Based on a true story from 1967 about a high school in California. Released in Germany in 2008, it reaches American theatres next week: Jun 9, 2011

The National Institute of Health (NIH) National Cancer Institute offers some tips (pun not intended) on how cigars add significant cost to healthcare.

They are as toxic as cigarettes, if not more.

A single cigar can potentially provide as much nicotine as a pack of cigarettes.

[…]

A higher level of cancer-causing substances: During the fermentation process for cigar tobacco, high concentrations of cancer-causing nitrosamines are produced. These compounds are released when a cigar is smoked. Nitrosamines are found at higher levels in cigar smoke than in cigarette smoke.

More tar: For every gram of tobacco smoked, there is more cancer-causing tar in cigars than in cigarettes.

A higher level of toxins: Cigar wrappers are less porous than cigarette wrappers. The nonporous cigar wrapper makes the burning of cigar tobacco less complete than the burning of cigarette tobacco. As a result, cigar smoke has higher concentrations of toxins than cigarette smoke.

Furthermore, the larger size of most cigars (more tobacco) and longer smoking time result in higher exposure to many toxic substances (including carbon monoxide, hydrocarbons, ammonia, cadmium, and other substances).

Excellent research in a paper and presentation from the IEEE Symposium on Security and Privacy: “Phonotactic Reconstruction of Encrypted VoIP Conversations: Hookt on fon-iks”

Encryption of voice conversations on IP networks does not sufficiently obscure it to prevent reconstruction. It essentially applies the way our brains process spoken language to the sounds of an encrypted VoIP channel. We hear sounds that resemble those in our memory, and then we pattern match (e.g. search for collisions). The patterns can still be found even in encrypted VoIP.

The study has numerous references to related works and there have even been similar presentations at the IEEE but this one emphasises that it is a proof — attacks are far easier than previously thought.

In this work, we make no such assumption about a priori knowledge of target phrases. Rather, our ultimate goal is to reconstruct a hypothesized transcript of the conversation from the bottom up: our approach segments the observed sequence of packets into
subsequences corresponding to individual phonemes (i.e., the basic units of speech).

This illustration of the problem is superb:

Color me impressed. Great adaptation of linguistics to information security. However, they only propose two mitigation options:

…a knee-jerk reaction to thwarting this and other aforementioned threats to VoIP is to simply use constant bit-rate codecs or block ciphers. […] Another alternative might even be to drop or pad packets…

I wonder why they did not mention mixing an entire stream of noise/data into the payload, like a salt in a hash. Maybe that’s what is meant by pad packets? The goal would be to at least fill gaps and obscure phrasing to eavesdroppers, such as techniques used in WWII to hide the increase in radio traffic before attacks were launched. Yet that kind of pad defence is different in my mind from actively sending fake data that hostile recipients would want to process instead of ignore (e.g. communication by the Aspidistra high-power (600 kW) medium wave broadcasting transmitter to confuse German attacks).

Latency in encoding and decoding a message is usually cited as an obstacle for filling gaps and running interference to obscure IP communications, but if someone needs the privacy then a short delay or echo on a call seems like a small price to pay and bandwidth/memory/processing is getting less expensive all the time.