[VOIPSEC] Soft phone as trojan horse
Michael Slavitch
slavitch at gmail.com
Tue Sep 5 13:37:46 BST 2006
This differs from Flash and Outlook plugins how? How many are reading your
file system trolling for emails as you write this?
M
On 9/4/06, mailinglist <mailinglist at pbxnsip.com> wrote:
>
> When you install a soft phone on your computer, that executable has
> definitevely the right to access the file system of your computer and
> other
> mounted file systems. Even better, it goes nicely through your firewall.
> And
> as a plus, you can easily locate the computer that you are looking for in
> the internet. Gimme your phone number, and I can talk to your computer.
>
> If a vendor of a soft phone does not publish the protocol, that makes me
> very sceptical. Who knows if the programmers had a bad day and put in some
> back doors "for future software upgrades" or so?
>
> This is a new way of file sharing - initated from the other side of the
> session! Lets go phishing and publish a new free soft phone.
>
> Am I getting this right? How much do I have to trust my soft phone vendor?
>
>
> Christian
>
>
>
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
>
More information about the Voipsec
mailing list