Category: Blue Box
-
/
Blue Box Podcasts #83 and #84 now online – VoIP, SIP, Skype security…
Continue Reading: Blue Box Podcasts #83 and #84 now online – VoIP, SIP, Skype security…Over on Blue Box, I’ve now uploaded two recent episodes:- Blue Box #83: SIP and Asterisk vulnerabilities, voice biometrics, P2PSIP, Aircell blocking Skype, VoIP security news and more…
- Blue Box #84: New Cisco, Avaya, Nortel VoIP security vulnerabilities from VoIPShield, Skype in China, UCSniff and other new tools, news and more
With that I am almost caught up with our main shows… and I still have a bunch of Special Editions to finish producing and post. I’m hoping to finish post-production on #85 tonight so that I can post it tomorrow. We’ll see…
Technorati Tags: bluebox, blue box, voip, voip security, security, voice, skype, sip, dan york, jonathan zar, voipsa
- Blue Box #83: SIP and Asterisk vulnerabilities, voice biometrics, P2PSIP, Aircell blocking Skype, VoIP security news and more…
-
/
My “Black Bag Security Review” hits IT Conversations’ Top 10 Downloads for March 2008…
Continue Reading: My “Black Bag Security Review” hits IT Conversations’ Top 10 Downloads for March 2008…I was rather surprised but pleased to see that my “Black Back Security Review” was on the list of the “Top Ten IT Conversations Shows for March 2008“. My “surprise” was mostly because that particular talk is over a year old and was given at the ETel 2007 show back at the end of February 2007.To be honest, I was not actually aware (or didn’t remember, anyway) that the IT Conversations Network had distributed my talk but I’m guessing they did so with a number of the ETel sessions.
Unfortunately, they don’t include the slides, which I put up in the Blue Box posting and also just generally made available on SlideShare. Without the slides, I suppose it works perfectly fine.. I’ve just never listened to it that way. It was still one of the most fun presentations I’ve ever given. Also took a ton of time to prepare. 243 slides in 14 minutes… 🙂 (I did write up some notes about the presentation and the style, etc.)
Anyway, it’s cool to see people discovering that session again. Nice surprise!
Technorati Tags: voip, voip security, dan york, etel
-
/
Great overview of SIP security now posted on Blue Box site…
Continue Reading: Great overview of SIP security now posted on Blue Box site…Over on Blue Box, I uploaded on Friday what I consider one of the best overviews about SIP security that we’ve done: Blue Box Special Edition #20. I recorded the interview out at VoiceCon San Francisco in August and it’s with Cullen Jennings who is a Distinguished Engineer at Cisco Systems, but more relevant to SIP is one of the Area Directors for the Real-time Applications and Infrastructure (RAI) area within the IETF. Basically all of the proposals for RFCs relating to SIP roll up under the RAI area. Cullen’s also quite interested in and knowledgeable about security and in fact several of the security-related RFCs related to SIP include Cullen as one of the authors (as do a number of the current proposed Internet-Drafts).
So he knows his stuff… and being a frequent presenter, he’s also good at distilling complex things down into more simple descriptions, so it was an enjoyable interview that I think you will also find quite educational. If you’re working with SIP, or considering it, I’d highly recommend you listen to the show.
Technorati tags: SIP, SIP security, VoIP, VoIP security, security, cullen jennings, dan york -
/
Blue Box Podcast #56 posted, beginning a series of VoIP security tutorials
Continue Reading: Blue Box Podcast #56 posted, beginning a series of VoIP security tutorialsI posted Blue Box Podcast #56 tonight and with it Jonathan and I are beginning a series of mini-tutorials on subjects related to VoIP security. In this show, we talked about voice encryption. In the next show (already recorded) we will talk about signaling encryption. The idea is to cover some basic ground so that people not familiar with the area can have a basic understanding.
Just glad to get that one up – tomorrow I’m going to work on #57 to see if I can get it online for Wednesday. We’re trying hard to get back on a weekly schedule. (#56 was intended to go up last week.)
