On 12/19/2011 07:56 AM, Avi Marcus wrote:
Ah I forgot that SIP INFO for DTMF and TLS would be enough... but maybe not for the guidelines..
The guidelines suffer from a severe lack of precision, and general lack of awareness of the variety of implementational possibilities.
And yes, it's possible to con/bribe/hack the telco's.. but since the calls are going over the PSTN anyway, you remove the entire "public" part of the call from being open. I presume it's at least better if that's the only opening..
Yes, but my argument was that the PSTN part is not so materially less "public". :-) Another thing to consider is that the technology to tap traditional PSTN circuits has been around for decades; the options are both more better-established and "low-tech".
As I always tell people, if I had something to hide and knew that someone was looking to wiretap me, I would take my chances with an unencrypted VoIP call over the public Internet any day over the PSTN. Techniques for tapping the PSTN are just so much more well-understood and established. That's kind of a "security by obscurity" argument, owing to the relative newness of VoIP, but still. The average private investigator for hire can tap analog lines, and probably even PRIs. I don't have the sense that they can (yet?) take for granted tapping IP conversations. Also, the architecture of the PSTN is inherently much more centralised; the tap points are much more well-defined and concentrated, and far more static.
-- Alex Balashov - Principal Evariste Systems LLC 260 Peachtree Street NW Suite 2200 Atlanta, GA 30303 Tel: +1-678-954-0670 Fax: +1-404-961-1892 Web: http://www.evaristesys.com/ -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-biz mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-biz
