from the can-you-hear-me-now dept.
mask.of.sanity writes "Researchers have demonstrated a series of exploits that turn Cisco IP phones into listening bugs, and could allow a denial of service attack capable of silencing a call center. It allows internal staff and competitors with a little publicly-available information to hijack the phones, wiretap calls and eavesdrop on confidential meetings. The attacks work through a sequence of exploits against the latest Cisco phones enabled to run off the shelf. Most people are vulnerable, the researchers say, because they do not harden their systems in line with recommended security requirements."
"The eleventh commandment was `Thou Shalt Compute' or `Thou Shalt Not
Compute' -- I forget which."
-- Epigrams in Programming, ACM SIGPLAN Sept. 1982