-
/
Confirmed to speak at O’Reilly’s Emerging Telephony conference, Feb 27 – Mar 1, 2007, San Francisco
Continue Reading: Confirmed to speak at O’Reilly’s Emerging Telephony conference, Feb 27 – Mar 1, 2007, San Francisco(Originally posted to http://dyork.livejournal.com/254735.html)
Just confirmed late last week that I’ll definitely be speaking at O’Reilly’s Emerging Telephony Conference (aka “ETel”) this coming February 27 – March 1, 2007 in San Francisco. The topic I will be speaking on will, of course, be VoIP security. Two sessions, actually… one a 15-minute plenary session providing an overall view of VoIP security and then the second a 90-minute workshop going into much more detail, providing info about security tools, best practices and much more. Both, of course, will be later put out as part of Blue Box. Should be a lot of fun, and given that it’s in the SF area, I’ll probably be able to pull Jonathan Zar in as well, which would be cool. Now I just need to put up a picture, bio and session abstracts…
As I’ve said to a number of folks, ETel 2006 was one of the very best out of all the conferences that I attended all year. No real trade show… just conference sessions full of the “alpha geeks” that O’Reilly conferences tend to attract. People really on the bleeding edge of trying out new and different things with telephony. They had… -
/
Martyn provides a photo from the Blue Box dinner…
Continue Reading: Martyn provides a photo from the Blue Box dinner…(Originally posted at http://dyork.livejournal.com/255317.html)
Martyn Davies (martyndavies) provides a photo of yours truly over on his blog (click the photo to see the larger version) from the Blue Box dinner that we had last Thursday. It was a great time… Martyn, myself, Dean Elwood, Andy Millar and, for a brief time, a gent whose name I only know as “Sarb”. Lots of great conversation, food, beer… much fun and we’ll definitely have to do it again in another city. Many thanks to Martyn for doing the local organization. I took a range of photos as well that I’ll post at some point.
-
/
“Hacking Exposed VoIP” book from McGraw-Hill has a podcaster review quote (mine) on front cover
Continue Reading: “Hacking Exposed VoIP” book from McGraw-Hill has a podcaster review quote (mine) on front cover(Originally posted at http://dyork.livejournal.com/253120.html)
If you look at the front cover of "Hacking Exposed VoIP" (either click on the small image to the right or follow this link), you will see a review quote from a certain someone:
If you are a security professional charged with protecting a network infrastructure that includes VoIP, you definitely must read this book! Failure to do so will seriously put your VoIP systems – and your network – at risk!"
-Dan York, Producer and Co-Host, Blue Box: The VoIP Security PodcastMcGraw-Hill left out the first part of what I sent them, namely "This is a dangerous book.". (UPDATE: The full quote is on the first page inside the book.) It is a dangerous book, really, because Dave and Mark have brought into one book an amazing amount of information that previously was only found through diligent searching of many places. I stand by my quote – security professionals responsible for the security of VoIP systems really do need to read this book!
On a different note, I have to wonder if this is the first time a review quote from a podcaster has appeared on a published book that does not have…
-
/
VoIP News in Australia picks up on VOIPSA Best Practices…
Continue Reading: VoIP News in Australia picks up on VOIPSA Best Practices…(Originally posted to http://dyork.livejournal.com/251845.html)
I do not know precisely why, but the Australian VoIP media seems to pick up a lot of good news items about VoIP security, if you take a look at any Blue Box episode, you’ll often see that many of the news items we talk about come from Down Under. I don’t know why, but they seem to have security as a partial focus. It’s great to see and they are a very good source of news. One site there, VoIP News, is also the only one I’ve really seen to write a post about the VOIPSA Best Practices Project. We weren’t really expecting people to write about it on news sites… the launch is really more low-key and we didn’t do any active PR beyond blog posting and sending to email lists. Now, when we have the finished product that will be a different story.
Of course, to finish one must first start.. hopefully later today… just in time for me to start travelling for a week!
In the meantime, it’s great to see this VoIP News site writing about us… I’ve seen several subscriptions already today from Australia.Technorati Tags:…
-
/
The Register- “VoIP – open season for hackers”
Continue Reading: The Register- “VoIP – open season for hackers”(Originally posted at http://dyork.livejournal.com/250114.html)
As I wrote about over on Voice of VOIPSA, the Register posted an article yesterday “VoIP – open season for hackers“. The article is mostly good PR by a security company promoting itself and doesn’t really seem to add anything brilliantly new to what we’ve already known in the VoIP security field… but the fact that it’s posted in the Register pretty much guarantees high visibility.
