In his excellent essay on the security issues with VoIP, “The Wild World of VoIP,” by Wes Brown, a researcher at Matasano, he reminds us that

Many of these protocols are derived from older digital switching stuff such as Signaling System 7. And the mindset that comes from completely controlling the communications mechanism carries over, creating huge exposures. These systems were never designed to be on an open untrusted network, and the inheritors of these legacy protocols are essentially digital switching carried over IP instead of the control channel of a T1. There are plenty of issues to be found during testing because of this.

Quite often, the most significant risks in any situation are both inherent and largely beyond our ability to control. The origins of VoIP in protocols that were never designed for an insecure environment are a great example of this. Any attempt to bolt security on later will be hampered accordingly. This means that we either cannot mitigate the risk, or must effectively re-create the old environement.

In the case of VoIP, this would mean using a separate wiring and switch fabric (for an office or enterprise deployment), which destroys much of the cost avoidance benefits of deploying VoIP and not allowing soft phones or unified communications features, which in turn wipes out all the interesting features and also destroys the value proposition of enabling a more agile workforce.

So what we’re left with is risk acceptance (aka “hoping nothing bad happens”) or the status quo.

I love VoIP as an enabling technology for mobile workers like myself, but I’m also consistently disappointed with the lack of security mindset that so many vendors still seem to possess.