VoIP Security

VoIP Security gets more attention as Phil Zimmerman builds prototype of PGP VoIP. Wired features an interview with Zimmerman on PGP VoIP. Excerpt... Like PGP and PGPfone, which he created as human rights tools for people around the world to communicate without fear of government eavesdropping, Zimmermann hopes his new program will restore some of the civil liberties that have been lost in recent years and help businesses shield themselves against corporate espionage. It should be interesting to see what the VoIPSA (VoIP Security Alliance) and the others involved at the IETF have to say about Zimmerman's proposal. VoIP Security in a nutshell: Eavesdropping - Listening in / recording calls without the participant's consent. I think it would probably be easier to for the average hacker to jack into the PSTN network as the tools are already abundant for that. Denial-of-service (DoS) attacks - Usually a packet storm aimed at a critical central server in the VoIP network of choice Registration or Identity Theft - SIP traditionally requires the registration of an IP address with their SIP ID or URI. Today this URI can be spoofed, that needs to get fixed and the IETF gurus are working on it. SPIT (Spam over Internet Telephony) - Spammers can create a spam engine that blasts a great number of calls per second. SPIM - (Spam over Instant Messaging) - Bulk and potentially malicious spam sent to an IM user's ID. Since many of the new applications are IM/VoIP apps we need to consider this. Caller ID Phishing - Spammers can recreate the caller ID being sent to any one they chose, making it harder to NOT pick up the phone. One thing is for sure, we need to work on this. Spammers are smart, it won't take them long to figure out how to make great sums of money sending junk calls to your phone.

The opinions and views expressed in comments, blogs, etc. are those of the authors alone and not necessarily those of TMC, TMCnet, or its editors. TMCnet reserves the right to edit, delete, or otherwise make changes to the content that appears on these pages at its own discretion and as it deems necessary.
July 26, 2005 12:45 PM | 0 Comments
Post a comment
    View VoIP Security news in TechnoratiTechnorati bookmark VoIP Security in del.icio.usDel.icio.us Slashdot.comSlashdot Submit VoIP Security to Digg.comDigg Twitter VoIP Securitytwitter

    Listed below are links to sites that reference VoIP Security:

    Leave a comment

    Search

    About this Entry

    This page contains a single entry by published on July 26, 2005 12:45 PM.

    P2P VoIP using SIP and Open Standards was the previous entry in this blog.

    E911 for VoIP - Political BS is the next entry in this blog.

    Find recent content on the main index or look in the archives to find all content.

    Around TMCnet Blogs

  • Communications and Technology Blog - Tehrani.com:
    Slacker on Sonos Review
  • First Coffee:
    Win Back Customers, Contact Center Budgeting Help, Marketing to
  • Industry Insight:
    The Future Premises Network, Part I
  • Monetizing IP Communications:
    Stoke's Dan McBride on LTE Security
  • On Rad's Radar?:
    Cell Phones Offer No Privacy
  • Patriot Talk:
    Obama Refuses to use the word "Taxes" - Calls
  • SIP and Serve by a Foodie:
    $100 Billion and Counting
  • Voice of IP:
    Chapter 2: Introduction to Cloud Telephony - What is
  • VoIP & Gadgets Blog:
    TMC Heads to Boston for Video Interviews of Industry
  • 4G: For Generations to Come:
    Interview with Carol Davids of IIT and the RTC
  • Communications and Technology Blog - Tehrani.com:
    Sonos Now Works with Slacker
  • First Coffee:
    Cloud Contact Center Platforms, Kindle Customers Penguinless, Voice Management
  • Gadget Inspector:
    Verizon Offering R2-D2 DROID 2!!
  • Going WiMAX:
    The Power at the Edge
  • Industry Insight:
    My iPad, One Year Later
  • Monetizing IP Communications:
    Avvasi CEO on Quality Experience High Correlation to Revenue
  • Next Generation Communications:
    Customer Experience Transformation Ensures Satisfaction and Profitability
  • On Rad's Radar?:
    A Bad Day for AT&T
  • Patriot Talk:
    Democrats Trading Social Justice for Jobs
  • SIP and Serve by a Foodie:
    Sweet News
  • The Readerboard:
    The New Customer Self-Service: Ourselves
  • VoIP & Gadgets Blog:
    iMainGo XP Portable Stereo Speaker & Case for iPad

    • Latest Whitepapers

  • Top 10 Ways To Boost Contact Center Agent Performance
  • Most organizations have a customer care infrastructure that evolved within channel boundaries.
  • System Integrator NACR Explores SIP Communications Benefits
  • TTEthernet in Motion!
  • Strategies for Improving Schedule Adherence - Monet Software
  • Revolutionizing QA with Speech Analytics
  • Revolutionizing QA with Speech Analytics
  • The Advantages of Cloud-Based Contact center Software Solutions
  • The Top Three Most Violated NERC-CIP Standards
  • o UltiSat Keeps its Satellite Connections Reliable and Efficient with Scrutinizer NetFlow and sFlow Analyzer

    • TMCnet Videos

  • Interview with codeFutures
  • Interview with NaviSite
  • Interview with Internap
  • Interview with Talend
  • Interview with CloudPassage
  • Interview with Interxion
  • Interview with Cloud Keystone
  • Interview with SolidFire
  • Interview with NextIO
  • Interview with Nimbula