Category: Security
-
/
Brief interview in 101st Telecom Junkies podcast episode to update VoIP Fraud/Hacker case
Continue Reading: Brief interview in 101st Telecom Junkies podcast episode to update VoIP Fraud/Hacker caseEarlier this week I had a fun moment joining a cast of characters to help the Telecom Junkies podcast celebrate crossing over 100 episodes. In the 101st episode, now available for listening, host Jessica Gdowski invited 7 of her previous guests back to give brief updates. So I joined Martha Buyer, Mark Fletcher, Hank Levine, John Lyon, Dave Spofford, and Allan Sulkin for the ~20 minute show.In my case, I’ve been a guest on the show three times previously, most notably in August 2007 with “Interview with a VoIP Hacker” where we interviewed Robert Moore shortly before he was heading to prison.
Moore was part of the VoIP fraud case masterminded by Edwin Pena and discussed on another Telecom Junkies episode back in July 2006. I was also on another Junkies episode in November 2007 about VLAN Hopping.
In this 101st episode recorded this week I gave a brief update on the Pena/Moore case (Pena recently pled guilty) and then talked about VoIP and Unified Communication security issues. It was literally just a few minutes, but I was glad to join briefly and help Telecom Junkies celebrate. 100 podcast episodes is indeed a milestone to celebrate! Congrats!…
-
/
Using voice for security and biometrics – all out in the Voxeo cloud
Continue Reading: Using voice for security and biometrics – all out in the Voxeo cloudWhy shouldn’t we be able to use our “voice” as a way to securely authenticate into systems? After all, it’s one of the few “biometrics” that are unique to each of us… along with fingerprints, retina scans, etc. What about accuracy and “replay” attacks? After all, some of us remember “My voice is my password” from back in the movie Sneakers…“Aren’t voice biometrics hard to implement?” … “Are they really secure?”
Today, over on Voxeo’s blogs, we announced a new voice biometrics initiative with four partners designed to answer these questions and show developers exactly how easy it is to add voice biometrics to voice applications. (also called “voice verification” or “voice authentication”, although those are both subsets of the larger “voice biometrics”)
The idea is simple. Build a VoiceXML application in Voxeo’s hosted cloud and then follow the instructions on the “How To” docs linked off of www.voxeo.com/biometrics to add voice biometrics to your application. You can use an existing VoiceXML application or you can create a new one. Code samples are available. (and it’s free to create an account if you don’t already have one.)
The beauty of it is that all of the services are out…
-
/
Speaking at ITEXPO / Cloud Communications Summit Jan 20-22 in Miami…
Continue Reading: Speaking at ITEXPO / Cloud Communications Summit Jan 20-22 in Miami…On Monday I’m heading down to Voxeo’s corporate headquarters in Orlando, FL, but the week after that I’ll be heading down to ITEXPO in Miami Beach, FL, where several of us from Voxeo will be speakingIronically, I won’t be speaking actually at the formal “ITEXPO”, but rather at the Ingate SIP Trunking Seminars and then at a new “Cloud Communications Summit” coordinated by Thomas Howe. Somehow my sessions wound up back-to-back… I’m just hoping the rooms aren’t too far apart!
Voxeo will also have a couple of exciting announcements, so it should be a great event. Here’s my speaking schedule:
Wednesday, January 20, 2010
11:30-12:00, Ingate SIP Trunking Seminars, Dan York
“The Enterprise Edge and Security”
Representing the VoIP Security Alliance (VOIPSA), Dan York will give an overview of security concerns related to Unified Communications and VoIP with a focus on SIP trunking.
12:00-1:30pm, The Cloud Communications Summit, Dan York
“Cloud Telephony for the Enterprise”
This session discusses tradeoffs in deploying communications applications behind the firewall, with a hosted partner or through elastic mechanisms such as Amazon’s EC2.
