VoIP Security

VoIP Security gets more attention as Phil Zimmerman builds prototype of PGP VoIP. Wired features an interview with Zimmerman on PGP VoIP. Excerpt... Like PGP and PGPfone, which he created as human rights tools for people around the world to communicate without fear of government eavesdropping, Zimmermann hopes his new program will restore some of the civil liberties that have been lost in recent years and help businesses shield themselves against corporate espionage. It should be interesting to see what the VoIPSA (VoIP Security Alliance) and the others involved at the IETF have to say about Zimmerman's proposal. VoIP Security in a nutshell: Eavesdropping - Listening in / recording calls without the participant's consent. I think it would probably be easier to for the average hacker to jack into the PSTN network as the tools are already abundant for that. Denial-of-service (DoS) attacks - Usually a packet storm aimed at a critical central server in the VoIP network of choice Registration or Identity Theft - SIP traditionally requires the registration of an IP address with their SIP ID or URI. Today this URI can be spoofed, that needs to get fixed and the IETF gurus are working on it. SPIT (Spam over Internet Telephony) - Spammers can create a spam engine that blasts a great number of calls per second. SPIM - (Spam over Instant Messaging) - Bulk and potentially malicious spam sent to an IM user's ID. Since many of the new applications are IM/VoIP apps we need to consider this. Caller ID Phishing - Spammers can recreate the caller ID being sent to any one they chose, making it harder to NOT pick up the phone. One thing is for sure, we need to work on this. Spammers are smart, it won't take them long to figure out how to make great sums of money sending junk calls to your phone.

The opinions and views expressed in comments, blogs, etc. are those of the authors alone and not necessarily those of TMC, TMCnet, or its editors. TMCnet reserves the right to edit, delete, or otherwise make changes to the content that appears on these pages at its own discretion and as it deems necessary.
July 26, 2005 12:45 PM | 0 Comments
Post a comment
    View VoIP Security news in TechnoratiTechnorati bookmark VoIP Security in del.icio.usDel.icio.us Slashdot.comSlashdot Submit VoIP Security to Digg.comDigg Twitter VoIP Securitytwitter

    Listed below are links to sites that reference VoIP Security:

    Leave a comment

    Search

    About this Entry

    This page contains a single entry by published on July 26, 2005 12:45 PM.

    P2P VoIP using SIP and Open Standards was the previous entry in this blog.

    E911 for VoIP - Political BS is the next entry in this blog.

    Find recent content on the main index or look in the archives to find all content.

    Around TMCnet Blogs

  • Byrd's Eye View:
    One out of 6831
  • Communications and Technology Blog - Tehrani.com:
    Steve Wozniak to Keynote ITEXPO Las Vegas
  • First Coffee:
    Eliminating Outsourced Call Centers, Barging in IVR Menus, Best
  • Industry Insight:
    Attend the WebRTC Webinar and Learn More about the
  • Monetizing IP Communications:
    White Label Cool Mobile Voice Video IM App Vippie
  • On Rad's Radar?:
    Pieces of the Partner Puzzle, Part 1
  • Patriot Talk:
    Obama Refuses to use the word "Taxes" - Calls
  • Voice of IP:
    Myths and legends - cloud myths #1
  • VoIP & Gadgets Blog:
    WebRTC Screen Sharing Demo!
  • 4G: For Generations to Come:
    Spontaneous Combustion:The Realities Not the Myth of LIthium Batteries
  • Byrd's Eye View:
    Unified Policy Effort
  • Communications and Technology Blog - Tehrani.com:
    WebRTC Advisory Board Announced
  • First Coffee:
    Aspect and Nexidia Partner, Acme Packet and HP ACI
  • Gadget Inspector:
    Verizon Offering R2-D2 DROID 2!!
  • Going WiMAX:
    No Man is an Island, but Isle of Man
  • Industry Insight:
    2G Still Has Legs
  • Monetizing IP Communications:
    GoAnimate your Social Media Message, I Did for ITEXPO
  • Next Generation Communications:
    EARTH Consortium Shows the Way to 70 Percent Energy
  • On Rad's Radar?:
    Corporate Culture is Under-Rated
  • Patriot Talk:
    Democrats Trading Social Justice for Jobs
  • The Readerboard:
    The New Customer Self-Service: Ourselves
  • VoIP & Gadgets Blog:
    Windows 8 Sync Settings - Security Hole

    • Latest Whitepapers

  • Alcatel-Lucent The A.R.T. of Policy Management
  • When Machines Talk to Machines: M2M deployment can make your business systems smarter
  • Alcatel-Lucent Mobilize the Data Plan: The Alcatel-Lucent Smart Plan Solution
  • Selecting a Wholesale DID Origination Provider Part 3: Support, Number Porting, and Billing
  • Selecting a Wholesale DID Origination Provider Part 2: Monthly Recurring Cost and Non-Recurring Costs
  • Selecting a Wholesale DID Origination Provider Part 1: Footprint and Features
  • How to Sell VoIP, Part 2: Choosing what VoIP Services to Sell
  • How to Sell Wholesale VoIP Services, Part 1: Choosing your Target Market
  • Capture the Customer Experience with Web-based Solutions to Record, Search, and Analyze Conversations Between Customers and Agents
  • Beyond Call Recording and Quality Assurance: How Businesses are Using Speech Analytics to Close Critical Knowledge Gaps

    • TMCnet Videos

  • M2M Life Cycle; Integrating from Cradle to Grave
  • Bring Business Intelligence to M2M decisions
  • Delivering Useful Management Tools.
  • MashingUp M2M Solutions.
  • Bottling Up the Problems of Fleet Management.
  • Getting a Healthy Attitude toward M2M.
  • The Point of M2M is to Add Value.
  • The Cloud and the Social Machine
  • Cold Chain Management in Tropical Climates
  • OpenText offers details on its enhanced partner program