Re: [on-asterisk] Openmoko presentation
My impression was when rev 2 is released, maybe -- but the new line of Nokia's sounds even better. Symbian and WinCE devices still offer more powerful API's at this point, and definitely have more useful software. OpenMoko still has quite a bit of work ahead of them. On Dec 5, 2007 10:24 PM, Bruce Nik [EMAIL PROTECTED] wrote: Hello everyone, I missed the openmoko presentation yesterday (thinking the meeting is today Wednesday as usual). Is the phone impressive? worth trying? Thanks, Bruce _ Use fowl language with Chicktionary. Click here to start playing! http://puzzles.sympatico.msn.ca/chicktionary/index.html?icid=htmlsig -- | It ain't what you don't know that gets you into trouble. It's what | you know for sure that just ain't so. -- Mark Twain | | The Toronto Asterisk Users Group | Join the discussion group by visiting http://taug.ca - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [on-asterisk] Openmoko presentation
On Thursday 06 December 2007 08:22:49 Simon P. Ditner wrote: My impression was when rev 2 is released, maybe -- but the new line of Nokia's sounds even better. Symbian and WinCE devices still offer more powerful API's at this point, and definitely have more useful software. OpenMoko still has quite a bit of work ahead of them. I too regret missing that meeting, I just could not make it. :-( I'm looking forward to rev2, but I need to see and hold one of these before shelling out that kind of money. That's why I was so eager to get to the meeting. As far as work to do -- I don't care about that. I want a device that has the three radios (GSM, Wifi, BT) I care about, a decent screen and processor, and is open. OpenMoko gives me access to what I need -- right from the bootloader to the calculator app -- and the rest I'll figure out. I'm so sick to the teeth with proprietary garbage being shoved up my ass by the carriers and the manufacturers. Give me something I can twist and mangle into whatever it is *I* need and I'm there. The first OpenMoko phones have one of the most craptacular physical designs I've ever seen, but maybe a little more research will show me a phone that OpenMoko will run on (again, from bootloader to calc app) and will not make me cringe at the wasted space. :-) -A. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[on-asterisk] SEASONS GREETINGS
I would like to take this opportunity to wish everyone in the TAUG a happy holiday season. As always this year has been full of interesting meetings on a variety of subjects and I suspect that will continue into next year too. A special thanks to Simon who had the vision to start this group and to all the members who contributed both their time (and sometimes their money) during the year. TTFN-- Henry - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[on-asterisk] Scary Call from Bell Muscle Men...
I just wanted to share a phone call I got from Bell and the rather heavy handed scare tactics they used. I'm not questioning the arguments (not completely), just the sky is falling tatics.. After many years of Bell bloated bills, I recently switched my phone to another provider. That ran into issues, so I got fed up with the service and ended up switching to Rogers Home Phone. I can honestly say, no problemos so far. Of course, I'm expecting issues some day, but for now, I'm happy. Anyways, Bell likes to call me to convince me that I made a big mistake. How because of deregulation, they can now beat the competition's prices (too bad they didn't do it while I was a customer). About two minutes ago I was told the issues with Roger's Home Phone were as follows: 1. Because it is a shared cable connection, anyone can listen in on my conversation. 2. If I call 911, then I go to a switching station, that may or may not transfer properly to 911 or in a timely manner. As well, they will not know where I am calling from. I was a amused to hear this, so I let him explain it all to me. Then I started hinted a little that I was a little more technical than the average Joe. I started asking questions about e911 service and how it is that people could listen into my call, he got discouraged and quickly ended the call. Anyways, I was a little mad at the call and wonder what the reality is of his claims and other potential issues with Roger's Home Phone. I would think the phone packets are QOS and I would think there would be some level of security / encryption on those packets. I also doubt regulations would allow this to happen without going through a lot of troubles. But, I don't REALLY know. I think the biggest concern I have is the battery life on the phone line is fairly short, in case of an emergency (ala major blackout). Regards, Chuck - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [on-asterisk] Scary Call from Bell Muscle Men...
