Category Archives: Voice of VOIPSA Info

Working On Restoring VOIPSEC Mailing List Archive Functionality

We are unfortunately aware that the mail archives for the VOIPSEC mailing list have not been functioning for a long time.  The list still does have occasional active conversations on it and anyone is welcome to subscribe. However, the archive on the list page as well as on the VOIPSA site page for the list has been broken for a while now.  As part of our work updating the VOIPSA website I’ve been in touch with our hosting vendor to see about getting the archives back in action.  Stay tuned….

Administrative Update: Resetting user passwords for authors

If you are an author here at Voice of VOIPSA and are wondering why you just received an email about a password change, I went through and reset all the passwords on our user accounts. There was no security issue – I just realized that some of the accounts have not been used for a long time and I had no idea about the strength of the passwords.  If you want to login you’ll need to use the “Forgot my password” reset link to generate a link to a new password (or contact me and I can reset it).  My apologies for any inconvenience.

P.S. In doing this, I found a really nice random password generator at: http://sandbox.coderlab.net/rpg/index.php

Voice of VOIPSA Now Running WordPress 3.1

Tonight I upgraded Voice of VOIPSA to the shiny new WordPress 3.1. It looks like there are no issue with our theme or any other part of the site, but if you do see anything funky, please do let me know. And if you are one of the bloggers here on the site, you may see a few changes to the user interface, and you have some very cool new ways to easily link to other articles on the site (if you are writing using the web interface).

Voice of VOIPSA upgraded to WordPress 3.0.1

Just a quick administrivia note – this site is now running the latest and greatest WordPress software at version 3.0.1.  In my testing, everything looks perfectly fine, but if you see anything strange on the site in terms of display issues, please do let us know.  Thanks – and thanks for continuing to read and comment here.

Our apologies for the minor blip in voipsa.org availability…

Oops. To make a long story short, the “voipsa.org” domain was set to auto-renew on a credit card that was cancelled between renewals – and email notifications went to an incorrect address. It’s all better now. Life is good…

Sorry about that – and thanks to the multiple people who pinged us about it!

Added RSS Cloud plugin to this site (and what that means)

For those interested in the underlying plumbing of this site, today I added the RSS Cloud plugin for WordPress to this site that is described in more detail in this post: “RSSCloud for WordPress

What does this mean for you as readers?

In the short term, not much.  The only RSS Cloud-enabled reader right now is Dave Winer’s River2.

However, both RSS Cloud and PubSubHubbub are moving us closer to a “realtime” web where you as a reader can “subscribe” to feeds and receive updates as soon as those feeds are updated.  Currently, when you “subscribe” to our RSS feed, you only see updates when your news reader polls the feeds to which you are subscribed.  Given that a good number of feeds may not have changed since the last polling interval this process is also quite a waste of packets.

So the idea is to move from a “polling” paradigm to one of “subscribe/notify”.  Much more will be happening in this space in the time ahead.  In the meantime, if you do use River2 or any of the other readers that may support the RSSCloud tag, you’ll be able to interact with the Voice of VoIPSA blog in that model.

P.S. Yes, I’m also working to add the PubSubHubbub plugin for WordPress to this blog, but I’ve run into a technical issue I’m trying to debug.

Apologies for the VOIPSA site outage last weekend

Our apologies for the outage of both this blog and the main VOIPSA web site over the last weekend – and many thanks to all of you who wrote in to let us know. We recently moved the site to a new hosting provider and unfortunately it seems that in the initial move they missed moving over the domain name. That has now obviously been fixed and we’re back in action. Thanks again to those who let us know.

New voices coming soon to “Voice of VOIPSA”…

I’m very pleased to say that the response has been great to my request for new contributors to this site and over the past few days I’ve given author credentials to nine new authors. They represent a great range in experience and geography. A couple are seasoned VoIP/communication security professionals who have been around VOIPSA circles for a while and in a couple of cases have written books on the topic. (Some I’ve written about here or interviewed on Blue Box.) Others have been involved in security or VoIP but haven’t really had a profile in “VoIP security”, per se. And there are a couple who are brand new to the field but have some great passion to contribute.

