Synopsis: Session Border Controller (SBC) Special – Martyn Davies interviews Rod Hodgman from Covergence and Jeff Carr from Borderware about their products and the role of the SBC.

Welcome to Blue Box: The VoIP Security Podcast Special Edition #18, a 33-minute podcast of interviews by Martyn Davies of Rod Hodgman from Covergence and Jeff Carr from Borderware about their products and the role of the SBC and the question "Do SBCs break the rules of SIP?"

Download the show here (MP3, 15MB) or subscribe to the RSS feed to download the show automatically.

You may also listen to this podcast right now:

Show Content:

This Session Border Controller (SBC) special
features two back-to-back interviews with Rod Hodgman from Covergence (www.covergence.com) and Jeff Carr from
Borderware (www.borderware.com).

In the first interview, Martyn Davies speaks
to Rod Hodgman, VP of Marketing at Covergence, about their SBC product
line, Eclipse.  Rod talks about SBCs that support peering and access edge
applications, and then focuses on access edge features such as NAT traversal and
DoS protection.  The discussion also covers software vs. appliance; OS
hardening, ATCA and media acceleration.  Rod answers the question "do SBCs
break the rules of SIP?", and tells us a user story.

In the second part, Martyn speaks to Jeff Carr, VP of the SIP Solutions Group at Borderware, about their software SBC, SIPAssure.  Jeff talks about the access edge, SPIT (Internet Telephony SPAM): content filtering and reputation management; firewall vs. SBC.  He also tackles the question "do SBCs break the rules of SIP?", and goes on to tell us a story about one of their OEM customers.

We thank Martyn for contributing these interviews.

Comments, suggestions and feedback are welcome either as replies to this post  or via e-mail to blueboxpodcast@gmail.com.  Audio comments sent as attached MP3 files are definitely welcome and will be played in future shows.  You may also call the listener comment line at either +1-206-350-2583 or via SIP to ‘bluebox@voipuser.org‘ to leave a comment there.

Thank you for listening and please do let us know what you think of the show.

(P.S. In the spirit of full disclosure, I’ll note that one of the customer stories turns out to be my employer, but I had no clue about that as this was entirely Martyn’s production.)

Synopsis: Blue Box #61: IETF framework to fight SPIT, VoIP security video, new tools, voip security news, listener comments and only a brief mention of the iPhone

Welcome to Blue Box: The VoIP Security Podcast #61, a 29-minute podcast  from Dan York and Jonathan Zar covering VoIP security news, comments and opinions.   

Download the show here (MP3) or subscribe to the RSS feed to download the show automatically. 

You may also listen to this podcast right now:

Show Content:

• 00:20 – Intro to the show, contact information and how to provide comments.  Welcome to all the new listeners – and to all those listeners who have been here for so long!
• 01:21 – Programming notes
  • New special edition shows coming up very soon.
• 01:41 – Sipera: Many SIP vulnerabilities with softphones from AIM, MSN, Nortel and Avaya 4602SW desk phone
• 04:05 – Voice of VOIPSA: IETF Internet-Drafts on SPIT – Hannes Tschofenig seeking comments
  • Requirements for Authorization Policies to tackle SPIT
  • A Framework for reducing SPIT
• 07:10 – Voice of VOIPSA: Pucker Up, Part 3 – Shawn’s latest piece.
• 08:24 – Voice of VOIPSA: Truth in Caller ID Act passed again
• 09:19 – Voice of VOIPSA: We Know Where You Live
• 10:27 – Mark Collier has several new articles on his VoIP security blog including:
  • a pointer to this VoIP Security Threats video on YouTube
  • Mark’s presentation at INNUA
• 13:35 – ComputerWeekly.com: VoIP Security Fundamentals
• 14:51 – Release of rtpbreak tool
• 15:42 – BBC: Telephone tapping (from Frank Leonhardt)
• 16:55 – Fox News: Hacker Taps Cell Phone to Stalk Family
• 17:26 – News releases:
• Mobile Voip: T-Mobile Introduces Unlimited Calling With T-Mobile HotSpot @Home
• M5T Releases the M5T ZRTP SAFE VoIP Application
• 21:14 – Feature on status of Best Practices Project
• 22:06 – Upcoming shows:
  • July 19-20, New York, USA, IPTComm2007
  • July 22-27, Chicago, USA IETF 69
  • Aug 20-23, San Francisco, CA, USA VoiceCon SF 2007
  • Sept 10-12, Los Angeles, CA, USA ITEXPO West 2007
  • Oct 29-Nov 1, Boston, USA, Fall 2007 VON
• 23:20 – comment (email) from Rhodri Davies about SIP in SANS list
• 24:19 – comment (email) from Frank Leonhardt about his paper and also link
• 24:49 – comment (email) from JP Li asking about slides for SE #16
• 25:36 – comment (blog) from Benny Ketelslegers about SIP botnets
• 27:15 – Review of the last week’s traffic on the VOIPSEC public mailing list
• 27:58 – Wrap-up of the show 
• 29:02 – End of show 

