Synopsis: Skype spyware? Cisco SIP issue again, secure call recording, Phil Zimmermann on VON Magazine, US Congress and Caller ID, ringjacking, Skype security, VoIP security, listener comments and more

Welcome to Blue Box: The VoIP Security Podcast #52, a 45-minute podcast  from Dan York and Jonathan Zar covering VoIP security news, comments and opinions. 

NOTE: This show was originally recorded February 14, 2007. 

Download the show here (MP3, 21MB) or subscribe to the RSS feed to download the show automatically. 

You may also listen to this podcast right now:

Show Content: 

• 00:20 - Intro to the show, contact information and how to provide comments.  Welcome to all the new listeners - and to all those listeners who have been here for so long! Discussion of bandwidth in Japan and Asia.
• 02:07 - Programming notes
  • Podcasts by phone is back up with new number - +12183398544
  • Dan will be in Cairo, Egypt, on the week of March 19th and would be delighted to meet with any listeners
  • Experiment with Yahoo Pipes to make a combined feed for all VOIPSA RSS feeds
  • Blogroll for listener blogs?
• 5:08 - Cisco Security Advisory: SIP Packets Reload IOS Devices with support for SIP – we talked about it last week but now it turns out any device with SIP support is vulnerable (not just those where it was disabled)
• 6:59 - Voice of VOIPSA:Skype 3.0 and BIOS
• 10:50 - Voice of VOIPSA: Mercury News: Will wiretapping kill P2P VoIP
• 13:42 - Voice of VOIPSA: Ringjacker
• 15:06 - Voice of VOIPSA: Truth in Caller ID Act of 2007
• 16:48 - SC Magazine: How to protect your business from VoIP threats
• 17:17 - Australian IT: VoIP threat as crims seek out soft targets
• 18:18 - thestar (Malaysia): Getting high quality VoIP for your company
• 18:42 - ComputerWorld: FaceTime, Skype team on enterprise policy enforcement – also Skype blog: Skype partners with Facetime to make Enterprise control even easier and WindowsITPro: Skype teams with Symantec and Facetime
• 21:35 - CBC: VoIP phones disrupting some security alarm systems
• 24:20 - VON Magazine Cover Story on Phil Zimmermann – good background if you are not up on Zfone
• 26:53 - Aswath: Extending OpenID Authentication Scheme for Communication Systems
• 28:31 - Press Releases:
• Sipera Adds Worldwide Sales and Service Provider Expertise to Management Team=
• VoIP Logic Announces the Integration of Iperia and Covergence IP Applications into Its ’’Best of Breed’’ Class 5 Platform (a service provider talking about security!)
• BorderWare Delivers New Class of SBCs – also at TMC.net
• Security for VoIP on Sun hardware
• 29:52 - Quick update on Best Practices project
• 30:29 - Upcoming shows:
  • Mar 1-2, 2007, London, EUSecWest 
  • Mar 19-21, 2007, San Jose, CA, Spring 2007 VON 
  • Mar 23-25, Washington, DC, ShmooCon ‘07 
  • Apr 16-20, Vancouver, BC, Canada CanSecWest 2006
• 31:36 - comment (email) from Martyn Davies about 3GSM conference
• 32:26 - comment (email) from Simon Wood
• 33:23 - comment (email) from Keith about feed
• 33:53 - comment (email) from Anthony Congdon about SRTP and recording
• 40:33 - comment (email) from Peter Thermos about vopsecurity.org
• 41:01 - comment (email) from Michael Miller
• 41:35 - comment (email) from Mark Noble about NEC SPIT
• 41:47 - thanks out to Craig Bowser and Rhodri Davies
• 42:19 - comment (email) from Dean Elwood about video with AT&T companies
• 44:11 - Review of the last week's traffic on the VOIPSEC public mailing list 
• 44:33 - Wrap-up of the show 
  • Dan's going to Cairo the week of March 19th - any listeners out there?
  • Reminder that you can subscribe to the show via email as well as RSS 
• 45:18 - End of show 

Comments, suggestions and feedback are welcome either as replies to this post  or via e-mail to blueboxpodcast@gmail.com.  Audio comments sent as attached MP3 files are definitely welcome and will be played in future shows.  You may also call the listener comment line at either +1-206-350-2583 or via SIP to 'bluebox@voipuser.org' to leave a comment there. 

Thank you for listening and please do let us know what you think of the show.