This is an overview of VoIP fraud, different types of fraud and what telecommunication carriers are doing to combat this issue. Types of fraud include International / Premium Number Fraud, Impersonation / Social Engineering, Service Degradation / Denial of service. Presented by Mark Magnusson at KazooCon 2015.
James Aimonetti discusses VoIP Rates, Routing, and Services at KazooCon 2015.
Billing Data with Kazoo from James Solada
Product Director Aaron Gunn discusses billing options for SaaS and IaaS customers. This includes CDR API, AMPQ, and integrating VoIP billing platforms.
People love to talk about scale. Some vendors pitch that their systems easily support 100,000 simultaneous calls, or 500 calls per second, etc. The reality is, in the real world, people’s behaviors vary and the feature sets they use can cut these numbers down quickly. For example, ask that same vendor claiming 100,000 simultaneous calls if it can be done while call recording, call statistics and other features are turned on at the same time, and you’ll usually get a very different, cautious, qualified response.
In this presentation, we’ll show you how to set up your infrastructure to support 100,000 simultaneous calls.
http://www.slideshare.net/2600hzmarketing/tuning-kazoo-to-10000-handsets-kazoocon-2015
People love to talk about scale. Some vendors pitch that their systems easily support 100,000 simultaneous calls, or 500 calls per second, etc. The reality is, in the real world, people’s behaviors vary and the feature sets they use can cut these numbers down quickly. For example, ask that same vendor claiming 100,000 simultaneous calls if it can be done while call recording, call statistics and other features are turned on at the same time, and you’ll usually get a very different, cautious, qualified response.
In this presentation, we’ll show you how to set up your infrastructure to support 100,000 simultaneous calls.
HTTP/2 is too good to pass.
If you don’t know much about HTTP/2 then check this HTTP/2 101 I’ve written half a year ago.
In essence, it is the next version of how we all get to consume the web over a browser – and it has been standardized and deployed already. My own website here doesn’t yet use it because I am dependent on the third parties that host my service. I hope they will upgrade to HTTP/2 soon.
Watching this from the sidelines, here are 4 good reasons why you should be using HTTP/2. Not tomorrow. Today.
#1 – Page Load SpeedThis one is a no-brainer.
A modern web page isn’t a single resource that gets pulled towards your browser for the pleasure of your viewing. Websites today are built with many different layers:
At the time of writing, my own website’s homepage takes 116 requests to render. These requests don’t come from a single source, but rather from a multitude of them, and that’s when I am using weird hacks such as CSS sprites to reduce the number of resources that get loaded.
There’s no running away from it – as we move towards richer experiences, the resources required to render them grows.
A small HTTP/2 demo that CDN77 put in place shows exactly that different – they try loading 200 small images to a page in either HTTP/1.1 or HTTP/2 shows the improved load times of the page.
HTTP/2 has some more features that can be used to speed up web page serving – we just need to collectively start adopting it.
#2 – Avoiding Content InjectionIn August, AT&T was caught using ad injection. Apparently, AT&T ran a pilot where people accessing the internet via its WiFi hotspots in airports got ads injected to the pages they browsed over the internet.
This means that your website’s ads could be replaced with those used by a third party – who will get the income and insights coming from the served ads. It can also mean that your website, that doesn’t really have ads – now shows them. The control freak that I am, this doesn’t sound right to me.
While HTTP/2 allows both encrypted and unencrypted content to be served, only the encrypted variant is supported by browsers today. You get the added benefits of encryption when you deploy HTTP/2. This makes it hard to impossible to inject 3rd party ads or content to your site.
#3 – GranularityDuring that same August (which was the reason this post was planned to begin with), Russia took the stupid step of blocking Wikipedia. This move lasted less than a week.
The reason? Apparently inappropriate content in a Wikipedia page about drugs. Why was the ban lifted? You can’t really block a site like Wikipedia and get away with it. Now, since Wikipedia uses encryption (SPDY, the predecessor of HTTP/2 in a way), Russia couldn’t really block specific pages on the site – it is an all or nothing game.
