Synopsis: Blue Box #73: SIP security issues at IETF 70, Skype security, vulnerabilities in Cisco and Nokia phones, Vietnam's cyberdissidents, VoIP security news, listener comments and more...

Welcome to Blue Box: The VoIP Security Podcast #73, a 44-minute podcast  from Dan York and Jonathan Zar covering VoIP security news, comments and opinions.   

Download the show here (MP3, 20MB) or subscribe to the RSS feed to download the show automatically. 

You may also listen to this podcast right now:

NOTE: This show was recorded on December 11, 2007.

Show Content:

• 00:20 - Intro to the show, contact information and how to provide comments.  Welcome to all the new listeners - and to all those listeners who have been here for so long! 
• Voice of VOIPSA: Skype fixes flaw in Windows version
• Cisco 7940 Denial of Service
• Nokia N95 Remote Denial of Service using the SIP Stack
• Network World: VoIP Security Lessons Microsoft OCS Can Learn From Vonage and Others pointing over to series of posts on the Telecosm blog and the start of a series on VoIP security including DoS and anonymity
• VoIP News: Not Waiting For the Big One
• TechWorld: VoIP is the next big hack (follow up on Peter Cox)
• Globe and Mail: Cyberdissidents weaving along new path
• National Security Agency Certifies New Sectra vIPer Phone by General Dynamics for Top Secret Communications (sent in by Peter Thermos)
• Websense Predicts 2008’s Top Ten Security Threats
• International Telephone Services Company Deploys Secure Computing’s Sidewinder to Protect VoIP Communications
• Feature –  IETF 70
  • IETF 70 Agenda
  • Security a major discussion point
  • Media control – requirements and architecture to need more security work
  • SPEERMINT - Saverio Niccolini will bring security document back through
  • SIPPING - Spam Score and SRTP Key Disclosure and Updates to Asserted Identity – also covered in SPITting in your general direction
  • SIP - Media Identity and DTLS Framework
  • MMUSIC - big news was that ICE is now in the queue to be issued as an RFC
  • BEHAVE - TURN
  • P2PSIP – interesting discussion on NAT in P2P SIP and security in P2P SIP
• Comment (email) from Frank Leonhardt
• Comment (email) from Rhodri Davies
• Comment (email) from Peter Thermos
• Comment (email) from Ben Penson
• Review of the last week's traffic on the VOIPSEC public mailing list 
• Wrap-up of the show
• 44:28 - End of show 

Comments, suggestions and feedback are welcome either as replies to this post  or via e-mail to blueboxpodcast@gmail.com.  Audio comments sent as attached MP3 files are definitely welcome and will be played in future shows.  You may also call the listener comment line at either +1-415-830-5439 or via SIP to 'bluebox@voipuser.org' to leave a comment there. 

Thank you for listening and please do let us know what you think of the show.