AOH :: ISNQ5876.HTM

Leading voice encryption programs hacked in minutes

Leading voice encryption programs hacked in minutes
Leading voice encryption programs hacked in minutes


http://news.techworld.com/security/3211263/leading-voice-encryption-programs-hacked-in-minutes/ 

By John E. Dunn 
Techworld
27 January 10

Most voice encryption systems can be tapped in minutes by installing a 
voice-recording Trojan on the target computer, a security researcher has 
confirmed after testing a range of well-known products.

Although this type of attack has been known about for some time, the 
scale of the issue uncovered by researcher 'Notrax' is still surprising. 
In all, the unnamed engineer was able to intercept calls made using 
twelve popular encryption programs and hardware systems using an easily 
available $100 wiretapping utility called FlexiSPY. This tapped the 
voice stream in real time before any encryption was applied to the data.

The researcher then refined the principle of FlexiSPY into a 
custom-written Trojan that could record both the microphone and speaker 
and capture any conversation into a file for retrieval later on. 
Crucially, both attacks were able to carry out their work undetected by 
suppressing all rings, notifications and call logs.

Programs and hardware systems beaten included Zfone/ZRTP, Secure Voice, 
Caspertech, and even the well-regarded GSM handset security system from 
UK company Cellcrypt. Only three products resisted the simple attack, an 
unnamed Rohde & Schwarz Bluetooth device, PhoneCrypt from German company 
SecurStar, and a hardware product from SnapCell.

[...]


________________________________________ 
Did a friend send you this? From now on, be the 
first to find out! Subscribe to InfoSec News 
http://www.infosecnews.org

Site design & layout copyright © 1986- CodeGods