A story was published on the BBC News website today regarding a vulnerability in snom phones that could allow someone to eavesdrop on you.
If you read this story earlier today, you should re-read it as it has been substantially edited in the last hour or so.
I would just like to reassure customers that this is not news to either ourselves or snom. It is just a case of setting decent passwords on the phone and using up to date firmware. Devices must be set up correctly to operate in a secure fashion, snom phones actually do more to remind you to do this than any other phone – they have messages on the LCD screens and web interfaces.
Also, ProVu advise customers on security best-practices and we can provision a sensible set of default settings to your IP phones.
Snom publish a best-practices guide here:
The gist of this is to use recent firmware, set a strong HTTP password and leave hidden-tags turned on.
This advice pretty much fits with any SIP phone (indeed, any device you connect to your network).
It’s a shame snom have been singled out here because they do more than many to secure their phones.