Tuesday, March 17, 2009

A thought on eavesdropping VoIP

Given the current fad of governments trying to eavesdrop on people (only criminals, of course, and politicians are excluded by law), and the criminals catching up and using encrypted VoIP (Skype for example), governments have expressed that they want to install trojans to catch the voice stream before it gets encrypted.

Which of course can only mean hooking into the soundcard drivers, as that's where the physical signal from the headphone jack gets through before it is passed on to the VoIP software. An even easier way would be to place a small bug into the PC that gets hooked to the loudspeaker and microphone plugs (but of course that wouldn't allow software companies to earn millions for developing a trojan that never works anyway unless you have a really dumb terrorist...).

But let's assume the government either pulls of writing the trojan or placing a physical device into the case - now they can get everything that goes out to the loudspeaker/headphone, and everything that comes in via microphone or line in. Really?

USB soundcard solutions already exist, mostly for laptops, but of course they'll work just as good on desktops. USB headsets basically are the same - a small soundcard connected via USB. That would eliminate the physical option, but would still allow access via the sound driver on kernel level.

Now here's an idea: How about an ENCRYPTED datastream? The VoIP software could talk directly on API level to the soundcard instead of using the normal OS ways, and make sure that the data never is in clear form before it reaches the soundcard. That way, the only decrypted signal would be on the 2m or so of cable between the soundcard/USB-plug and the actual headphones.

Of course, additional security could be achived by encrypting even that and only decrypt inside the headphone ;-)

Funnily, while it would be tempting to do so, encrypting the microphone signal would be completely pointless - what you say will be audible inside your room anyway, so a plain old normal bug will give the LEOs access to that part of the conversation anyway.

No comments: