Tuesday, March 3, 2009

Analog Cordless Phones - "Throw the bums out!"

"I do all my banking on the phone. A friend told me my cordless phone was a security risk because I have had it for quite a few years. Is she right?" T.Y., Durham

Simon Moon from This is Money replies: I put your question to First Direct, which has 1.2m customers who run their accounts by phone or online.

It pointed to a possible risk from using a non-digital cordless phone when speaking to your bank.

First Direct said: ...'In addition to ensuring that nobody nearby is listening in, customers should be aware that older generations of cordless telephones (so-called analogue cordless) are potentially susceptible to eavesdropping by someone with an appropriate receiver.

'The majority of home cordless phones sold over the past few years are digital and are far less vulnerable to eavesdropping than the older type.' (more)

Cordless Telephone Security 101
Some people are still unaware it is fairly easy to eavesdrop on the older cordless phones. Amazing. Even more amazing, however, is that conversations made with some of the new 2.4 GHz and 5.8 GHz are just as easy to intercept! These phones may say "digital" but the wireless portion of the voice channel is still FM analog transmission.

How can you tell the difference without hiring us?
Easy. Simply make a call and walk away from the base part of the phone. If you start to hear static and fading, one or both parts of the transmission path is using FM analogue modulation; an eavesdroppers delight. If your call suddenly ends, it is most likely digital modulation.

Your call ends abruptly. Are you safe? Not yet. Digital transmission is eavesdropper-resistant, not eavesdropper-proof.

Phones using the
Digital Enhanced Cordless Telecommunications (DECT), for example, use digital encryption... which can now be hacked.

Cordless phones which use
Digital Spread Spectrum (DSS) modulation are very secure if the circuit was designed properly. Unfortunately, we have found a few DSS models where the manufacturer economized to the point of making the circuit unbalanced, thus making interception possible again. Most DSS cordless phones, however, provide an adequate level of security for the average user.

Still concerned?
Want to know for certain if your cordless phone is a leaker?
Have it tested.

Murray Associates has a flat fee ($99.00) evaluation program.
Your phone, cordless or hardwired (no cellular at this time), is inspected by a Murray Associates certified technical investigator, using over $120,000.00 of lab instrumentation.

Inspection Protocol:
• Open, and examine phone for bugging devices and tampering.

• Reassemble phone and discretely seal it with serial numbered security tape. This is done to detect and deter future tampering.
• Electronically test the phone using a professional telecommunications analyzer (instrument and test details here)
• Cordless phone wireless transmissions are viewed and analyzed using a Real-Time Spectrum Analyzer (instrument details here).
• Corded phones are also checked for unintended emissions.


Phones are returned with a written report, and an eavesdropping vulnerability rating. Reports detail vulnerabilities discovered and make recommendations for improving security. Turnaround time is typically one week or less. Contact Murray Associates for further details.

Corporate clients have been using this inspection service for years. They send in brand new phones for inspection and sealing, then keep them on-the-shelf as instant replacements in environments we previously secured for them!