Wiretapping with VOIP and VPN?
May 5, 2008 2:15 PM   Subscribe

Yes, of course it's easy to encrypt communications with commercial and open source software. Going back to the '90s with PGPFone for voice and even earlier with email and PGP.

The problem is most criminals don't understand this stuff, and, of course, it wouldn't work very well with cellphones (but you could use a PDA with wifi or even a cellular data connection, I suppose)
posted by delmoi at 2:24 PM on May 5, 2008

Not real-time communications but: Man can't be forced to divulge PGP passphrase.
posted by mkb at 2:25 PM on May 5, 2008

In this season, the police were trapping data sessions, not just voice - the picture of the clock. There's no reason that kind of stuff couldn't be encrypted, but then you'd need handsets capable of decrypting messages. That would entail custom app development.

But there's no need to bring Asterisk into this. I don't see what that would buy you, really.

From a UI perspective, though, I don't think this would work - if you need handsets with custom software, that would require training, etc.
posted by me & my monkey at 2:30 PM on May 5, 2008

Say you have two VOIP endpoints (be they Asterisk or regular VOIP software), which are considered to be secure (no one has compromised your VOIP-running computers, the room you're communicating from, etc.) If you connect them together over a VPN using currently available "strong" encryption, your communications will be, for all intents and purposes, untappable. If you don't write the voice traffic to disk, the state on the servers isn't important, as long as you are both aware when a server has been compromised that your link is no longer secure.

If you're really concerned, you can encrypt your traffic in such a way that nobody can ever break it, even given infinite time and computer power, as long as you can securely exchange some data beforehand - this is called a "one-time pad". Probably not worth it.

It's possible that major governments have the ability to break publicly available strong encryption, but the general thinking is that keeping that fact secret is vastly more valuable than any smuggling you could be doing.
posted by pocams at 2:46 PM on May 5, 2008

Well yeah in the season it was just data, but it could also be done with voice? Say having the whole system boot up and run from RAM so that any voice calls aren't store anywhere and if the system had to be shutdown they state would be loss? Marlo running around in a converted van with a 3G card?

Sure, but from a practical perspective, the problem is how do you distribute and manage this equipment? How do you secure the endpoints? What happens if the police pick up one of these during a sweep?

Successful systems are simple.

I realize that criminals aren't as sophisticated, but The Greek had several passports. Those can't be easy to fake, it would seem if he had access to someone who could do that, he would have access to someone with Geek Squad.

I'm pretty confident that there are plenty of criminals with access to and knowledge of sophisticated cryptographical systems. I suspect they're not street-level drug dealers, though.
posted by me & my monkey at 3:19 PM on May 5, 2008

Criminal masterminds do not plague me with requests for advice on how to secure their communications properly - but if they did I would be tempted to tell them to steer clear of computers altogether and try invisible ink instead. Really! The more highly trained a team is in computerised message interception and decryption the less likely they are to remember about grape juice and baking soda.
posted by rongorongo at 3:58 PM on May 5, 2008 [1 favorite has favorites]

A lot of people who are big into encryption have long ago posited that various 3-letter government agencies can crack most encryption real-time. But unless you have an Arabic last name* and are calling Afghanistan, that probably won't come into play.

A couple wrinkles in the plan:

- An overseas VoIP server would introduce a lot of latency. Probably 100ms+, and 250ms+ if you're going somewhere very remote. (It's easy to find an offshore dedicated server. They're typically for borderline-illegal stuff like gambling, and lots of spam.) This level of delay is pretty awkward, especially when you introduce whatever the vocoder lag is (the time for it to sample your speech and encode it: something like 10ms, plus or minus a lot depending on what you use). Your plan of multiple servers in multiple countries would make this even worse. If you're doing e-mail or the like, it's totally doable.

- In some circumstances, exporting cryptography is illegal. I don't know how this actually works in practice, however.

My understanding of wiretapping is that the police/government generally just ask the phone company to do it for them. (Wasn't there something about AT&T screwing up and sending the wiretapping bills to the wiretapped customer?) I think the stuff you see on TV about detectives splicing into phones is mostly fiction.

IANADL (drug lord), but if I were, I think I'd buy a disposable cell phone from Walmart. Yes, it could be tapped, but good luck listening to millions of cell conversations to find mine.

* This isn't meant to be racist, but to reflect the reality that a friend with an Arabic last name has told me about.
posted by fogster at 4:38 PM on May 5, 2008

Actually one of the things I liked most about the Wire was that it really made clear that it's not just good security design and procedure that count, but also how that plan is executed. In season 3 (I think it was S3), the drug dealers had a good plan involving disposable cell phones that would have been very difficult, if not impossible, for the police to tap. But they became vulnerable because of operational, rather than design, problems (the guy buying all the phones from the same convenience store every time). This is something that a lot of people seem not to understand.

