VoWiFi Watchdog
Identify blocks and misconfigurations for VoWiFi
VoWiFi (Voice over WiFi, also WiFi-calling) is the preferred channel for voice calls and messages for 4G/5G for most operators and operating systems (i.e., Android, iOS). However, there is a lack of transparency regarding existing operator practices and the security of everyday voice calls and messages. There are shocking security weaknesses such as default and static private keys, insecure configurations, as well as anti-consumer practices (geoblocking) at live operators.
Operators still use shared private keys to encrypt their customers' communication, allowing adversaries to eavesdrop on calls and messages. Due to the lack of transparency, customers have no way of evaluating the settings for their current operator and operators have little incentive for improvements. The VoWiFi Watchdog project will regularly probe operator's VoWiFi configurations to detect deployed geoblocking measures and expose deprecated security settings. The scan results will be automatically published at our project platform, allowing customers to check their current (or future) operator, motivating operators to upgrade insecure setups. This will help to bring transparency to the VoWiFi ecosystem.
Run by SBA Research gGmbH
This project was funded through the NGI Mobifree Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme under the aegis of DG Communications Networks, Content and Technology. The NGI Mobifree R&D programme is part of Horizon Europe research and innovation programme under grant agreement No. 101135795.