When you shift towards an encrypted website, external third parties can’t see what pages get served to viewers. They can’t monetize this information without your assistance and they can’t block (or modify) specific pages either.
And again, HTTP/2 is encrypted by default.
#4 – SEO JuiceThree things that make HTTP/2 good for your site’s SEO:
Planning on introducing WebRTC to your existing service? Schedule your free strategy session with me now.
The post 4 Good Reasons for Using HTTP/2 appeared first on BlogGeek.me.
Hello, again. This past week in the FreeSWITCH master branch we had 90 commits! Most of the features for this week went toward the verto communicator and are: created a source map file, created the reset banner action, floor and presenter badges, and locked icon in floorLocked status, added an About screen with version information and links to FS.org and added a link to Confluence with documentation for VC, and made mute/unmute audio/video clickable. Other features this week include: refactoring the local_stream API to be more consistent and add auto complete, compatibility with Solaris 11 process privileges, improvements to the way FEC info is detected within frames by adding support for ptimes higher than 20 ms for FEC detection and improvements to jitter buffer debugging in mod_opus.
Join us on Wednesdays at 12:00 CT for some more FreeSWITCH fun! And head over to freeswitch.com to learn more about FreeSWITCH support.
New features that were added:
Improvements in build system, cross platform support, and packaging:
The following bugs were squashed:
And, this past week in the FreeSWITCH 1.4 branch we had 6 new commits merged in from master. And the FreeSWITCH 1.4.23 release is here! Go check it out!
The following bugs were squashed:
Some aspects are now table stakes for WebRTC API Platforms.
There are 20+ vendors out there who are after your communications. They are willing to take up the complexity and maintenance involved with running real time voice and video that you may need in your business or app. Some are succeeding more than others, as it always has been.
So how do you as a potential customer going to choose between them?
Here are a few things I’ve noticed in the two years since I first published my report on this WebRTC API space:
Most vendors today have pretty decent quality with a set of APIs that are easy. Pricing varies, but usually reasonable. While some customers are sensitive to pricing, others are more focused on getting their proof of concept or initial beta going – and there, the price differences doesn’t matter in the short to medium term anyway.
The problem is mainly vendor lock-in, where starting to use a specific vendor means sticking with it due to high switching costs later on. But then, savvy developers use multiple vendors or prepare adapter layers to abstract that vendor lock-in.
Vendors need to think more creatively at how they end up differentiating themselves. From carving a niche to offering unique value.
My Virtual CoffeeThis is the topic for my first Virtual Coffee session, which takes place on October 14.
It is something new that I am trying out – a monthly meeting of sorts. Not really a webinar. But not a conference either.
Every month, I will be hosting an hour long session:
If you are not sure if you are eligible to join, just contact me and we’ll sort things out.
I’d like to thank the team at Drum for letting me use their ShareAnywhere service for these sessions – they were super responsive and working with them on this new project was a real joy for me.
Virtual Coffee #1 Title: WebRTC PaaS Growth Strategies How WebRTC API vendors differentiate and attempt to grow their business When: Oct 14. 13:30 EDT (add to calendar) Where: Members only What’s next?Want to learn more about this space? The latest update of my report is just what you need
The post How NOT to Compete in the WebRTC API Space appeared first on BlogGeek.me.
Some people are fidgeting on their chairs now, while others are happier than they should be.
I’ll start by a quick disclaimer: I like Google. They know when you acquire companies to fit my schedule – just got back from vacation – so I actually have time to cover this one properly.
Let’s start from the end:
Google and Apple are the only companies that can make RCS a reality.
To all intent and purpose, Google just gave RCS the kiss of life it needed.
Google just acquired Jibe Mobile, a company specializing in RCS. The news made it to the Android official blog. To understand the state of RCS, just look at what TechCrunch had to say about it – a pure regurgitation of the announcement, with no additional value or insights. This isn’t just TechCrunch. Most news outlets out there are doing the same.
* Dataset subscribers have the acquisitions table updated with this latest information
Why on earth is Google investing in something like RCS?