Another good reason for VOIPSA to get the Best Practices document done soon…Technorati Tags: security, voip, voip security, voipsa, voipsecurity
-
/
VOIPSA best practices mailing list growing fast…
Continue Reading: VOIPSA best practices mailing list growing fast…(Originally posted at http://dyork.livejournal.com/250011.html)
Publicity helps, of course. Start talking about something and the people start signing up. Overnight the VOIPSA “best practices” mailing list has grown from 26 to 65 subscribers, with more subscription notices coming in each time I look at my email. This certainly reflects the way I distributed the word… I’m sure many people, myself included, route the VOIPSEC mailing list into a folder where they read it when they can. Or at least they read other messages before that of a “mailing list”. So I expect I’ll continue to see subscriptions coming in over the next couple of days.
As the mailing list administrator, I naturally receive the subscription notifications and I have to say that there are some pretty impressive people and companies among those who have subscribed. I think we now have one or more representatives of basically all of the major IP-PBX vendors, a good number of security vendors, univerisites, US government agencies, a few financial institutions (good to have, given the natural security paranoia of banks)… plus a whole host of people that are using various Gmail, Yahoomail, etc. addresses that give nothing away about their identity. (I would… -
/
VOIPSA “VoIP Security Best Practices” project to launch this week
Continue Reading: VOIPSA “VoIP Security Best Practices” project to launch this week(Originally posted to http://dyork.livejournal.com/249531.html)
Cross-posting from Voice of VOIPSA where I posted this earlier today:
I am pleased to announce that the VOIPSA Best Practices project will be kicking off this week. As noted in the project description, the goal is to gather into one document the core set of “best common practices” that can be used to address the threats to VoIP that were outlined in the VoIP Security Threat Taxonomy project. I’m still making some changes to the wiki in advance of the formal project kickoff, but right now you can subscribe to the best practices email list if you would like to assist in the project. All are welcome, regardless of experience level. If you don’t want to join a mailing list, updates will be posted here on this blog from time to time.
I went into a bit more detail in a subsequent post to the VOIPSEC mailing list, mentioning, for instance, that people who think they will be interested in editing/commenting on the actual text should make sure they are registered in the VOIPSA wiki.
I’m excited to get the project underway… I’ve been trying to get it launched for the last month or… -
/
The intersection of VoIP and grocery stores? In Peru?
Continue Reading: The intersection of VoIP and grocery stores? In Peru?(Originally posted at http://dyork.livejournal.com/249301.html)
Progressive Grocer doesn’t immediately leap to my mind as a place that would be writing about VoIP, but here they were writing about Peru’s Number 2 supermarket chain deploying VoIP. On second thought, though, it makes sense that “progressive” food retailers would look at VoIP as a way to enhance/improve their operations. In any event, kudos to Mitel’s partner in Peru, Data Voice, as well as our South American team, for winning the business. Our press release has more information (obviously from a Mitel perspective).
-
/
Hosted VoIP application provider Natural Convergence announces $10M in funding
Continue Reading: Hosted VoIP application provider Natural Convergence announces $10M in funding(Originally posted at http://dyork.livejournal.com/248589.html)
Kudos to David Cork and his team over at Natural Convergence Inc(NCI) for their announcement of $10 million USD in funding. Given that they are a sister company[1], I’ve met a good number of their folks over the years and have been quite impressed with both their staff and their technology.[2]
Their approach to the SMB space is a very interesting one in that the application they provide allows service providers to have an offering that allows small businesses to replace their aging key systems with new VoIP systems… without having to take on the administration of an IP PBX. The SMB gets the advantages of VoIP, such as new apps or being able to have an extension basically anywhere in the world that there is an IP address (from the simple case of the owners’ homes to cases like remote office or workers), without having to invest in any on-premise equipment or having to manage the software. So a service provider that wants to roll out a VoIP offering to small businesses can just buy the NCI solution and start rolling it out.
Congrats to the whole team on landing the… -
/
Click-to-Call, Google Maps, security – and the fundamental disruption to the carrier telephony space
Continue Reading: Click-to-Call, Google Maps, security – and the fundamental disruption to the carrier telephony space(Originally posted at http://dyork.livejournal.com/247741.html)Over on “Voice of VOIPSA“, Dustin Trammel wrote a long post called “Click-to-Harrass” that discusses “click-to-call” services and specifically the new Google Maps click to call capability. I wrote a comment that inadvertantly wound up being almost as long as Dustin’s article. Given that it had been a topic I was thinking about writing about here anyway, I decided to cross-post my comment here as well. Dustin,
Nice piece. TechCrunch also had a post yesterday speculating that Google had pulled Click-To-Call because of harrassment issues, although it seems to have just been a temporary service outage as the service is back running today (used it myself this morning).
The interesting thing, though, is that you can see the immense value to the consumer for this type of service. Over the past few days I’ve been testing it myself with calling various local businesses here in Vermont. I have to say it has worked great. Find them in Google Maps, click the “call” button, wait for the ring of my phone, press the “Talk” button on my wireless handset and… ta da… I’m connecting to the business. It is a little…
Disruptive Telephony
Dan York on how Voice over IP is rewriting (almost) everything you thought you understood about telephony…