0

At what points on a (wired) phone connection can a wiretap occur?

At any of these points, if an attacker gains access, is it possible to intercept/read/modify internet traffic that uses the line?

user942937
  • 983
  • 8
  • 14
  • The typical law enforcement wiretap is facilitated by the Telco provider and they can forward a copy of any and all activity on that subscriber number to that law enforcement agency. That can be limited to only a subset or all activity including: call meta data (i.e. numbers dialed, call duration), actual voice data, and all or specific internet traffic. – HBruijn Dec 06 '18 at 09:31

1 Answers1

3

Data traveling over wires is vulnerable.

Physical access to a network’s signal provides an attacker with the capability of reading any cleartext (unencrypted) traffic traveling over that network. It doesn’t matter if it’s a phone line, Ethernet, or WiFi signal.

Radio signals are an obvious target for eavesdropping, because the signal is literally broadcast in all directions. With WiFi signals being so easy for anyone nearby to intercept, the WiFi security standards have been designed to encrypt all the data riding over the airwaves, making interception at that specific link in the network harder.

However, the same philosophy has never been applied to hard wired connections. Wired connections are not encrypted by default. Tapping a phone wire is not something a typical person imagines could be done while sitting at a table in a coffee shop, or walking down a hallway. Those same people tend to think those wires are private.

But technology has advanced for everyone. You can buy a LAN tap for a few dollars, and hard wire your own tap. You can buy a Packet Squirrel for a hundred bucks and plug it in to an Ethernet port on the back of a WiFi access point, and you’ll have cellular access to whatever data travels over that network - without breaking the WiFi encryption.

Instead of trusting the security of the wires, you should secure your communications. Make sure you are connected using HTTPS (the little padlock appears in your browser. ) Don’t fall for phishing emails. Take security precautions assuming that all your data, both wired and wireless, might be intercepted.

Edit to address comment:

HTTPS uses TLS to encrypt the data between the client and server regardless of the network hardware between them. With TLS it doesn’t matter if they’re apps on mobile phones or browsers on hard-wired PCs, the data is secured the exact same way. Your browser or app is one end of the secure connection, and the web server is the other end. Person-in-the-middle attacks on TLS ultimately require compromise of one endpoint or the other.

No one can guarantee the absolute security of HTTPS, because there have obviously been many successful attacks, including spoofed sites with fake URLs and legit certificates; injection of a compromised trusted root certificate in the client and a PITM proxy; weaknesses in the SSL protocol; forged MD5 certificates; compromised certificate authorities; keylogger malware on the client; malware on the server; etc. But as of late 2018, TLS 1.2 is as close to resistant against network wiretap-type attacks as it gets.

John Deters
  • 34,205
  • 3
  • 61
  • 113
  • So, would ensuring an https connection be enough to thwart a possible communications interception by wiretap? Does this apply to internet traffice produced by smartphone apps? If mitm is possible using through this, wouldn't that render security by https useless? – user942937 Dec 12 '18 at 09:27
  • @user942937 , yes, HTTPS provides that security (with the understanding that endpoint compromises are always possible, as described above.) I’ve tried to address this in the edit above. – John Deters Dec 12 '18 at 14:04
  • I just learned yesterday that the more recent versions of Wireshark have a built-in feature to play the audio of any VOIP streams they capture. In case you were wondering if internet phones are magically secure against wiretapping, they aren’t. – John Deters Dec 12 '18 at 14:49