Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Internet Telephony Has Security Problems: This was an interesting read this morning for different reasons:
- First of all, it is not surprising (even if we would not have known the problems it would have to be expected).
- I liked the statement: The goal is to raise awareness about flaws in these systems – and create a market for VoIPshield's product… - This is the scary part: It is not about the security of the environment or the ecosystem but about sales.
- But then: Dalmazzi says he tried unsuccessfully to get the attention of the VoIP makers, including shoving a business card with a note describing the vulnerabilities he'd discovered into one executive's hand at a conference. One company told us that it wants to learn more about the vulnerabilities but has had difficulty working with VoIPshield. In other words, it isn't a clean process. It seems that there are still too many companies not being able to handle this kind of information (if it is really true). I guess today, if a Microsoft person is made aware of a vulnerability (and for sure an Exec), even if they do not know the process exactly, they would definitely know whom to ask and from there on it is a defined process.
- When I worked in Switzerland we created a CSO Roundtable called Swiss Security Exchange, where we discussed current challenges with CSO. Two years ago, the core theme there was – you guess it – VoIP! If you interested in the results of the discussion, here you find the summary.
Roger
Comments
- Anonymous
January 01, 2003
thank you