Tone Commander has introduced the industry’s first TSG-6 SIP-compliant phone. In addition, it announced that the National Telecommunications Security Working Group (NTSWG) has approved the device for government and military use.
The NTSWG, formerly known as the Telecommunications Security Group (TSG), is a Joint Working Group of the Committee on National Security Systems (CNSS), which was established under EO 13231 to protect National Security Systems. The TSG issued "standards" as the primary technical and policy resource for all aspects of the Technical Surveillance Countermeasures (TSCM) Program within the U.S. Intelligence Community. TSG Standard 6 (Updated January 2005) is a compilation of TSG-approved telephone security equipment. These items have been specifically evaluated by the NTSWG for security effectiveness.
Editor's Note: It is true that technology can be used for good or bad. The key is to try and not create situations where people are put into position where they fall into the latter.
Technology is like a double- edged sword. While it's being used by the British intelligence to track them down, the Taliban are effectively exploiting the Internet phones to evade detection in war-ravaged Afghanistan.
The militants are using Skype, a popular piece of consumer software that allows free calls to be made over the web, to communicate with cells strung out across that country, the 'Daily Mail' quoted an intelligence source as saying.
Most Cowetans who call 911 from their cell phones don't have to worry about location errors such as the one that may have contributed to the recent death of a woman in north Fulton County.
When a call comes in to Coweta's 911 center, the location instantly pops up on a map of the county on the operator's screen. Landline calls additionally show the address where the phone call originated.
If SPAM arrives in your inbox at 4am, the chances are your antispam software will catch it. But even if it doesn’t, you won’t lose much sleep over its arrival. But it’ll be a different story with SPIT (spam over internet telephony). Junk phone calls at 4am are going to drive you mad because the chances are that antispit software won’t be able to intercept the call.
Note: He is right, you can't trust caller ID these days. I do know that is someone sends no caller ID then I don't answer. It's usually a telemarketer or some congressmen trying to give me an award for donating money to there party or associations. In our current environment I am not sure how long that will last. If you are trying to get in touch with your local press try changing it to some major organization's ID and see if your call gets picked up faster? I bet it would.
He cited some legislation that was put through in 2007 and is currently stuck in the Senate. "The law would outlaw causing "any caller identification service to transmit misleading or inaccurate caller identification information" via "any telecommunications service or IP-enabled voice service." Law enforcement is exempt from the rule."
Here is an excerpt from the article:
Note: Computer Weekly has a great Monday morning article about VoiP security and how a PBX can affect it.
Voice over IP (VoIP) security is a challenge for IT staff because IP telephony (IPT) brings with it not only the security problems of data networks but also new threats specific to VoIP. In this fundamentals guide, learn about network security threats and emerging IP telephony threats, and how to secure your VoIP systems and endpoints from them.
Note: If this phone is SIP compliant then we might need to pick a couple up for "testing".
Everpeace Technology has released the EP-880, an encrypted VoIP phone that integrates frequency domain scrambling technology and can block phone-tapping devices. It supports the PSTN network and standard PBX systems.
Note: VN has a good article about VoIP Security threats how what to make of them.
"At its heart, a VoIP system is a data network. This means VoIP deployments are vulnerable to the same internal and external threats that plague any enterprise data local area network (LAN) or wide area network (WAN).
Enterprises pondering voice over Internet protocol (VoIP) primarily focus on the technology's cost benefits. Yet, in their zeal to converge voice and data networks and shave telephony costs, many organizations are failing to adequately consider VoIP's single drawback: security.
Note: I came across this product today. I like how they explain their approach using a self-proclaimed "non-proprietary solution" and open source operating system. It seems the more we look at true security on our networks, the only way I can see us truly securing hardware is using a open source model so we can have alot of eyeballs examining the code and releasing patches faster so it stays secure. People need to realize that securing a network is a goal and moving target. The second you rest on your laurels and think you are secure thats the moment your most vulnerable because you have taken your eye off the ball. Anyways here is the release we found:
"BorderWare Technologies has announced what it is calling a new approach to securing and servicing VoIP that is cost effective and highly scalable to meet the needs of today's service provider and enterprise markets. As VoIP security evolves, service providers and enterprises are realizing the need to secure their converged applications including VoIP, Video and other real-time applications, to protect from attacks such as toll fraud, service disruptions and Spam over Internet Telephony (SPIT)."
Note: Thank you NEC for getting started on this problem early in the game.
NEC Corporation announced the development of new technology for the prevention of Spam over Internet Telephony (SPIT). VoIP SEAL, the new technology, which defends against the threat of rapidly increasing spam IP phone calls, is expected to contribute significantly to the realization of safe voice over internet protocol (VoIP) phone networks in the future. VoIP SEAL will be exhibited at NEC's booth at the 3GSM World Congress 2007, taking place in Barcelona, Spain from February 12 - 15.
VoIP-News is running a nice little informative piece discussing some of the general voip security issues that exist and some basic solutions people can take to minimize their exposure. Below is an excerpt from the article:
"While enterprise VoIP offers many cost, efficiency and productivity benefits, it also opens the door to external threats. That's because VoIP is, at its heart, a data networking technology, making it a prime target for hackers, data thieves and other types of online troublemakers."