Synopsis: Blue Box #73: SIP security issues at IETF 70, Skype security, vulnerabilities in Cisco and Nokia phones, Vietnam's cyberdissidents, VoIP security news, listener comments and more...
Welcome to Blue Box: The VoIP Security Podcast #73, a 44-minute podcast from Dan York and Jonathan Zar covering VoIP security news, comments and opinions.
You may also listen to this podcast right now:
NOTE: This show was recorded on December 11, 2007.
- 00:20 - Intro to the show, contact information and how to provide comments. Welcome to all the new listeners - and to all those listeners who have been here for so long!
- Voice of VOIPSA: Skype fixes flaw in Windows version
- Cisco 7940 Denial of Service
- Nokia N95 Remote Denial of Service using the SIP Stack
- Network World: VoIP Security Lessons Microsoft OCS Can Learn From Vonage and Others pointing over to series of posts on the Telecosm blog and the start of a series on VoIP security including DoS and anonymity
- VoIP News: Not Waiting For the Big One
- TechWorld: VoIP is the next big hack (follow up on Peter Cox)
- Globe and Mail: Cyberdissidents weaving along new path
- National Security Agency Certifies New Sectra vIPer Phone by General Dynamics for Top Secret Communications (sent in by Peter Thermos)
- Websense Predicts 2008’s Top Ten Security Threats
- International Telephone Services Company Deploys Secure Computing’s Sidewinder to Protect VoIP Communications
- Feature – IETF 70
- IETF 70 Agenda
- Security a major discussion point
- Media control – requirements and architecture to need more security work
- SPEERMINT - Saverio Niccolini will bring security document back through
- SIPPING - Spam Score and SRTP Key Disclosure and Updates to Asserted Identity – also covered in SPITting in your general direction
- SIP - Media Identity and DTLS Framework
- MMUSIC - big news was that ICE is now in the queue to be issued as an RFC
- BEHAVE - TURN
- P2PSIP – interesting discussion on NAT in P2P SIP and security in P2P SIP
- Comment (email) from Frank Leonhardt
- Comment (email) from Rhodri Davies
- Comment (email) from Peter Thermos
- Comment (email) from Ben Penson
- Review of the last week's traffic on the VOIPSEC public mailing list
- Wrap-up of the show
- 44:28 - End of show
Comments, suggestions and feedback are welcome either as replies to this post or via e-mail to email@example.com. Audio comments sent as attached MP3 files are definitely welcome and will be played in future shows. You may also call the listener comment line at either +1-415-830-5439 or via SIP to 'firstname.lastname@example.org' to leave a comment there.
Thank you for listening and please do let us know what you think of the show.