Sign in / up

back to article YOUR Cisco VoIP phone is easily TAPPED, warns CompSci prof

Computer scientists claim security vulnerabilities in Cisco VoIP phones allowed them to eavesdrop on calls and turn devices into bugging equipment. Ang Cui has demonstrated how malicious code injected into 14 of the networking vendor's Unified IP Phone models could be used to record private conversations - and not just those …

COMMENTS

House rules Send corrections
This topic is closed for new posts.
  1. teknopaul

    phine fun

    our office has cisco phones with security totally off by default. you can take control of any phone with a nice xml over http api. no need for hacking just rtfm. one day im going to make all the phones in the office simultaneously get a call from the boss. i just not got around to it.

    0 0
  2. Khaptain Silver badge

    It's an inside job, guv.....

    It would require knowing the specific IP address of the telephone of the "to be overheard person" , which is by no means an easy task unlesss of course you are already in the building or if you are the Telephony Admin.

    Most IP Phones are / should be in seperate VLANs which would make it difficult toactually communicate with the phone ....unless the IT/Switch Admin was the hacker of course.

    I hope that this remains just proof of concept, I would hate to find out that it was an actuality.

    1 2
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: It's an inside job, guv.....

      Yes - and phones are allocated private addresses which would not normally be accessible to the users and have no need of any access to the Internet. If you have the necessary physical or ssh access to the telephone, then you are already in a position of some trust - but it could be a good way for network admins to eavesdrop on their managers.

      0 0
    2. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: It's an inside job, guv.....

      Doesn't matter, based on my experience with the audio quality on Cisico IP phones, all you'll hear is "mffle, wffle hmmmbg wffle, oovgvgssh. Bye!"

      1 1
  3. Jerome 2
    Stop

    What's bugging me?

    Frequent and BIZARRE use of UPPERCASE words IN Reg HEADLINES

    0 1
  4. Anonymous Coward
    Anonymous Coward

    Sci-Fi FAIL

    How can you mention a symbiote and not relate it to Stargate?

    0 0
  5. JaitcH
    Happy

    And CISCO generated the report about ...

    Chinese manufacturers having back doors!

    Get real, now we know it is a trade war.

    3 0
  6. Christian Berger

    Yawn, that's so 2012

    There's been a talk on the 29C3 last year about it. And for the last decade or so there has been security issue after security issue in IOS. No wonder they ditched the name.

    0 0
  7. Craig Foster

    *Cough*Advert*Cough*

    "Your Cisco phone requires antivirus security software, which we're designing by the way"

    Seriously, with that much physical access required, why not just plug in a hub and sniff traffic?

    0 0
  8. Anonymous Coward
    Anonymous Coward

    VoIP is rubbish.

    Buggy, insecure rubbish.

    1 1
    1. Mayday
      Reply Icon
      Stop

      As opposed to traditional voice where someone can plug a buttinski into a frame and/or pit and listen to anyone they feel like?

      1 0
  9. P. Lee
    Facepalm

    VoIP insecure SHOCK!

    or not.

    0 0
  10. Nukemjoe
    FAIL

    Come on Reg, stop being used like this

    Are you trying to tell me that a security "researcher" has "discovered" a way to upload a custom firmware to a device if he has physical access to it for a few minutes?

    ZOMG WTF STOP THE PRESSES! ?

    Hey news flash people. Give me physical access to stuff in your building and I can reprogram your routers, reprogram ANY phone ("vulnerable" or not) and do it all just as fast, and just as easily, as this guy can - especially if I know in advance what gear I'll be fiddling with. Even better I can sprinkle listening devices and cameras like pixie dust throughout your offices etc etc ad infinitum.

    Physical access trumps all. Calling this a security "vulnerability" is laughable and El Reg should be ashamed of itself for getting on board with this without due diligence.

    0 0
This topic is closed for new posts.

Other stories you might like