[asterisk-users] Building a terrorist-friendly telephone network (Was: CALEA support)

Jay R. Ashworth jra at baylink.com
Tue Oct 3 13:08:14 MST 2006


On Tue, Oct 03, 2006 at 02:47:46PM -0500, Henry J. Cobb wrote:
> Going to the other extreme, what would it take to create an untappable and
> untraceable telephone service over the Internet?

Well, define untraceable.  Avoiding traffic analysis is *much* harder
than avoiding content divulgement, and are you trying to encrypt PBX to
PBX, or set to set?

> Asterisk is a good start, especially because the code can be examined (as
> long as G729 is avoided) and any law enforcement back doors removed.
> 
> Now instead of trying to harden the wire protocols Asterisk uses, simply
> have it connect via VPN tunnels setup by other software.  (Remove all the
> DNS calls from Asterisk also.)

Maybe.  I'm not sure that's the best approach, though it would
frustrate traffic analysis, particularly if your VPNs backfill with
random filler traffic.

> You could setup a tiny Linux box to automatically war-drive for unsecured
> hotspots, but then you'd need to bounce through trusted relay servers or
> overcome NAT in some way.  Plus there is the problem of advertising your
> current IP address, but only to the people you'd like to call you. 
> (Encrypted files on file sharing networks?)
> 
> BTW: Nobody (within reach of the United States Military) should speak
> about such things after the detainee bill gets signed into law.  ;-)

Indeed.

Cheers,
-- jra
-- 
Jay R. Ashworth                                                jra at baylink.com
Designer                          Baylink                             RFC 2100
Ashworth & Associates        The Things I Think                        '87 e24
St Petersburg FL USA      http://baylink.pitas.com             +1 727 647 1274

	"That's women for you; you divorce them, and 10 years later,
	  they stop having sex with you."  -- Jennifer Crusie; _Fast_Women_


More information about the asterisk-users mailing list