Blue Box: The VoIP Security Podcast

Synopsis: Blue Box #62: CAPTCHA for SPIT, covert channels, SIP Identity, is VoIP safe?, Fiji, Google, VoIP security news and more

Welcome to Blue Box: The VoIP Security Podcast #62, a 41-minute podcast  from Dan York and Jonathan Zar covering VoIP security news, comments and opinions.   

Download the show here (MP3, 19MB) or subscribe to the RSS feed to download the show automatically. 

You may also listen to this podcast right now:

Note: Originally recorded back on July 6th.  There were some, well, "challenges" with the quality of the recording and so post-production took far longer than usual and you will still hear some audio artifacts every once in a while when Jonathan is speaking.

Show Content:

• 00:20 - Intro to the show, contact information and how to provide comments.  Welcome to all the new listeners - and to all those listeners who have been here for so long!
• 01:21 - Programming notes
  
  • Facebook group has grown to 22 members. If you are on Facebook, do check out the group.
  • Special Edition #18 – we hope you enjoyed that and thank Martyn for doing the interviews.  We welcome such contributions.
• 02:34 - Asteridex remote command execution
• 05:41 - Voice of VOIPSA: Now I’ve CAPTCHA’d Your Attention pointing to Hannes Tschofenig’s blog entry about his Internet Draft around using CAPTCHA for SIP to prevent SPIT
• 15:38 - Voice of VOIPSA: ‘Voice over VoIP’ project aims to show use of ‘covert channels’ to tunnel voice inside of voice pointing to VoIP Covert Channel project at the Georgia Institute of Technology.
• 16:30 - Voice of VOIPSA: It’s Just Not Meant To Be Open
• 16:51 - IETF - Dan Wing issues Internet Draft SIP Identity using Media Path and receives feedback and also circulates note about Cisco IPR/patents
• 29:20 - ComputerWeekly.com: VoIP SIP fundamentals
• 25:11 - TMCnet: Caller ID Spoofing Soon to be Outlawed?
• 25:49 - PC Magazine Experts: VOIP Just Another Way to Hack
• 26:38 - eWeek: Experts: Enterprises Must Focus on VoIP Security
• 27:52 - NetworkWorld: Six burning VoIP questions – specifically what really happens when I dial 911?  and Is VoIP safe?
• 30:31 - Islands Business: Fiji Opens VoIP
• 32:06 - YouTube: VoIP Security introduction featuring Peter Cox – we talked about it on show #61 but I am now told he actually works for Borderware
• 32:28 - New podcasts involving two folks involved with the show (Dean Elwood and Martyn Davies): Bending the Needle
• 33:35 - Google acquires GrandCentral (Dan's blog) pointing to GrandCentral announcement and Google blog posting
• 37:16 - Upcoming shows:
  
  • July 19-20, New York, USA, IPTComm2007
  • July 22-27, Chicago, USA IETF 69
  • Aug 20-23, San Francisco, CA, USA VoiceCon SF 2007
  • Sept 10-12, Los Angeles, CA, USA ITEXPO West 2007
  • Oct 29-Nov 1, Boston, USA, Fall 2007 VON
• 38:29 - comments from Martyn about Peter Cox and Takehiro about the Covert Channels and comment (blog) from Adrian P. on Blue Box #51 (show on Feb 22)
• 40:02 - Review of the last week's traffic on the VOIPSEC public mailing list
• 40:32 - Wrap-up of the show 
• 41:20 - End of show 

Comments, suggestions and feedback are welcome either as replies to this post  or via e-mail to [email protected].  Audio comments sent as attached MP3 files are definitely welcome and will be played in future shows.  You may also call the listener comment line at either +1-206-350-2583 or via SIP to '[email protected]' to leave a comment there. 

Thank you for listening and please do let us know what you think of the show.