[VOIPSEC] Soft phone as trojan horse
slavitch at gmail.com
Tue Sep 5 13:37:46 BST 2006
This differs from Flash and Outlook plugins how? How many are reading your
file system trolling for emails as you write this?
On 9/4/06, mailinglist <mailinglist at pbxnsip.com> wrote:
> When you install a soft phone on your computer, that executable has
> definitevely the right to access the file system of your computer and
> mounted file systems. Even better, it goes nicely through your firewall.
> as a plus, you can easily locate the computer that you are looking for in
> the internet. Gimme your phone number, and I can talk to your computer.
> If a vendor of a soft phone does not publish the protocol, that makes me
> very sceptical. Who knows if the programmers had a bad day and put in some
> back doors "for future software upgrades" or so?
> This is a new way of file sharing - initated from the other side of the
> session! Lets go phishing and publish a new free soft phone.
> Am I getting this right? How much do I have to trust my soft phone vendor?
> Voipsec mailing list
> Voipsec at voipsa.org
More information about the Voipsec