Blue Box: The VoIP Security Podcast

Synopsis: Google click-to-call, Bluetooth, Skype secuity, VOIPSA Best Practices project, VoIP security news, listener comments and more

Welcome to Blue Box: The VoIP Security Podcast #46, a 49-minute podcast  from Dan York and Jonathan Zar covering VoIP security news, comments and opinions.

Download the show here (MP3, 23MB) or subscribe to the RSS feed to download the show automatically.

You may also listen to this podcast right now:

Show Content:

• 00:20 - Intro to the show, contact information and how to provide comments.  Welcome to all the new listeners - and to all those listeners who have been here for so long!
• 02:09 - Programming notes and discussion of Blue Box Dinner in London on Dec 7th.
• 03:45 - Voice of VOIPSA: Click to Harrass (Dustin Trammell about Google Click-to-call and then my response)
• 12:25 - Voice of VOIPSA: Mobile phone insecurities and snakes on a plane (Shawn Merdinger)
• 14:09 - Voice of VOIPSA: Security meets flexibility  (Martyn Davies)
• 14:32 - Network World: Secure caller ID for VoIP (by Jonathan Rosenberg of IETF fame)
• 15:34 - SearchSMB.com: Secure VoIP in simple steps (From Rodri Davies)  Note that article author has security blog.
• 16:40 - ITwire Australia: Skype bugging your network? Here’s how to squash it
• 17:31 - Ken Camp: Skype on the Thumbdrive? Not When it Violates Company Policy
• 21:39 - Jan in Malaysia: How to log your local Skype  (Jan continues his Skype security explorations)
• 22:28 - Dangerously Irrelevant: Advising, webcams and Skype (about a UMinn prof who runs into uni policy about using Skype)
• 24:30 - SouthBendTribune.com: New bait for ‘phishing’ scams
• 25:21 - ComputerWorld New Zealand: Bank of America rolls out VoIP – with some pain
• 27:14 - ZDNet India: Juniper and NEC announce joined network solutions
• 28:15 -The Register: Computer Misuse Act could ban security tools
• 28:43 -VONaLink ScreenPop – New VoIP Caller ID Software Released
• 29:18 -Irdeto IPTV security solution successfully completes rigorous audit by respected security experts
• 30:21 - Telecoms Korea: VoIP susceptiple to Spam (subscription required)
• 31:08 - Upcoming shows:
  
  • Dec 4-6, Atlanta, GA, VON Enterprise
  • Dec 5, London, UK, Secure Mobile Computing
  • Jan 23-26, 2007, Ft. Lauderdale, FL, Internet Telephony Conference and Expo – East
  • Feb 5-9, 2007, San Francisco, CA, RSA Conference 2007
  • Feb 27-Mar 1, 2007, San Francisco, Emerging Telephony 2007
  • Mar 1-2, 2007, London, EUSecWest
  • Mar 19-21, 2007, San Jose, CA, Spring 2007 VON
  • Mar 23-25, Washington, DC, ShmooCon ‘07
  • Apr 16-20, Vancouver, BC, Canada CanSecWest 2006
• 32:25 - Feature segment - impending launch of VOIPSA Best Practices project page
  • More on the impending launch
• 37:14 - comment (audio) from Jamie Brody (?) from Truphone
• 39:53 - comment (email) from Richard who writes hi2005.wordpress.com and has excellent acronym lists: Resources, Security Acronyms and Telecom Acronyms
• 40:52 - comment (email) from Ross Chason about two-factor identification in phones
• 42:10 - comment (email) from Simon Wood ho points to list of spoken phrases for speech quality at the Open Speech Repository
• 43:46 - comment (email) from Paul Asadoorian about pen-test email list discussion
• 45:04 - comment (email) from Rhodri Davies
• 46:08 - comment (email) about how to protect a network
• 47:30 - Review of the last week's traffic on the VOIPSEC public mailing list
• 48:09 - Wrap-up of the show
  • Reminder that you can subscribe to the show via email as well as RSS
  • Mention of our Frappr map
• 49:14 - End of show

Comments, suggestions and feedback are welcome either as replies to this post  or via e-mail to [email protected].  Audio comments sent as attached MP3 files are definitely welcome and will be played in future shows.  You may also call the listener comment line at either +1-206-350-2583 or via SIP to '[email protected]' to leave a comment there.

Thank you for listening and please do let us know what you think of the show.