Vulnerabilities of WEP-based Wi-Fi Phones

Since most if not all the Wi-Fi phones on market these days use WEP as their security protocol, does this mean it's a piece of cake to hack and actually listen to a phone conversation without being detected ? From my understanding, one could use WEPcrack or any other tool and quickly gain access to the WEP keys used by the Wi-Fi phone.

Knowing WEP's well-known and document vulnerabilities, what are the risks that an organization is exposing itself to when deploying Wi-Fi phones ?


Reply to
Paul Silverman
Loading thread data ...

No. It's not a wireless wiretap.

Nope. The current technology requires sniffing the traffic and capturing enough traffic to crack the WEP key. Then, the captured traffic can be decoded. You could setup a promiscuous mode wireless card, feeding some kind of VoIP codec decoder, to listen to traffic. That will give you one side of the conversation unless you were ideally located in between the access point and the client radio. Cracking the WEP key is fairly well documented and doable. Extracting useful information from the data stream is a bit more complex.

Depends on the encryption and environment. I don't consider wiretap to be the main risk. Instead, unauthorized use might a be a more common attraction. In general, if the phone supports WPA, you're safe enough. WEP has largely become a security problem. Note that WEP2, with AES encryption is coming real-soon-now and everything you buy today may soon be obsolete.

Drivel: An industrial espionage job was uncovered about 6 months ago where the perpetrators used a telescope and a video camera to record the computer screen and keystrokes. Apparently, it had been in place for about a year. 3M even makes "security screens" for CRT's and LCD's to limit the viewing angle:

formatting link
I've played with a phased multiple microphone room bugging device that could extract individual conversations from a room full of other conversations. That was about 1985. Who needs wiretap when there are easier ways?

Reply to
Jeff Liebermann Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.