1. Computing

Is Your Cordless Phone Being Hacked?

Learn how to keep hackers and nosy neighbors out of your business

By

Is Your Cordless Phone Being Hacked?
Photo: Bryan Mullenix

Before we begin, let me first state that this article is meant to educate you on how to protect yourself from cordless phone eavesdropping, not to teach you how to do it. Eavesdropping on telephone conversations is completely illegal in most every country in the world. Do not attempt it.

The land line is still alive and kicking, despite all of the unlimited minute cellular plans that are available these days. Many folks still elect to keep their old standard home telephone line as a backup or for other reasons.

Cordless phones, which were a luxury several decades ago, have become a must for people that use landlines, but still want the freedom to move about. We've become so used to the wireless lifestyle that the idea of having a corded phone seems Stone Age awkward to us now.

Cordless phone technology has advanced over the years, from primitive AM radio-based systems with little to no security features, to more advanced digital systems with built-in encryption technologies to help prevent eavesdropping.

The big question is:

How secure is your cordless phone?

How easy is it for someone to listen in on your cordless phone conversations?

The answer depends on what type of technology your cordless phone is using and how much effort and resources someone wants to expend to listen in to your calls.

Early cordless phone technologies were extremely prone to eavesdropping. If you still have an early analog cordless phone, then your conversations can potentially be easily intercepted by anyone with a radio scanner available at most local hobby stores. Sometimes your conversations can be picked up as far as a mile away.

While your grandmother may still have one, most of the older analog phones have likely been replaced, however, there are some inexpensive budget models of cordless analog phones that may still be sold today that are highly prone to eavesdropping. Unless your phone says that it is digital and has terms printed on it such as 'Digital Spread Spectrum' (DSS) or DECT, then it is likely analog.

While analog cordless phone models are the most vulnerable to eavesdropping, digital phones are not completely immune to 3rd parties listening in.

Security researches and phone hackers have managed to hack some implementations of the Digital Enhanced Cordless Telecommunications (DECT) communications standard that is used by many cordless phone makers. DECT was thought to be a pretty secure system until hackers managed to crack the encryption implementation used by some cordless phone manufacturers.

Hackers can use a software application and specialized hardware to eavesdrop on some DECT-based cordless phones. The open source tool that they use was intended for auditors and security researchers and is still included in legitimate security tool suites such as the BackTrack Linux-live security distribution. The DECT hacking software, combined with specialized (and hard to find) DECT-capable wireless network cards or universal software radios can be used to intercept and decode conversations taking place on certain models of vulnerable DECT-based cordless phones.

The group behind the DECT standard is working to evolve the standard to make it more secure, but improvements take time to implement and bring to market. There are likely millions of vulnerable cordless phones still out in the world today.

How can I guard against cordless phone hackers?

DECT hacking is not something that the casual hacker or script kiddy is likely to pursue. Hackers can't use the tools without very specialized radio hardware. The cheaper form of the radio hardware required to intercept DECT traffic is very hard to come by and the newer universal software radios capable of being used to intercept DECT calls can cost thousands of dollars.

Unless you're a very high value target that has something worth listening to then the risk of someone listening in on your calls on your DECT-based cordless phone is probably pretty low. An eavesdropper would also likely need to be very close to your house in order to be able to pick up a signal.

If you're just worried about your nosy neighbor listening in on your calls, then you should upgrade from your grandma's old analog cordless phone to something a little more modern and digital. This should prevent most accidental crosstalk eavesdropping.

If your conversations are sensitive or you are super paranoid about someone listening in on your calls, then you may want to use either a corded phone (yes, they still exist) or an encrypted VOIP service such as Kryptos.

The bottom line is that as long as you are using a digital cordless phone produced in the last few years, the chances of hackers and other eavesdroppers being able to listen to your calls are pretty slim, given the cost and scarcity of the hardware required. Hackers are more likely to try to hack your voicemail rather than trying to listen in on your calls.

©2014 About.com. All rights reserved.