Blue Box #77: Skype security vulnerability, German gov’t looks at trojans, undersea cable cuts, Microsoft and Yahoo, VoIP security news and more

Synopsis: Blue Box #77: Skype security vulnerability, German gov’t looks at trojans, undersea cable cuts, Microsoft and Yahoo, VoIP security news and more

Welcome to Blue Box: The VoIP Security Podcast #76, a 36-minute podcast  from Dan York and Jonathan Zar covering VoIP security news, comments and opinions.   

Download the show here (MP3, 17MB) or subscribe to the RSS feed to download the show automatically. 

NOTE: This show was originally recorded on February 4, 2008.

You may also listen to this podcast right now:

Show Content:

Comments, suggestions and feedback are welcome either as replies to this post  or via e-mail to blueboxpodcast@gmail.com.  Audio comments sent as attached MP3 files are definitely welcome and will be played in future shows.  You may also call the listener comment line at either +1-415-830-5439 or via SIP to ‘bluebox@voipuser.org‘ to leave a comment there. 

Thank you for listening and please do let us know what you think of the show.

Wow! The offers of production assistance have been wonderful…

WOW! I don’t know that there is much else Jonathan and I can say after the incredible response we’ve had to our request for production assistance (also in SE#24). The offers started coming in within a few hours of SE#24 going live and I think we’re up to 12 people now who have said that they’d help.

THANK YOU!

We’re both overwhelmed and humbled by the many great folks who have offered to help… and also the words they sent our way saying how much the show mattered to them. Thank you!

At this point, it would definitely look like we’re all set for the moment, so it doesn’t appear we need any further assistance. Now we just have to get set up to make use of all the offers that have come in!

Stay tuned for more info – and more shows!

Technorati Tags:
,

Looking for a few good audio production assistants…

As we discuss in Blue Box Special Edition #24, we find ourselves in a bit of a dilemma. With each conference/show that we go to, we accumulate more great recordings of interviews that we do, panel sessions we record and other similar sessions. The goal is to turn these into “Special Edition” podcasts that we can make available in the podcast feed. We have two shows coming up this month, VoiceCon and VON, where we will record more sessions and interviews. Additionally, we do get requests to interview people that sometimes are quite interesting.

The problem we have is finding the time to do the post-production on the recordings to turn them into podcasts. We could, of course, just slap a generic intro and outro on a recording and throw it out there in the feed… but I think you all know that we don’t want to waste your time! For instance, including the Q&A portion of a panel session where you can’t hear the audience questions is pretty useless. Or including the part of the interview where announcements came over an intercom and you can’t hear the interviewee is rather silly. So we want to take the time to go through a recording and see how we can “tighten it up”. Remove breaks or big gaps of silence… speakers setting up laptops… interruptions to interviews etc. We don’t remove every “um” or pause… we do want it to feel natural, after all, but we try to edit out the big gaps, errors, interruptions, etc.

The challenge of course is that to do this you have to listen all the way through a podcast, editing along the way. Sometimes you don’t have to make many edits at all. Sometimes there a bunch of things to edit out. But it takes time… if the panel is 45 minutes you’ve got to have at least that much time (and probably double if you do much editing and keep stopping/starting). Unfortunately time is something neither Jonathan nor I are finding a whole lot of these days. I now have a queue of probably 10 or 12 recordings we’ve made over the past 6 months that are just sitting there waiting for me to get the cycles to turn them into Special Editions. Some are 20-minute interviews. Some are 45-minute or hour-long panels from conferences.

So therefore our request in show #24:

we’re looking for a few good production assistants!

What we’d love to do is to find a couple of people who would be willing to work this way:

  • I get to you the WAV file of the recording as well as the intro/outro.
  • You edit the file in whatever audio tool you prefer: Audacity, Garage Band, SoundForge, whatever… (I use Audacity)
  • When you are done, you export to a MP3 and get the MP3 to me.
  • I do a final check, set the ID3 tags, etc. and upload the MP3 file, create the show notes, etc.

The good news about most of the recordings we make is that they are not overly time-sensitive. We want them up as soon as we can, but if it takes some time to do the post-production as you fit it in around other work, that’s generally perfectly fine.

Obviously if you have experience with audio editing that’s great. If it’s something you’ve been interested to try your hand with, we’re open to having you give it a try. (Please do realize that I’m a control-freak and audio quality stickler, so it’s a new thing for me to even *consider* letting other people work on our files… but I’ve reached the point where I think it’s more important to get the content *out*! So I’m willing to try it out… 🙂

We can’t offer you any money or anything like that (this is a labor of passion, not profit!) but we’re certainly glad to give credit in show notes, Blue Box website, etc. You’ll also be helping the greater community of security professionals interested in VoIP by getting more content out there in a more rapid manner. (i.e. faster than if we’re waiting for me!) You may also gain skills in audio production (if you don’t already have them) that may assist you in other endeavors.

