Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Standard view
Full view
of .
Save to My Library
Look up keyword
Like this
0 of .
Results for:
No results containing your search query
P. 1
Wozniak, et al Discuss Ripcord VoIP Security

Wozniak, et al Discuss Ripcord VoIP Security

Ratings: (0)|Views: 560|Likes:
Published by paisano1
I recently had the opportunity to talk to some of best known innovators of our time, including Steve Wozniak, John McAfee, Alex Fielding, Phil Zimmermann, Jon Callas and Marc Hodosh. They discuss the fatal flaw in VoIP which create the ability to perform warrantless wiretaps and what they have done to lead the industry toward more trusted and secure Cyberspace.
I recently had the opportunity to talk to some of best known innovators of our time, including Steve Wozniak, John McAfee, Alex Fielding, Phil Zimmermann, Jon Callas and Marc Hodosh. They discuss the fatal flaw in VoIP which create the ability to perform warrantless wiretaps and what they have done to lead the industry toward more trusted and secure Cyberspace.

More info:

Published by: paisano1 on May 23, 2009
Copyright:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as TXT, PDF, TXT or read online from Scribd
See more
See less





By Kevin M. Nixon, Information-Security-Resources.com Security EditorI recently had the opportunity to talk to some of best known innovators of ourtime, including Steve Wozniak, John McAfee, Alex Fielding, Phil Zimmermann, JonCallas and Marc Hodosh. They discuss the fatal flaw in VoIP which create theability to perform warrantless wiretaps and what they have done to lead theindustry toward more trusted and secure Cyberspace.Can VoIP Really Be Encrypted? No, or at least not until now.Forrester Consulting fielded an online survey of email decision makers at largeUS, UK, German, French and Australian companies. Respondents were asked abouttheir concerns, priorities and plans related to the content of email leaving theirorganizations, as well as related concerns about the risks associated with mobiledevices, blogs and message boards, media sharing sites and other electroniccommunications technologies.Forrester gathered a total of 424 responses from companies with 1,000 or moreemployees, including 301 US, 32 UK, 30 German, 31 French and 30 Australiancompanies. The findings of the 2008 study are published in the report “OutboundEmail and Data Loss Prevention in Today’s Enterprise, 2008”The greatest interest by survey respondents was in having the ability to makephone calls from a laptop computer, in allowing employees to make phone calls froma PDA, and in unified messaging, which allows (among other things) users to accesse-mail messages from their voice mail boxes.The number of cellular/WLAN subscribers will reach over 256 million worldwide by2009, or roughly 12% of all cellular subscribers. By 2009, the numbers ofsubscribers using WLAN for voice is expected to exceed those using WLAN for dataonly.Overall, about 60% of decision-maker respondents believed that it would bebeneficial to have a solution that integrates the WWAN with the WLAN.The number of voice over IP (VoIP) users in Europe has quadrupled in two years,driven by aggressive pricing for bundled communications services, saystelecommunications analyst Telegeography.The firm reported that at year-end 2007, 25.3 million consumer VoIP lines were inservice in Western Europe.This was up from 15 million in 2006, and nearly four times the 6.5 million VoIPsubscribers in 2005.Costs of Data Compromises Rising – Data Thieves Becoming More AggressiveThe Ponemon Institute in a study of 43 companies, sponsored by PGP, found thetotal cost of coping with the consequences data compromise events rose to $6.6million per breach, up from $6.3 million in 2007 and $4.7 million in 2006.There are some distinct consequences of a data breach, especially in healthcareand financial services, Ponemon notes. In these two industries more than others,customers notified of a data breach are more likely to discontinue associationwith companies that failed to secure sensitive data about them.In other findings, the Ponemon study said 88% of all the cases for 2008 weretraced back to insider negligence.
The survey also showed that 44% of data breaches occurred due to external causesinvolving third parties, an increase from 40% in 2007 and 29% in 2006, the Ponemonreport states. A third-party breach is defined as third-party professionalservices, outsourcers, vendors and business partners that were in possession ofthe data and responsible for holding it.Costs for a data breach mount up because of lost business and legal defense, whichgrew in 2008, while costs of customer support, notification and free services suchas credit monitoring decreased, according to the study.Legal Impact – VoIP Can Compromise Client – Attorney PrivilegeCynthia Stamer, Partner, Curran, Tomko and Tarski and Board Certified in Labor &Employment Law by Texas Board of Legal Specialization Corporations, verified thatthe Ponemon reports aligns exactly with her client’s issues and concern:Cynthia: Board Members, Directors, Officers, Executive Management and employeesmust operate with a