Privacy, Secrecy, and Security
Aside from features that will be appealing to users, there are fundamental requirements of Privacy, Secrecy, and Security that are seldom discussed openly with regard to VoIP. But they are serious issues, and need to be fully considered by users, corporations, telecommunications carriers, VoIP carriers, law enforcement agencies, and federal and state governments. As we all know, the Internet is a lawless frontier, where nothing is safe and secure, and reliability is always one step away from calamity.
Security and Vulnerability
World War II Poster
World War II Poster
VoIP does little to protect the interests of these individuals and organizations, not to mention protecting the security of the United States. We suffer untold numbers of hacker attacks DAILY, systems broken into, identities stolen. The entire worldwide DNS system was brought to its knees by hackers. In August, 2008, Russia launched a cyber attack against Georgia two days before its ground attack. In previous wars, aircraft were sent in first to destroy radar installations and command centers to “blind” the enemy. This time, aircraft were not necessary. The Russians paralyzed the Georgian government and civilian infrastructures alike with massive Denial of Service (DoS) attacks and other tactics. Cyber warfare is real, and any technology that is susceptible to it is at risk.
Fundamentally, no one can guarantee that Internet communications cannot be intercepted and monitored. We all need to ask: Is this what we want for our telecommunications system?
Follow the link above to read the White Paper at the following headlines, which discusses this topic in much more detail:
Defining the Problem... How can we achieve multimedia telecommunications and still accommodate nation securituy needs and maintain the tradition integrity and reliability that we all expect?
Problems: VoIP Technology Presents Security Risks at Several Levels:
DNS - a History of Exposures and Attacks
VoIP Shares All the Risks of the Internet
The Architecture of the Internet Itself Is The Flaw
Problems: VoIP Technology Presents Business Risks to Telephone Carriers
Read the above references to learn VoIP can ‘t be fixed, and why you are at risk simply because the other party uses VoIP!
Privacy, Secrecy, and Legal Requirements
While not commonly addressed (at least, until the lawsuits start), in addition to the obvious (protection from snooping) there are at least three requirements that need to be met: unlisted numbers, legal call trace, and legal wiretapping.
There are two aspects to unlisted numbers: the obvious is that the number is not published, and so the number is effectively secret; but with equal importance, you can call someone from an unlisted number and not only is it practically impossible for the called party to discover the phone number of the caller (since the number is not displayed on Caller-ID), but also the called party can’t tell the location from where the call was placed. In support of this requirement, any Internet telephony technology must prevent IP tracing software from revealing the geographic locale of calling parties for legal and security matters such as protecting battered spouses and people in witness protection programs. Consider the scenario of a battered spouse, in hiding at her sister’s house in St. Louis. If her husband learns she is in St. Louis, he knows where to find her. If she calls to check on the kids using a VoIP phone, and he does a packet trace, bingo – he knows where she is at. This is trivial to accomplish on the Internet.
By contrast, here’s how Privacy, Secrecy, and Security are achieved in the Next Generation of Telecommunications. Figure 1 illustrates that Internet data does not transit directly between calling and called devices. Instead, those connections are sent through proxy servers which are controlled by SS7 messages, and do not respond to ping and traceroute queries. They might be randomly selected, so a proxy server in New York City will be selected on one call, but a proxy server in Washington D.C. might be selected on the next call from the same phone.
Secret key is not acceptable for general Internet usage, because there is no way to prevent snooping. However, in the Next Generation environment, the keys are transmitted across a secure network – offering a very high degree of security for the keys. Furthermore, there can be separate keys for each half (direction) of the conversation.