I’m also pleased that we’ve added a couple of Europeans so that Martyn Davies is no longer holding down the fort as the only non-US regular contributor. We’ve also added our first contributor from India (or for that matter anywhere in Asia). While the vast majority of VoIP security issues have no relation to geography, there are of course laws and regulations that come up in different regions, as well as regional news items, and so it is nice to have a wider geographical distribution.

Thanks again to all who responded (and we’re still open to others) and we look forward to the additional posts they may bring over time.

Our whole goal with this site is to create conversations around VoIP / communications / UC / SIP security regarding what the issues are, what the “real” dangers are (as opposed to those sometimes hyped in the mainstream media), what the solutions are, etc. so that in the end we will all have safer and more secure communication systems.

Thanks to all of you – both writing and reading – for joining in that conversation.


If you found this post interesting or helpful, please consider either subscribing via RSS or following VOIPSA on Twitter.


You can now follow VOIPSA on Twitter

Yes, indeed, the VoIP Security Alliance has joined the Twittersphere with:

http://twitter.com/voipsa

Feel free to follow us there if you are a Twitter user. The primary reason we are on Twitter is so that Twitter users can follow whatever blog posts we post here on the Voice of VOIPSA blog. We’ve noticed over time on other sites (and in our own actions) that some folks prefer to be notified of new blog posts via Twitter versus a RSS feed. So now you have that choice. Subscribe via RSS or via Twitter. We’ll respond to tweets as well, of course, but our primary goal is to provide another way to consume VOIPSA content.

If you are on Twitter, please do feel free to follow us. Thanks.

Looking for a few good VoIP security writers…

Are you interesting in writing about VoIP security? In providing updates on security news? Product reviews? Threat analyses? Notes about recent security advisories?

Would you like your writing to appear on this blog?

As you have probably noticed, the frequency of our posting here in recent months has dropped a bit. It’s definitely not for lack of content… anyone subscribing to a Google Alert on “voip security” or subscribing to the VOIPSEC mailing list will know that there are definitely ongoing VoIP security issues. But we collectively haven’t been writing all that often about those issues here on this blog. Many reasons… but mostly that those of us who have been writing for the three years since we started this blog have just been finding ourselves insanely busy and not able to make the time to write here frequently. A couple of folks have moved into roles where they no longer work directly with VoIP security. Others have started their own blogs or just gone on to other things.

So we are looking to recharge the “Voice of VOIPSA” writing corps a bit. Our goal all along has been to make this site a portal for news and analysis about “VoIP security” in whatever form that may take. We are looking for people who might be willing to write short notes about news stories related to security of VoIP, Unified Communications, etc. We are also looking for people interested in writing longer pieces like some of the deep analyses we have posted here in the past.

VOIPSA’s overall mission is to raise the level of discussion about communication security issues in the IP space – and we’re looking for anyone who would like to help us in doing that through this blog.

The only major requirement we have for writers here is that any pieces must be vendor-neutral, i.e. we are not looking for people to write here about how their company’s product will solve all your security woes. We’re not a marketing site for either VoIP or security vendors. However, we do welcome posts from people at those companies that talk about the general state of the industry. We also welcome posts from folks who may not be at any company in the space but are just passionately interested in the topic.

If you are interested in writing for Voice of VOIPSA, please send me an email expressing your interest and providing some background about your connection to VoIP security. If you write at an existing weblog, even on a completely different topic, it would be helpful if you sent along that link as well.

Thanks for continuing to follow this site and after three years of blogging, we’re looking forward to continuing to provide you information and analysis about VoIP/communication security for the next three years… and beyond!

Technorati Tags:
, , , , ,