Anyway, if you are interested, drop us an email with the subject line “Production assistance” and with a little bit of background about yourself. Sometime in the next week or two (probably after March 20th) we’ll start seeing what we can do if there are people interested.

Thanks – and thanks for your patience, too.

Dan & Jonathan

Blue Box SE#024: An Update on Blue Box, Upcoming Shows and A Request For Assistance

Synopsis: Special Edition #24: An Update on Blue Box, upcoming shows and a request regarding production assistance

Welcome to Blue Box: The VoIP Security Podcast Special Edition #24, a 17-minute update on the status of Blue Box episodes, the shows we are attending and a request regarding production assistance.

Download the show here (MP3, 8MB) or subscribe to the RSS feed to download the show automatically.

You may also listen to this podcast right now:

Show Content:

In this special edition, we provide an update on the status of Blue Box episodes and our travel schedule over the next few weeks.  Specifically:

  • IETF-71, March 10-14, Philadelphia, PA, USA
    • Dan will be at IETF 71 next week attending the sessions related to Real-time Applications and Infrastructure (RAI)
    • There will be audio streaming and IM chatrooms if you you would like to listen in to IETF sessions. Watch the VOIPSA blog for more information.
  • VON.x, March 17-20, San Jose, CA, USA
    • Jonathan will be attending
    • The will be a dinner on Tuesday evening, March 18th, hosted by Dean Elwood to which Blue Box listeners are invited. Please RSVP by this coming Wednesday, March 12th, preferably in the Facebook event or if you avoid Facebook via email to Dean. Jonathan will be there as well as Martyn Davies and a number of VoIP bloggers and other interesting folks.
  • VoiceCon Orlando, March 17-20, Orlando, FL, USA
    • Dan will be attending and moderating two panels (voip security and open source) and participating in a keynote panel on social networking and enterprise communications.
    • Dan is looking to set up a dinner, probably on Tuesday evening. Watch the blog for more info.
    • Longtime listener and commenter Craig Bowser will also be there.

We also discussed the challenges we are experiencing finding the time to do post-production on all the recordings we are making of interviews and panels to turn them into Special Editions. To that end, we are wondering if any listeners would be willing to assist in the post-production of some of these recordings. More information is available on the Blue Box website (and obviously in the podcast).

Comments, suggestions and feedback are welcome either as replies to this post  or via e-mail to blueboxpodcast@gmail.com.  Audio comments sent as attached MP3 files are definitely welcome and will be played in future shows.  You may also call the listener comment line at either +1-415-830-5439 or via SIP to ‘bluebox@voipuser.org‘ to leave a comment there.

Thank you for listening and please do let us know what you think of the show.

Blue Box #76: Cisco, Skype and BT vulnerabilities, when SIP looks like SPIT, VoIP security threat predictions and the FBI forgets to pay their bills, plus listener comments and more…

Synopsis: Blue Box #76: Cisco, Skype and BT vulnerabilities, when SIP looks like SPIT, VoIP security threat predictions and the FBI forgets to pay their bills, plus listener comments and more…

Welcome to Blue Box: The VoIP Security Podcast #76, a 38-minute podcast  from Dan York and Jonathan Zar covering VoIP security news, comments and opinions.   

Download the show here (MP3, 17MB) or subscribe to the RSS feed to download the show automatically. 

You may also listen to this podcast right now:

Show Content:

Comments, suggestions and feedback are welcome either as replies to this post  or via e-mail to blueboxpodcast@gmail.com.  Audio comments sent as attached MP3 files are definitely welcome and will be played in future shows.  You may also call the listener comment line at either +1-415-830-5439 or via SIP to ‘bluebox@voipuser.org‘ to leave a comment there. 

Thank you for listening and please do let us know what you think of the show.

FYI – Jonathan is at Mobile World Congress in Barcelona this week…

mobileworldcongress-1.jpgIf any of you reading this are at the Mobile World Congress (formerly “3GSM”) in Barcelona, Spain, this week, Jonathan is there as well. If you are there, please do drop him an email as (schedule permitting) he is always interested to meet up with listeners and others interested in VoIP security.