Comments, suggestions and feedback are welcome either as replies to this post  or via e-mail to blueboxpodcast@gmail.com.  Audio comments sent as attached MP3 files are definitely welcome and will be played in future shows.  You may also call the listener comment line at either +1-206-350-2583 or via SIP to ‘bluebox@voipuser.org‘ to leave a comment there. 

Thank you for listening and please do let us know what you think of the show.

Synopsis: Blue Box #60: new VoIP security offerings from CheckPoint, VoIPShield, VoIP and business continuity, CALEA, new VoIP Security book, NAC mini-tutorial, more on botnets, listener comments and more

Welcome to Blue Box: The VoIP Security Podcast #60, a 28-minute podcast  from Dan York and Jonathan Zar covering VoIP security news, comments and opinions.   

Download the show here (MP3) or subscribe to the RSS feed to download the show automatically. 

You may also listen to this podcast right now:

Show Content:

• 00:20 – Intro to the show, contact information and how to provide comments.  Welcome to all the new listeners – and to all those listeners who have been here for so long!
• 01:15 – Programming notes
  • Martyn Davies will be moderating a panel on VoIP security at VON Europe that will include Dan and others
  • Blue Box dinner at the June VON show on Monday, June 11th
  • We’ve recently set up a group on the Facebook social networking site for fans of the show.  If you are a Facebook user, feel free to join.
• 02:28 – ComputerWeekly.com: Check Point promises more VoIP security, fewer slowdowns
• 03:35 – VoIPShield Security Suite Debuts…
  • VoIPShield Security Suite Debuts at Interop Las Vegas
  • Ken Camp response
  • InfoWorld
• 05:21 – PC World: Attackers Get Chatty on VoIP
• 06:37 – Skype Journal: UK: Paedophiles use Skype to find and pursue likely targets
• 07:42 – TMC.net: VoIP Helps Increase Business Continuity Awareness
• 10:10 – VoIPNews: VoIP Providers Hold Their Breath as CALEA Deadline Passes
• 12:15 – New book coming out in August: Securing VoIP Networks: Threats, Vulnerabilities and Countermeasures by Peter Thermos and Ari Takanen
• 13:38 – Voice of VOIPSA: Security: A Question of Balance
• 14:23 – Voice of VOIPSA: Google Launches Security Blog
• 14:54 – Follow-up on the Estonian botnet issue – it apparently wasn’t Russia but instead was botnet groups and Cyberattack in Estonia—what it really means
• 15:48 – SPIT Framework Internet-Draft – stay tuned for a URL
• 16:43 – News Releases:
  • Covergence Announces Support for IBM BladeCenter
• 16:54 – Feature – mini-tutorial on NAC
• 20:17 – Upcoming shows:
  • Dustin Trammell will be speaking at Defcon 15 about VoIP and steganography
  • Ken Camp will be moderating two panels on VoIP Security at IT Expo
  • June 12-14, Stockholm, Sweden, VON Europe Spring – both Martyn and I will be there… we’ll have a Blue Box dinner
  • July 22-27, Chicago, USA IETF 69
  • Aug 20-23, San Francisco, CA, USA VoiceCon SF 2007
  • Sept 10-12, Los Angeles, CA, USA ITEXPO West 2007
  • Oct 29-Nov 1, Boston, USA, Fall 2007 VON
• 21:32 – comment (email) from Rhodri Davies about SIP botnets
• 23:55 – comment (email) about analog surveillance
• 25:09 – comment (blog) from Security4All
• 25:22 – comment (blog) from Ludovic Petit that he can’t see the PDF files
• 25:44 – comment (facebook) from Reuven
• 26:31 – Review of the last week’s traffic on the VOIPSEC public mailing list
• 27:29 – Wrap-up of the show 
• 28:35 – End of show 

