Blue Box: The VoIP Security Podcast

Welcome to Blue Box: The VoIP Security Podcast show #3, an 26-minute conversation between Dan York and Jonathan Zar around news and commentary in the world of VoIP security.

Download the show here (MP3, 25MB) or subscribe to the RSS feed to download the show automatically.

Comments, suggestions and feedback are welcome either as replies to this post  or via e-mail to [email protected].  Audio comments sent as attached MP3 files are definitely welcome and will be played in future shows.  You may also call the listener comment line at +1-206-338-6654 to leave a comment there.

Show Content:

• 00:18 - Intro to the show, contact information and how to provide comments.  Note that we are now listed in iTunes, Yahoo Podcasts and PodcastAlley - welcome to all who are tuning in for the first time.
• 01:27 - We need a logo for display in iTunes - anyone interested in designing one for us?
• 01:55 - Transparency - how visible do we need to make our employers so that people understand our backgrounds? (Given that neither of our employers have any direct connection to this show.)
• 03:00 - Comments section
• 03:10 - E-mail comment from Mike Soulier
• 04:06 - Audio comment from Lee Hopkins (fellow correspondent with Dan into the For Immediate Release podcast)
• 05:28 - Entering the News section with mention of the CSO Online podcast covering VoIP security and including David Endler, chair of VoIPSA
• 06:17 - NewsFactor: Is VoIP Ripe for Attack?
• 08:40 - Globe and Mail: The dangers of VoIP
• 09:59 - ZDNet: Poll: SMB's don't trust VoIP Security
• 11:54 - IndyStar.com: VoIP can put a big crimp in home security (VoIP and home alarm systems)
• 14:18 - The rest of the news stories this week seemed to be about the VoIP Security Threat Taxonomy, including several that quoted Jonathan, who chaired the VOIPSA committee creating the taxonomy.  Jonathan spoke about the response to the taxonomy for a bit and encouraged people to check it out and provide even more feedback.
• 15:33 - Discussion about wikis, wiki-spam and Wikipedia
• 17:57 - Should we do interviews, either as part of the show or separate?  Conclusion is yes and request made for feedback, suggestions, etc.  (Please send us suggestions and ideas.)
• 21:15 - Review of the last week's traffic on the VOIPSEC public mailing list, which Jonathan mentioned does now have over 3,500 subscribers.  Major topics this week included SIP B2BUA and Digest Authentication using RADIUS, SDP format for SRTP in SIP,  a post about the skype vulnerabilities,  a mention of someone finding a new way for SIP NAT traversal,  Per Cederqvist (of CVS fame, now at Ingate) looking for people to test interop of SRTP using sdescriptions and several other points.
• 24:11 - Dan asks for feedback - is this VOIPSEC review helpful?
• 24:57 - Another request for an iTunes logo
• 25:22 - Wrapup of the show and information about how to provide comments.

Comments, suggestions and feedback are welcome either as replies to this post  or via e-mail to [email protected].  Audio comments sent as attached MP3 files are definitely welcome and will be played in future shows.  You may also call the listener comment line at +1-206-338-6654 to leave a comment there.

Thank you for listening and please do let us know what you think of the show.