SBCs – Maintaining Your Network’s VoIP Security

By: Simon Horton | Friday, 10 October, 2014

Session Border Controllers (SBCs) can greatly enhance VoIP security, all but eliminating toll fraud while also maintaining voice connectivity. welcomes VoIP Week contributor Simon Horton, the Director of Sales, EU for Sangoma. The term SBC (short for Session Border Controller) is liberally used in the VoIP industry today, but from my travels around the telecom channel it’s clear that there...

BusinessMobilemobile connectivityphonessecurityvoip


By: Paul Hayes | Thursday, 9 October, 2014

Those who build or sell VoIP systems need to begin coping with BYOD, because soon enough it will inevitably be on your system’s spec sheet. welcomes VoIP Week contributor Paul Hayes, ProVu Communications Ltd.’s Product Development Director Whether you’re a developer of IP PBX or a provider of hosted VoIP telephony services, you need to be doing something about...

Businesssecurityvoipvoip hardware

VoIP Security and Your IP Phone

By: David Kirsopp | Thursday, 9 October, 2014

Concerns about massive growth of telephone tapping incidents has led to a growing demand for IP telephone handsets that provide VoIP security. welcomes VoIP Week contributor David Kirsopp, Technical Director snom UK Ltd An IP-PBX can be reached from potentially anywhere in the world, and your communications network is vulnerable if not properly secured. As such, making sure you enhance security through...

Businesssecuritysurveillance & privacyvoip

Why are the Major Telcos Afraid of encrypted voip?

By: Peter Cox | Wednesday, 8 October, 2014

A significant disconnect exists between the reality of today’s IP communications and the security concerns and needs of the customer (read encrypted voip). welcomes VoIP Week guest contributor Peter Cox, UM Labs Ltd. Founder and CEO. One of UM Labs’ long-standing customers is using our product to provide encrypted VoIP connections from remote users (mostly home workers) and...

Bad StuffBusinessofcomscamssecurityvoip

VoIP Fraud — Technological Conventionality Achieved

By: Colin Duffy | Monday, 6 October, 2014

VoIP has reached the mainstream. We know because the fraudsters are coming after us. welcomes VoIP Week guest contributor Colin Duffy, CEO of Voipfone and ITSPA Council member. VoIP merges two of the largest industries in the world: Telecommunications ($5.0 trillion) and the Internet ($4.2 trillion). It is big business. Estimates of VoIP market size vary, though they...


Announcing ITSPA VoIP security workshop sponsored by Yealink

By: Trefor Davies | Wednesday, 17 September, 2014 is teaming up with ITSPA, the Internet Telephony Service Providers’ Association, to produce a twice yearly VoIP security workshop. The first one is during the Convergence Summit South show at Sandown Park on October 8th, Read on to find out more. Announcing the ITSPA/ VoIP security workshop Telecom Fraud – Part 1 – A Case Study for the Channel...

Bad StuffEnd Userpiracysecurity

Website Blocking Report

By: Trefor Davies | Friday, 4 July, 2014

See if your website is being blocked by ISPs using the Open Rights Group (ORG) website blocking Blocked resource. Had an interesting tweet this morning from @boggits pointing me at, specifically this link. It shows, as is seen in the header screenshot, that three mobile networks: 3, O2 and EE have blocked users access to My only prior...

End Usersecurity

Lock screen strategy – show your home phone number

By: Trefor Davies | Friday, 20 June, 2014

Showing your home phone number on your lock screen could avoid a lot of problems if the phone is lost. I’ve always had “Tref’s phone” as text on the lock screen on my phone. Once when the phone was accidentally left on the bar at the cricket club it was returned to me immediately. V handy. The other day...


Wot? No Password?

By: Peter Cox | Tuesday, 20 May, 2014

UM Labs Ltd. Founder and CEO Peter Cox’s post is based on a presentation given at a recent ITSPA workshop on the risks of auto provisioning. Everyone understands the need for security on the Internet. We all know the importance of using strong passwords and — painful as it may be — regularly changing those passwords. As such, would...

Businessonline safetysecurityvoip

Voice Fraud – You Need to Act!

