Category Archives: Conferences

eComm 2009: Dan, Jonathan and Martyn together for the first time

Last week at the Emerging Communications Conference (eComm) 2009 in San Francisco, a remarkable event happened: Jonathan Zar, Martyn Davies, and I (Dan York) all wound up at the same place at the same time. Over the 3.5 years since we started Blue Box back in October 2005, Jonathan and I have met at events, Martyn and I have met and Jonathan and Martyn have met. But the three of us had never been together at the same place.

Now the particular place we met was a “Dev Dinner” hosted by (my employer) Voxeo after the end of eComm – and we had some great conversations along with the food. Martyn produced his camera and we did record the actual event:

bluebox-at-ecomm2009.jpg

Alas, it was too noisy there for us to do any actual recording, but it was great to have all three of us there. For those who may not recall the history, Martyn was one of our earliest listeners and is the person who provided both the image that we use for Blue Box (in iTunes, in the MP3 file, etc.) and also the music that we use for the intro and outro. He’s also guest-hosted several times and contributed a couple of interviews over the years.

P.S. And yes, Jonathan and I will be getting some more shows out…

Technorati Tags:
, , , , , , ,

Speaking on “SIP Trunking and Security” at ITEXPO in Miami Feb 3rd

ITEXPO-East-logo-2.jpgIf you will be in Miami at ITEXPO February 2-4 you are welcome to attend a free “SIP Trunking And Security” session I (Dan York) will be doing as part of Ingate Systems’ SIP Trunking Workshops. The SIP trunking workshops are free to all attendees even if you only register for an exhibit pass.

My session will be 11:15-12:30 on Wednesday, February 3rd, and if you do attend please feel free to come up and introduce yourself (or drop me a note in advance to let me know to look out for you). I’ll be bringing my recording gear, too, and the talk will eventually go out in my Blue Box Podcast feed so you will be able to hear it later.

P.S. If you are attending ITEXPO and your company makes a product or provides a service related to VoIP security, please feel free to let me know and perhaps we can schedule an interview to go out as a Blue Box Special Edition.

Technorati Tags:
, , , , , , , ,

Blue Box SE#026 – Astricon 2007 presentation on VoIP security and Asterisk

Synopsis:  Blue Box Special Edition #26: Astricon 2007 presentation – "Hacking and Attacking VoIP Systems: What you need to worry about"

Welcome to Blue Box: The VoIP Security Podcast Special Edition #26, a 55-minute podcast  from Dan York and Jonathan Zar covering VoIP security news, comments and opinions.   

Download the show here (MP3, 6MB) or subscribe to the RSS feed to download the show automatically. 

You may also listen to this podcast right now:

Show Content:

A year ago in September 2007, I (Dan York) spoke at Astricon 2007 in Arizona, USA, about "Hacking and Attacking VoIP Systems: What You Need To Worry About" My presentation covered a lot of the typical VoIP security threats, tools and best practices but also expanded a bit into specific security issues with Asterisk.  Please do keep in mind that it has been a year since this presentation and so some of the issues I mention have been addressed. (Astricon, for those who don’t know, is an annual developer conference for those who work with the Asterisk open source telephony platform. Astricon 2008 is, in fact, coming up in about 3 weeks but I will not be attending this year.)

The slides for this talk are available from Slideshare:

Hacking and Attacking VoIP Systems – What You Need To Know

View SlideShare presentation or Upload your own. (tags: voip voipsecurity)

(And yes, at some point I’ll sync the audio with the slides.)

Production assistance on this Special Edition was provided by Michael Graves who had a very tough task given the poor quality of the recording that I gave to him!  Kudos to Michael for getting it to sound as good as it does.

Comments, suggestions and feedback are welcome either as replies to this post  or via e-mail to blueboxpodcast@gmail.com.  Audio comments sent as attached MP3 files are definitely welcome and will be played in future shows.  You may also call the listener comment line at either +1-415-830-5439 or via SIP to ‘bluebox@voipuser.org‘ to leave a comment there. 

Thank you for listening and please do let us know what you think of the show.

FYI – I’ll be out at O’Reilly’s OSCON next week in Portland talking about voice mashups…


OSCON 2008

If any of you reading this will be out at O’Reilly’s OSCON Open Source Convention next week (July 21-25) in Portland, Oregon, I (Dan York) will be there giving a talk on Wednesday on “Mashing Up Voice and the Web Through Open Source and XML“. Here’s the abstract:

With over 4.5 billion mobile and fixed phones out there as of November 2007, the phone represents the most ubiquitous user interface out there. As “mashups” on the Web let us quickly and easily access information from multiple data sources, how do we extend those mashups to the world of the phone? How do we bring the old world of voice and telephony into the new world of the Web, social networks, and social media? And how do we do that using open source tools and open standards?

If any of you will be attending, please do drop me a note as I always enjoy meeting up with people who read this blog. If you are not attending but are interested, it’s not too late… you can still register at the OSCON site. Should be a great convention for those interested in open source development. The schedule is pretty amazing as it truly has a collection of some of the best folks out there in the open source world. (The convention starts on Wednesday with Monday and Tuesday being for tutorials.) I’m definitely looking forward to the event!

Technorati Tags:
, , , , , , , , ,

FYI – I’m out at AstriCon in Arizona (and looking for Asterisk security feedback over on the VOIPSA weblog)

FYI, I’m currently out at the Asterisk conference, AstriCon, in Phoenix, Arizona through Thursday night. If any listeners are also here at the show, please do drop a note as I’m always interested in meeting listeners face-to-face.