Comments, suggestions and feedback are welcome either as replies to this post  or via e-mail to blueboxpodcast@gmail.com.  Audio comments sent as attached MP3 files are definitely welcome and will be played in future shows.  You may also call the listener comment line at either +1-206-350-2583 or via SIP to ‘bluebox@voipuser.org‘ to leave a comment there. 

Thank you for listening and please do let us know what you think of the show.

Synopsis: 802.1X mini-tutorial, new VoIP security vulnerabilities, new security tools, the biggest threat to VoIP? … botnets hitting Estonia…  and chimichangas and sushi trains…

Welcome to Blue Box: The VoIP Security Podcast #59, a 55-minute podcast  from Dan York and Jonathan Zar covering VoIP security news, comments and opinions.   

Download the show here (MP3, 24MB) or subscribe to the RSS feed to download the show automatically. 

You may also listen to this podcast right now:

Show Content:

• 00:20 – Intro to the show, contact information and how to provide comments.  Welcome to all the new listeners – and to all those listeners who have been here for so long!
• 01:36 – Dan and Jonathan discuss recent conferences, the US DOD’s JITC certification process and stray into Mexican food…
• 06:38 – Programming notes
  • Martyn Davies will be moderating a panel on VoIP security at VON Europe that will include Dan and others
  • Blue Box dinner at the June VON show on Monday, June 11th
  • We’ve recently set up a group on the Facebook social networking site for fans of the show.  If you are a Facebook user, feel free to join.
• 08:01 – Sipera Finds New VoIP Phone Security Threats
• 12:58 -Information Week: Security Tools Top 2007 IT Professionals Poll (VoIP drops to 3rd) – see also IT Business Edge
• 16:59 – ITP Technology: Cracking the code
• 18:25 – Network World: Security in PacketCable networks
• 20:59 – Speaking of Network World, by way of Mark Collier , we learned that Network World has a VoIP Security page
• 21:28 – VoIPPlanet: A series of ‘The VoIP Peering Puzzle’ background pieces on SBC’s
• 23:24 – Ken Camp: What’s the biggest Threat to Enterprise VoIP?
• 25:21 – CRN: VoIP Demystified
• 26:08 – TMCnet: Trends in IP Communications and the Evolution of the SBC
• 27:15 – ComputerWeekly.com: VoIP, UC adoption continue to rise
• 29:45 – Botnet attacks against Estonia:
  • Washington Post: Cyber Assaults on Estonia Typify a New Battle Tactic
  • CNN: Estonia suspects Kremlin in Web attacks
  • BBC: Estonia hit by ‘Moscow cyber war’
  • Global Guerrillas: Russia vs. Estonia: 21st Century State vs State conflict 
• 34:04 – News Releases:
  • General Dynamics Awarded $18 Million Contract to Deliver VoIP to the Pentagon
  • Freebird releases VoIP call recorders
• 35:27 – Feature – mini-tutorial on IP phones and 802.1X
• 40:00 – Upcoming shows:
  • Dustin Trammell will be speaking at Defcon 15 about VoIP and steganography
  • June 12-14, Stockholm, Sweden, VON Europe Spring – both Martyn and I will be there… we’ll have a Blue Box dinner
  • July 22-27, Chicago, USA IETF 69
  • Aug 20-23, San Francisco, CA, USA VoiceCon SF 2007
  • Sept 10-12, Los Angeles, CA, USA ITEXPO West 2007
  • Oct 29-Nov 1, Boston, USA, Fall 2007 VON
• 42:12 – comment (email) from Phil about analog tapping of VoIP phone
• 44:28 – comment (email) from Shlomo Dubrowin
• 49:13 – Review of the last week’s traffic on the VOIPSEC public mailing list
• 49:35 – Wrap-up of the show 
• 51:13 – End of show 

Comments, suggestions and feedback are welcome either as replies to this post  or via e-mail to blueboxpodcast@gmail.com.  Audio comments sent as attached MP3 files are definitely welcome and will be played in future shows.  You may also call the listener comment line at either +1-206-350-2583 or via SIP to ‘bluebox@voipuser.org‘ to leave a comment there. 

