Roger's Security Blog

As Chief Security Advisor of Microsoft EMEA - lets share interesting security information

Security Risks of VoIP

Security Risks of VoIP

  • Comments 1
  • Likes

Internet Telephony Has Security Problems: This was an interesting read this morning for different reasons:

  • First of all, it is not surprising (even if we would not have known the problems it would have to be expected).
  • I liked the statement: The goal is to raise awareness about flaws in these systems – and create a market for VoIPshield's product… - This is the scary part: It is not about the security of the environment or the ecosystem but about sales.
  • But then: Dalmazzi says he tried unsuccessfully to get the attention of the VoIP makers, including shoving a business card with a note describing the vulnerabilities he'd discovered into one executive's hand at a conference. One company told us that it wants to learn more about the vulnerabilities but has had difficulty working with VoIPshield. In other words, it isn't a clean process. It seems that there are still too many companies not being able to handle this kind of information (if it is really true). I guess today, if a Microsoft person is made aware of a vulnerability (and for sure an Exec), even if they do not know the process exactly, they would definitely know whom to ask and from there on it is a defined process.
  • When I worked in Switzerland we created a CSO Roundtable called Swiss Security Exchange, where we discussed current challenges with CSO. Two years ago, the core theme there was – you guess it – VoIP! If you interested in the results of the discussion, here you find the summary.

Roger

Comments
Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment