Wiretapping VoIP

With VoIP rapidly displacing conventional telephony it was inevitable that the darker side – i.e. those with criminal intent – would wind up using VoIP to plot their misdeeds. That’s the bad news. The good news, especially for business VoIP users, is that it is a lot harder to eavesdrop on VoIP conversations than it is to intercept traditional telephone calls. But what’s good news for the legitimate VoIP phone service user is bad news for the cops, who have long used wiretaps as a tool to catch the bad guys.

In hopes of regaining their ability to wiretap, a little dollop of cash had been added to this year’s federal budget to set up a unit within the Federal Bureau of Investigation (FBI), working jointly with the Drug Enforcement Administration (DEA), to develop the technology needed to hack VoIP.  The expenditure was actually approved, and signed into law, last November. It only took four years of lobbying by law enforcement officials to get that approval (I think that’s longer than it took the original developers of VoIP technology to come up with their first working prototype).

Now it’s taken nearly five months to get the ball rolling but, over the past week, word has drifted out of Washington that the unit, dubbed the “National Domestic Communications Assistance Center,” has begun operating, with a budget of $8,244,000. That’s paying for piles of hardware and 13 folks, at least some of whom haven’t even been hired yet. A publicly available help wanted ad, for instance, had a closing date of May 2, and it typically takes weeks, if not months, for the federal hiring process to run its course. That ad seeks a hacker with experience in PacketCable (the technology used in cable modems); QChat (the walkie-talkie like technique used in push-to-talk cell phones); and T1.678 (the key standard in VoIP communications). The job, by the way, pays up to $136,771 per year.

(For the untutored, tapping conventional calls takes no more than physical access to a phone box, a couple of wires with alligator clips, and a handset. It’s currently close to impossible to intercept VoIP calls without the intervention of the VoIP switch operator, although creative hackers using packet sniffers have been known to eavesdrop on conversations by neighbors on the same cable broadband loop as they are, a little hole that’s allegedly been patched by the newer version of the technology the cable companies use.)

The FBI center, by the way, isn’t planning to do any VoIP-tapping itself. Rather it’s supposed to develop the technology needed and make it available to local and federal law enforcement agencies. The feds, in the very little they’ve revealed about the new operation, which doesn’t even have its own web site, have also been very careful to include multiple disclaimers about how the technology they develop will only be used in accordance with laws such as those requiring court orders for wiretaps.

Now here’s the guru part of this blog: If the FBI does indeed find a way to eavesdrop on VoIP, then it’s only a matter of time before the darker side gets hold of that technology. NYC criminal attorney Steve Raiser said, “If you can use it for bad, it’ll be used.”  That will inevitably lead to new and even more secure VoIP technology. Which in turn will lead to new, and probably more expensive, taxpayer-funded efforts … and over and over again into the future. It’s about the same as what’s happened to data encryption technology in general.

But, after all, that’s the world we live in these days.

Stuart Zipper is currently a contributing editor to Communications Technology, a high tech business journalism consultant and freelancer, and the past Senior Editor of TelecomWeb news break.