RCSRCS stands for Rich Communication Suite. It is a GSMA standard that has been around for a decade or so. It is already in version 5.2 or so with little adoption around the world.
What is has on offer is an OTT-style messaging capabilities – you know the drill – an address book, some presence information, the ability to send text and other messages between buddies. Designed by committee, it has taken a long time to stabilize – longer than it took Whatsapp to get from 0 to 800. Million. Monthly active users.
The challenge with RCS is the ecosystem it lives in – something that mires other parts of our telecom world as well.
Put simply, in order to launch such a service that needs to take any two devices in the world and connect them, we need the following vendors to agree on the need, on the priority, on the implementation details and on the business aspects:
Call it an impossible feat.
In a world where Internet speeds dictate innovation and undercut slower players, how can a Telco standard succeed and thrive? The moment it gets out the door it feels old.
Google and MessagingGoogle has many assets today related to messaging:
As Kranky puts it, they were missing an iMessage service. But not exactly.
Google thrives from large ecosystems. The larger the better – these are the ones you can analyze, optimize and monetize. And not only by building an AdWords network on top of it.
The biggest threats to Google today, besides regulators around the globe, would be:
Getting into RCS and committing to it, as opposed to doing a half witted job at an RCS client on vinyl Andorid, gives Google several advantages:
Beside being a nice signal to the market about seriousness, Jibe offers a few advantages for Google.
In a way, Jibe isn’t caught up in the old engineering mentality of telco vendors – it provides a cloud service to its customers, as opposed to doing things only on premise. While Google may not need the architecture or code base of Jibe Mobile, it can use its business contracts to its advantage – and grow it tenfold.
When your next RCS message will be sent out, Google will know about it. Not because it sits on your device, but because it sits between the device and the network.
Why will Telcos Accept this?They have no choice in the matter.
RCS has been dead for many years now. Standardization continues. Engineers fly around the world, but adoption is slow. Painfully slow. So slow that mid-sized OTT players are capable of attracting more users to their services. It doesn’t look well.
And the problem isn’t just the service or the UI – it is the challenge for a carrier to build the whole backend infrastructure, build the clients for most/all devices on its network and then launch and attract customers to it.
Google embedding the client front end directly into Android and a part of the devices means there’s no headache in getting the service to the hands of customers and putting it as their default means of communications.
Google offering the backend for telcos in a cloud service means they no longer have to deal with the nasty setup and federation aspects of deploying RCS.
Only thing they need to do is sign a contract and hit the ground running.
An easy way out of all the sunk costs placed in RCS so far. It comes at a price, but who cares at this point?
The End GameThere are three main benefits for Google in this:
Not really here. Or almost not. It isn’t about WebRTC. It is about telecom and messaging. Getting federated access that really works to the billions of mobile handsets out there.
Jibe has its own capabilities in WebRTC, a gateway of sorts that enables communicating with the carrier’s own network from a browser. How far along is it? I don’t know, and I don’t think it even matters. Connecting Jibe RCS cloud offering to Google Hangouts will include a WebRTC gateway. If it will or won’t be opened and accessible to others is another question (my guess is that it won’t be in the first year or two).
An interesting and unexpected move by Google that can give RCS the boost it desperately needs to succeed.
Planning on introducing WebRTC to your existing service? Schedule your free strategy session with me now.
The post Android Does… RCS !? What About WebRTC? Hangouts? appeared first on BlogGeek.me.
We’re preparing for #KazooCon! Are you ready for the Unified Communications Revolution on Monday? If you have not purchased tickets, do so right now…only five tickets remain http://ow.ly/SPQgr
The SmartPBX App combines comprehensive PBX functionality with user-friendly interface. Set up new users in minutes, manage all of your accounts, reduce installation and labor costs, and provide business-specific user features. All services are controlled via API’s, allowing you to extend the App functionality as needed. Within the interface you have the ability to create, manage, and remove services for your users.