Thank you for listening and please do let us know what you think of the show.

Synopsis: The SIP Botnet edition – VoIP bots are here, now what?  Also rogue firmware mini-tutorial, other VoIP security news, listener comments, more…

Welcome to Blue Box: The VoIP Security Podcast #58, a 35-minute podcast  from Dan York and Jonathan Zar covering VoIP security news, comments and opinions.   

Download the show here (MP3, 14MB) or subscribe to the RSS feed to download the show automatically. 

You may also listen to this podcast right now:

Show Content:

• 00:20 – Intro to the show, contact information and how to provide comments.  Welcome to all the new listeners – and to all those listeners who have been here for so long!
• 00:53 – Programming notes
  • Dan was out in Fort Huachuca, AZ, for a US DoD telecommunications conference
  • Martyn Davies will be speaking on May 23 at the Eurosec conference in Paris (replacing Dan)
• 02:20 – Voice of VOIPSA: Ready or not, here come the IRC-controlled SIP/VoIP attack botnets
• 15:15 – Voice of VOIPSA: SIPit 20 shows the very clear need for SIP security interoperability
• 15:29 – MSN Money: Your phone may be under attack
• 16:43 – TechRepublic: Four obstacles to implementing VoIP (also Russell Shaw blog post)
• 17:31 – News Releases:
  • Borderware: The economic impact of VoIP Security Vulnerabilities and how to secure VoIP for business  (announcing new white paper)
• 18:23 – Feature – mini-tutorial on set firmware and the issue of rogue firmware loads
• 22:41 – Upcoming shows:
  • May 23-25, Paris, France Eurosec Forum 2007 – Martyn Davies will be speaking
  • June 12-14, Stockholm, Sweden, VON Europe Spring – both Martyn and I will be there… we’ll have a Blue Box dinner
  • July 22-27, Chicago, USA IETF 69
  • Aug 20-23, San Francisco, CA, USA VoiceCon SF 2007
  • Sept 10-12, Los Angeles, CA, USA ITEXPO West 2007
  • Oct 29-Nov 1, Boston, USA, Fall 2007 VON
• 23:20 – comment (email) from Craig Bowser about CPEs
• 25:08 – comment (email) from Frank Leonhardt about GoogleTalk and SIP
• 25:42 – comment (email) from Simon Wood about recording hardware
• 27:14 – comment (email) from natas
• 28:51 – Review of the last week’s traffic on the VOIPSEC public mailing list
• 29:21 – Wrap-up of the show 
• 30:16 – End of show 

Comments, suggestions and feedback are welcome either as replies to this post  or via e-mail to blueboxpodcast@gmail.com.  Audio comments sent as attached MP3 files are definitely welcome and will be played in future shows.  You may also call the listener comment line at either +1-206-350-2583 or via SIP to ‘bluebox@voipuser.org‘ to leave a comment there. 

Thank you for listening and please do let us know what you think of the show.

Synopsis: Call signaling encryption mini-tutorial, VoIP eavesdropping, VoIP security news, listener comments and men in white vans…

Welcome to Blue Box: The VoIP Security Podcast #57, a 35-minute podcast  from Dan York and Jonathan Zar covering VoIP security news, comments and opinions.   

Download the show here (MP3, 18MB) or subscribe to the RSS feed to download the show automatically. 

You may also listen to this podcast right now:

Show Content:

(Time codes were lost in a browser crash and will be added back in the future.)

