[h323implementers] NSA H.323 surveilance
Jan Willamowius
jan at willamowius.de
Thu Mar 13 12:04:18 EDT 2014
Hi,
The Intercept just published a few very interesting slides how the NSA
intercepts H.323 (and SIP and Skype) VoIP traffic:
https://firstlook.org/theintercept/document/2014/03/12/vpn-voip-exploitation-hammerchant-hammerstein/
Notice how the HAMMERSTEIN component on page 4 "processes" the call
signaling as man-in-the-middle. This would pretty much match the attack
I have been warning about previously when I wrote "Why your AES
encryption might be worth nothing".
http://www.gnugk.org/h323-encryption.html
Another interesting fact seems to be that they targeted H.323 and SIP
before taking on Skype (bottom of page 2).
Regards,
Jan
--
Jan Willamowius, Founder of the GNU Gatekeeper Project
EMail : jan at willamowius.de
Website: http://www.gnugk.org
Support: http://www.willamowius.com/gnugk-support.html
Relaxed Communications GmbH
Frahmredder 91
22393 Hamburg
Geschäftsführer: Jan Willamowius
HRB 125261 (Amtsgericht Hamburg)
USt-IdNr: DE286003584
More information about the h323implementers
mailing list