On 6 Dec 2007 at 17:18, Chuck Mariotti wrote: 1. Because it is a shared cable connection, anyone can listen in on my conversation. The RHP is not shared, it is on a reserved frequency range separate from Internet and Video service frequencies 2. If I call 911, then I go to a switching station, that may or may not transfer properly to 911 or in a timely manner. As well, they will not know where I am calling from. That could be true if you moved your RHP device to someone elses house, but that is a bit over the top and not likely I would think the phone packets are QOS and I would think there would be some level of security / encryption on those packets. I also doubt regulations would allow this to happen without going through a lot of troubles. But, I don't REALLY know. I think the biggest concern I have is the battery life on the phone line is fairly short, in case of an emergency (ala major blackout). The battery life of the phone is supposedly 8 hours, not sure about battery life of equipment shelters between you and the cable head-end JP
Re: [on-asterisk] Scary Call from Bell Muscle Men...
On 6 Dec 2007 at 19:29, Michael Richardson wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Are you sure? I know that Rogers' has said this, but it is my understanding that they haven't actually implemented this. And, even if it is on the same frequencies as the Internet, you can't see other people's traffic on cable without non-standard equipment. (And I don't mean a Linux CD). Positive, they use Packet Cable technology Unless you've got some serious test/monitoring equipment, you ain't seeing anything on the drop into your house I think the biggest concern I have is the battery life on the phone line is fairly short, in case of an emergency (ala major blackout). jp The battery life of the phone is supposedly 8 hours, not sure jp about battery life of equipment shelters between you and the jp cable head-end And... Bell lost power to many of their LEC's after about 20 hours during the ice-storm, and had to get generators out to there. Anything that is connected directly to a CO shouldn't ever loose power unless the loop is cut Although nowadays they have optical quite close to the kerb JP
Re: [on-asterisk] Scary Call from Bell Muscle Men...
Hello Philip and everyone, This thread interests me, since, just over a month ago, I terminated my relationship with Bell when we relocated. Question is: How secure is, or how can one make voip secure? i.e. Is Telephone Banking vulnerable over voip? For our residential phone we are now using acanac and lesnet over aDSL with dry-loop, asterisk 1.4.11 on my linux box here at home with a couple of Aastra SIP phones and a Linksys 3102 to the analog phones in the house. Cost is much lower than Bell's minimal service and we now have all the bells and whistles that Bell charges an arm and a leg for, at no extra. I could go on about Bell's bumbling monopolistic methods, like repeated phone calls to try to convince me to come back to Bell Sympatico for adsl, billing me for a month after the service was terminated, when I call them to try to straighten it out I get someone in India who can hardly speak English who tells me that I have Bell Expressview on my account and that the account was never terminated/settled... I tell them there is no Expressview on the account and the account was terminated when I left that address... 20 minutes of elevator music later I get dead air... (Boy am I glad I no longer have any affiliation with Bell!!!) Sorry about that rant... Question, if you've read this far, is related to the comments below about security on a voip call: Philip Mullis wrote: Anyone with enough skills can listen to your calls on the rogers network, but that would imply they also have access to the switching fabric in which your calls go through., also if you want to be super secure, get a voip provider that does ipsec connections from you to them ,this will ensure very high security. Not using Rogers, how secure are calls using adsl/asterisk to a itsp like acanac or lesnet? Everytime I think I'm getting a handle on networking/routing/dns/traffic-shaping/etc something new turns up. Like ipsec. How do I determine if, or if not, ipsec is being used? Can I set it up on my end unilaterally? or must it be a provision from the itsp? Bell copper... m what can i say here... anyone with a 3$ phone from wallmart, plyers and aligator clips can listen in on your call :/ True, but he'd have to be outside my house or on a pole somewhere, right? With IP isn't it possible for anyone on the internet, savvy enough to do it, to intercept packets and monitor calls/data transmissions from the comfort of his living room? Unless we are using some kind of security or tunneling protocol, or maybe IPSEC? What would be the equivalent of an ssh data connection in the voip world? What is the best/easiest/cheapest way to ensure security? --terry -- Name: Terry D. Cudney Phone: (705) 812-3744 (lesnet DID) E-mail: [EMAIL PROTECTED] Having a smoking section in a restaurant is like... having a peeing sectionin a swimming pool. Tired of technology? Check this out: http://www.shibumi.org/eoti.htm - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [on-asterisk] Scary Call from Bell Muscle Men...
