have been compromised, please let me know (kris@ this domain) and I’ll update this post.

It’s important to note this is just regarding the communications protocol; security is like a river, a compromise is usually done on the path of least resistance, so if your physical location or surrounding hardware or software is compromised, so is your next conversation.