Other speakers planned for this session are Troy Davis, CEO of CloudVox, and Evan Cooke, Co-Founder and CTO of Twilio. Thomas…
-
/
I’ll be out at ITEXPO this week in L.A.
Continue Reading: I’ll be out at ITEXPO this week in L.A.If any of you are heading out to ITEXPO tomorrow through Thursday in Los Angeles, I’ll be there on Wednesday. As I note on a Voxeo events page, I’ll be speaking twice, pretty much back to back:9:30 – 10:15am, Exploring Applications in the Cloud
11:00 – 11:45am, SIP Trunking and Security
The first is a panel discussion that should be quite interesting. The second is another version of the VOIP / SIP Security talk that I’ve been giving at Ingate’s SIP Trunking Seminars for the past few years (and that always seems to be popular). More details and session abstracts on the events page I set up.
I’m looking forward to catching up with many friends at the show, including Andy Abramson, who I haven’t seen for a while.
If you will be out there, please do say hello.
If you found this post interesting or useful, please consider either subscribing to the RSS feed or following me on Twitter or identi.ca.
-
/
Heading down to ITEXPO in Miami on Feb 2-4…
Continue Reading: Heading down to ITEXPO in Miami on Feb 2-4…Will you be down in Miami at ITEXPO February 2-4? If so, please feel free to drop me a note and perhaps we can connect somewhere there.I’ll be arriving Monday afternoon and then on Tuesday, February 3rd, I’ll be donning my VOIPSA VoIP Security hat to participate in a SIP Trunking Workshop sponsored by Ingate Systems on “SIP Trunking And Security“. These workshops are always fun to do and as they are free to anyone attending ITEXPO (even just with an exhibit pass), they are usually well-attended. I’ll be bringing my recording gear, too, and the talk will eventually go out in my Blue Box Podcast feed so you will be able to hear it later.
Speaking of recording… I’ll have my video gear, too, and so if you have some new product or service in the “emerging communications” space that you think I might be interested in recording for my “Emerging Tech Talk” video podcast… well… pitch me. 🙂 I know I’ll be recording a number of videos down there and I would certainly consider doing some more.
Wednesday evening I’ll be driving back to Orlando and in Voxeo’s office on Thursday and Friday so if you’re…
-
/
Is the new “.tel” domain more than just a pretty face on top of DNS?
Continue Reading: Is the new “.tel” domain more than just a pretty face on top of DNS?Is the new “.tel” domain launching today more than just a pretty web interface to DNS? Is it something really unique? Is it a new service that couldn’t be easily replicated elsewhere?In case you haven’t been following the subject, a company called Telnic has launched a new top-level DNS domain “.tel” today. Today, December 3rd, is the launch of the “Sunrise” period where companies can (for a high price) obtain the “.tel” domain associated with their trademark.
The point of “.tel”, though, is to not just be “yet-another-top-level-domain” but rather to be a global directory of information – with users/companies having control of their own information.
With the first part of the launch happening today there has been predictably been a good bit of coverage in the blogosphere. Danielle Belopotosky had a great piece up on the NY Times Bits blog, Techmeme has a flow of links to stories and I am sure more will be appearing.
I would, though, suggest people wanting to understand the goals of the service go back and listen to our Squawk Box conversation on September 9th with Telnic’s Justin Hayward (www.justin.tel). The part about .tel starts at about the 17:50 minute…
-
/
“Discover Best Practices for Secure Unified Communications” – a webinar I’ll be giving tomorrow
Continue Reading: “Discover Best Practices for Secure Unified Communications” – a webinar I’ll be giving tomorrowCross-posted from Voice of VoIPSA:What are you doing tomorrow, Tuesday, October 28, 2008, at 1pm US Eastern time? If you are around, you are welcome to join a free webinar I’ll be giving on “Best Practices for Secure Unified Communications“.