Chuck: This is more of a business feedback vs. the fantastic technical feedback others have provided. Just to share with you and everyone, I've tried to strategically align myself with Allstream and Bell Canada for different service offerings that would allow me for a monthly residual income. That was once upon a time. Now that my staff base is larger and stronger, I felt no reason or need to align with either Bell or Allstream.Instead I've partnered with smaller organizations and service providers. Like you, I got a call from Bell ... not an agent, but a Sr. Executive at Bell -- requesting for a meeting to partner and form an official alliance with my company.Following that call, in 2 weeks I received a call from supposedly an Allstream Sr. Executive as well.Over the last 2 months we acquired about a dozen clients strictly through direct marketing/referrals, and have passed on a considerable savings to our clients taking them away from Bell and Allstream. Every organization we have recruited as clients, Bell and Allstream is loosing a minimum of $3,000 annually based on 5 phone line office. When you do the math, and when smaller business organizations find out they have other alternatives, they are happy to explore and bid Bell Allstream bye bye.Most small organizations want to deal with a smaller company that can provide services. We are not even spending a single dollar in advertising and have been privileged with acquiring clients. Other similar organizations like mine are probably spending considerable time and money advertising hence acquiring more clients.When one does the math, I'm merely a particle of sand in a beach and if we have taken away $30,000+ of annual revenue from Bell AllStream single handed, imagine what 100 other smaller companies and VoIP consultants can do, partnering with other ITSPs and CLECs. Thanks to the de-regulation of the industry... its provided the smaller guys for greater opportunities... and if the big guns like Bell, Allstream and others are not quick to change -- they will loose millions in revenue. They already are. I've suggested Bell that they seriously think of residual income offerings for its agents and not just a stupid one time commission, and to have better pricing. Bell realizes that they are loosing money. But I think they are also missing the point. Partnering with me and 100 others organizations like mine -- will not win them clients. Consultants are not stupid and clients and consumers are smarter than what Bell Rogers would like to think or treat. They (clients consumers) will go and do business with other smaller organizations they can trust and deal with. From your recent experience with Bell and my recent experience with the executives, its no doubt the big guns are feeling the heat from the little guys. My two cents. Cheers! Reza. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [on-asterisk] Scary Call from Bell Muscle Men...
Oktime to get technical It's not exactly accurate to say they use Packet Cable. They use a variety of technologies from Cable Labs, the proprietors of the PacketCable project. Basically the Rogers Home Phone adapter is a normal DOCSIS cable modem with a NCS VoIP ATA built in. For those of you that don't know, NCS is a bunch of extensions to MGCP designed for and by the cable industry (kind of like H.248). So what you basically have is a modem/ATA combo not much different than the DSL modem/ATA combos that are available (think Zoom x5v, Zhone 6238 or Thomson 780wl) As far as the sharing comment goes, well this is true however it is a very unfair comment to make. Rogers puts all of their DOCSIS based Home Phone devices on a specific cable frequency (channel) dedicated for home phone. So the packets are on a shared channel, but the only other thing on that channel are other Home Phone units. The potential impact of this on voice quality is minimal to none. As far as the anyone can listen to your call comment, once again possible but highly unlikely. In order to do this someone would have to meet all of the following requirements. 1) connect to the coax cable IN YOUR neighborhood, either at their home or at a tap (not very hard to do) 2) convert a normal cable modem into a bridge and configure it to listen to the channel (frequency) that Rogers has dedicated for home phone in your neighborhood (very hard) or buy some *VERY EXPENSIVE* RF test gear 3) run a protocol analyzer like wireshark on the data coming off of the 'cable modem bridge' or RF test gear (easy) So, it is possible to listen to a neighbor's Rogers Home phone calls, but very unlikely. And like Phil said, all you need to listen to someones Bell line is a $3 phone, and a pair of alligator clips. If you live in the same neighborhood and have a BIX tool and a 5/8 socket you could even divert their line to you house...permanently. - Original Message - From: [EMAIL PROTECTED] To: asterisk@uc.org Sent: Thursday, December 06, 2007 8:38 PM Subject: Re: [on-asterisk] Scary Call from Bell Muscle Men... On 6 Dec 2007 at 19:29, Michael Richardson wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Are you sure? I know that Rogers' has said this, but it is my understanding that they haven't actually implemented this. And, even if it is on the same frequencies as the Internet, you can't see other people's traffic on cable without non-standard equipment. (And I don't mean a Linux CD). Positive, they use Packet Cable technology Unless you've got some serious test/monitoring equipment, you ain't seeing anything on the drop into your house I think the biggest concern I have is the battery life on the phone line is fairly short, in case of an emergency (ala major blackout). jp The battery life of the phone is supposedly 8 hours, not sure jp about battery life of equipment shelters between you and the jp cable head-end And... Bell lost power to many of their LEC's after about 20 hours during the ice-storm, and had to get generators out to there. Anything that is connected directly to a CO shouldn't ever loose power unless the loop is cut Although nowadays they have optical quite close to the kerb JP - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [on-asterisk] Scary Call from Bell Muscle Men...
