My Photo

About

Andy In The News

Twitter Updates

    follow me on Twitter

    Categories

    Blogs I Read

    Must Visits

    My Online Status

    Blog powered by TypePad
    Member since 12/2003

    « HP Halo's Video Conferencing Reviewed | Main | Could UK Skype In Numbers Have Been Saved?? »

    November 23, 2007

    When It Comes To VoIP, It Sounds Like Hacking Got Easy

    A report that's making the rounds out of the UK say that an insecurity expert has hacked SIP based VoIP calls.

    If true this will give IT managers fits, and if not addressed by the SIP standards folks at the IETF very soon, will have a chilling affect on the growth of IP based telephony world, first and foremost in the enterprise space that Microsoft is chasing with its SIP based Live Communications and Unified Communications efforts.

    Given how much news gets generated around bugs and exploits in MSFT Windows OS' this will give the market audiences a field day with their voice products.

    It also means that networks like Vonage, that don't currently have a very aggressive security operations compared to AT&T's CallVantage group, and other small operators (i.e. Broadvoice, Earthlink, VoicePulse, Lingo, SipPhone, etc.) may have to beef up their security and begin to look seriously at this issue.

    Nothing would be worse than having the wrong person here the wrong thing....

    Can you spell VPN....and would that even help?

    UPDATE--> Mr. Blog has a very informed perspective..and I admit, I'm not an expert on hacking or security. I just know its something we should know about.

    November 23, 2007 |

    Digg This | Save to del.icio.us

    Comments

    Come on, Andy, I can't believe you were fooled by this. Tools like this have been available for ages. I remember using one of them to record some phone calls I needed to record a few years ago because it was easier than sticking a suction cup recorder on the end of my phone handset. They are also used commonly in the call center industry and for debugging SIP work.

    This is just a ploy by the security consultant to drum up some attention, I suspect -- unless he's a poor enough security consultant to not have known about the existing recorders.

    Posted by: Brad Templeton | November 23, 2007 at 02:24 PM

    Sean,

    Would love to hear how...and I'll raise you one better. Give me a document or a JPEG slide and I'll post it here !!

    Please email via the link on this page.

    Andy

    Posted by: Andy Abramson | November 23, 2007 at 01:29 PM

    I'm the group program manager for the Office Communications Server product at Microsoft and would be happy to discuss how we achieve secure voice communications *without* using a VPN. The technology is available today though adoption may not be as broad as you would like.

    Posted by: Sean Olson | November 23, 2007 at 11:50 AM

    Verify your Comment

    Previewing your Comment

    Posted by:  | 

    This is only a preview. Your comment has not yet been posted.

    Working...
    Your comment could not be posted. Error type:
    Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

    The letters and numbers you entered did not match the image. Please try again.

    As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

    Having trouble reading this image? View an alternate.

    Working...

    Post a comment

    Comments are moderated, and will not appear until the author has approved them.

    Add me to your TypePad People list

    Powered by Rollyo

    Recent Posts

    Recent Comments

    Subscribe to this blog's feed

    July 2009

    Sun Mon Tue Wed Thu Fri Sat
          1 2 3 4
    5 6 7 8 9 10 11
    12 13 14 15 16 17 18
    19 20 21 22 23 24 25
    26 27 28 29 30 31  

    Archives

    More...

    Categories

    Find the best blogs at Blogs.com.