Help
I make a lot of calls using Yahoo Messenger. At $.019 per minute, I find it economical. However, I am worried security.
Is it easy for people to listen in on a conversation? If so, is it a common problem? I searched the forum and did not find anything. I'm not worried about Yahoo employees as much as I am about a hacker that may be listening for a card number or bank information.
USANomad
Page 1 of 1
Voip Security Are my VOIP calls secure?
#2
ElfBane 
- Senior Member
-
- Group: Members
- Posts: 573
- Joined: 25-September 09
- Location:Florida
Posted 08 February 2011 - 08:25 AM
USANomad, on 07 February 2011 - 01:23 PM, said:
I make a lot of calls using Yahoo Messenger. At $.019 per minute, I find it economical. However, I am worried security.
Is it easy for people to listen in on a conversation? If so, is it a common problem? I searched the forum and did not find anything. I'm not worried about Yahoo employees as much as I am about a hacker that may be listening for a card number or bank information.
USANomad
Is it easy for people to listen in on a conversation? If so, is it a common problem? I searched the forum and did not find anything. I'm not worried about Yahoo employees as much as I am about a hacker that may be listening for a card number or bank information.
USANomad
Are you trying to secure your connection? If so, go here for some (outdated perhaps) info ... http://hubpages.com/...ess-information
This info hasn't been updated in a while, but it may give you some leads.
This post has been edited by ElfBane: 08 February 2011 - 08:25 AM
#3
mjd420nova
- Expert
-
- Group: Members
- Posts: 2,979
- Joined: 05-August 06
- Location:Fremont, California
Posted 08 February 2011 - 09:32 AM
I would think that VOIP would be more secure than any other type of phone call. Cordless, wireless and regular landline calls are in real time voice emissions and can be subject to intercept either by tapping a hard line or intercepting witha scanner on RF frequencies. VOIP converts voice to a digital signal in the home or workplace before adding it to a stream of data over DSL or cable lines and not as subject to intercept. But a big rule of thumb is that any sensitive information should not be revealed or discussed over public media, regardless of the mode. PERIOD.
#4
Evildave
- Expert
-
- Group: Members
- Posts: 4,287
- Joined: 24-January 08
Posted 08 February 2011 - 08:06 PM
I used google + Google Voice. One day my browser rang. They added free (U.S.) outgoing calling at the same time.
No, your VOIP probably isn't secure, but neither are POTS calls. You can't control where the packets go, or who might be monitoring them.
There are SSL VOIP services, which would be MORE secure, but nothing will be totally secure.
No, your VOIP probably isn't secure, but neither are POTS calls. You can't control where the packets go, or who might be monitoring them.
There are SSL VOIP services, which would be MORE secure, but nothing will be totally secure.
#5
crazy4laptops
- Expert
-
- Group: Members
- Posts: 3,118
- Joined: 20-November 07
- Location:Austria
Posted 09 February 2011 - 01:58 PM
USANomad, on 07 February 2011 - 01:23 PM, said:
I make a lot of calls using Yahoo Messenger. At $.019 per minute, I find it economical. However, I am worried security.
Is it easy for people to listen in on a conversation? If so, is it a common problem? I searched the forum and did not find anything. I'm not worried about Yahoo employees as much as I am about a hacker that may be listening for a card number or bank information.
USANomad
Is it easy for people to listen in on a conversation? If so, is it a common problem? I searched the forum and did not find anything. I'm not worried about Yahoo employees as much as I am about a hacker that may be listening for a card number or bank information.
USANomad
Hello USA Nomad!
With Yahoo Messenger calling rates, is that domestic USA calling or international?
If it's USA, I would recommend Skype instead, $3 a month will get you unlimited USA/Canada calling. Plus you can talk over skype on your iPod/iPhone, Blackberry, or Android device as well.
Now back to Voip security
Each VOIP session, whether it's skype, yahoo IM, Cisco, MagicJack, etc. They each have their own way of encrypting communications.
Skype uses AES-256 encryption for their VOIP sessions.
Google talk/free call from gmail uses SSL over HTTPS to encrypt voice calls.
