3CX teases security-focused client update, plus password hashing The CEO of VoIP software provider 3CX has teased the imminent release of a security-focused upgrade to the company’s progressive web application client. “Following our Security Incident we've decided to make an update focusing entirely on security,” CEO Nick Galea wrote on Monday. In case you missed it, that incident was a …
They are in the VOIP phone system business and have never heard of toll-call fraud? That is one of the main things anyone that admins a VOIP phone system needs to guard against.
As mentioned above, they didn't hash passwords? They are still not hashing the SIP credentials?
I would like to say unbelievable, but sadly I'm not surprised. A while back when I was looking into replacing the phone system, I looked at their product. It looked like total crap. I couldn't understand why anyone would buy the product. It was also one of the more expensive options. At the time, it only ran on Windows servers, so that pushed it down the list to begin with.
It also only supported a limited list of IP phones, as was very difficult to make work with phones that were not on its very short list.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
