US warns on risk of net-based telephony reports FT

Internet-based telephony known as voice over internet protocol, or VoIP promises lower costs and greater flexibility by using existing data networks. But a report by the National Institute of Standards and Technology, which develops technology guidelines for US government agencies, warns of the “inherent vulnerabilities” of VoIP.

Huh? NIST, the group that looking after Internet warns about VoIP?

And I am surprised at some of the statement like “VoIP systems can be expected to be more vulnerable than conventional telephone systems, in part because they are tied in to the data network, resulting in additional security weaknesses and avenues of attack” which is trying to imply Internet is not good enough. Oh wait, I think I have heard similar statements before at ITU (and also OECD).

Furthermore, it goes on to say “VoIP adds a number of complications to existing network technology and these problems are magnified by security considerations” and recommends “using separate voice and data networks when feasible“.

Now now now. I seem to hear these before too…Yep, Cisco! That’s exactly the same marketing message Cisco has been using selling their telephony solution – “Security is big problem- We are the expert and all our product has security build in; Provision more subnets – buy more routers”

It is hard to argue against a report that warns about security (nothing is 100% secured) but I think there is something going on here… but I am just guessing based on what I have seen at various forums…