I recently purchased a Yealink T46S SIP phone from EBay as I wanted something with more line keys that supported Opus.
When it arrived it had an active account on it, which would potentially allow me to make outbound calls billed to the original owner. Unfortunately this is quite common for phones acquired on EBay and is incredibly poor practise.
The phone was quite well locked down with an admin password and the SIP signalling being sent via TLS, but a packet capture revealed the phone communicating with IPs belonging to Zoom.
Being an upstanding citizen I wanted to factory reset the phone so I could use it on my own service. The admin password prevented me from reseting the phone via the menu, but Google revealed that pressing the OK button for 5 seconds will factory reset the phone, or so I thought!
The widely used VoIP signalling protocol SIP has a bad reputation. In my opinion it's mostly unwarranted. If you don't stray too far off piste and have a decent NAT traversal behaviour things will generally work fine.
In the ideal world everything would be encrypted, but there's a plethora of end of life and unsupported devices out there, and devices which may support encryption are often configured by end users that may not enable it.
Enter Opportunistic SRTP - a method of encrypting the audio stream if it's supported by the other end, and it's not supported just fall back to plain old RTP
I recently acquired a Polycom VVX 450 off Ebay for £30, which is an absolute bargain for a modern 12 Line SIP phone with OPUS / SILK support.
There was some risk however, it had previously been used by a VoIP provider that shares its name with a character in the Greek Alphabet and some providers lockdown the configuration to make it challenging to make them work with another provider.
Getting around these locks can occasionally involve intercepting traffic and redirecting it to your own TFTP or HTTP server, however with this phone it didn't seem to be the case.
I recently started using a Yealink T42G - An older (but still very functional) SIP Desk Phone. Weeks passed without any issues, until I attempted an attended transfer. I'd receive a call, chat to them, hit transfer, dial the next number, hit send, and my desk phone would start ringing again displaying "ReCall" on the screen. If you answer the call, the leg to the phone you wish to transfer to will drop.
Fortunately I was eventually able to find a fix. I presume the same fix will work on the other T4X series phones, including the T40, T41 T46 and T48