Also, over on the Voice of VOIPSA weblog, I’ve posted the question: “What would your ‘security roadmap’ for Asterisk be?” I’m giving a talk on the subject on Thursday and would welcome any feedback.

Technorati Tags: , , , , , ,

Blue Box SE #19: “The Real Risks of VoIP Security” panel at VON Europe 2007 in Stockholm, Sweden, featuring Martyn Davies, Ari Takanen, Cullen Jennings and Akif Arsoy

Synopsis: "The Real Risks of VoIP Security" panel session at VON Europe in Stockholm, Sweden, in June 2007.  Moderated by Blue Box contributor Martyn Davies, the panel included Ari Takanen of Codenomicon, Cullen Jennings of Cisco and Akif Arsoy of Verisign.

Welcome to Blue Box: The VoIP Security Podcast Special Edition #19, a 55-minute podcast of the panel session "The Real Risks of VoIP Security" from VON Europe 2007 in Stockholm, Sweden, in June 2007.

Download the show here (MP3, 25MB) or subscribe to the RSS feed to download the show automatically.

You may also listen to this podcast right now:

Show Content:

In this Special Edition, we bring you a recording of the panel session at VON Europe in Stockholm, Sweden, in June 2007.  Longtime Blue Box contributor Martyn Davies moderated the panel which included Ari Takanen of Codenomicon, Cullen Jennings of Cisco and Akif Arsoy of Verisign.  Rather than going with canned presentations of slides, the panel was a conversation among the panelists based on questions that Martyn had as well as questions from the audience.  I think you will find it both enjoyable and educational.

The members of the panel are, left-to-right, Martyn Davies (Dialogic), moderator, Ari Takanen (Codenomicon), Cullen Jennings (Cisco) and Akif Arsoy (Verisign):

   
   
   
   

We thank Martyn for contributing this recording and also compliment him on what is one of the best conference recordings we’ve ever offered as far as audio quality goes.  Dan also thanks Cullen Jennings for standing in for him when Dan was suddenly unable to attend Podcamp Europe.

Comments, suggestions and feedback are welcome either as replies to this post  or via e-mail to blueboxpodcast@gmail.com.  Audio comments sent as attached MP3 files are definitely welcome and will be played in future shows.  You may also call the listener comment line at either +1-206-350-2583 or via SIP to ‘bluebox@voipuser.org‘ to leave a comment there.

Thank you for listening and please do let us know what you think of the show.

Anyone attending Black Hat or Defcon interested in providing reports into the Blue Box podcast?

imageAre you attending Black Hat next week in Las Vegas (July 29-Aug 2)? Or the Defcon show that follows? If so, would you be willing to provide a report (either audio or written) for us to include in a future Blue Box podcast (or potentially post on the VOIPSA blog)? Neither Jonathan nor I (nor Martyn) are going to be attending Black Hat or Defcon but there do look to be a number of quite interesting talks involving VoIP security.  If you would be willing to send in a report from Black Hat or Defcon just briefly talking about what is discussed at the sessions there, please do drop us an email as we’d love to have such contributions. 

FYI, if you want to try audio, contributions could be either: 1) recorded using something like Audacity and then sent by email; or 2) simply called into our comment line (+1-206-350-2583 or sip:bluebox@voipuser.org).

Technorati tags: , ,

ETel "Black Bag" Security presentations now available with audio synced to slides (through "slidecasting")…

Have you ever wished you could know when the slides are being changed when you listen to one of our Special Edition podcasts?  Well, now you can courtesy of a new “slidecasting” interface made available from the folks at SlideShare.net.  I have now made available synced versions of Blue Box SE#15 and Blue Box SE#16 as shown in the embedded objects below.  SE#15 is, to me, a great example of the power of SlideShare’s syncing interface.  It is about 243 slides in 15 minutes and without the sync, it’s not as easy to see how the slides are used to support the story.  SE#16 is the much-longer 90-minute workshop that Jonathan, Shawn Merdinger and I did which again shows how the slide sync can be used in a longer setting.  In any event, you can check them out in the embedded shows below.  First the 15-minute “Black Back Security Review”:

And then here our 90-minute workshop:

We would naturally love to hear your feedback about whether you find this useful.  We anticipate putting up future presentations in this fashion.  What do you think?

Update: Dan is NOT at VON Europe in Stockholm – but the Blue Box dinner will go ahead

Well, sometimes “life” intervenes in the best of plans.  As I wrote on my Disruptive Telephony blog, I will now very unfortunately NOT be attending VON Europe in Stockholm.  However, the Blue Box dinner planned for tonight will go ahead with Martyn Davies, Dean Elwood and about a dozen others.  I’ve already let Martyn know that I expect to get a good recorded segment out of it for inclusion in a future podcast!  🙂  

As for my Thursday panel on VoIP security that Martyn is moderating, Cullen Jennings from Cisco has agreed to step in.  Cullen is the IETF Area Director for real-time applications.. so essentially everything related to SIP rolls up to him, including VoIP security in the standards world.  I know from our many discussions that Cullen has a very strong interest in security, so the panel discussion should be quite a good one.   

I’m very disappointed that I won’t be able to be there to be part of the dinner or panel, but I’m looking forward to hearing how they all go.