News:

On Tuesday September 6th the forum will be down for maintenance from 9:30 PM to 11:59 PM PDT

Main Menu

GV calls encrypted?

Started by Levander, November 08, 2013, 02:45:01 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

Levander

November 08, 2013, 02:45:01 AM
I realized it's not possible to encrypt phone calls over the public phone networks.

But it would be possible for GV to encrypt calls from our Obihai devices to their Google servers, then unencrypt them on their servers and then send the phone calls out the public network.

Google doesn't do anything like this, do they?

I have a friend going through a divorce and she's paranoid her husband has wire tapped her phone. I put them on Google Voice and an Obihai device awhile back.

giqcass

#1
November 08, 2013, 04:06:04 AM
Any phone service could be encrypted but it must be done at both ends with special software or devices.  Google voice calls are only encrypted on part of the journey. One of the reasons Google says it's upgrading to a new protocol is for additional security.  It is highly unlikely anyone is listening in to her calls even without encryption.  It is a complicated thing to do unless you have physical access or at least close proximity to the phone victim.  It isn't impossible of course. If she really wants to keep her calls safe however switch to a CDMA cell phone service like Sprint or Verizon.  CDMA technology seems to be the most secure consumer phone service at the moment.  GSM services like AT&T and T-Mobile are less secure in my opinion but anything can be hacked.  If she uses a cordless phone it is possible to eavesdrop with special radio equipment from a limited range.

She should make sure her voicemail requires a pin number in order to gain access.  That is usually the weakest security point.  With very limited knowledge a hacker could easily gain access to any voicemail account they want in just a couple minutes with free software if it is not guarded by a pin number.

In a case like this I would change all of my passwords if I suspected eavesdropping.  If she uses a smartphone I would thoroughly check software installed on it.  For Android in particular make sure the associated Google account is secure.  Software can be remotely installed on those phones if the account has been compromised.


Long live our new ObiLords!

Milton

#2
November 08, 2013, 02:25:24 PM
It would be difficult for the average Joe to listen to the digital part of the call, meaning the traffic between the Obi and GV. However if you are using the household wiring to connect the analog handset to the Obi, you have a weak spot. It's easy to purchase a modified cassette tape recorder that will connect to the household wiring. The recorder is not activated until the handset is picked up then it starts recording. Since you're recording voice the tape runs at a slow speed so you can record many hours on a single tape. You can also get wireless taps that do the same thing but do not require tape retrieval.

Levander

#3
November 08, 2013, 03:21:18 PM
Quote from: giqcass on November 08, 2013, 04:06:04 AM
Any phone service could be encrypted but it must be done at both ends with special software or devices.  Google voice calls are only encrypted on part of the journey.

What part of the journey are GV calls encrypted for?  I'm hoping its from the Obihai device to the Google servers.

I was just now responding point by point to the rest of your post giqcass.  But it all was just "interesting, I'll discuss it with her and she if she wants to do that... Thanks for the great info!" So I deleted it.

But it really was great info.  I really appreciate your post.

Levander

#4
November 08, 2013, 03:23:25 PM
Quote from: Milton on November 08, 2013, 02:25:24 PM
It would be difficult for the average Joe to listen to the digital part of the call, meaning the traffic between the Obi and GV. However if you are using the household wiring to connect the analog handset to the Obi, you have a weak spot.

Nah, she's plugging her Obihai directly into a cordless expandable phone system.  The base on that system uses DECT 6.0 to the expansion satellites.  I'm pretty sure DECT 6.0 is encrypted, but I need to look into that next.

But the wire between the Obihai and the base is definitely a weak point.  Fortunately it's only a 3 foot wire I can look at and see there's nothing on.

giqcass

#5
November 10, 2013, 01:12:10 AM
Quote from: Levander on November 08, 2013, 03:21:18 PM
Quote from: giqcass on November 08, 2013, 04:06:04 AM
Any phone service could be encrypted but it must be done at both ends with special software or devices.  Google voice calls are only encrypted on part of the journey.

What part of the journey are GV calls encrypted for?  I'm hoping its from the Obihai device to the Google servers.

I was just now responding point by point to the rest of your post giqcass.  But it all was just "interesting, I'll discuss it with her and she if she wants to do that... Thanks for the great info!" So I deleted it.

But it really was great info.  I really appreciate your post.

Sadly it's difficult to know the specifics as I am not an expert on XMPP.  Google Talk servers support encryption but it depends on whether the Obi implementation also supports encryption.  Someone should wireshark their Obi and see what is going on there.

I did have a good idea if she truly feels her phone might be compromised.  Get a router that supports open VPN and put it between the Obi and the Cable/DSL modem.  Her router might already support it. That would require the purchase of a VPN service as well but she would know her calls were encrypted between her and the VPN server.  Once it reaches their server its decrypted but good luck trying to intercept her calls on the second half of the journey.  Good services start from around $7 per month.
This is a good short video you might find useful.
https://www.youtube.com/watch?feature=player_embedded&v=oBxpYbNibVI
Long live our new ObiLords!

toetied

#6
July 13, 2014, 07:17:19 AM
i read a couple posts, but this is not a question of can i.........., do they...........
and as one person wrote "It is highly unlikely anyone is listening in to her calls even without encryption"
yes they is highly unlikey.
but what is higly likely is
1 Google is a KNOW collaborator with the NSA, they provide all your data to the NSA, do some research, they can tell where y0u are within 6 feet, 24-7, and even look back (since their records began) and determin how long you were are at specific location, any day from wifi META DATA, even if your wifi was turned off.
2 Google has the tech to transcribe your call (im guessing the NSA can do better)
3 Unless you mom/dad/x works at the NSA, its likely no one will listen to your call, unless you do something screwed up!
they will have computers go thru it at high speed, filing "target"words, then with a secret algorithim, assign you a rick/threat level.
of course who knows what words, or algorithim they will use, we dont even know now.
currently i only trust Wickr, (text, files, video, voice) Cryptocat (chat) both mobile apps.
for your compuer TAILS ONLY, not TOR, no VPNs are safe.
and you shouldnt trust anything else.
the internet has made things easy, and until recently there was nothing to fear, suddenly there is more than a single person can comprehend!
secure apps, hardware are in the pipeline, but not out yet.
to avoid planted bugs in hardware, buy from china.
at least you dont have to worry about that country sharing your info!
PLEASE GOO, UM, DUCKDUCKGO.COM IT (long history of extream privacy)
Print
Go Up Pages1
User actions