2600Hz offers a true Unified Communications solution, providing telco solutions that can be deployed by anyone in the continental United States. The SmartPBX App is highly scalable, redundant and clustered, providing increased functionality and time-savings when compared to traditional VoIP telecom carriers. Remotely manage your entire product offering within the SmartPBX Dashboard and quickly diagnose and solve most issues that may arise.
See SmartPBX at Work
So what Features Make 2600Hz’s SmartPBX Different?
Total Administrator Visibility - The SmartPBX dashboard provides a comprehensive overview of your entire product offering. Within the dashboard, review the total users, devices, main numbers and conference numbers. Have peace of mind knowing that your network is working properly just by looking at the dashboard.
Manage All Users & Features - Create users and manage all their settings within the Users tab of SmartPBX. Add Users, attach Phone Numbers, Devices and assign specific User Features within the UI. Manage what features your users can access including Ring Groups, Caller ID, Call Forwarding, Hot Desking, Voicemails, Faxbox, Conference Bridge, Find Me, Follow Me, Music-On-Hold and Inbound Call Recording.
Purchase, Port and Assign Phone Numbers - Provide each user with their unique direct-dial phone and extension number. Assigning and managing numbers within the UI is extremely easy, and you can purchase a number in seconds.
Provision Devices - Provision Yealink, Polycom and Cisco devices in minutes with our built-in auto- provisioning system. The UI comes pre-populated with these manufacturers and devices are continuously being added. Bring in your own devices or allow users to bring in their own. Devices can be provisioned remotely, users just need to provide their MAC and IP address, then plug in and reset their device.
Call Handling and Virtual Receptionist - Create customized greetings and call routes to give businesses that professional touch. Set up a main business phone number and utilize the pre-built Virtual Receptionist to handle inbound calls. Virtual Receptionist will professionally and automatically transfer calls to an appropriate department or person. Set time-of-day routing and holidays, effectively managing business hours.
Conference Numbers - Create a direct-dial conference number. Pre-programmed room numbers and conference room PINs allow access to the conference.
Billing and Transaction Services - Easily add credit cards on file and change accordingly. Create and set limits for users that include inbound and outbound trunks, and per minute credits.
Call Logs - Diagnose call delivery problems with ease. Every call is tracked and call problems can be reported with a single click.
The FreeSWITCH 1.6.2 release is here! This is the release of the Video/MCU branch!
Release files are located here:
And we’re dropping support in packaging for anything older than Debian 8.0 and anything older than Centos 7.0 due to a number of dependency issues on older platforms.
New features that were added:
Improvements in build system, cross platform support, and packaging:
The following bugs were squashed:
The FreeSWITCH 1.4.23 release is here! This is a routine maintenance release and the resources are located here:
New features that were added:
Improvements in build system, cross platform support, and packaging:
The following bugs were fixed:
Hello, again. This past week in the FreeSWITCH master branch we had 57 commits! Some of our features for this week are: added reset button to default settings, auto-provision/config support, No Camera option, and splash screen feature in the verto communicator.
Join us on Wednesdays at 12:00 CT for some more FreeSWITCH fun! And head over to freeswitch.com to learn more about FreeSWITCH support.
New features that were added:
Improvements in build system, cross platform support, and packaging:
The following bugs were squashed:
And, this past week in the FreeSWITCH 1.4 branch we had 8 new commits merged in from master. And the FreeSWITCH 1.4.23 release is here!Go check it out!
New features that were added:
Improvements in build system, cross platform support, and packaging:
The following bugs were squashed:
Lots of Node. Little of WebRTC.
It has been quite some time since my last WebRTC book review. So when I got an indication that there is another book with WebRTC inside it, I had to read it. Which is what got me to Multiplayer Game Development with HTML5 by Rodrigo Silveira.
The promise of WebRTC in this book? Learning to “create peer-to-peer gaming using WebRTC”. I was intrigued. Spent reading it a few hours – and was happy about it, even though the WebRTC part of it was limited in its value.
