The German Asterisk Tag (Asterisk Day) takes place in Berlin 26-27th May, 2008. Some of the presentations will cover security issues as well as issues companies are facing when introducing VoIP. Among the speakers are Mark Spencer (Digium) and Phil Zimmermann, the latter one talking about Zfone.
Michael Thumann has revealed a buffer overflaw in the SIP Foundry’s sipXtapi code (used among others in AOL Triton). The flaw occurs when parsing the CSeq field andÂ permits executing arbitrary code. You can read the reportÂ at Neohapsis Archives.
The German mobile telephony reseller eteleon has presented a new offering for a VoWLAN bundle featuring the Nokia E60, E61 and E70 smartphones with WLAN and VoIP capabilities. The offering is for use both in the GSM network as well as with Hotspots (or simply with the WLAN at home or in the office). Roaming from WLAN to GSM during a call is nevertheless not an option before the arrival of UMA (Unlicensed Mobile Access). The SIP clients of the Nokia models are delivered preconfigured for use with the VoIP service of the dus.net provider. The interesting thing about it: dus.net is already offering free SRTP encryption as part of its VoIP service. Though the Nokia SIP client doesn’t seem to support it, this is only a small step towards secure mobile VoIP. Should someone tell them?