[VOIPSEC] 4G Issue Map: signaling complexity - more

Voiceline Patrick at Voiceline.dk
Thu Aug 31 03:34:50 CDT 2006 

I think you just might be wrong there Simon!



ENUM is working with success in Germany, Sweden and England - just to name a 
few. I think ENUM is going to be more important with the passing of each 
day. Looking ahead I believe that we will see VoIP security and 
authentication take a more prominent role in discussion forums. Customers 
WILL pay for security, and as they surly already do! - The charge for ENUM 
will be included in the customer subscription, and will not be noticeable in 
the end. VoIP vendors will have to take the end user security issues away 
from the end users, they are not experts, and they do not know how to 
protect themselves - one logical solution would be isolating the end users 
in hosted nested MPLS and making the vendors act like bouncers at the 
gateway to the Internet and PSTN - this future is not unimaginable...


/Patrick


----- Original Message ----- 
From: "Simon Horne" <s.horne at packetizer.com>
To: "Geoff Devine" <gdevine at cedarpointcom.com>; "Michael Slavitch" 
<slavitch at gmail.com>; "Paul E. Jones" <paulej at packetizer.com>
Cc: <bill at flanagan-consulting.com>; "Henry Sinnreich" <hsinnrei at adobe.com>; 
<Voipsec at voipsa.org>
Sent: Thursday, August 31, 2006 4:15 AM
Subject: Re: [VOIPSEC] 4G Issue Map: signaling complexity - more


>
> ENUM is going to a failure for 3 main reasons
>
> 1. Most VoIP networks are very little security and almost no call party
> authentication. Some VoIP protocols are securable to some extent but 
> others
> like SIP are far far more complex. Just detecting the vulnerabilities of
> protocol is not good enough, there needs to be solutions to combat 
> Internet
> telephony SPAM or Phishing before services like ENUM or public URI could
> even be considered. The guys offering ENUM services are fighting a losing
> battle convincing SIP vendors to implement TLS (although not a complete
> solution) but it seems in the main part, the problem is being avoided and
> the easier fortified bridged VoIP Islands approach seems to be is the way.
>
> 2. Some will argue there's no revenue in providing ENUM services. There is
> more money charging fractions of cents for providing bridging services. 
> But
> the big question is, after spending years building the bridges and
> installing expensive equipment, are customers willing to pay for a service
> that they were told was "free" or "near free". The Boeing in-flight
> Internet access is a prime example. The service was great, had great
> promise just no-one wanted to pay for it.
>
> 3. Nobody wants to pay for an ENUM service. APRA have priced themselves 
> out
> of whatever market they were trying to create, It's so easy to setup an
> ENUM service. There are already www.e164.org and www.e164.info for 
> instance
> who offer the service for free.
>
>
> Now with that said, what are the opportunity costs of not tackling the
> security problems of standard based protocols like SIP and not opening
> networks up to the public internet? Possibly a lot more than the cost of
> providing expensive VoIP bridges that perhaps no-one wants to pay for, it
> could be billions...one easy example is Google and E-Bay recent 
> partnership
> to provide click to call and pay per call services for web advertisers.
> Huge opportunity lost...
>
> Simon
>
> At 09:11 AM 30/08/2006, Geoff Devine wrote:
>>I also think ENUM is going to be a total failure.  People will stay with
>>their trusted service providers to avoid getting SPAM phone calls at 3
>>AM from somebody claiming to be General Mubuti in Nigeria but who is
>>actually trying to scam their bank account or sell them erectile
>>dysfunction drugs.  ENUM-like services that reference private databases
>>administered by those trusted service providers will be the norm rather
>>than a free-for-all e164.arpa.
>>
>>
>>
>>Geoff
>>
>>
>>
>>
>>
>>________________________________
>>
>>From: Michael Slavitch [mailto:slavitch at gmail.com]
>>Sent: Tuesday, August 29, 2006 5:16 PM
>>To: Paul E. Jones
>>Cc: stuart jacobs; bill at flanagan-consulting.com; Henry Sinnreich;
>>Voipsec at voipsa.org; Geoff Devine
>>Subject: Re: [VOIPSEC] 4G Issue Map: signaling complexity - more
>>
>>
>>
>>One more short note before closing off my contribution to this thread:
>>
>>
>>
>>While the telecoms carriers are looking at the cable companies, a far
>>bigger threat will come from companies like Akamai:
>>
>>
>>
>>http://www.akamai.com/
>>
>>
>>If many-to-many conferencing, SIP ENUM peering and one-to-many live
>>video needs geographically distributed CPU's, such vendors have all that
>>is needed in hand.
>>
>>
>>
>>_______________________________________________
>>Voipsec mailing list
>>Voipsec at voipsa.org
>>http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
>
>
>
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org

More information about the Voipsec mailing list