Security researchers in the States say they have developed a cunning new method of "fingerprinting" voice calls that could offer a route to trustworthy caller ID and a barrier against so-called "vishing" or voice phishing. The tool is called PinDr0p, and works by analysing the various characteristic noise artifacts left in …

COMMENTS

House rules Send corrections

This topic is closed for new posts.

Wednesday 6th October 2010 11:01 GMT Cameron Colley

I assume it won't work for Skype then?

Am I wrong, or will the (partial, at least) peer-to-peer nature of Skype mean this won't work with it?

0 0
Wednesday 6th October 2010 11:22 GMT nickrw

"PinDr0p"

What's wrong with the letter O?

3 0
Wednesday 6th October 2010 11:25 GMT Annihilator

The title is required

"PinDr0p needs no additional detection infrastructure; all it uses is the sound you hear on the phone."

Or rather, the noise you don't hear..

"“They’re not able to add the kind of noise we’re looking for to make them sound like somebody else,” says Patrick Traynor, GIT compsci prof. “There’s no way for a caller to reduce packet loss. There’s no way for them to say to the cellular network, ‘Make my sound quality better.’”"

Presumably it's possible to trick it into believing a reduction in quality is there though - for example deliberately introducing tiny gaps into a non-VOIP call to trick the system into thinking it's detecting packet loss? Not sure to what end you'd want to do that, but...

1 0
1. Wednesday 6th October 2010 12:33 GMT Anonymous Coward
  
  @Annihilator
  
  This would only work if the perps are able to get at the packet stream and selectively remove the packets themselves. It won't work if they just add bits of "silence"; that does not result in a packet drop.
  
  Not impossible, but you'd probably need to route the call via your own VoIP network (since private ISDN networks are few and far between) to achieve anything.
  
  0 0
  1. Wednesday 6th October 2010 13:28 GMT Annihilator
    
    @alannorthhants
    
    Alan, I'm saying that the hypothetical call in question is NOT a VOIP call, but adding tiny bits of silence which will imitate the symptom of a dropped packet, thus giving the software the impression that it's a VOIP call, when in reality it's not.
    
    0 0
Wednesday 6th October 2010 12:25 GMT John Armstrong-Millar

where's the source

So that bank I used too use with the atrocious fuzzy call quality from their call centre somewhere on the subcontinent of India will be distinguished from a 419er in Lagos using a class 1 cell phone?

5 0
Wednesday 6th October 2010 13:35 GMT Sooty

is it my imagination

or does it sound like this has the potential to flag a call as suspicious, even false, due to the routing the mobile network uses, which is completely out of your control.

while conmen may do this on purpose, there is no reason why a network couldn't route a call anywhere if it turned out to be cheaper for them.

1 0
Wednesday 6th October 2010 14:38 GMT packets

Encryption

Exactly why the Combating Online Infringement and Counterfeits Act (COICA) bill must not pass!

0 0
Wednesday 6th October 2010 15:08 GMT heyrick

Hmmm...

In some rural areas, VoIP packet loss depends upon the weather...

1 0
Thursday 7th October 2010 09:09 GMT Framitz

Old tech, new application

I worked with voice-print technology many years ago when we barely had computers. It can be very accurate to analyze the noise under the audio for specific characteristics. I don't think artificially induced moments of silence would fool the algorithm.

I'm sure it's a lot easier today.

0 0
Thursday 7th October 2010 09:23 GMT Anonymous Coward

What the hell is GIT?

it's GT.

0 0
1. Thursday 7th October 2010 11:27 GMT nematoad
  
  @AC 09:23
  
  GIT is a revision control system developed by Linus Torvalds after he decided that he was unable to use Bitkeeper due to a change in the terms of use by Bitkeeper's developer Larry McVoy.
  
  0 0
Tuesday 19th October 2010 10:53 GMT climbgeek

@AC 09:23

GIT is the Georgia Institute of Technology, commonly called Georgia Tech.

0 0