Bug description
This is more of a question than a bug. im new to Java development and more specifically Minecraft mod development.

Is it possible for a client to claim to be a user they are not?

Steps to reproduce the issue

1. reverse engineer the binary protocol.
2. send the user id of a user i would like to masquerade as.
3. communicate with other users on the Minecraft server.

Expected behavior
The simple-voice-chat validates somehow that the client has authenticated as the Minecraft user they are claiming to be in the auth packet

note: I see that there is a field called "Secret", but it looks like its being used more as a connection id, then something like a cryptographic signature.

The secret is like the name says a SECRET, so no client can connect to the voice chat if it hasn't got the secret that's associated to this player.
You also can't find it out since everything is encrypted over network.