Audio encryption (SRTP) and secure transport layer signaling (TLS) is also increasingly in demand for internal company  phone calls.   VPN based telefony with employees who work from their homes is no longer an unaffordable expense.

Tools to record RTP audio data within a company network are generally available and becoming increasingly simple to use.

This inevitably leads to an increased need for security, the desire for more knowledge,  and particularly to a professional  handling of possible vulnerabilities.

Every year new vulnerabilities are discovered and remedied.  Vulnerabilities in particular should be fixed quickly and the public informed of the problem solved.  

At a time of increased public interest in a specific product these vulnerabilities are often discovered and properly documented by communities, individualists, and hackers.

With its new snom hacker shootout program snom is looking for closer contact to exactly these communities, individualists, and hackers to be able to pass on their findings to existing security solution partners and for snom itselfto initiate the necessary steps for improvement.

Who are the intended participants?

This program is directed at interested parties who desire secure communication on VoIP phones.

In addition to

• companies offering solutions for secure communication,
• companies switching their communication infrastructure to VoIP, and 
• vendors of VoIP infrastructures

this program expressly addresses

• individualists, hackers, and communities

Our goal:

snom wishes to conduct a permanent dialog with all parties involved and ultimately to continue to offer the securest SIP VoIP phone.   

What does the program include?

- snom will organize panel discussions and lectures on security on a regular basis, to take place at trade shows, at our partners' events, and at snom events.

- snom will support individualists and hackers with information and firmware patches.

- snom will provide contacts to vendors of security solutions to make the dialog easier in this respect as well.

How do I participate? 

To make access to the snom hacker shootout as easy as possible, we have set up the email address

security@snom.de

to contact us.

For the official launch of the program snom is hosting the first panel discussion on the topic "Security of snom phones":

March 5th, 2008, at 15:00h/3 PM CET

Hall 13, Booth D26

CeBIT 2008 Hannover

Inviting you to join the discussion are:

• .mario, Mario Heiderich (developer) , total-surveillance-made-easy-with-voip-phones/
• Peter Cox, CEO UM-Labs Ltd (http://um-labs.com/about.html)
• Ahmar Ghaffar, Senior Engineer (SIP security), snom technology AG
• Hirosh Dabui, Senior Engineer (openVPN, embedded devices), snom technology AG
• Björn Schwarze, manager, ADDIX Internet Service GmbH

Sources on the topics security and snom

• http://www.tmcnet.com/voip/1104/FeatureSecurity.htm
• http://en.wikipedia.org/wiki/Secure_Real-time_Transport_Protocol
• http://secunia.com/advisories/25840/
• http://wiki.snom.com/Security_in_VoIP_environments
• http://www.snom.com/en/javascriptsecurity.html

A short history of snom: 

• SRTP solution: http://springvon06news.pulver.com/archives/2006/03/snom_technology.html
• SRTP/TLS Firewall solution: http://www.newswire.ca/en/releases/archive/March2007/05/c6636.html
• VPN solution: Lecture ciphron.dehttp://www.snom.com/en/cebit2008_voipgurutalk.html