2020 Campaign Security - DECT 6.0 Phones. Most are insecure, allowing eavesdropping.
.
I am in the search of a new cordless phone system, one that is secure, and I am coming across startling info. I used to be a radio operator, and years back tested phones with an open scanner to see if I was transmitting in the clear. But that was years ago. With a 3-foot mast that is attached to a scanner, a cordless phone can be received upwards of 1.5 miles away, so that opens up a lot of territory for eavesdropping.
Most of the cordless phones being sold are insecure.
1) The DECT 6.0 standard was breached years ago, with scanning cards selling for around $400-500, allowing anyone to intercept a call, pretending to the the base station. While those cards are rare, and made in Germany, professionals or the nefarious would purchase them.
2) Most DECT 6.0 phones ONLY encrypt from the handset to the base, NOT bidirectionally.
3) Most DECT 6.0 phones either transmit an unencrypted side channel, to "provide call quality and prevent dropped calls" or they will shift from encrypted to unencrypted if the call starts to break up. Some manufacturers allow the user to disable this feature, but that still leave the upstream portion of the conversation unencrypted in many.
I have searched for a few hours and came across rumblings that there are some of the more obscure brands that provide full security, but they are not backed by a major brand name. I'll still pursue this endeavor, possibly contacting the manufacturers directly, as each implements DECT in their own proprietary manners.
Is there anyone in the DU community versed on these phones and know their vulnerabilities who might be able to shed light on which brands to use? Some of the Top-Rated phones, from major brands, are the most vulnerable to prying ears. This also includes cordless corporate phones systems. I'm about ready to revert to using a corded handset, and forego cordless handsets to make secure calls from now on.
===
At the start of the 2020 campaign season, it it time to take security to the next level, when reaching out to contacts.
.