VoIP (Computer Phone) Warning
by: Dee Scrip
Never before in the history of telecommunications has a more important warning been needed for current and potential VoIP (computer phone)
users who have joined, or will be joining, in the inevitable paradigm shift from telephone to VoIP.
Warning! Warning! Warning! Beware of VoIP internet service providers that operate on industry standard codec and industry standard protocols
because they are PUBLICLY OPEN and INTERPRETABLE! This also includes, but is not limited to, peer-to-peer (P2P) networks.
In plain terms, this means, if you subscribe to, or considering subscribing to a VoIP internet solution provider who operates on these
industry standards – and over 90% do -- you have inadvertently made yourself vulnerable to the criminal activities of hackers.
Regardless of the type of anti virus software you have on your computer, the publicly accessible industry standards provide a pathway by which
these criminals can access your computer to plant viruses, worms, Trojan horses, and/or steal your identity.
Like sharks in a feeding frenzy, unscrupulous criminal hackers view systems operating on these industry standards as their personal “Cash Cow”
because of the ease by which they can access your computer and gather your information to sell to other criminals.
Did you know that some hacker-friendly providers offer processor chips that are only sold on the Internet?Did you know that hacker-friendly
providers actually offer hacker software that enables these criminals to deliberately disable security on computers, access your personal and
confidential information, as well as inject their viruses, worms, and/or Trojan horses?
For instance, “Vomit” is a free download software that was designed to convert VoIP phone conversations into a wave file which could be played
with standard sound players. Hackers gleefully interpret this as a tool they can utilize to attack unsuspecting victims.
Hacker manuals are also easily accessible via the Internet. One of these manuals shows how to DoS other sites. DoSing (Disruption of Service)
involves gaining unauthorized access to the “command prompt” on your computer and using it to tie up your vital Internet services. When a hacker
invades your system, they can then delete or create files and emails, modify security features, and plant viruses or time bombs onto your
“Sniff” is another tool (originally intended to help telecommunication professionals detect and solve problems) that criminal hackers use to
tamper with the protocol and “sniff out” data. When hackers sniff out a data packet from Internet traffic, they reconstruct it to intercept
conversations. This enables them to eavesdrop on conversations, gather information, and sell it to other unprincipled criminal entities.
Identity Theft Identity theft is one of the most sinister of vulnerabilities you can inadvertently be subjected to. Identity theft is defined
by the Department of Justice as “…the wrongful obtaining and using of someone else’s personal data in some way that involves fraud or deception,
typically for economic gain.” Identity theft is the by-product of unscrupulous criminal individuals obtaining your social security number
(including those of your spouse and children), your bank account, your credit card information, etc. Your information is then sold to other
criminal entities for profit. Using your information, these criminals can then:
access your bank account fundscreate new bank accounts with your information create driver’s licensescreate passports
Attorney General Ashcroft stated that, ""Identity theft carries a heavy price, both in the damage to individuals whose identities are stolen
and the enormous cost to America's businesses.”
Don’t be naïve enough to think it won’t happen or couldn’t happen to you!A group hosting a website known as shadowcrew.com was indicted on
conspiracy charges for stealing credit card numbers and identity documents, then selling them online. While this group allegedly trafficked $1.7
million in stolen credit card numbers, they also caused losses in excess of $4 million.
According to a Press Release issued by the Department of Justice on February 28, 2005, a hacker was convicted of several counts of fraud, one
in which “…he fraudulently possessed more than 15 computer usernames and passwords belonging to other persons for the purpose of accessing their
bank and financial services accounts, opening online bank accounts in the names of those persons, and transferring funds to unauthorized
If you are using a VoIP internet service provider and do not want to be a victim of Identity Theft, then take the first step to protect
yourself -- don’t use VoIP internet service providers operating on industry standard codec and industry standard protocols.
Viruses, Worms, and Trojan HorsesOn January 28, 2005, a press Release issued by the Department of Justice reported that a 19 year old was
convicted for his criminal activity by “…creating and unleashing a variant of the MS Blaster computer worm.” Christopher Wray, Attorney General –
Criminal Division stated that,""This … malicious attack on the information superhighway caused an economic and technological disruption that was
felt around the world.”
On February 11, 2005, in a Press Release issued by the Department of Justice, reported that another criminal was sentenced for circulating a
worm. This worm,
“directed the infected computers to launch a distributed denial of service (DOS) attack against Microsoft's main web site causing the site to
shutdown and thus became inaccessible to the public for approximately four hours.”
March 7, 2005, Symantec.com posted discovery of a worm named “W32.Serflog.B” that spread through file-sharing networks and MSN Messenger –
networks that operate on publicly open and interpretable industry standard codec and protocols, including P2P systems, as well as Instant
Messaging systems—none of which are protected, regardless of the anti virus software on your computer. The W32.Serflog.B worm also lowers
security settings and appears as a blank message window on the MSN Messenger. If you don’t want to be the next victim of the devastation created
by worms, STOP using services that operate on industry standard codec and protocols, and/or services that incorporate P2P systems. Anti virus
software does not incorporate protection for Instant Messaging services. In addition, Instant Messaging services, in and of themselves, do not
include protection for their users.
If you like the convenience of text chatting via Instant Messaging, then use a VoIP internet service provider that includes the Instant
Messaging feature -- one that does not operate on industry standard codec or industry standard protocols that are publicly open and
Optimally secure VoIP service providers that incorporate a secure Instant Messaging feature, operate from their own proprietary high end
encryption codec on patented technology that is hosted in a professional facility. Simply put, when a VoIP internet service provider operates on
optimally secure platforms, the Instant Messaging feature on the VoIP softphone, is also protected with their technology.
A Trojan horse is a program that internet criminals use to interrupt and interfere with your security software and produces the following
Terminates processes Removes registry entries Stops services Delete files
Hackers, who have gained access to your computer, because of the programs and software as mentioned above, are having a field day
incorporating this nasty little program into their arsenal of weapons.
As recently as March 4, 2005, a new Trojan horse was discovered that modified settings in Internet Explorer. Windows 2000, Windows 95, Windows
98, Windows Me, Windows NT, Windows Server 2003, and Windows XP were the reported systems that could be affected.Here’s the bottom line.
If you are currently using a VoIP internet solution provider that operates on industry standard codec and industry standard protocols that are
publicly open and interpretable, you need to make a decision:
Continue enticing criminal hackers and remain on their service, or Take immediate corrective action.
If you are currently using Instant Messaging of any sort, you need to make a decision
Continue enticing criminal hackers and remain as a user of their service, or Take immediate corrective action.
If you decide to take immediate corrective action:
Find a VoIP internet solution provider that has their own proprietary high end encryption codec Find a VoIP internet solution provider that
has their own proprietary patented technology Find a VoIP internet solution provider that hosts their proprietary patented technology in a
professional facility Find a VoIP internet solution provider that includes the Instant Messaging feature in their proprietary patented
Here’s a place you can look over to see what a VoIP internet solution provider looks like that operates on their own proprietary high end
encryption codec with their own proprietary patented technology hosted in a professional facility, AND that incorporates the Instant Messaging
By Dee Scrip © All rights reserved**Attn Ezine editors / Site owners **Feel free to reprint this article in its entirety in your ezine or on
your site so long as you leave all links in place, do not modify the content and include the resource box as listed above.
About The Author
Dee Scrip is a well known and respected published author of numerous articles on VoIP, VoIP Security, and other related VoIP issues. Other
articles can be found at http://firstname.lastname@example.org