This book takes the reader into a “Hello World” implementation of an online HTML5 multiplayer game. It is done by taking a step by step approach to implementing the classic snake game. First in HTML5, using a backend. And then by building on top of it all the rest.
The book itself is focused on Node.js development of the game, taking care to explain and use concepts of authoritative game servers – servers that make the main decisions in a game. It connects that to responsiveness and fluidity of the game, etc.
To those interested in real time communications, this is an interesting book. It has a lot of the same thought processes of developing signaling protocols and implementing their backend, dealing with responsiveness, latency and causality of message passing. It also handles the game lobby – the place where you connect players – you can view this as a conferencing server (the signaling part of it).
Rodrigo mentions WebRTC almost in passing – as a way of reducing latency by making use of the data channel in WebRTC, but that’s about it. There’s no real discussion or example of how to integrate it in a multiplayer game where you have an authoritative server and clients that communicate directly with each other at the same time.
That said, I felt the book is an interesting one for those developing WebRTC – and it wasn’t because of the WebRTC parts of it.
If you are interested in architecture, design, signaling or just programming – this book is a really interesting read.
I warmly recommend it.
The post WebRTC Book Review: Multiplayer Game Development with HTML5 appeared first on BlogGeek.me.
We’re less than 10 days from #KazooCon. For all you late-birds out there, now is the time to buy! Only nine tickets remain. www.kazoocon.com
An update to my WebRTC API Platforms report is now available.
Updates in the reportsThe last time I published an update of my Choosing a WebRTC API Platform report was 6 months ago. Since that time the market has changed quite a bit. If I had to note the most important aspects of that change, they would be:
Other notables include Atlassian acquiring BlueJimp and non-WebRTC API platforms joining the game.
These frequent changes made it into the latest update to my report, along with an addition of 4 vendors (AT&T, Bistri, Bit6 and Circuit). This with the updates of what vendors are doing didn’t seem enough to cover the market properly. Which is why I have decided to open a membership section on my website to go along with the report.
New membership area (and tools)What does this membership section includes?
So. If you purchased the report within the last year or have renewed your report’s subscription, you’ll be getting immediate access to the membership area and its tools – an email will be sent to you today with the necessary details.
Overview and sample vendorIf you want to learn more about the report, you can download the report’s table of contents and introduction section.
This time, I also wanted to give people a taste of what they’ll find in the report itself. To that end, I’ve asked AT&T to sponsor the vendor analysis section covering their platform and WebRTC APIs and they accepted. There are 23 vendors covered in the report in detail. The AT&T one is now freely available to download – you can expect the same level of detail on all other vendors in the report.
New pricingThis brings me to the last item, which is pricing.
There are now two price points for the report:
Want to learn more, or understand how the market is changing by non-API players? I am hosting a free webinar later today:
Development Approaches of WebRTC Based Services: There are many ways in which people approach adding real-time communications with WebRTC to their service. While the dominant approaches are probably self development and using a WebRTC PaaS vendor, there’s a wider range of approaches.
Got questions? Feel free to ask them in the comments area below or by contacting me directly.
The post My WebRTC API Platforms report Gains a Membership Portal appeared first on BlogGeek.me.
So I talked about Skype and Viber at KrankyGeek two weeks ago. Watch the video on youtube or take a look at the slides. No “reports” or packet dumps to publish this time, mostly because it is very hard to draw conclusions from the results.
The VoIP services we have looked at so far which use the RTP protocol for transferring media. RTP uses a packet header which is not encrypted and contains a number of attributes such as the payload type (identifying the codec used), a synchronization source (which identifies the source of the stream), a sequence number and a timestamp. This allows routers to identify RTP packets and prioritize them. This also allows someone monitoring all network traffic (“Pervasive Monitoring“) to easily identify VoIP traffic. Or someone wiretapping your internet connection.
Skype and Viber encrypt all packets. Does that make them them less susceptible for this kind of attack?
Bear with me, the answer is going to be very technical. tl;dr:
Not expecting to find much, I ran a standard set of scenarios with Skype of Android and iOS similar to those used in the Whatsapp analysis.