Hi Terry: You have a bunch of good questions. I would say that any type of VoIP, either DSL or Cable (don't let Rogers make you believe that Home Phone isn't VoIP...it is), is far more secure than a traditional Bell land line. For telephone banking, it is much easier to intercept someones DTMF (touch tone) digits on an analog phone line than it is on a digital one. They don't need to be outside your house or on a pole. They just need access to any point on your loop (house, pole, crossbox, splice can). These can be located anywhere between your house and the nearest Bell CO or Remote. And the person wouldn't necessarily have to stay their either. The bottom line is that the last mile of any connection is the most vulnerable to intercept. Oh and don't let you think that Rogers is very safe either. Just last week I was in the Oshawa Bell CO working on a customer trouble with a Bell technician. We were looking for a spare pair and were surprised to find dial tone (and then someone talking) on a pair. It turned out that the Rogers installer didn't disconnect the copper line outside the house and when the customer plugged their Home Phone adapter into a normal jack (so they could get dialtone through the house) they were driving the copper pair all the way back to the CO...in analog. As far as security goes, your calls are going to be pretty secure. Not as secure as they could be if you were able to use IPSEC or some other encryption method (Kevin will probably chime in with zRTP), but I don't know any VoIP providers (including ourselves) that offer this. It requires decryption on the far end...so your iTSP or ISP has to be in on it It is pretty hard for someone on the internet to intercept your packets unless they have access to the core routers of the ISPs that are transiting the data. Not impossible, but highly unlikely. Yes, there is an initiative for a quasi-ssh like VoIP. Its called zRTP and comes from Phil Zimmerman, the same guy that invented PGP encryption that is used in email. It is very new however and not very mature yet. The person on the far end would have to have the same setup. Bill - Original Message - From: terry D. Cudney [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: asterisk@uc.org Sent: Thursday, December 06, 2007 9:37 PM Subject: Re: [on-asterisk] Scary Call from Bell Muscle Men... Hello Philip and everyone, This thread interests me, since, just over a month ago, I terminated my relationship with Bell when we relocated. Question is: How secure is, or how can one make voip secure? i.e. Is Telephone Banking vulnerable over voip? For our residential phone we are now using acanac and lesnet over aDSL with dry-loop, asterisk 1.4.11 on my linux box here at home with a couple of Aastra SIP phones and a Linksys 3102 to the analog phones in the house. Cost is much lower than Bell's minimal service and we now have all the bells and whistles that Bell charges an arm and a leg for, at no extra. I could go on about Bell's bumbling monopolistic methods, like repeated phone calls to try to convince me to come back to Bell Sympatico for adsl, billing me for a month after the service was terminated, when I call them to try to straighten it out I get someone in India who can hardly speak English who tells me that I have Bell Expressview on my account and that the account was never terminated/settled... I tell them there is no Expressview on the account and the account was terminated when I left that address... 20 minutes of elevator music later I get dead air... (Boy am I glad I no longer have any affiliation with Bell!!!) Sorry about that rant... Question, if you've read this far, is related to the comments below about security on a voip call: Philip Mullis wrote: Anyone with enough skills can listen to your calls on the rogers network, but that would imply they also have access to the switching fabric in which your calls go through., also if you want to be super secure, get a voip provider that does ipsec connections from you to them ,this will ensure very high security. Not using Rogers, how secure are calls using adsl/asterisk to a itsp like acanac or lesnet? Everytime I think I'm getting a handle on networking/routing/dns/traffic-shaping/etc something new turns up. Like ipsec. How do I determine if, or if not, ipsec is being used? Can I set it up on my end unilaterally? or must it be a provision from the itsp? Bell copper... m what can i say here... anyone with a 3$ phone from wallmart, plyers and aligator clips can listen in on your call :/ True, but he'd have to be outside my house or on a pole somewhere, right? With IP isn't it possible for anyone on the internet, savvy enough to do it, to intercept packets and monitor calls/data transmissions from the comfort of his living room? Unless we are using some kind of security or tunneling protocol, or maybe IPSEC? What would be the
Re: [on-asterisk] Scary Call from Bell Muscle Men...