heightened awareness to insure that they are using encryptedvoice over ISP or any other technology, businesses and their leaders mustconstantly consider the potential implications that the use of any technology onthe records and evidence created and retained. Too often the accessibility oftechnology and accompanying lack of awareness of when they preserve data thatcould be evidence lures business leaders and others to stay and do things withinadequate caution. Because of the way equipment and its technology have evolved,some record or other evidence almost always is created and retained whenbusinesses use even basic technology including a pencil, a tape recording, textmessage or e-mail, telephone conference call, computer note or otherwise. Failingto recognize and properly manage the information across of these technologies cancreate unnecessary risks. Concurrently, however, businesses also need to rememberthat the management, retention and destruction of this information in itself maybe used as evidence. Business leaders always must plan for the potential need toprove that they are doing the right thing and communicate and act accordingly.Now What?Ok recap time: We now know that VoIP is taking over the world. Data thieves inthese hare economic times are drilling faster and deeper.The most respected researcher in data security and protection warns the industrythat the costs to recover from a data compromise have risen by almost $2 Millionin the last 24 months.Then to top things off, the telephone call I make to my attorney for help andadvice may be used as evidence against me unless I find a hacker proof way to keepemployees, vendors and my biggest competitor from listening in and recording myVoIP calls.The Perfect Solution: Ripcord Networks and the IT Industry Icons Who Are InvolvedLucky for me, my internet search of the Internet Engineering Task Force (IETF)database provides the answer to my first question: Is there a best practice orstandard for encrypting VoIP connections to prevent Man in the Middle attacks?Yes, it’s called “ZRTP: Media Path Key Agreement for Secure RTP”.My second question: Who sells products or software that use the protocol?
The answer: Ripcord Network.A Company With CredentialsWhen I research a company, I usually start with “Who Runs the Company” and much tomy surprise I discovered where all of the IT Industry Icons and Einsteins have allbeen planning their next show stopper.I picked up the phone (land line) and called the CEO of Ripcord, Alex Fielding andarranged to interview him and the members of the Board of Directors.Over a period of time each Board Member graciously answered questions for theinterview. Only after I had talked to everyone did I discover that, Ripcord hasnever issued a press release and has only been briefly mentioned in threearticles.The best “Easter Egg” appears on the company’s Investor Relations page. See foryourself.I sat down with Alex Fielding, the CEO of Ripcord networks and we began our chat:KMN: Alex I can’t tell you how great it is to have a chance to talk to you today.Let’s start with some background. What does Ripcord do?Alex: No matter where you are in the world, no matter what handset you are using,we enable secure-encrypted private voice and video conversations across a widevariety of popular off the shelf devices including: mobile phone, desk phone, PCsoftware, Instant Message, teleconference, and Conference Bridge.(Basically we provide the encryption software and protocols that are leading thecharge in secure interoperable IP voice and video communications.)Alex: Steve Wozniak (co-founder Apple), John McAfee (founder McAfee Associates),and I are on the Board of Directors of Ripcord Networks. Additionally we have thebest employees and advisors in this space. Ellen Hancock is Chair of our Board ofAdvisors (former company affiliations include: IBM, Apple, Exodus, Aetna, Colgate/Palmolive, EDS). The Board of Advisors includes: Jon Callas (CTO & CST of PGP),Phil Zimmermann (PGP founder, ZRTP author, and privacy advocate), Marc Hodosh(President, TEDMED, Archon XPrize Genome Project), Dan Pitt, and others.Alex: Everything is moving to real-time IP based communications. The latestrelease covers IP based communications, specifically: all voice and videocommunications, Desk Phones, Wi-Fi, Chat- Video-Voice, Laptops, eBooks, andTablets. The next release will include: Conference Bridging, Voice over Satellite,Remote Sensors, Mobile Phones, and Tactical Radios. Securing these devices hasunique and specialized challenges that Ripcord's product offerings are well suitedto solve. There was no previously elegant or easy way to secure these IP baseddevices and we have a solution to the problem that is unified.(At this point Alex introduced me to Steve Wozniak. (What a nice guy! Our Q&Asession had been rescheduled several times due to his participation on “Dancingwith the Stars” and so we got right down to business.)KMN: Steve I am really glad to have this chance to get to know more about yourvision for Ripcord. Do you mind if I use your nickname in the article?WOZ: No problem whatever works best.

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->