So bottom line: yes, if you used Asterisk and OpenVPN, you could create a very secure voice communications infrastructure between two points. I'm sure there are corporations doing this very thing right now. But that's not the be-all and end-all of security; there would still be lots of ways you could slip up and be open to eavesdropping. And given human nature, the more secure you think your communication channel is, the more likely you'll say something stupid/incriminating on it.
posted by Kadin2048 at 5:34 PM on May 5, 2008

This whole thread and nobody has mentioned Zfone? Zimmerman's totally encrypted, phpfone mark deux. I haven't been able to find anyone bored enough to actually test out the whole encrypted SIP concept but I did manage to get the thing installed in Ubuntu.

Only available in the US, or to non-americans with three or more braincells to rub together.
posted by Skorgu at 6:50 PM on May 5, 2008

But they became vulnerable because of operational, rather than design, problems

Yes yes yes yes yes. [SPOILERS] The map grid reference system was only cracked because the dealers settled into a familiar location pattern. The burners were cracked by a weak link in the supply chain (a bitchy girlfriend if I remember). The drug code, slang, etc. was only as effective as the person using it -- remember them laughing at the pusher who got frustrated and blurted out "Cocaine!"? Even with perfect encryption, you can still play egos off one another, manipulate emotions, and penetrate the inner circle in a million ways? The first "wire," if I recall, was just an ancient reel-to-reel strapped to a hooker. No one suspected the hooker!

Until you take the humanness out of communication, it's not going to be foolproof private. And you never know...one bit gets jealous of another bit and pretty soon the po-po are picking through your seg fault and Omar just ripped your swap (file) and boy do you look like a chump...
posted by cowbellemoo at 7:57 PM on May 5, 2008

For that matter, a lot of the codes broken in WWII came down to operational stuff (cipher-machine operators making mistakes or being lazy, e.g.). I've read of are some instances of wiretapping being difficult because of modern ('90s+) crypto technology — fewer than I'd have thought — but I don't get the impression that it's slowing down law enforcement all that much. By the time you know who to wiretap, you have many human avenues of investigation available to you as well.

fogster: My understanding is that people generally don't think the TLAs have the ability to crack strong crypto in realtime, but that they are good enough at traffic analysis that they don't need to crack your crypto anymore. That's probably why things like the illegal AT&T/Verizon/MCI dragnets are so attractive.
posted by hattifattener at 10:00 PM on May 5, 2008

are
posted by hattifattener at 10:00 PM on May 5, 2008

A lot of people who are big into encryption have long ago posited that various 3-letter government agencies can crack most encryption real-time. But unless you have an Arabic last name* and are calling Afghanistan, that probably won't come into play.

This is a really ridiculous assertion, (that is, the assertion that 3-letter agencies can crack 'most' encryption in real time). While it's never been proven that public key crypto can't be broken it would require finding the prime factors of huge numbers very quickly, and that's something that a lot of really smart people have been working on for decades, and no one's ever figured out a way to do it fast enough to ever break most crypto in either their lifetimes or their children's lifetime or the time before the sun turns into a red giant and swallows up the earth.

So to say that the government can break 'most' crypto is simply paranoid innumeracy. That doesn't mean the people who believe it aren't "big" just that they don't know what they're talking about.

If someone is using encryption, what the government will do is either hack into your computer and install a key logger, (if they have a warrant) or even install a hardware bug to sniff your keystrokes. So if you're a really big target, they'll work around the encryption. But to suggest that they can break it is really ridiculous.
posted by delmoi at 3:46 AM on May 6, 2008 [1 favorite has favorites]

Forgive the derail, but delmoi, that's not entirely true. It's not proven that finding the prime factors by brute force is the best attack on any given algorithm, and it's entirely possible that there are attacks that aren't known to even the really smart people in public research. For instance, differential cryptanalysis was known to the NSA in the early 70s, when it was discovered by IBM researchers; the NSA had IBM cover it up, and it didn't become public until the late 80s. It's entirely possible that the government has no good attacks against AES, but it's also possible that they do have one, and that it won't become public for years.

What is entirely true is that the government won't be putzing around trying to crack your encryption when there are a great many weaker links in your security, such as the key logging you mention. There are very, very few circumstances where it would make any kind of sense for them to be breaking encryption, even if they could.
posted by pocams at 7:50 AM on May 6, 2008

fogster writes "In some circumstances, exporting cryptography is illegal. I don't know how this actually works in practice, however."

It's about as effective as the laws against software piracy. Worse actually because some people will intentionally make the stuff available in order to thumb their noses at the goverment.

hattifattener writes "a lot of the codes broken in WWII came down to operational stuff (cipher-machine operators making mistakes or being lazy, e.g.). "

German naval enigma was significantly harder to break then the army/air force implementation in part because naval operators were required to use a preprinted initialization key table. The other branches allowed operators to select their own keys and often they selected poor and predicable keys like actress' names.
posted by Mitheral at 10:22 AM on May 6, 2008

« Older What's my best bet for photogr...   |   I need help coming up with a f... Newer »

This thread is closed to new comments.