Technorati Tags:
, , , , ,

Blue Box SE#023: Interview with Bob Bradley of Sonus Networks

Synopsis: Interview with Bob Bradley of Sonus Networks

Welcome to Blue Box: The VoIP Security Podcast Special Edition #23, a 19-minute interview with Bill Bradley, Product Line Manager for Security Solutions at Sonus Networks.  Recorded at Fall VON in Boston at the end of October 2007.

Download the show here (MP3, 9MB) or subscribe to the RSS feed to download the show automatically.

You may also listen to this podcast right now:

Show Content:

sonusnetworks.jpgIn this Special Edition, I sat down with Bob Bradley, Product Line Manager for Security Solutions at Sonus Networks to talk about their products and how they protect VoIP and other traffic. In particular we discussed the Sonus Network Border Switch including how it fits into network installations and how it is different from other similar products on the market.  We also covered some general issues around SIP security and talked about the company in general.

I will candidly admit that I was not very aware of Sonus’ solutions prior to this podcast, but since this time I’ve found their products running in a range of places I had not noticed them before.  I believe you all will find this a useful introduction to an interesting company and useful solutions.

Comments, suggestions and feedback are welcome either as replies to this post  or via e-mail to blueboxpodcast@gmail.com.  Audio comments sent as attached MP3 files are definitely welcome and will be played in future shows.  You may also call the listener comment line at either +1-415-830-5439 or via SIP to ‘bluebox@voipuser.org‘ to leave a comment there.

Thank you for listening and please do let us know what you think of the show.

Blue Box #75: Asterisk vulnerability, SANS paper on VoIP security, SPIT, tons of listener comments and much more…

Synopsis: Blue Box #75: Asterisk vulnerability, SANS paper on VoIP security, SPIT, tons of listener comments and much more…

Welcome to Blue Box: The VoIP Security Podcast #75, a 38-minute podcast  from Dan York and Jonathan Zar covering VoIP security news, comments and opinions.   

Download the show here (MP3, 17MB) or subscribe to the RSS feed to download the show automatically. 

You may also listen to this podcast right now:

Show Content:

Comments, suggestions and feedback are welcome either as replies to this post  or via e-mail to blueboxpodcast@gmail.com.  Audio comments sent as attached MP3 files are definitely welcome and will be played in future shows.  You may also call the listener comment line at either +1-415-830-5439 or via SIP to ‘bluebox@voipuser.org‘ to leave a comment there. 

Thank you for listening and please do let us know what you think of the show.

Blue Box #74: 2008 Crystal Ball Edition, Asterisk and Trixbox vulnerabilities, top 10 lists, VoIP security trends for 2008 and more….

Synopsis: Blue Box #74: 2008 Crystal Ball Edition, Asterisk and Trixbox vulnerabilities, top 10 lists, VoIP security trends for 2008 and more….

Welcome to Blue Box: The VoIP Security Podcast #74, a 44-minute podcast  from Dan York and Jonathan Zar covering VoIP security news, comments and opinions.   

Download the show here (MP3, 20MB) or subscribe to the RSS feed to download the show automatically. 

You may also listen to this podcast right now:

Show Content:

Comments, suggestions and feedback are welcome either as replies to this post  or via e-mail to blueboxpodcast@gmail.com.  Audio comments sent as attached MP3 files are definitely welcome and will be played in future shows.  You may also call the listener comment line at either +1-415-830-5439 or via SIP to ‘bluebox@voipuser.org‘ to leave a comment there. 

Thank you for listening and please do let us know what you think of the show.

Blue Box #73: SIP security issues at IETF 70, Skype security, vulnerabilities in Cisco and Nokia phones, Vietnam’s cyberdissidents, VoIP security news, listener comments and more…

Synopsis: Blue Box #73: SIP security issues at IETF 70, Skype security, vulnerabilities in Cisco and Nokia phones, Vietnam’s cyberdissidents, VoIP security news, listener comments and more…

Welcome to Blue Box: The VoIP Security Podcast #73, a 44-minute podcast  from Dan York and Jonathan Zar covering VoIP security news, comments and opinions.   

Download the show here (MP3, 20MB) or subscribe to the RSS feed to download the show automatically. 

You may also listen to this podcast right now:

NOTE: This show was recorded on December 11, 2007.

Show Content:

Comments, suggestions and feedback are welcome either as replies to this post  or via e-mail to blueboxpodcast@gmail.com.  Audio comments sent as attached MP3 files are definitely welcome and will be played in future shows.  You may also call the listener comment line at either +1-415-830-5439 or via SIP to ‘bluebox@voipuser.org‘ to leave a comment there. 

Thank you for listening and please do let us know what you think of the show.