A first look did not show much. Luckily, when analyzing WhatsApp I had developed some tooling to deal with RTP. I modified those tools, removing the RTP parser, and was greeted with these graphs:
While the bitrate alone (blue is my ipad3 with a 172.16. ip address, black is my old Android phone) is not very interesting, the packet rate of exactly 50 packets was interesting. Also, the packet length distribution was similar to Opus. As I figured out later from the integrated debugging (on the Android device, this must be too technical for iOS users!), this was the Silk codec. In fact, if you account for some overhead the black distribution matches what we saw from WhatsApp earlier and what is now known to be Opus at 16khz or 8khz.
So the encryption did not change the traffic pattern. Nor does it hide the fact that a call is happening.
When muting the audio on one device, one can even see regular spikes in the traffic every then seconds. Supposedly, those are keepalive packets.
Let’s look at some video traffic. Note the two distinct distributions in the third graph? Let’s suppose that the left one is audio and everything else is video. This works well enough looking at the last graph which shows the ‘audio’ traffic in green and orange respectively.
The accuracy could possibly be improved a little by looking at the number of packets which is pretty much constant for audio.
In RTP, we would use the synchronization source (SSRC) field from the header to accomplish this. But that just makes things easier for routers.
Last but not least relays. When testing this from Europe, I was surprised to see my traffic being routed through Redmond, Washington.
This is quite interesting in comparison to the first graph. The packet rate stays roughly the same, but the bitrate doubles to 100 kilobits/second. That is quite some overhead compared to the standard TURN protocol which has negligible overhead. The packet length distribution is shifted to the right and there are a couple of very large packets. Latency was probably higher but this is very hard to measure.
While I got some pretty interesting results from Skype, Viber turned out to harder. Thanks to the tooling it took now only a matter of seconds to discover that, like Whatsapp, it uses a relay server to help with call establishment:
Blue traffic is captured locally before it is sent to the peer, the black and green traffic is received from the remote end. The traffic shown in black almost vanishes after a couple of initial spikes (which contain very large packets at a low frequency). Visualizations of this kind are a lot easier to understand than the packet dumps captured with Wireshark.
And for the sake of completeness, muting audio on both sides showed keepalive traffic, visible as tiny period spikes in this graph:
VoIP security is hard. And this not really news, attacks on encrypted VoIP traffic have been known for quite a while, see e.g. this paper from 2008 and the more recent ‘Phonotactic Reconstruction’ attacks.
The fact that RTP does not encrypt the header data makes it slightly easier to identify, but it seems that a determined attacker could have come to the same conclusions about the encrypted traffic of services like Skype. Keep that in mind when talking about the security of your service. Also, keep the story of the ECB penguin in mind.
Or, as Emil Ivov said about the security of peer-to-peer: “Unless there is a cable going between your computer and the other guys computer and you can see the entire cable, then you’re probably in for a rude awakening”.
{“author”: “Philipp Hancke“}
Want to keep up on our latest posts? Please click here to subscribe to our mailing list if you have not already. We only email post updates. You can also follow us on twitter at @webrtcHacks for blog updates and news of technical WebRTC topics or our individual feeds @chadwallacehart, @victorpascual and @tsahil.
The post Traffic Encryption appeared first on webrtcHacks.
Phosfluorescently utilize future-proof scenarios whereas timely leadership skills. Seamlessly administrate maintainable quality vectors whereas proactive mindshare.
Dramatically plagiarize visionary internal or "organic" sources via process-centric. Compellingly exploit worldwide communities for high standards in growth strategies.
Wow, this most certainly is a great a theme.
Donec sed odio dui. Nulla vitae elit libero, a pharetra augue. Nullam id dolor id nibh ultricies vehicula ut id elit. Integer posuere erat a ante venenatis dapibus posuere velit aliquet.
Donec sed odio dui. Nulla vitae elit libero, a pharetra augue. Nullam id dolor id nibh ultricies vehicula ut id elit. Integer posuere erat a ante venenatis dapibus posuere velit aliquet.