At the present, I was not able to identify the encryption of the other VOIP providers listed.
Like all computer programs & security, there will be weaknesses and vulnerabilities, but it is currently very hard to monitor/record VOIP traffic on a home network from the outside. But be sure to encrypt your wifi connection with WPA/WPA2 encryption and a long password.
If you don't feel secure, you might want to look at a VPN connection or tunnel (a secure encrypted data channel over the internet)
Even the experts started out as beginners
#6
MichaelScott
- Newbie
-
- Group: Members
- Posts: 3
- Joined: 09-November 10
Posted 15 February 2011 - 06:12 AM
crazy4laptops, on 09 February 2011 - 01:58 PM, said:
USANomad, on 07 February 2011 - 01:23 PM, said:
I make a lot of calls using Yahoo Messenger. At $.019 per minute, I find it economical. However, I am worried security.
Is it easy for people to listen in on a conversation? If so, is it a common problem? I searched the forum and did not find anything. I'm not worried about Yahoo employees as much as I am about a hacker that may be listening for a card number or bank information.
USANomad
Is it easy for people to listen in on a conversation? If so, is it a common problem? I searched the forum and did not find anything. I'm not worried about Yahoo employees as much as I am about a hacker that may be listening for a card number or bank information.
USANomad
Hello USA Nomad!
With Yahoo Messenger calling rates, is that domestic USA calling or international?
If it's USA, I would recommend Skype instead, $3 a month will get you unlimited USA/Canada calling. Plus you can talk over skype on your iPod/iPhone, Blackberry, or Android device as well.
Now back to Voip security
Each VOIP session, whether it's skype, yahoo IM, Cisco, MagicJack, etc. They each have their own way of encrypting communications.
So, now that we've established that there is NO WAY TO GUARANTEE PRIVACY ......let's get back to MY favourite subject: ECONOMY!
Unless the 19 cents per minute you're referring to is for "international calls".....do yourself a big favour right now and go to the nearest drugstore, Best Buy, Walmart, Kmart, whatever, and pick up a MagicJack. Start making unlimited calls throughout North America for $19.95 ANNUALLY! You heard me....20 bucks a YEAR!!
This amazing little device gives 'fair-to-good' call quality....and at that price, it pays just to have it with you on vacation. We take ours with us wherever we go......along with an inexpensive portable phone and our laptop. That way, wherever we are, as long as we can find a wi-fi hotspot, we can phone anywhere in North America at no (extra) charge. Great for calling home while away on holidays. Plus, you can talk free to any other MagicJack (MJ) owner anywhere in the world. Plus, you can pick a phone number for your MJ that begins with virtually any area code in the continent. So, for example, if you live in Florida, but most of your family lives in Los Angeles, you can choose an LA area code so that your family can call YOU no charge...(in addition to YOUR being able to call THEM no charge.)
It's a cool little gizmo (no, I don't work for them...I just find the product amazing)....and for $40 (price of unit includes first year's 'subscription') you can't afford NOT to try it out. See www.magicjack.com
Michael
This post has been edited by MichaelScott: 15 February 2011 - 06:14 AM
#7
crazy4laptops
- Expert
-
- Group: Members
- Posts: 3,118
- Joined: 20-November 07
- Location:Austria
Posted 15 February 2011 - 06:44 AM
Hello MichaelScott! That's not $.19 cents, its $.019 cents or almost 2ยข a minute.
Plus, you're promoting MagicJack/going off topic. The OP asked about how secure VoIP was, not for input for alternate VoIP providers.
Plus, you're promoting MagicJack/going off topic. The OP asked about how secure VoIP was, not for input for alternate VoIP providers.
Even the experts started out as beginners
#8
LincolnSpector
- Expert
-
- Group: Members
- Posts: 2,385
- Joined: 16-October 06
Posted 28 February 2011 - 12:02 PM
Hi, folks. I've done some research on this for my Answer Line blog. Here's what I found:
VOIP calls can be spied on. But that's true with cell phones and old-fashionedlandlines, as well. Technically speaking, phone companies and governments canpretty much listen to any wired or wireless conversation they want to. That'swhy we need privacy laws requiring search warrants to protect us.Of course, phone companies and governments don't alwaysfollow the law. And even criminals without government connections can find away to this if they want to badly enough.
