The debate is not new, but the question will remain relevant until this technology reaches the dependability and resilience of existing circuit-switched telephony systems.
There are no quick answers. This is a complex technology that has valid -- and for now, incomplete -- arguments on both sides.
The security vendors that I recently spoke with had their knives out. McAfee chief executive George Samenuk called the VoIP platform "the next big area for attack".
Robert Graham, chief scientist from ISS, is equally leery of the resilience of VoIP. He said in a recent interview that the technology in its current guise is "completely insecure", and that its vulnerabilities will blow up in the same way Microsoft's vulnerable remote procedure call (RPC) allowed Blaster and Sasser to wreck the havoc that they eventually did.
Safe enough?
Unsurprisingly, the VoIP players that I quizzed painted a different picture. Cisco, which had trumpeted its corporate IP telephony platform indefatigably for the past three years, discounted talks about VoIP being unsafe as alarmist. It conceded that VoIP platforms will never be immune to the determined hacker, but emphasised that it would unfair to single out the technology as being a weak link in a long network chain.
"People who criticise the unsafeness of the VoIP platform seemed to have forgotten that people used to attack PBXes before," said Michael Frendo, vice president of voice systems engineering, voice technology group.
"Remember back in the eighties, when the cool hack was to use a signal generator to steal a long-distance line?" he asked. "If you knew what were the right tones to play, you could steal any service. And you could buy a tone generator for fifty bucks each -- easily. The fact is this: people will always find ways to attack."
He continued: "You have to remember that with VoIP, we are building an application that sits on top of a network -- we are not building something from ground up. If you don't secure the network with say, perimeter defence, than the potential of being comprised is the price that you pay for enjoying the flexibility of this technology."
Fair argument. But Frendo's point on VoIP applications being dependent on the resilience of the networks they ride on isn't very comforting.
Given the alarming reports we read daily on PC virus outbreaks, exposed system vulnerabilities and the rise of organised hacking activities like phishing, network security isn't likely to improve very much from current levels in future. And if it doesn't, is that good enough for a telephone system?
Secondly, like ISS' Graham, I am concerned with how the increased exposure to public data networks will hurt VoIP systems as they gain traction. While the backbones of circuit-switched telephone systems are pretty obscure, IP networks are within the reach of thousands of script kiddies and millions of bots that roam the Web each day.
Toughening the voice pipe
A partial answer to improve the robustness of VoIP-based telephony environments is to strengthen the voice pipe, as AT&T did with its recently-launched VoIP on Enhanced-VPN services, where packetised voice is prioritised through MultiProtocol Label Switching (MPLS) technology, then encapsulated in a virtual private network (VPN) tunnel.
"If you have an MPLS trunk carrying voice between two offices, you basically have a closed network between both offices," said AT&T Asia Pacific's director of planning and engineering John Mulligan.
Or if you are building your own VoIP systems, Cisco's Frendo offered two ways to toughen the pipe. First, enterprises and service providers can encrypt VoIP signalling over a secure tunnel, he said, by using transport layer security (TLS). Secondly, they can then follow this up by encrypting the actual voice traffic, using secure real-time protocol (SRTP). The combination of both measures, he said, will protect IP phone systems against phone-tapping and caller ID-spoofing.
But the larger question of simple reliability remains.
Most VoIP applications will ride on open systems, as opposed to circuit-switched telephony systems which are almost mainframe-like in their closed-ness. To stretch a crude analogy, moving to a VoIP-based telephony system is akin to moving from an IBM RS/6000 to a Windows XP system. It's hard to see how the latter can be as robust as the former.
Actually, as any network administrator know, it is easy to trip up an IP network. Frendo recalled a customer which had been frustrated by a network that was resetting itself every 30 seconds. The problem was eventually traced to a spanning tree-error in its network switch.
"Now this customer was able to live with this problem and initially did not even worry about it because the problem only meant that their employees' Web browsers were taking longer to fetch data. With a voice platform, however, this will become an intolerable quality issue," he said.
In fact, it may take less network quirkiness to render a VoIP platform unsatisfactory. As Mulligan pointed out, all it takes is a slight jitter in a voice conversation to introduce tension, which can eventually lead to a lost business deal. To put his quote in context, however, he said that while expounding the virtues of AT&T's VoIP-EVPN service, but his point about voice being extremely intolerant to network quality inconsistencies is generally valid.
Me? I am going to give vendors the benefit of the doubt -- with a caveat.
Given the excellent quality of the current crop of VoIP products and services, and collective momentum of the platform, which IDC predicted will be worth US$15 billion in worldwide equipment sales three years from now; I have to believe vendors will be more than capable of solving any quality or security challenges as they roll out new equipment and services.
My caveat is this: I agree with ISS' Graham when he said that VoIP vendors and users alike tend to only react when hackers come knocking. Right now, that has not happened because the technology is still niche. But when hackers and viruses come calling in drones (can someone say Blaster?), I hope VoIP vendors will be ready for it.
This is a good article and it asks a very relevant question. As time goes on, voip technology will have to be able to provide some security on it's own without relying on underlying network security.
However I also think that many of the windows issues (vulnurabilities, patching requirements etc) are not really relevant, as most serious voip installations have dedicated handsets, and in many cases dedicated networks with their own firewalls where only a few services on non-standard ports are needed.
Combined with VPN and other encryption layers, VOIP networks are much more secure from hacking than public phone lines.
The hardware issue is a problem, but only as VOIP is still on such a small scale. The public phone system has outages due to equipment problems, but they are few on the scale of use. As voip users increase the vendors be pressured to find reliable hardware options to recommend to customers or lose business back to the traditional telcos.
In fact, the smarter of the telcos will (and are) implementing VOIP systems themselves, and they have much more resources at their fingertips than the smaller VOIP vendors.
As always, the market will push the development of this new technology to the point it is viable. Because of the inherent low cost of providing VOIP services, it has a huge economic appeal to both providers and consumers.
There are enough eager business people out there to ensure that the resource (the potential of VOIP), does not go unexploited!