Category: VoIP Security
-
/
Brief interview in 101st Telecom Junkies podcast episode to update VoIP Fraud/Hacker case
Continue Reading: Brief interview in 101st Telecom Junkies podcast episode to update VoIP Fraud/Hacker caseEarlier this week I had a fun moment joining a cast of characters to help the Telecom Junkies podcast celebrate crossing over 100 episodes. In the 101st episode, now available for listening, host Jessica Gdowski invited 7 of her previous guests back to give brief updates. So I joined Martha Buyer, Mark Fletcher, Hank Levine, John Lyon, Dave Spofford, and Allan Sulkin for the ~20 minute show.In my case, I’ve been a guest on the show three times previously, most notably in August 2007 with “Interview with a VoIP Hacker” where we interviewed Robert Moore shortly before he was heading to prison.
Moore was part of the VoIP fraud case masterminded by Edwin Pena and discussed on another Telecom Junkies episode back in July 2006. I was also on another Junkies episode in November 2007 about VLAN Hopping.
In this 101st episode recorded this week I gave a brief update on the Pena/Moore case (Pena recently pled guilty) and then talked about VoIP and Unified Communication security issues. It was literally just a few minutes, but I was glad to join briefly and help Telecom Junkies celebrate. 100 podcast episodes is indeed a milestone to celebrate! Congrats!…
-
/
I’ll be out at ITEXPO this week in L.A.
Continue Reading: I’ll be out at ITEXPO this week in L.A.If any of you are heading out to ITEXPO tomorrow through Thursday in Los Angeles, I’ll be there on Wednesday. As I note on a Voxeo events page, I’ll be speaking twice, pretty much back to back:9:30 – 10:15am, Exploring Applications in the Cloud
11:00 – 11:45am, SIP Trunking and Security
The first is a panel discussion that should be quite interesting. The second is another version of the VOIP / SIP Security talk that I’ve been giving at Ingate’s SIP Trunking Seminars for the past few years (and that always seems to be popular). More details and session abstracts on the events page I set up.
I’m looking forward to catching up with many friends at the show, including Andy Abramson, who I haven’t seen for a while.
If you will be out there, please do say hello.
If you found this post interesting or useful, please consider either subscribing to the RSS feed or following me on Twitter or identi.ca.
-
/
Heading down to ITEXPO in Miami on Feb 2-4…
Continue Reading: Heading down to ITEXPO in Miami on Feb 2-4…Will you be down in Miami at ITEXPO February 2-4? If so, please feel free to drop me a note and perhaps we can connect somewhere there.I’ll be arriving Monday afternoon and then on Tuesday, February 3rd, I’ll be donning my VOIPSA VoIP Security hat to participate in a SIP Trunking Workshop sponsored by Ingate Systems on “SIP Trunking And Security“. These workshops are always fun to do and as they are free to anyone attending ITEXPO (even just with an exhibit pass), they are usually well-attended. I’ll be bringing my recording gear, too, and the talk will eventually go out in my Blue Box Podcast feed so you will be able to hear it later.
Speaking of recording… I’ll have my video gear, too, and so if you have some new product or service in the “emerging communications” space that you think I might be interested in recording for my “Emerging Tech Talk” video podcast… well… pitch me. 🙂 I know I’ll be recording a number of videos down there and I would certainly consider doing some more.
Wednesday evening I’ll be driving back to Orlando and in Voxeo’s office on Thursday and Friday so if you’re…
-
/
“Discover Best Practices for Secure Unified Communications” – a webinar I’ll be giving tomorrow
Continue Reading: “Discover Best Practices for Secure Unified Communications” – a webinar I’ll be giving tomorrowCross-posted from Voice of VoIPSA:What are you doing tomorrow, Tuesday, October 28, 2008, at 1pm US Eastern time? If you are around, you are welcome to join a free webinar I’ll be giving on “Best Practices for Secure Unified Communications“.
From time-to-time, you’ll notice that those of us working with VOIPSA will take part in seminars/webinars offered by members of VOIPSA and we definitely enjoy doing so. For instance, as readers of the blog know, I’ve been speaking at Ingate’s SIP Trunking seminars for quite some time now. We’re generally open to speaking at anyone’s event or webinar – as long as they understand that there is no endorsement of the company/vendors’s products/services and that we are there to provide an industry-neutral point-of-view.
