Monthly Archives: June 2008

Avaya, Cisco and Nortel VoIP security vulnerabilities to be announced today

News reports are coming out now (FierceVoIP, Network World and others) that in about 30 minutes or so, Avaya, Cisco, Nortel and VoIPShield Systems will be jointly announcing VoIP security vulnerabilities – and corresponding fixes.

We are delighted to see that in contrast to the previous announcement of vulnerabilities discovered by VoIPshield Systems, all three major vendors will be participating in today’s announcement.

Stay tuned… and if you are an Avaya, Cisco or Nortel user, you should probably be standing by to allocate some time to patching.

Technorati Tags:
, , , , , , ,

Nortel launches Voice Security Technology Blog

nortelvoicesecurityblog.jpgI recently learned that Nortel has launched their “Voice Security Technology Blog“. Their initial post outlines their goals for the blog. They only have two posts up so far but we’ll be interested to watch the blog and see what they do with it.

Technorati Tags:
, , , , ,

Variable Bitrate Compression Flawed

Some researchers over at Johns Hopkins University have discovered that due to the way Variable Bitrate Compression does it’s thing, even if the audio stream is encrypted it is still possible to determine entire words and phrases based on the lengths of the packets with a high degree of accuracy.

According to the article referenced above it appears that the proof of concept tool is fairly limited, but given a little time and additional effort it’s capabilities could be greatly expanded, potentially to the point of transcribing entire conversations.

The researchers’ paper was presented at the 2008 IEEE Symposium on Security and Privacy a few weeks ago.