[Previous] How to Put Video on Your Website (Business Security Signal...

 [Next] Getting Unplugged...

Some related posts from Technorati and Google.

[F-secure.com] F-Secure : News from the Lab: After reading our post on Web Application Worms, XSS and social-networking sites, several bloggers have wondered why we didn't test MySpace, since that website's past security issues is what prompted our testing. Some even speculated if one of the two sites we were talking about was MySpace.

 [Voipcentral.org] VoIP Blog - In-depth coverage of the VoIP industry, including ...: The Swiss government is using a spyware application called Trojan horse program to tap VoIP calls, nation’s leading newspaper SonntagsZeitung reported.

[Schneier.com] Schneier on Security: VOIP Encryption: Primarily (for this discussion ;) however is that traditional IP network routers are being replaced with switched routers, that implement RSVP and Tagged packets (MPLS/LDP/TDP). The IP trafic is now effectivly circuit switched to get QoS and other efficiencies (see Cisco networks MPLS enabled switches / routers, http://www.cisco.com/univercd/cc/td/doc/product/atm/c8540/12_1/12_c_e/trouble/tag_sw.htm for more details).

 [Voice of VOIPSA] Just Plain Cuckoo: According to news in PC Pro magazine, authorities in Switzerland have come up with an unorthodox plan to tackle call tapping of Skype and other VoIP users.  VoIP calls can be end-to-end encrypted, which means that tapping on the Internet itself is often not practical.  For example Skype use an undisclosed encryption algorithm and key exchange system.  Phil Zimmermann’s Zfone employs perfect secrecy so that the conversation cannot even be listened to later offline when the encryption key has been obtained.

[Watching Skype. Digesting Skype. Testing Skype Gadgets.] Trojan that can listen in to phonecalls made... : Swiss newspaper SonntagsZeitung , reports that the Department of the Environment, Transport, Energy and Communications (UVEK) hired ERA IT Solutions some time ago to come up with a program capable of infecting PCs and tapping conversations without the need to crack VoIP PC-to-PC encryption. The program - which would have to find its way onto a target computer using some form of Trojan-like deception - would be able to record and save conversations, sending them to a remote server hidden inside normal network traffic.»

 [Pogo Was Right - We have met the enemy, and he is us!] Swiss look to Trojan code for VoIP tapping: Swiss look to Trojan code for VoIP tapping Tuesday, October 10 2006 @ 11:10 AM CDT - Contributed by: anonadmin - Non-U.S. News Swiss authorities are investigating the possibility of tapping VoIP calls, which could involve commandeering ISPs to install Trojan code on target computers. Source - PC Pro Related -The Register

[Lunch over IP] A state-sanctioned trojan in your computer: installed on the eavesdropping target's computer - could be planted by policemen, "or sent to the machine by the Internet providers, hidden in the usual data stream", writes the paper. The software would record and report back to a central server the content of VoIP calls and other communications emanating from that computer, and could also be used to turn on remotely their built-in microphones.

[VoIP :: News, Information and current events related to VoIP] VoIP Hacking Pitfalls And Prevention: In essence, VoIP becomes susceptible to hacking because in transferring analogue voice data into a digital form that is carried over the internet, some security firms say this is tantamount to gaining all the risks of computer data systems such as bugs, but also worms and viruses. Hackers already have their existing tools of the trade that they have owned for years, and can simply transfer these to the world of VoIP.

Reflected tags on Technorati: Blog, Voip, VoIPBlogging