Voip Vulnerabililty
With new technology comes new vulnerability. We have unwanted advertising in our mail boxes, spam in our e-mail … and now the era of spam in the VoIP system has arrived. I read an VoIP blog last day and I’ve found out that the spammers are attacking the VoIP client already. I am not a VoIP user, but I can only imagine how annoying can that be. The classic mail spam is easy to throw away, the e-mail spam is easy to delete … but how uncomfortable must be to get 4-5 calls every day about Viagra or something? This new method of “advertising” is called SPIT, and it stands for Spam over Internet Telephony … and I find the abbreviation very representative, spam calls being as disturbing as … the abbreviation. I’ve read in the same VoIP blog that Skype is having a security upgrade once in a while (because they have suffered an Trojan attack already) … and I wonder if they have found a solution for blocking the unwanted calls. Caller ID is some kind of a solution for avoiding the VoIP advertising by just not answering, but it’s still annoying. Even if VoIP is not a brand new service anymore, the encryption used is not that secure. The security risks of VoIP those not stop at spam … Just think about how easy is to intercept a classic phone call … and think about how easy it is to intercept data over the Internet (on a vulnerable system). There are already some open source programs that allow sniffing in a VoIP call. So … there is spam over internet telephony, there is evavesdropping over Internet telephony, I’ve heard that there is phishing too. Basically the VoIP service is as vulnerable as any other communication system based on an Internet connection. The worst part is that in this case you will not only read your annoying spam…you will listen to it. |