• 00:20 – Intro to the show, contact information and how to provide comments.  Welcome to all the new listeners – and to all those listeners who have been here for so long!
• VoIP News: Your VoIP Calls are Wiretapped – and Other Legal Surprises
• ZD Net blogs: They CAN spy on your IP, VoIP – through walls!
• ComputerWorldUK: Virus and access protection slip down security concerns (none of execs concerned about VoIP security) – also WebWire
• IETF: New draft of media keying security requirements
• ChannelWeb: Cisco To Partners: Make Security Part Of Every Deal
• eWeek: Extreme pumps up the network
• News Releases:
  • Sipera: Transition Toward End-to-End IP Driving Demand for Enterprise Media Gateways
• Feature section on voice encryption
• Upcoming shows:
  • May 14-17, Santa Clara, CA, USA Communications Developer Conference
  • May 18, Rochester, NY, USA, RIT VoIP Conference
  • May 23-25, Paris, France Eurosec Forum 2007 – I am speaking
  • June 12-14, Stockholm, Sweden, VON Europe Spring – both Martyn and I will be there… we’ll have to have a Blue Box dinner
  • July 22-27, Chicago, USA IETF 69
  • Aug 20-23, San Francisco, CA, USA VoiceCon SF 2007
  • Sept 10-12, Los Angeles, CA, USA ITEXPO West 2007
  • Oct 29-Nov 1, Boston, USA, Fall 2007 VON
• comment (blog) from Zapperlink
• comment (email) from Craig Bowser about Verizon vs Vonage
• comment (email) from Ponyboy about our mention of Project Wal-Mart Freedom
• comment (email) from Reuven Lakein
• comment (email) from Roel Villerius
• Review of the last week’s traffic on the VOIPSEC public mailing list
• Wrap-up of the show 
• 35:10 – End of show 

Comments, suggestions and feedback are welcome either as replies to this post  or via e-mail to blueboxpodcast@gmail.com.  Audio comments sent as attached MP3 files are definitely welcome and will be played in future shows.  You may also call the listener comment line at either +1-206-350-2583 or via SIP to ‘bluebox@voipuser.org‘ to leave a comment there. 

Thank you for listening and please do let us know what you think of the show.

Synopsis: Voice encryption tutorial, Skype worm, McAfee’s Sage Journal, Zfone, VoIP security news, listener comments and more… 

UPDATE – April 24: Unfortunately, due to an error in coding the appropriate enclosure (now fixed) many of you who subscribe via RSS will have downloaded a PDF file instead of the MP3 file. My apologies, and you’ll need to unfortunately download the file directly from the website at this point.

Welcome to Blue Box: The VoIP Security Podcast #56, a 38-minute podcast  from Dan York and Jonathan Zar covering VoIP security news, comments and opinions.   

Download the show here (MP3, 18MB) or subscribe to the RSS feed to download the show automatically. 

You may also listen to this podcast right now:

Show Content:

• 00:20 – Intro to the show, contact information and how to provide comments.  Welcome to all the new listeners – and to all those listeners who have been here for so long!
• 01:24 – New worm wriggles around on Skype  (also on CSO Online ) – See also F-Secure blog and Jan Geirnaert
• 03:06 – Voice of VOIPSA: Ghosts of VoIP Security Tools Past…and Future?  (note the comment in reply from the grugq)
• 04:41 – McAfee’s Sage Journal and their Global Threat Review (and the mention of VoIP)
  • McAfee news release
  • McAfee Sage Journal (PDF)
  • InfoWorld: McAfee: Cyber-crime will continue to pay
  • CNET/ZDNet: McAfee offers ‘Sage’ advice on security issues
  • Tech.co.uk: Cybercrims will ‘find new ways to make money’
  • Khaleej Times (UAE): Cybercrime, other security issues will increase=
  • also interesting to note that McAfee Avert Labs has a blog

