Synopsis: Skype multiple login issue, OpenID, Cisco IP phone vulnerabilities, net neutrality, drive-by pharming, EU legislation and are smokers really a threat to VoIP security?
Welcome to Blue Box: The VoIP Security Podcast #53, a 48-minute podcast from Dan York and Jonathan Zar covering VoIP security news, comments and opinions.
- 00:20 - Intro to the show, contact information and how to provide comments. Welcome to all the new listeners - and to all those listeners who have been here for so long! D
- 01:36 - Programming notes
- Dan will be in Cairo, Egypt, on the week of March 19th and would be delighted to meet with any listeners
- Blogroll for listener blogs?
- If you happen to use the Digg website, we noticed there is a podcast directory there and Blue Box could use some more Diggs
- SRT episode on OpenID
- Blue Box #51 set a new record – no Skype security issues!
- Stay tuned for security sessions coming out of ETel
- Martyn Davies did an interview about VoipSEAL anti-spam solution
- 04:05 - Cisco: Cisco Unified IP Conference Station and IP Phone Vulnerabilities – also 802.1X -tons of press coverage, including Cisco IP phone flaws show vulnerabilities of ‘Vo-Fi’
- 10:15 - Voice of VOIPSA:IPTComm Call for Papers
- 11:07 - Voice of VOIPSA: Combatting Voice Spam with VOIP Seal (Martyn has also provided an interview which we will air as a Special Edition)
- 11:56 - Dan Wing of Cisco has introduced a new Internet Draft on Disclosing Secure RTP (SRTP) Session Keys with a SIP Event Package – critical thing we’ve been talking about
- 14:43 - An Internet-Draft is out on Requirements for Session Border Controllers
- 16:33 - Disruptive Telephony: I’ve been writing a good bit about OpenID and Dean Elwood has reponded with Why SIP doesn’t need OpenID
- 18:48 - Barton Hudson: A suggestion for solving the Skype multiple login issue
- 23:55 - eWeek: VoIP: What? Me, worry?
- 24:37 - Kevin Murphy summarizes a draft paper by researchers at Indiana University and Symantec in an article in Computer Business Review Online: Drive-By Pharming Attack Could Hit Home Networks -also see
- 25:44 - Net Neutrality is back in the news at the FCC, At the FTC and in wireless as it relates to Skype
- 30:43 - IT Reseller Online: Seven Tips For VoIP Security Success (requires login)
- 31:47 - Irwin Lazar is in a Cisco video: Cisco Techwise TV on securing unified communications (requires login)
- 32:34 - ComputerWorld: Smokers may be the weak IT security link (the attacker tried to get on the VoIP network)
- 35:06 - Feature - EU privacy legislation -IHT article on privacy
- 40:02 - IT Business Edge - Consumer Mobile VoIP Services: The Next Security Challenge?
- 40:59 - Upcoming shows:
- 41:47 - comment (email) from Andy Zmolek about BlueBox gathering at RSA… and note that we’d be glad to publicize dinners at conferences
- 42:39 - comment (email) from Martyn Davies about IPTComm
- 42:53 - comment (email) from Bill Stackpole
- 44:24 - comment (blog) from Tonio
- 47:07 - Review of the last week's traffic on the VOIPSEC public mailing list
- 47:4 - Wrap-up of the show
- Dan's going to Cairo the week of March 19th - any listeners out there?
- Reminder that you can subscribe to the show via email as well as RSS
- 48:24- End of show
Comments, suggestions and feedback are welcome either as replies to this post or via e-mail to firstname.lastname@example.org. Audio comments sent as attached MP3 files are definitely welcome and will be played in future shows. You may also call the listener comment line at either +1-206-350-2583 or via SIP to 'email@example.com' to leave a comment there.
Thank you for listening and please do let us know what you think of the show.