By: Simon Woodhead | Wednesday, 7 May, 2014 welcomes VoIP guest contributor Simon Woodhead, CEO of wholesale voice provider Simwood. In February, we published VoIP Fraud Analysis, a white paper that details Simwood’s three years of operating a Honeypot, coloured in by many years of real-world experience servicing wholesale voice clients of all sizes and seeing them compromised. Our research has been very well received in...


Oops – was that the red button? Nuclear near uses

By: Trefor Davies | Wednesday, 30 April, 2014

Following last week’s post in which we discussed the precautions taken by Nominet to withstand nuclear attack we beginning to realise how sensible this was. A Chatham House Report Too Close for Comfort: Cases of Near Nuclear Use and Options for Policy describes thirteen incidents of near nuclear use. It’s almost like reading the notes used in preparation for a...

Bad StuffEnd Useronline safetysecurity

Heartbleed – a pain in the proverbial

By: Trefor Davies | Thursday, 10 April, 2014

Big fuss doing the rounds over the Heartbleed bug. Google it. Every man and his dog1 is saying it is really bad and offering advice which basically says change your passwords oh and btw it might not make sense to change it yet because your specific service might not have patched their SSL. Now this is the problem. I...


New Joules shop opens – queue remains calm, Bruce Schneier signs book

By: Trefor Davies | Thursday, 27 February, 2014

Could hardly contain my excitement walking to work this morning. A new shop has opened on Lincoln High Street! I wouldn’t have notice were it not for the fact that a woman got in my way trying to take a photo of the queue. I too like to take photos (of queues) so I reversed in my tracks, whipped...


Selling your contact information – who does it?

By: Trefor Davies | Wednesday, 19 February, 2014

One of the things I’ve been looking forward to in life post Timico is having a cleaner inbox. I don’t get spam using Gmail and the platform very kindly filters most commercial mails in to a tab called “Promotions”. This I love. I do look occasionally and note that the mails are typically from rewards membership accounts and their...


Lloyds Bank – 2 out of 7 servers “down”

By: Trefor Davies | Monday, 27 January, 2014

Problems with Lloyds Bank & TSB cashpounts attributed to failiure of 2 out of 7 servers by BBC. Interesting article on BBC Radio 4 Today Prog this morning. Apparently last night some Lloyds & TSB customers were unable to use their debit cards for a couple of hours or so. Not me. I was at home. The point is...

End Usersecurity

Intro & Password Pain by @LindseyAnnison

By: Lindsey Annison | Wednesday, 15 January, 2014

I’m grateful to Tref for leaving the corporate treadmill and embarking on this new venture.  Although he never appeared to hate, or even dislike, his day job as some others in the industry seem to (in fact, having seen him in situ in the Timico offices several times, he seemed to positively revel in it!), I am very much...

Businessonline safetysecurityspam

Gmail update – Google+ comment

By: Trefor Davies | Sunday, 12 January, 2014

Got an email yesterday from Google about a change to Gmail. Everyone probably got the same mail. Certainly the mainstream media made big news of it, in the tech sections. When you are sending an email from a gmail account you will now be offered Google+ account holders as recipients of the mail. One site, whose name is oft...

End Useronline safetysecurity

Eventbrite security really on the ball – Adobe hack

By: Trefor Davies | Monday, 18 November, 2013

Had an email from Eventbrite yesterday with the subject “Keeping your account protected”. Fair play to them. Eventbrite have looked at the 3 million user name email addresses recently hacked at Adobe and cross referred them to any in use on the Eventbrite platform. They have then let the Eventbrite users with these identical email addresses subs. I was...


Team Cymru – the correct pronounciation

By: Trefor Davies | Monday, 4 November, 2013

On a completely different note whilst I was at the Euro-IX conference last week someone gave a talk that included something about Team Cymru. Team Cymru are a top bunch of guys in the cyber security space. However there is something that urgently needs addressing about the organisation and that is how you pronounce their name. I’ve been hearing...

Businessonline safetyRegssecurity

Government Minister responsible for leaking secrets to enemy spies?

By: Trefor Davies | Thursday, 17 October, 2013

I note that old Francis Maude, Cabinet Office minister, has taken his communications services into his own hands and  installed a WiFi connection. The Telegraph article doesn’t go into any great detail as to what the WiFi is connected to. You get the impression he has ordered a separate broadband line to his office. I was pondering on a...


