The researcher Steven Murdoch of the University College London, reveals that one of the security protocols used to encrypt communications VOiP presents vulnerabilities that allow peer conversations. The security flaw does not give direct access to conversations, but makes it possible to weaken the system and listen or authorize other figures to listen to communications.
The investigator concluded that the protocol in question allows for a “key escrow” a process designed to allow third parties to access the data sent in conversation, explains the BBC . There are scenarios in which the key escrow is desirable, such as when two managers of the Bolsa communicate, but the conversation can be heard by regulators.
In this case, the Mikey-Sakke protocol, certified to be used also in British government generates encryption keys used to encrypt communications and these keys are shared with third parties, are vulnerable to interceptions
Murdoch says that GCHQ is facing a conflict of interest:. «are there to prevent espionage, but they themselves are spies, so faciltam espionage, “said the investigator.
An agency spokesman said he did not recognize the Murdoch study’s conclusions.
No comments:
Post a Comment