Synopsis:  Blue Box #84: New Cisco, Avaya, Nortel VoIP security vulnerabilities
from VoIPShield, Skype in China, UCSniff and other new tools, news and
more

Welcome to Blue Box: The VoIP Security Podcast #84, a 30-minute podcast  from Dan York and Jonathan Zar covering VoIP security news, comments and opinions.   

Download the show here (MP3, MB) or subscribe to the RSS feed to download the show automatically. 

You may also listen to this podcast right now:

Show Content:

• 00:20 – Intro to the show, contact information and how to provide comments.  Welcome to all the new listeners – and to all those listeners who have been here for so long!
• Programming notes:
  • Three-year anniversary of Blue Box coming up on October 24th – any thoughts you’d like to share with us? (Please send them to us by October 23rd.)
• VoIPShield announces new vulnerabilities and http://www.voipshield.com/research.php
• http://www.theregister.co.uk/2008/09/30/voip_eavesdropping_tool/
• "Sipera Develops VoIP Spy Program – to Prove a Point" – http://www.voipplanet.com/trends/article.php/3776136
• SecureLogix Announces Free Availability of VoIP Security Tools
• NY Times: Surveillance of Skype Messages Found in China – http://www.nytimes.com/2008/10/02/technology/internet/02skype.html?_r=2&partner=rssnyt&pagewanted=print
• http://securitywatch.eweek.com/privacy/skypechina_breach_is_anyone_really_surprised.html
• http://www.informationweek.com/news/telecom/voip/showArticle.jhtml?articleID=210605439
• Skype CEO’s blog post about the issue: http://share.skype.com/sites/en/2008/10/answers_to_some_commonly_asked.html
• http://www.itbusinessedge.com/blogs/top/?p=398
• http://www.voip-news.com/feature/google-phone-europe-growth-092408/
• http://www.itnewsafrica.com/?p=1269
• http://news.cnet.com/8301-1009_3-10052393-83.html
• http://www.broadbandreports.com/shownews/VoIP-Vulnerabilities-Being-Exposed-Today-98039
• http://www.itbusinessedge.com/blogs/top/?p=402
• http://voipsa.org/blog/2008/10/07/5th-emergency-services-workshop-to-be-held-oct-21-23-in-vienna/
• http://eon.businesswire.com/news/eon/20080924005342/en
• http://www.crn.com/security/210602442
• http://it.tmcnet.com/topics/it/articles/41236-infoblox-unveils-dns-firewall-address-dns-vulnerability-concerns.htm
• http://www.newswire.ca/en/releases/archive/September2008/29/c9005.html
• No comments this week.
• Review of the last week’s traffic on the VOIPSEC public mailing list
• Wrap-up of the show
• 30:26 – End of show 

NOTE: Long-time listeners will note that the show notes above are in a less descriptive form than usual. After almost three years of using one wiki for preparing for our shows, Jonathan and I switched to using a new system and are still working out some of the details that will speed the input into show notes.

Comments, suggestions and feedback are welcome either as replies to this post  or via e-mail to blueboxpodcast@gmail.com.  Audio comments sent as attached MP3 files are definitely welcome and will be played in future shows.  You may also call the listener comment line at either +1-415-830-5439 or via SIP to ‘bluebox@voipuser.org‘ to leave a comment there. 

Thank you for listening and please do let us know what you think of the show.