Is Huawei in your network a national security concern?

By: Trefor Davies | Tuesday, 23 July, 2013

I am reminded that yesterday’s post on how would Huawei spy on your network has an additional dimension in the UK in that a significant chunk of BT’s 21CN infrastructure is based on the Chinese vendor’s kit. I hadn’t noticed that this hit the headlines a couple of months ago. The BT Huawei deal would have been based on...

End Userinternetsecurityvoip

How to tell if a phone call is going to be a scammer

By: Trefor Davies | Tuesday, 23 July, 2013

Most people have picked up scam phone call at sometime in their recent short lives. I’ve noticed that they all have similar characteristics in that when you pick up the phone there is always a second or two of silence followed by a foreign voice saying “can I speak to Mr Davies please?” (replace Davies with your own name...

End Userinternetonline safetysecurity

The return of the “virus on your Microsoft PC” scam #speedytechies @TeamViewer

By: Trefor Davies | Monday, 22 July, 2013

The “you have a virus on your Microsoft PC” scam is back. I thought they had locked up the people responsible and this was dead. Like everything related to the internet crime – spam, botnets they always find a way back. I got home from work on Friday and took a call from Anna of They apparently have...

Engineerinternetonline safetysecurity

How would Huawei spy on your network?

By: Trefor Davies | Monday, 22 July, 2013

Last week the talk was about a story about former head of the CIA and the NSA, Michael Hayden, who thinks Huawei are spying on networks that have installed their kit. Link here to the Register story though it appeared in a lot of places. One has to think about how Huawei might do this without the network operator...

End Usersecurity

Privacy on London Underground Metropolitan Line #googleglass

By: Trefor Davies | Friday, 10 May, 2013

The Metropolitan Line on London Underground has nice newish interconnected carriages and you can walk from one end of the train to the other. As we wound our way to Kings Cross for me to catch the train back north I noticed that the carriages were making interesting snake like movements. Very artistic I thought. I’ll video it. I...


The Fortigate100D firewall & MPLS networks

By: Trefor Davies | Tuesday, 26 February, 2013

I find it profitable to sit around the development teams. Someone always says “hey Tref come and see this”. On this occasion it was a couple of Fortigate100D firewalls. Now the cynics amongst you will say so what? A firewall? What’s so interesting about that? I realise that there can be few readers of this blog of that disposition...


How to make your VoIP secure #fraud

By: Trefor Davies | Thursday, 24 January, 2013

It’s a pretty simple process to set up your own VoIP phone system. Google “free VoIP server” and you will find links to 3CX or Asterisk. Download their free software and install it on a computer in your office. Sign up for a few SIP trunks from an Internet Telephony Service Provider (eg Timico) and you can be up...

Engineeronline safetysecurity

How to achieve a PCI Compliant network

By: Trefor Davies | Thursday, 17 January, 2013

A lot of effort goes into achieving PCI compliance for a network. Without going into huge detail I thought some of you would like to know the type of work we had to do to get the badge. Implementation of secure LDAP cluster This consists of a master server and three read-only slaves, the master server is locked down...

BusinessRegssecuritysurveillance & privacy

The Report of the Joint Select Committee on the Draft Communications Data Bill

By: Trefor Davies | Tuesday, 11 December, 2012

The Report of the Joint Select Committee on the Draft communications Data Bill was issued this morning at one minute past midnight. It’s been in the news this morning with the deputy Prime Minister Nick Clegg calling on ministers to rip up their plans and go to “back to the drawing board“. The 105 page Report concludes that “there...

End Userscamssecurity

Great phishing season

By: Trefor Davies | Wednesday, 28 November, 2012

All you anglers out there will appreciate this little phishing effort from “Lloyds Bank”. I picked it up from our spam filter – pleasing to see that it works. I do wonder what percentage of recipients of this kind of email actually fall for it. This one isn’t a bad attempt though as is the nature of these things...

  • Coming soon

  • Date for your diary Xmas bash Thursday 11th December
  • Events at
  • © Copyright 2014