But these existing privacy issues get more complicated with VOIPcalls. Assuming you're calling someone with a conventional phone line, you'readding all of the security issues of the Internet and personal computing to theones above.
For instance, the digital data can be intercepted anywherealong the Internet path from your router to your ISP's server to whatever otherservers it passes through before going out to the analog phone network. Assumingyour VOIP service doesn't encrypt calls, whoever intercepts it can listen toit, as well.
Which raises the question: Does your VOIP service encryptcalls?
Skype does, with very strong, 256-bit AES encryption. Youcan read the details here.
But not everyone else does. A Google spokesperson for confirmedfor me that Google Voice does not encrypt their calls.
What about Yahoo Voice (the service that USANomad uses)? I couldfind nothing on their site about encryption, nor did they respond to my requestfor clarification. Therefore, I think it's best to assume that they don'tencrypt their phone calls.
While encryption increases your safety, it doesn't guaranteeit. Your own computer may be the weak point in your VOIP security chain. If yourPC is infected, whoever is controlling the malware may be able to monitor yourphone calls and get useful information off of them. I have yet to hear about amalicious program that monitors transmitted audio data for key words like"credit card number," but it's certainly possible.
The best solution is to do what you're probably alreadydoing: Keep your security software up-to-date, scan weekly with anothersecurity program, and avoid suspicious websites.
And, of course, your end is only half ofthat problem. If the person you're speaking to is also on a VOIP phone, theyhave the same security issues. If they're using a cell or landline phone, theyhave the security threats discussed above.
In the final analysis, there's no such thing as a totallysecure phone call, only a reasonable degree of security. For more on the issue,I suggest <a href="http://www.schneier.com/blog/archives/2006/04/voip_encryption.html">thisexcellent post by Bruce Schneier.
VOIP calls can be spied on. But that's true with cell phones and old-fashionedlandlines, as well. Technically speaking, phone companies and governments canpretty much listen to any wired or wireless conversation they want to. That'swhy we need privacy laws requiring search warrants to protect us.Of course, phone companies and governments don't alwaysfollow the law. And even criminals without government connections can find away to this if they want to badly enough.
But these existing privacy issues get more complicated with VOIPcalls. Assuming you're calling someone with a conventional phone line, you'readding all of the security issues of the Internet and personal computing to theones above.
For instance, the digital data can be intercepted anywherealong the Internet path from your router to your ISP's server to whatever otherservers it passes through before going out to the analog phone network. Assumingyour VOIP service doesn't encrypt calls, whoever intercepts it can listen toit, as well.
Which raises the question: Does your VOIP service encryptcalls?
Skype does, with very strong, 256-bit AES encryption. Youcan read the details here.
But not everyone else does. A Google spokesperson for confirmedfor me that Google Voice does not encrypt their calls.
What about Yahoo Voice (the service that USANomad uses)? I couldfind nothing on their site about encryption, nor did they respond to my requestfor clarification. Therefore, I think it's best to assume that they don'tencrypt their phone calls.
While encryption increases your safety, it doesn't guaranteeit. Your own computer may be the weak point in your VOIP security chain. If yourPC is infected, whoever is controlling the malware may be able to monitor yourphone calls and get useful information off of them. I have yet to hear about amalicious program that monitors transmitted audio data for key words like"credit card number," but it's certainly possible.
The best solution is to do what you're probably alreadydoing: Keep your security software up-to-date, scan weekly with anothersecurity program, and avoid suspicious websites.
And, of course, your end is only half ofthat problem. If the person you're speaking to is also on a VOIP phone, theyhave the same security issues. If they're using a cell or landline phone, theyhave the security threats discussed above.
In the final analysis, there's no such thing as a totallysecure phone call, only a reasonable degree of security. For more on the issue,I suggest <a href="http://www.schneier.com/blog/archives/2006/04/voip_encryption.html">thisexcellent post by Bruce Schneier.
Share this topic:
Page 1 of 1