So tomorrow at 1pm US Eastern I’ll be speaking as part of Mitel’s “Discovery Series” where they invite in guest speakers from the industry. You can join the webinar for free at Mitel’s site. They asked me to speak about the threats/risks to voice over IP and unified communications and talk about best practices for protecting them. Here’s the abstract:
Discover Best Practices for Secure Unified Communications
Presented by: Dan York, Voice Over IP Security Alliance…
-
/
Blue Box Podcasts #83 and #84 now online – VoIP, SIP, Skype security…
Continue Reading: Blue Box Podcasts #83 and #84 now online – VoIP, SIP, Skype security…Over on Blue Box, I’ve now uploaded two recent episodes:- Blue Box #83: SIP and Asterisk vulnerabilities, voice biometrics, P2PSIP, Aircell blocking Skype, VoIP security news and more…
- Blue Box #84: New Cisco, Avaya, Nortel VoIP security vulnerabilities from VoIPShield, Skype in China, UCSniff and other new tools, news and more
With that I am almost caught up with our main shows… and I still have a bunch of Special Editions to finish producing and post. I’m hoping to finish post-production on #85 tonight so that I can post it tomorrow. We’ll see…
Technorati Tags: bluebox, blue box, voip, voip security, security, voice, skype, sip, dan york, jonathan zar, voipsa
- Blue Box #83: SIP and Asterisk vulnerabilities, voice biometrics, P2PSIP, Aircell blocking Skype, VoIP security news and more…
-
/
Slides from my ITEXPO security talk – SIP Trunking and Security in an Enterprise Network
Continue Reading: Slides from my ITEXPO security talk – SIP Trunking and Security in an Enterprise NetworkEarlier this month out at ITEXPO in Los Angeles, I participated in the Ingate SIP Trunking seminars as I have been doing for the last year or so. My talk was “SIP Trunking and Security in an Enterprise Network“. The slides are available for viewing or download from my SlideShare account and I’ll also embed them here in this post.I did record the presentation in both audio and video and hope to be making that available as a Blue Box podcast some time soon. I’ll then sync the slides to the audio. Meanwhile… enjoy the slides! SIP Trunking & Security in an Enterprise NetworkView SlideShare presentation or Upload your own. (tags: telephony danyork)
Technorati Tags: voip, voip security, sip, sip security, voice, security, dan york, itexpo, commdev, voipsa
-
/
Heading out to Los Angeles this week for Communications Developer Conf / ITEXPO…
Continue Reading: Heading out to Los Angeles this week for Communications Developer Conf / ITEXPO…As I note over in my Voxeo blog post, I’ll be out at the Communications Developer Conference (co-located with ITEXPO) this week in Los Angeles. I will be speaking twice. First on Wednesday morning I’ll be talking about SIP Trunking and security as part of the Ingate SIP Trunking workshops from 10:15-11:15am. Next, on Thursday, I’ll be speaking about “Developing Voice Applications in the Cloud”, a favorite topic of mine these days.Voxeo will also have a booth and I expect to be there. I’m also doing some video interviews and other media work (actually on both sides of the camera). I’m looking forward to catching up with a good number of folks out at the show.
If you read this blog and are out there at either the Communications Developer Conference or ITEXPO, please do come by and say hello. I posted the schedule of talks over on Voxeo’s blog site. You should be able to find out more about where precisely I am through either twitter.com/danyork or twitter.com/voxeo.
Technorati Tags: conferences, voip, itexpo, communicationsdeveloperconference, los angeles, dan york, voxeo, danyork, cloudcomputing, sip, sip security,
-
/
Speaking at SpeechTEK next week in New York on voice application security…
Continue Reading: Speaking at SpeechTEK next week in New York on voice application security…On Sunday I’ll be boarding a train bound for New York City where I’ll be attending SpeechTEK for Monday through Wednesday. As I mentioned previously, on Tuesday, August 19th, I’ll be giving a presentation on “Securing CCXML and VoiceXML Applications“:How secure are your speech applications? As the usage of both VoiceXML and CCXML continues to explode, and VoIP usage continues to grow dramatically, especially within enterprise environments, it is increasingly important that you ensure that applications and services are not open to attack. Learn about the potential vulnerabilities in a system using VoiceXML or CCXML, what you can do to secure these systems, and how you can develop a strong architecture.
It will be fun to expand my VoIP security commentary beyond my usual scope of networks and more into voice applications. I’m planning to record it (and have permission to do so) and potentially put it out as a Blue Box podcast.
At SpeechTEK there will also be a good number of us from Voxeo there. We’ll have a booth (#804) and we’ve got some exciting announcements coming up… 😉
If you are down at SpeechTEK, please do drop a note and let me know.
-
/
Heading out to ClueCon 2008, Telephony Developer Conference, this week..
Continue Reading: Heading out to ClueCon 2008, Telephony Developer Conference, this week..This afternoon I’ll be heading to the airport to fly out to Chicago to be part of ClueCon this week. Haven’t heard of ClueCon before? Here’s the quick summary:ClueCon – is an annual 3-Day Telephony User and Developer Conference bringing together the entire spectrum of Telephony from TDM circuits to VoIP and everything in between. The presentations and discussions will cover several open source telephony applications such as Asterisk/Callweaver, Kamailio (formerly OpenSER), Bayonne, YATE and FreeSWITCH.
Billed as the “Telephony Developer Conference” it primarily focuses on the whole world of open source telephony.
I’ll be there as part of two panels. First, tomorrow I’ll be joining fellow VoIP bloggers Andy Abramson and Thomas Howe on a “VoIP Roundtable” to talk about current industry themes and trends. Then on Thursday I’ll be part of a “VoIP Security Roundtable” talking about… gee… can you guess?
It should be a fun event… I’m looking forward to catching up with Andy, Thomas, Moshe Yudkowsky, Jon Todd and several others. There are also some folks on the schedule with whom I have corresponded but never physically me, so that will be nice as well. If any of you reading this will also be…
-
/
Tracking iSkoot’s security issue exposing Skype usernames and passwords
Continue Reading: Tracking iSkoot’s security issue exposing Skype usernames and passwordsOver on the Voice of VOIPSA weblog, I have been tracking a security issue in the iSkoot program that was transmitting your Skype username and password in the clear. The post, its comments, and the corresponding links off of it make for some interesting reading.It also shows the speed at which the blogosphere can react and potentially help sort things out. In the space of about 48 hours, a problem was found, confirmed, identified by the vendor and apparently will be fixed shortly. I’ll be writing more about this later today over on the Voice of VOIPSA weblog, but for now I’ll just say that it’s great to see that the problem is being dealt with.
Technorati Tags: voip, voip security, voipsecurity, security, skype, iskoot, symbian, phoneboy