VoIP Security Threats Defined

Zonorph writes "Information week is reporting that the recently formed industry group Voice over IP Security Alliance (VOIPSA) just published their first draft of a VoIP Security Threat Taxonomy for public comment. From the VOIPSA, 'This VoIP Security Threat Taxonomy is meant to define the many potential security threats to VoIP deployments, services, and end users. Part of the challenge of devising effective VoIP security protections requires first identifying these threats in the first place.'"

Why was there never one of these for POTS?

[matth]

It never fails to amaze me that people are ready to jump on VoIP as being "insecure" when infact it is probably more secure then your POTS line. To tap into a POTS line all you need is a butt set. Climb your local pole (and look like you should be) and no one will question you. Or walk up and place a tap on the CO NID outside a building. If it's a business, look like you should be there, and again no one will question you.

To actually tap VoIP you need to be in the path of the packet somewhere. It isn't like you can just hack a server and sniff the traffic. You'd actually need to be on a router someplace, and have some way to get the packets off the router and into some form that you could make into an audio file.... Yeah, which would you do?