[Asterisk-Dev] OMG THE SKY IS FALLING!! NOT!!!
Florian Overkamp
florian at obsimref.com
Fri May 14 11:45:10 MST 2004
Hi,
> -----Original Message-----
> Sadly, the article reads as more bogus than it really is. SIP
> really is weak. RTP stream are almost universally unencrypted
> right now. Listening in to a VoIP within your company is
> generally much easier than snooping on a traditional call. I
> wonder how long it will take before encryption, solid
> authentication, and other good stuff becomes widely deployed for VoIP?
Same goes for e-mail and many other instant messaging or chat networks. One
should consider how the basic structure of the network is built and evaluate
the risks. If the cost of a possible intercept exceeds the cost of the
telephony savings - then this might be an argument to not use VoIP :-)
Then again: if you have a properly switched network, it will be less than
trivial for non-authorised personel to snoop on a conversation. Yes, your
network admins could. But you need to have a proper screening and trust
relation with them anyway.
As always: Use your head :-)
Florian
More information about the asterisk-dev
mailing list