[kwlug-disc] voip.ms - tos? [Was: VoIP - Even without a server]

L.D. Paniak ldpaniak at fourpisolutions.com
Mon Feb 14 12:08:31 EST 2011

On Mon, 2011-02-14 at 11:09 -0500, unsolicited at swiz.ca wrote:
> On Sun, 13 Feb 2011 09:10:37 -0800 (PST), Raul Suarez <rarsa at yahoo.com>
> wrote:
> > This one falls into the "I should have know this before!!!" category.
> > 
> > You don't need an Asterisk server to use a DID !! (d'oh)
> .
> .
> .
> > Something that I wasn't expecting, was total honesty. I read the Terms
> of 
> > service and they are very clear: "VoIP.ms does not pretend to offer 100%
> > reliable service ... The customer shall not use this service as their
> sole
> > call 
> > termination service".
> As I said, thank for pointing this out.
> Reading through their terms of service https://www.voip.ms/tosshort.php
> ...
> 1. ... The customer understands that VoIP.ms does not guarantee any
> privacy on the communications through VoIP.ms. ...
>     The lack of privacy assurance was a little startling. I wonder if
> that's an issue in this day and age. AFAIK, with landlines, there are
> privacy protections built in. Further, if you cross into the U.S.A.
> [voip.ms, or softvox, is Montreal, Quebec based, so I would hope not an
> issue for Canadian source and destination calls], presumably one enters the
> realm of the Patriot Act and is open to wiretapping. Hmmm.

VoIP is not telephony.  VoIP is internet traffic.  In order to eavesdrop
on a SIP call (non-SRTP) all you need is packet sniffer and
(in)appropriate network access from someone who is on the route.  A VoIP
call is as secure as sending an e-mail.  Any device that you can imagine
for trolling the internet for keywords can easily be modified to troll
through VoIP calls as well.

I do not know of any VoIP providers that support secure RTP (SRTP)
connections (which would only secure connections to/from the provider).
Asterisk supports SRTP in the development version.  It should be
available in version 1.8.  I do not know about FreeSwitch.  Various SIP
phones support SRTP as well.  In the end, unless you trust/control both
endpoints of a call, your VoIP call is not going to be truly secure.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20110214/b092789d/attachment.bin>

More information about the kwlug-disc mailing list