Posts tagged ‘skype’
The BBC and others are reporting the ‘news’ that VoIP (I expect they mean SIP) credentials are often passed in the clear (encoded but not encrypted), leading to potential sniffing and replay attacks in (for example) non-encrypted wifi networks.
What this actually seems to be, though, is the re-hashing of a ‘sponsored’ article in Commsbusiness (no permalink available), which seems to be not much more than scaremongering by Newport Networks, who coincidentally sell a range of secure Session Border Controller devices for VoIP.
Now, the BBC article does quote Skype and a researcher from Jupiter playing down the issue – I guess there’s no smoke without fire, but is this a solution looking for a problem?
Update: Newport Networks have posted some more background to this article in their blog. Thanks to Dave Gladwin of Newport for pointing me to this.