VoIP May Make Eavesdropping Easier

Sep 4, 2007 4:37 PM


         Subscribe in NewsGator Online   Subscribe in Bloglines

A leading member of the Jericho Forum security group has criticized the security of voice over IP technology after researchers revealed that it was possible to eavesdrop on VoIP conversations, according to ZDNet UK.

An eavesdropping vulnerability was revealed on the Full Disclosure mailing. Vulnerability researchers Humberto Abdelnur, Radu State and Olivier Festor claimed the exploit could allow a remote attacker to turn a VoIP phone into an eavesdropping device, citing a Grandstream SIP phone as an example.

The Jericho Forum is an international group of leading corporate security professionals, academics and vendors, and promotes the development of secure software architectures, among other IT security interests.

Paul Simmonds, a member of Jericho Forum's board of management, says that VoIP is not yet ready for use in businesses. "We don't consider VoIP to be enterprise-ready," Simmonds says. "You can't run VoIP on a corporate network because you can't trust every single device on that network. VoIP as it stands certainly isn't secure. Going forward, everybody should be using inherently secure protocols."

Want to use this article? Click here for options!
© 2008 Penton Media Inc.

Today's New Product

Product 1 Image

B.I.G. Parking Control/Guard Booth

Manufactured for Louisiana State University, The Estate parking control/guard booth from B.I.G. Enterprises was built to strict hurricane codes due to Hurricane Katrina. The booth features a copper standing seam roof, gutters and downspouts. It comes factory-prepared for on-site installation of architectural brick and has extensive electrical, high-output HVAC, data and communication lines, shelves and cabinets.

To read more...


Govt Security

Cover

SUBSCRIBE

This month in Access Control

Popular Stories

Webinar

Mass Notification Systems

Join AC&SS and ADT as they discuss the crucial role of mass notification systems before, during, and after emergency situations.
March 26 at 2pm ET

Register Now!

Back to Top