Technorati tags: bluebox, voip security, voipsa, blue box, voip, security -
/
And so ETel begins…
Continue Reading: And so ETel begins…Today starts the first day of ETel, a.k.a. O’Reilly’s Emerging Telephony conference. ETel is not one of the giant conferences… unlike one of the VONs, Internet Telephony or VoiceCon there will probably only be 500-1000 people here. But that is part of the charm, really (and this is only the second year)… it’s a place for the VoIP alpha-geeks to network, promote their visions, combine their visions, socialize and otherwise just learn a heck of a lot from each other. The schedule is packed with great info… the speaker roster is a veritable “Who’s Who” of people playing in the “Voice 2.0” or “Telephony 2.0” (or <pick your cliche term>) space. All in all, it’s one conference I’ve been very much looking forward to. Just in town last night, I’ve already run into Alec Saunders, Brad Templeton, Bruce Stewart, Surj Patel… had dinner with Blue Box podcast co-host Jonathan Zar and security researcher Shawn Merdinger… I know Ken Camp is around, Andy Abramson, Om Malik and so many others… it should be a great and fun conference.
For my part, I am doing two sessions. First, today at 1:30pm Pacific, Jonathan, Shawn and I will be doing a 90-minute workshop…
-
/
Blue Box Podcast #50 finally hits the feed…
Continue Reading: Blue Box Podcast #50 finally hits the feed…Fans of Blue Box have to be aware that I’m a wee bit behind in posting episodes… so I was delighted to finally get Blue Box #50 uploaded yesterday. I still need to finish putting the show notes up there, but at least the show is out so that people can listen to it. Given that we recorded it January 17th, it has already aged a bit. Tonight or tomorrow I’m hoping to get #51 up… and then #52 has already been recorded as well… I’d like to get caught up before going out to ETel where I’m undoubtedly going to get more recordings for special editions.
Technorati tags: voip security, voip, security, bluebox, voipsa -
/
Special "Still Secure" podcast episode offers 2006 review and 2007 predictions
Continue Reading: Special "Still Secure" podcast episode offers 2006 review and 2007 predictionsRight before the holidays I had sent in to Alan Shimel a contribution for a special episode 26 of his “Still Secure After All These Years” podcast. In this episode, he asked a number of us in security field to give their thoughts on major issues of 2006 and predictions for 2007. Mine were predictably about VoIP…. but many others ran across the whole field of information security.
Kudos to Alan for pulling it all together and producing the episode. Makes for interesting listening.
Technorati tags: voip security, security, podcasts -
/
Blue Box Podcast #48 out with our predictions for 2007, VoIP security news, etc. – and the frustrating audio issues in post-production
Continue Reading: Blue Box Podcast #48 out with our predictions for 2007, VoIP security news, etc. – and the frustrating audio issues in post-productionEarlier this week I uploaded Blue Box Podcast #48, where Jonathan and I go beyond just talking about the news to also review the “top VoIP security news stories of 2006” and also get into our predictions for 2007. My prediction #1 will be fairly obvious for anyone who has listened to the show for a while. We also cover the typical range of VoIP security stories, talk about OpenID for caller authentication and many more things.
This was a bit frustrating of a show to post-produce. Post-production is always a somewhat lengthy process, anyway, because I want the enhanced audio that you get from a wideband codec, which means that we use Skype. However, Skype creates its own challenges with voice that will simply fade away or get garbled. It’s fairly routine that we have to disconnect and reconnect a time or two within the space of the hour in which we are recording the show. (That’s actually apparent in this show where Jonathan’s voice is at a lower level and then suddenly is much louder. After the reconnect, he wound up with more volume.) If I could get the audio quality in a softphone without the fade outs,…
-
/
Blue Box Podcast #47 is now live… VoIP security hype, governments blocking Skype, SANS and VoIP training, more…
Continue Reading: Blue Box Podcast #47 is now live… VoIP security hype, governments blocking Skype, SANS and VoIP training, more…Blue Box Podcast #47 is now available for download. In this show, Jonathan and I talk about some of the recent articles and reports hyping VoIP security, recent comments from SANS about the need for better VoIP security training, moves by the Indian government to block Skype and other VoIP services and much, much more. Tons of listener comments in this show… probably the most we’ve ever had. See the show notes for all the links and info.
Technorati Tags: skype, voipsecurity, voip, voip security, voipsa
-
/
Ken Camp: “I’ve been Blueboxed”
Continue Reading: Ken Camp: “I’ve been Blueboxed”(Originally posted at http://dyork.livejournal.com/257414.html)
Finally getting caught up on content recorded for Blue Box, I finished up on Monday night the interview I did with Ken Camp out at Internet Telephony in San Diego and posted the interview today. Ken responded with his post: “I’ve been Blueboxed“, which gave me a laugh because I don’t think I’ve ever seen the show name used as a verb before!
Technorati Tags: blue box, bluebox, security, ken camp, voip, voip security, voipsa, voipsecurity