• 08:00 – Information Week: VoIP Too Complicated? Tell That To The Cable Companies
• 11:02 – TechRepublic: PKI vs. Zfone: What’s your best bet for VoIP security?
• 12:07 – SC Magazine: Mobile security: when will it become necessary?
• 13:04 – ComputerWorld Malaysia: All-in-one security devices face hurdles
  – interesting for the mention of “Unified Threat Management” (UTM) and
  the growing concern about how to work with VoIP (expressed in final
  paragraph)
• 17:04 – Security Watch by Steve Gold: VoIP – a flawed technology?
• 19:47 – News releases:
  • AGN and Sipera partner to provide secure SIP Trunking
  • Mu Security Receives Frost & Sullivan 2007 Product of the Year Award
  • Top Layer Networks’ Enterprise-Series Intrusion Prevention Solution Raises the Bar for Protection against Emerging Cyber Threats
  • Radware Earns Top Ratings in Extensive Lab Testing of VoIP Traffic Resiliency and Quality
• 22:23 – Feature section on voice encryption
• 31:53 – Upcoming shows:
  • May 14-17, Santa Clara, CA, USA Communications Developer Conference
  • May 18, Rochester, NY, USA, RIT VoIP Conference
  • May 23-25, Paris, France Eurosec Forum 2007 – I am speaking
  • June 12-14, Stockholm, Sweden, VON Europe Spring – both Martyn and I will be there… we’ll have to have a Blue Box dinner
  • July 22-27, Chicago, USA IETF 69
  • Aug 20-23, San Francisco, CA, USA VoiceCon SF 2007
  • Sept 10-12, Los Angeles, CA, USA ITEXPO West 2007
  • Oct 29-Nov 1, Boston, USA, Fall 2007 VON
• 33:25 – comment (email) from Aswath Rao
• 35:25 – comment (email) from Craig Bowser
• 35:47 – comment (blog) from Amit about VoIP SEAL PDF files
• 36:33 – Review of the last week’s traffic on the VOIPSEC public mailing list
• 37:02 – Wrap-up of the show 
• 38:14 – End of show 

Comments, suggestions and feedback are welcome either as replies to this post  or via e-mail to blueboxpodcast@gmail.com.  Audio comments sent as attached MP3 files are definitely welcome and will be played in future shows.  You may also call the listener comment line at either +1-206-350-2583 or via SIP to ‘bluebox@voipuser.org‘ to leave a comment there. 

Thank you for listening and please do let us know what you think of the show.

Synopsis: IP phone security vulnerabilities, SIP fuzzing, Phil Zimmermann, ZRTP and IETF, Skype security, listener comments and a brief final commentary about visiting the pyramids in Egypt

Welcome to Blue Box: The VoIP Security Podcast #55, a 78-minute podcast  from Dan York and Jonathan Zar covering VoIP security news, comments and opinions.   

Download the show here (MP3, 36MB) or subscribe to the RSS feed to download the show automatically. 

You may also listen to this podcast right now:

Show Content:

