A local customer running Zulu had a compliance audit done and they found that the Zulu desktop client was transmitting passwords in cleartext. I thought all Zulu traffic was encrypted so I"m a bit confused. Do we assume the audit is incorrect?
mvogel4949 (Mvogel4949) #1
billsimon (Simon Telephonics) #2
It’s a serious claim. Can they prove it out with a network capture?
mvogel4949 (Mvogel4949) #3
I’ll see if I can obtain it.
mvogel4949 (Mvogel4949) #4
After looking at the network capture they were actually seeing the admin username and password of an IP phone and not Zulu.