Still, the Silicon Valley start-up, which officially opened its Web-based telephony platform to third party developers this morning, is generating a lot of buzz for its Flash/Flex-based telephones (see video below), and rightly so. The company has essentially built a software version of an operator-class telephone switch that connects Internet-based voice communication services with mobile and landline phones and other Web-based phone applications.

Using its Ribbit API, developers can write applications that support full telephone capabilities–voice mail, call-logging, text-to-speech transcription services, etc.–and because they’re Flash/Flex-based, they can be embedded into Web sites and integrated into Web-based services.

“What we have done is made voice an object that you embed into your workflow (or software),” said Ribbit CEO Ted Griggs. “We didn’t want to change how people did things, like communicate via Skype, and wanted to integrate the platform to work with any phone.”

Smart, eh? But how’s the company going to make money? Ribbit says it plans to charge for services like calls to traditional landlines, voice-mail transcriptions and billing. A reasonable plan, but as Ovum analyst Brett Azuma notes, an unproven one. “Unless there’s a foolproof way to get the products out there and make them successful,” Azuma told Wired. “I think the consumer applications are a little unclear for now. Being able to use text-to-speech transcription services and archive voice calls are many of the features that consumers have shown interest in over the years. However, whether or not they’re willing to pay for these features is going to be the big question.”

The vulnerability, which can be exploited by an attacker-controlled WiFi point or Web page, hasn’t yet been reported in the wild. And Apple’s working on a fix for it. That said, we’re certain to see others in the months ahead now that the iPhone has been proved vulnerable.

“Anything as complex as a computer–which is what this phone is–is going to have vulnerabilities,” Johns Hopkins professor Avi Rubin told the New York Times. “The irony is that the more popular something is, the more insecure it becomes, because popularity paints a large target on its back.”

Added Steven M. Bellovin, a professor of computer science at Columbia University, “It’s not the end of the world; it’s not the end of the iPhone. It is a sign that you cannot let down your guard. It is a sign that we need to build software and systems better.”

And now it’s adding voice data. Or rather, more voice data than what it’s already collecting with Google 411. This morning, Google announced its plans to buy GrandCentral Communications, making the universal phone service its 12th purchase in six months. No terms were disclosed; though GrandCentral reportedly fetched a bit north of $50 million.

“GrandCentral offers many features that complement the phone services you already use. If you have multiple phone numbers (e.g., home, work, cell), you get one phone number that you can set to ring all, some, or none of your phones, based on who’s calling,” Google product manager Wesley Chan wrote in the Google Blog. “This way, your phone number is tied to you, and not your location or job. The service also gives you one central voice mailbox. You can listen to your voice mails online or from any phone, forward them to anybody, add the caller to your address book, block a caller as spam, and a lot more. You can even listen in on voice mail messages from your phone while they are being recorded, or switch a call from your cellphone to your desk phone and back again. All in all, you’ll have a lot more control over your phones.”

And Google will have a lot more control over your voice data, which it will presumably harvest for future use in voice search applications, something it’s already doing with Google 411. From Google’s 411 Privacy Policy: “We also collect and store a copy of the voice commands you make to the service, so we can audit, evaluate and improve the voice-recognition capabilities of the service.“

What was it Sun Microsystems Chairman Scott McNealy once said? “You have zero privacy anyway. Get over it.”