Here is a guest post from Jacek Materna
John Wright, an instructor from SANS, has posted a detailed analysis of Apple's Facetime for the iPhone. Although a few weeks old, I wanted to spend some time analyzing his findings since I have experience with VoIP across various versions of Apple's SDK's. His findings are indeed legitimate, accurate and thorough.
Given that Facetime is probably the largest consumer deployed SIP application, its security implications are quite interesting. Expect more SIP and RTP applications in the future being pushed out to edge devices such as the popular iPhone. I encourage you to check out his findings.
The full link is at: