|
|
 |
VoIP Voice Spam
|
It’s not uncommon to fire up your e-mail program
and find your inbox littered with spam. We’ve become
so accustomed to the rituals of deleting them. But
what if you logged onto your voicemail and it
announced that you had 30 new messages--and that 25
of them were unsolicited commercial broadcasting
calls? Or you were out to dinner with your children,
your phone rings, and it’s a Pornographic Voice Spam
message.
‘Spam over Internet Telephony’ has already coined
it’s own acronym; SPIT, and SPIT is much more deadly
than its email cousin. Email spam will degrade
service and clog up bandwidth. If your real emails
are delayed by a few minutes, it is not a big deal.
With VoIP spam, the gateways are hit directly which
degrades voice quality, something which is very
noticeable to end users.
Some industry observers are cautioning that the open
nature of a VoIP phone call makes it easy for
spammers to send audio-commercials to people’s VoIP
voice-mail inboxes in much the same way they carpet
bomb e-mail inboxes today. Here’s why.
VoIP is completely insecure at the protocol level;
there is no encryption and authentication. I can
call you, and there's no way for you to verify who I
am. I can even send a caller ID from the U.S.
President, or the CIA, and you won't know who I am.
And people can easily hack a caller ID and claim to
be whomever they want.
And since VoIP services aren't regulated, customers
aren't entitled to the same rights and protections
as standard phone users, consumer groups warn.
Any open, IP-based phone system could be a target of
“spitters.” That includes such services as Free
World Dialup, SIPPhone, and Earthlink’s Free Online
Calling program.
Other services, such as Skype and Vonage would be
more immune to such attacks because portions of
those networks operate over a closed system that the
SPITters would have to hack. However any network
architecture is vulnerable to hacker attack, in fact
Skype users were subjected to an unsolicited Voice
Broadcast Message earlier in 2004 following which
the company quickly patched the loophole within a
couple of days.
There is an upside of being able to broadcast to
phones. Emergency management agencies would be able
to reach out and warn populations more easily than
ever before — an important consideration in today’s
post-9/11 environment, something that would be
useful not only for national alerts but for local
ones such as Amber Alerts for Missing Children.
The industry is very aware of the potential for SPIT
and a number of companies are developing solutions
to address it, it will be interesting to see how the
issue is addressed by companies and regulatory
bodies like the FCC. |
|
|
|
|
