Another interesting detail about the Republic Wireless service: voice calls over Wi-Fi appear to be unencrypted.
I set my desktop machine to be a Wi-Fi base, sharing its ethernet WAN connection. I then connected my RW MotoX to that Wi-Fi and ensured that I was able to reach the WAN. Then I fired up Wireshark and started capturing from the “bridge0” interface. I filtered on “host 192.168.2.2” which was the phone’s assigned IPv4 addr on the ad-hoc WiFi. I made a phone call and could see the SIP+RTP packets flying by in Wireshark. I ended the phone call and stopped the capture.
Reconstructing the VoIP call was as simple as selecting a menu item in Wireshark. I didn’t get it to play back actual audio (maybe wireshark couldn’t get to the Mac’s audio interface?) but I could clearly see that Wireshark determined the source and destination phone numbers (not included in the screenshots for my privacy) and it looked like it decoded the Opus audio data, but without hearing it I can’t be sure.
Is this a problem? Well, yes and no. As Ars Technica recently pointed out, 2G GSM encryption is easy to crack with modest equipment and 3G GSM is not that much harder. So, regular cell calls aren’t that well protected. http://arstechnica.com/tech-policy/2013/12/archaic-but-widely-used-crypto-cipher-allows-nsa-to-decode-most-cell-calls/
But zero encryption? That’s pretty questionable. I suppose adding encryption would be a challenge for RW given the load issues they’re already coping with. But doesn’t bandwidth.com also provide business SIP solutions? Searching google for “site:bandwidth.com encrypt” turns up nothing relevant.
If you have promiscuous access to local Wi-Fi data, it would not be too hard to use the Wireshark code to continuously scan for VoIP calls and make audio recordings. So be wary about which phone calls you make on open wi-fi networks. Or turn on manual handovers and make any sensitive calls over cell instead of wi-fi. Or just use another VoIP technology instead of RW’s built-in.