Unified Communications: Click to talk

Jan 1 2009   2:41PM GMT

Do-It-Yourself DECT Hacking

Tony Bradley Tony Bradley Profile: Tony Bradley

I have DECT cordless phones in my home. I didn’t really get them for the security factor per se. I bought them because their operation isn’t impacted or interfered with by wireless networks, microwave ovens, or baby monitors. I was tired of having 27 different devices all competing for the same frequency range and having my wireless network lose the battle more often than not.

Regardless though, DECT handsets were also notable for the claimed security of the communications. Apparently though, the security is based more or less on security-by-obscurity. Essentially, the communications aren’t encrypted or authenticated in any way, but the DECT algorithm was kept private so that was meant to prevent attackers or eavesdroppers from breaking into the communications.

Well, it would at least prevent novice or poorly funded attackers. A team of researchers¬†had previously demonstrated that an attack was possible using expensive sniffer tools. However, that same research team has now devised a method for eavesdropping on DECT conversations ‘MacGyver style’ using a modified off-the-shelf VoIP card with a laptop.

I guess my conversations about what to get at the grocery store, or how the weather is at my in-laws house are no longer guaranteed to be private. But, on the bright side, they still don’t interfere with my wireless network.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: