VoIP SPIT: Even Plain Old Telephone Users Need to Worry About It   5/14/2005 - 940 views, 1 Comment

Summary: [Courtesy of Guest Author Craig Hughes] Security guru Bruce Schneier writes on SPIT today in his security blog. A mighty neat trick to write on a liquid you say? Well, different semantics for "on" and "SPIT" than you might expect, unless you're ...

Previous Article « Free Hosting Industry Targets more Advanced Internet User
Read Next Article » Court Denies TigerDirect’s Injunction in Tiger Lawsuit Against Apple

[Courtesy of Guest Author Craig Hughes]

Security guru Bruce Schneier writes on SPIT today in his security blog. A mighty neat trick to write on a liquid you say? Well, different semantics for “on” and “SPIT” than you might expect, unless you’re a regular reader of AS.

SPIT of course is Spam over IP Telephony, that is Spam which uses VoIP as a propagation mechanism. Schneier, who is normally very tight in his analysis, misses the point slightly through a common error though. He says

“Spit has the potential to completely ruin VoIP. No one is going to install the system if they’re going to get dozens of calls a day from audio spammers.”

…which completely misses the fact that SPIT leverages VoIP on the sending side, not the receiving side (because the SPIT senders can use all the nifty VoIP features to power-spam any telephone number), and that features you get with VoIP on the receiving side (like more sophisticated caller ID, and the ability to process the incoming connection request and data stream however you want) actually would be very useful to be able to *combat* SPIT. In fact, it’s probably fair to say that if SPIT takes off in any substantial way, it will actually drive adoption of VoIP since POTS (the Plain Old Telephone Service) is going to be defenseless against the new attacker.

So, advice of the day: switch to VoIP now, before the spam:real ratio in your voicemailbox is the same as the ratio of spam:real in your email inbox (if you had no spam filtering enabled).

[*Craig Hughes is a recovering anti-spam addict, one of the original architects of Spam Assassin Open Source, and the founder of Gumstix. And a damned fine friend.]

Get FREE email alerts of new Internet Patrol stories!
    *We never share your email address with anyone

Email Address:
Date of first visit:
How you found us:

Subscribe to The Internet Patrol on your cell phone    Email the link for this page to a friend!

Read more:

»  Aural Sex Spam - Coming Soon to a VoIP Appliance Near You

»  Spam, Spim, Spit…Achtooey!

»  VoIP Internet Telephone Can’t be Regulated by State, Says Court

»  VOIP 911: Weakness in VoIP 911 System Leads to Lawsuit Against Vonage

For additional similar stories check out our archives on Spam, VoIP

 

1 Comment »

  1. do you know hostfile http://www.mvps.org/winhelp2002/hosts.htm
    perhaps it’s possible to make a “hostfile” with excluded/included telephone numbers.
    get rid of all the callcenters calling at dinertime by downloading 1 file!!

    Comment by marcel — 5/18/2005 @ 7:26 am

RSS feed for comments on this post.

Leave a comment

Warning! All comments which contain URLs and are clearly just spam to generate a link back to the URL will be deleted on sight. Don't bother wasting your time!

If you are going to include a URL in your comment,
please keep it under 25 characters in length,
or use TinyURL to shorten it before including it in your comment.

Line and paragraph breaks are automatic, your email address is never displayed.
HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

(required)

(required)


We apologize for having to ask you to enter the letters and numbers you see in the image above to validate your comment, but we are being attacked by thousands of comment form spams every day!

 
The Internet Patrol
Patrolling the Internet for You!