From time-to-time, you’ll notice that those of us working with VOIPSA will take part in seminars/webinars offered by members of VOIPSA and we definitely enjoy doing so. For instance, as readers of the blog know, I’ve been speaking at Ingate’s SIP Trunking seminars for quite some time now. We’re generally open to speaking at anyone’s event or webinar – as long as they understand that there is no endorsement of the company/vendors’s products/services and that we are there to provide an industry-neutral point-of-view.
So tomorrow at 1pm US Eastern I’ll be speaking as part of Mitel’s “Discovery Series” where they invite in guest speakers from the industry. You can join the webinar for free at Mitel’s site. They asked me to speak about the threats/risks to voice over IP and unified communications and talk about best practices for protecting them. Here’s the abstract:
Discover Best Practices for Secure Unified Communications
Presented by: Dan York, Voice Over IP Security Alliance…
-
/
Blue Box Podcasts #83 and #84 now online – VoIP, SIP, Skype security…
Continue Reading: Blue Box Podcasts #83 and #84 now online – VoIP, SIP, Skype security…Over on Blue Box, I’ve now uploaded two recent episodes:- Blue Box #83: SIP and Asterisk vulnerabilities, voice biometrics, P2PSIP, Aircell blocking Skype, VoIP security news and more…
- Blue Box #84: New Cisco, Avaya, Nortel VoIP security vulnerabilities from VoIPShield, Skype in China, UCSniff and other new tools, news and more
With that I am almost caught up with our main shows… and I still have a bunch of Special Editions to finish producing and post. I’m hoping to finish post-production on #85 tonight so that I can post it tomorrow. We’ll see…
Technorati Tags: bluebox, blue box, voip, voip security, security, voice, skype, sip, dan york, jonathan zar, voipsa
- Blue Box #83: SIP and Asterisk vulnerabilities, voice biometrics, P2PSIP, Aircell blocking Skype, VoIP security news and more…
-
/
Slides from my ITEXPO security talk – SIP Trunking and Security in an Enterprise Network
Continue Reading: Slides from my ITEXPO security talk – SIP Trunking and Security in an Enterprise NetworkEarlier this month out at ITEXPO in Los Angeles, I participated in the Ingate SIP Trunking seminars as I have been doing for the last year or so. My talk was “SIP Trunking and Security in an Enterprise Network“. The slides are available for viewing or download from my SlideShare account and I’ll also embed them here in this post.I did record the presentation in both audio and video and hope to be making that available as a Blue Box podcast some time soon. I’ll then sync the slides to the audio. Meanwhile… enjoy the slides! SIP Trunking & Security in an Enterprise NetworkView SlideShare presentation or Upload your own. (tags: telephony danyork)
Technorati Tags: voip, voip security, sip, sip security, voice, security, dan york, itexpo, commdev, voipsa
-
/
Heading out to Los Angeles this week for Communications Developer Conf / ITEXPO…
Continue Reading: Heading out to Los Angeles this week for Communications Developer Conf / ITEXPO…As I note over in my Voxeo blog post, I’ll be out at the Communications Developer Conference (co-located with ITEXPO) this week in Los Angeles. I will be speaking twice. First on Wednesday morning I’ll be talking about SIP Trunking and security as part of the Ingate SIP Trunking workshops from 10:15-11:15am. Next, on Thursday, I’ll be speaking about “Developing Voice Applications in the Cloud”, a favorite topic of mine these days.Voxeo will also have a booth and I expect to be there. I’m also doing some video interviews and other media work (actually on both sides of the camera). I’m looking forward to catching up with a good number of folks out at the show.
If you read this blog and are out there at either the Communications Developer Conference or ITEXPO, please do come by and say hello. I posted the schedule of talks over on Voxeo’s blog site. You should be able to find out more about where precisely I am through either twitter.com/danyork or twitter.com/voxeo.
Technorati Tags: conferences, voip, itexpo, communicationsdeveloperconference, los angeles, dan york, voxeo, danyork, cloudcomputing, sip, sip security,