Wellthey terminate all their Home Phone to a bunch of BTX4KI believe the BTX4K is capable of encryption, but I've been told by a former Rogers employee that he is pretty sure they aren't using it (it doesn't scale well) I just found this on the BTX4K. It says it signals TGCP (which is the PacketCable extensions to MGCP) http://www.nuera.com/products/ORCA_BTX-4K.cfm - Original Message - From: Michael Richardson [EMAIL PROTECTED] To: Bill Sandiford [EMAIL PROTECTED] Cc: asterisk@uc.org Sent: Thursday, December 06, 2007 11:17 PM Subject: Re: [on-asterisk] Scary Call from Bell Muscle Men... -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Bill == Bill Sandiford [EMAIL PROTECTED] writes: Bill Basically the Rogers Home Phone adapter is a normal DOCSIS Bill cable modem with a NCS VoIP ATA built in. For those of you Bill that don't know, NCS is a bunch of extensions to MGCP designed Bill for and by the cable industry (kind of like H.248). So what Bill you basically have is a modem/ATA combo not much different Bill than the DSL modem/ATA combos that are available (think Zoom Bill x5v, Zhone 6238 or Thomson 780wl) So Rogers actually deployed NCS then? Yes, it's MGCP, which is *TOTALLY* insecure unless you encrypt. Fortunately NCS does encrypt using IPsec, keyed using a kerberos based method. (NCS infrastructure is *TESTED* using a variation of Openswan) Bill As far as the anyone can listen to your call comment, once Bill again possible but highly unlikely. In order to do this Bill someone would have to meet all of the following requirements. ... or... crack the system which is used by the COPS to do eavesdropping, which actually is not very secure - -- ]Bear: Me, I'm just the shape of a bear. | firewalls [ ] Michael Richardson,Xelerance Corporation, Ottawa, ON|net architect[ ] [EMAIL PROTECTED] http://www.sandelman.ottawa.on.ca/mcr/ |device driver[ ] panic(Just another Debian GNU/Linux using, kernel hacking, security guy); [ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Finger me for keys iQEVAwUBR1jJSYCLcPvd0N1lAQKr4AgAsKZ8QTtQxxLFV2v40Jrk/wBBLwi6yAMG vAb6zcOVUVdGUb/hSR/QXzEezFklE2IOCL/xq4OZ+BQGR2K5AdLJ7JWfslij+VUx Fy3G8bES61nJ8FnI5SCh52sp2wyVaqkMC9RLGqajcvQ1ELfyUNTh8GjeNQDPpdxF nUZYsZNsqpPaZsCY2MBiVqebsZEiS8CsrpX/tCOPWX04jFtzHfRzpUEc3llt/BCt ewaTLCQ8iiADLiYLLnwCit/aQrxw5Mw04wiSkIK0CDe4GNKLY26cKwYR1DePmAMg 68K+IgoZHNgdrTxo8SLyBAGjUCXqCXAyINcxx9+BgFZdxtY8GkVeEw== =TeR4 -END PGP SIGNATURE- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]