Synopsis: SPIT, Skype security, disposable phone numbers, phishing, VoIP security news, listener comments and more...
Welcome to Blue Box: The VoIP Security Podcast #49, a 55-minute podcast from Dan York and Jonathan Zar covering VoIP security news, comments and opinions.
NOTE: This show was originally recorded January 5, 2007, and was delayed with production issues.
You may also listen to this podcast right now:
- 00:21 - Intro to the show, contact information and how to provide comments. Welcome to all the new listeners - and to all those listeners who have been here for so long! Special welcome to readers who found us through the new Hacking Exposed: VoIP book that was just recently released.
- 03:12 - Programming notes:
- Audio issues with #48 – writing to USB drive
- Dan contributed to Still Secure, After All These Years, Podcast #26 which was a roundup of opinions on security issues from a range of folks
- Show #50 is next week
- 04:37 - VoIP News: How Secure Are Your VoIP Calls – and my response
- 06:07 - Note that Mark Collier has revamped the design of his VoIP Security Blog
- 06:38 - CSO: Security in 2007: Botnets, Threat Convergence and Other Risks – note their casual mention of SPIT and “thousands of messages” – wonder where they got their data from?
- 09:28 - ZDNet: What threats does Skype face? – interview with Skype CSO Kurt Sauer – also Jan Geirnaert’s response
- 15:08 - Jan: How to use the Skype and P2P traffic blocker? Tapping into Skype Traffic with the traffictapper from Lyanda.
- 16:14 - Dark Reading: Voice Cracks
- 18:17 - IT Observer: Voice over IP Under Threat – which was slashdotted
- 20:31 - TechWeb: Phishers’ Latest Platforms: VoIP, SMS
- 21:11 - EnterpriseITPlanet: The Year in Instant Messaging
- 26:28 - Voice of Voipsa: (just quick mentions – we forgot these last week)
- 29:56 - Websense ‘Skype’ Trojan Analysis – followup to our story last week… not VoIP per se but an interesting analysis
- 32:05 - The PhoneBoy Blog: Eating My Words on OpenID
- 34:18 - Zycko: VoIP Security priority for 2007
- 34:50 - Network World: The year ahead: Juggling IT risks, opportunities
- 35:08 - Upcoming shows:
- Jan 23-26, 2007, Ft. Lauderdale, FL, Internet Telephony Conference and Expo – East
- Feb 5-9, 2007, San Francisco, CA, RSA Conference 2007
- Feb 27-Mar 1, 2007, San Francisco, Emerging Telephony 2007
- Mar 1-2, 2007, London, EUSecWest
- Mar 19-21, 2007, San Jose, CA, Spring 2007 VON
- Mar 23-25, Washington, DC, ShmooCon ‘07
- Apr 16-20, Vancouver, BC, Canada CanSecWest 2006
- 35:48 - Comment (audio) about Minnesota Asterisk user group
- 37:36 - Comment (blog) from Aswath Rao
- 39:58 - Comment (blog) from Mark Collier
- 40:07 - Comment (email) from Martyn Davies about ISS report
- 40:34 - Comments-3 (email) from Craig
- 41:52 - Comment (email) from Dave Roper pointing to Disposable Phone Numbers - discussion included Jangl, Private Phone and Craigsnumber
- 48:02 - Comment (email) from Rick McCharles
- 51:32 - Review of the last week's traffic on the VOIPSEC public mailing list
- 52:08 - Wrap-up of the show
- Reminder that you can subscribe to the show via email as well as RSS
- Mention of our Frappr map
- 54:38 - End of show
Comments, suggestions and feedback are welcome either as replies to this post or via e-mail to firstname.lastname@example.org. Audio comments sent as attached MP3 files are definitely welcome and will be played in future shows. You may also call the listener comment line at either +1-206-350-2583 or via SIP to 'email@example.com' to leave a comment there.
Thank you for listening and please do let us know what you think of the show.