• 00:20 – Intro to the show, contact information and how to provide comments.  Welcome to all the new listeners – and to all those listeners who have been here for so long!
• 01:29 – Programming notes
  • Apologies for lengthy delay
  • Hope you enjoyed Blue Box Special Edition #17 with Saverio Niccolini
  • Jonathan’s IPTV session at Spring VON
  • Brief note about Dan’s trip to Cairo (more at the end of the show)
  • Blogroll
    for “Blue Box Friends” – send in email with answer to question “What is
    Dan’s #1 prediction for what’s going to happen in VoIP security this
    year?”
  • If you are a CISSP, listening to podcasts can be counted as CPE credits
  • Voice of VOIPSA and Blue Box part of Security Bloggers Network
• 11:39 – RIT VoIP Conference – Rochester, NY, May 18th – looking for papers
• 12:30 – SIP fuzzing vulnerabilities from the Madynes project
• Cisco 7940/7960 DoS
• Grandstream Budgetone 200 DoS (note that vendor did not respond to researchers)
• Asterisk SDP DoS – and then also proof-Of-Concept code for Asterisk vulnerability
• Thinking about "patch management plans for phones"?
• 17:49 – Network World: Trojan calls on Skype
• 18:28 – Shawn Merdinger starts blogging his "Top 10" list of questions to ask your vendor about VoIP security (part 3 presumably coming soon):
  • Voice of VOIPSA: Pucker up – Intimate VoIP Phone Security Questions – part 1 of 3
  • Voice of VOIPSA: Pucker up – Intimate VoIP Phone Security Questions – part 2 of 3
• 22:08 – Silicon.com Special report on VoIP Security
  • The biggest VoIP security threats – and how to stop them
  • Is Skype secure enough for businesses?
  • The dos and don’ts of VOIP security
• 25:29 – VoIP News: Pretty Good (VoIP) Privacy
• 26:10 – VoIP News: CounterPath Gets Pretty Good Privacy with ZFone
• 28:13 – Voice of VOIPSA: Skype with a ‘Z’
• 30:10 – Voice of VOIPSA: Cracking the WLAN
• Voice of VOIPSA: Ghosts of VoIP Security Tools Past…and Future?  (note the comment in reply from the grugq)
• 31:01 – Aswath Rao: OpenID Negates the Need for P2P SIP
• 33:17 – PC Advisor: Take care of your smartphone’s security
  • comment (email) from Shawn about FlexiSpy
  • mention of EE Times: Getting a lock on RTOS security
• 36:42 – IETF: VoIP Security Threats relevant to SPEERMINT  (sent in by Shawn)
• 38:12 – Mention of IETF BLISS working group
• 39:14 – Mitel Presence: Using IP Communications as a Tool For Disaster Recovery and Business Continuity
• 40:17 – Sipera’s new VoIP Threat Advisories
• 41:54 – News releases:
  • Amitelo AG Presents AmiVois, Competitor to Skype
• 43:56 – Feature discussion around the IETF 68 RTPSEC BOF that occurred in Prague about secure key exchange protocols for Secure RTP (SRTP) (with the caveat that neither of us were there)
  • comment (email) from Miguel Garcia
  • Voice of VOIPSA: SRTP key exchange – minutes of IETF RTPSEC BOF now posted pointing to RTPSEC minutes
• 53:20 – Brief mention of VOIPSA Best Practices project.
• 54:08 – Upcoming shows:
  • Apr 16-20, Vancouver, BC, Canada CanSecWest 2006
  • May 14-17, Santa Clara, CA, USA Communications Developer Conference
  • May 18, Rochester, NY, USA, RIT VoIP Conference
  • May 23-25, Paris, France Eurosec Forum 2007 – I am speaking
  • June 12-14, Stockholm, Sweden, VON Europe Spring – both Martyn and I will be there… we’ll have to have a Blue Box dinner
  • July 22-27, Chicago, USA IETF 69
  • Aug 20-23, San Francisco, CA, USA VoiceCon SF 2007
  • Sept 10-12, Los Angeles, CA, USA ITEXPO West 2007
  • Oct 29-Nov 1, Boston, USA, Fall 2007 VON
• 54:20 – comment (audio) from Hasan Diwan about adding his blog, Prolific Programmer to the Blue Box blogroll
• 56:34 – comment (email) from Detlef
• 57:18 – comment (email) from Mark Collier about ETel story
• 57:49 – comment (email) from Dean Elwood about biometrics for identity authentication
• 58:49 – comment (email) from Shawn Merdinger about http://oldskoolphreak.com/tfiles/pwf.txt
• 59:41 – comment (email) from Shawn about Hitchhiker’s Guide to SIP
• 61:28 – comment (email) from Martyn Davies about OpenID
• 64:24 -comment (email) from Seth about adding a Podnova subscription button
• 64:39 – comment (email) from Roland about RSS feed not validating
• 64:52 – comment (email) from Martyn Davies about SE16 and removing the hum
• 66:05 – Review of the last week’s traffic on the VOIPSEC public mailing list
• 67:16 – Wrap-up of the show 
  • A bit of a travelogue about Dan’s trip to Cairo, Egypt, and his impressions of the pyramids, Cairo, etc.
• 78:05 – End of show 

Comments, suggestions and feedback are welcome either as replies to this post  or via e-mail to blueboxpodcast@gmail.com.  Audio comments sent as attached MP3 files are definitely welcome and will be played in future shows.  You may also call the listener comment line at either +1-206-350-2583 or via SIP to ‘bluebox@voipuser.org‘ to leave a comment there. 

Thank you for listening and please do let us know what you think of the show.