A UK based security company has released proof-of-concept code that shows how simple it is to eavesdrop on VoIP traffic.
The software, called SipTAP, is able to sniff out and record VoIP conversations running on a local network.
Several VoIP protocols are vulnerable, although SipTAP does not currently listen in on Skype traffic. Nevertheless, with VoIP growing in popularity, and 3 launching a Skypephone, now could be the time to start thinking seriously about using encryption to protect your online conversations.
Although land lines and mobile phone calls can be tapped, this is difficult without access to phone switches - it’s illegal without a court order and is otherwise hard to arrange without an ‘inside man’. With VoIP, there are potentially many more ways in to the network. It is easy to imagine organised criminals using a spyware-infected PC to listen in on all the calls made to and from a company’s LAN.
Recent Comments