* What to worry about - and what not to - when it comes to VoIP security As we’ve already discussed, the most impressive finding in the soon-to-be-released 2004 Webtorials VoIP Report is that security concerns have leapfrogged other factors – even budgetary issues – to become the primary impediment to deployment. As it turns out, concerns about security of the infrastructure outweigh concerns about conversation content. Nevertheless, there is considerable concern about conversations being intercepted as well.We find this to be most curious. Exactly how much security is needed for ordering a pizza – even if you have to give a credit card number? During a recent briefing, a network security vendor told us, “Everybody knows that it’s easier to intercept a call with VoIP than with traditional telephony.” This is simply not true.Intercepting a call in the public switched telephone network (PSTN) is a piece of cake. You can even buy an analog “butt set” at your friendly local hardware store. Digital signals are in decades-old TDM formats. And encrypting conversations end-to-end takes special equipment.Let’s contrast this with VoIP conversations. You have to somehow tap the information in a data format. Then you have to pick it out of a packet stream rather than a TDM format. Then you have to decode which coding algorithm is used. And many programs – even free programs and services like Skype – encrypt conversations. While we can never tell you not to be concerned about security – that’s a decision you must make for yourself – we do urge you to consider the following:1) The least secure portion of a VoIP (or traditional) conversation is the truly “wireless” portion. No, we’re not talking about cell phones or WLAN. We’re talking about the part of the conversation going through the air from your mouth to the mouthpiece. People get excited about encryption – then they sit on a crowded plane and discuss business deals. 2) It’s true that protecting the VoIP infrastructure is a major issue. So make sure you put your efforts where the biggest risk is. Protect the equipment and the integrated applications. Protect the signaling path.3) Is there possibly too much security available? Does the ease of encrypting VoIP conversation content actually cause more problems than it solves by making it even more difficult for legitimate law enforcement organizations to monitor illegal activities?We would love to hear your experiences and attitudes on this. Related content how-to Doing tricks on the Linux command line Linux tricks can make even the more complicated Linux commands easier, more fun and more rewarding. By Sandra Henry-Stocker Dec 08, 2023 5 mins Linux news TSMC bets on AI chips for revival of growth in semiconductor demand Executives at the chip manufacturer are still optimistic about the revenue potential of AI, as Nvidia and its partners say new GPUs have a lead time of up to 52 weeks. By Sam Reynolds Dec 08, 2023 3 mins CPUs and Processors Technology Industry news End of road for VMware’s end-user computing and security units: Broadcom Broadcom is refocusing VMWare on creating private and hybrid cloud environments for large enterprises and divesting its non-core assets. By Sam Reynolds Dec 08, 2023 3 mins Mergers and Acquisitions news analysis IBM cloud service aims to deliver secure, multicloud connectivity IBM Hybrid Cloud Mesh is a multicloud networking service that includes IT discovery, security, monitoring and traffic-engineering capabilities. By Michael Cooney Dec 07, 2023 3 mins Network Security Cloud Computing Networking Podcasts Videos Resources Events NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe