Disruptive Telephony

Dean Elwood over at VoIPUser.org put up a post yesterday entitled "How to Build a VoIP Network" in which he goes into precisely what is needed to set yourself up as a VoIP Service Provider (or "Internet Telephony Service Provider" (ISTP)).  Given that Dean's been involved with this through VoIPuser.org, he's definitely got some credibility.  As he says, he wrote the piece because:

We see a lot of threads on VoIP User from people who want to be the next Niklas Zennstrom (and fair enough, we hope you succeed) asking what is required to build a VoIP network.

Often these questions are from users who have a basic technical understanding of how it all works, but no real experience of building networks, or telcoms experience with the good old PSTN.

He goes on to offer these seven rules:

1. if you're a marketing genius, you have a greater chance of success with your new VoIP company than if you are a technical genius.

2. Using the internet to route calls does not mean that everything in the VoIP world runs on Intel *nix.

3. It is going to break at some point. Ensure you have redundancy.

4. The transition from voice 1.0 to voice 2.0 will be managed at the cloud edge.

5. Network considerations made at design stage must include Quality of Service, audio path length and NAT traversal

6. Choose your hosting according to needs of each individual server, not the entire network. A Layer 5 network, such as a SIP network, can be distributed geographically.

7. Don't bet the house on it.

You really need to read the full article to understand Dean's rules and also enjoy his wit.  For those seriously interested, he goes into what the costs would be to get set up.  (I'd tell you, but it's best to read Dean's article for the context.)

Now, there are certainly other costs, as Dean indicates, but the net of it is that it really isn't all that much for someone to get into business.   The ease and low cost is bringing a whole host of new entrants... most of whom, on a side note, are not thinking about security as they rush to market (leading to my repeated prediction over on Blue Box that it is only a matter of time until one of them gets hacked).

Anyway, it's good info and definitely worth a read.

Earlier this week I uploaded Blue Box Podcast #48, where Jonathan and I go beyond just talking about the news to also review the "top VoIP security news stories of 2006" and also get into our predictions for 2007. My prediction #1 will be fairly obvious for anyone who has listened to the show for a while. We also cover the typical range of VoIP security stories, talk about OpenID for caller authentication and many more things.

This was a bit frustrating of a show to post-produce. Post-production is always a somewhat lengthy process, anyway, because I want the enhanced audio that you get from a wideband codec, which means that we use Skype. However, Skype creates its own challenges with voice that will simply fade away or get garbled. It's fairly routine that we have to disconnect and reconnect a time or two within the space of the hour in which we are recording the show. (That's actually apparent in this show where Jonathan's voice is at a lower level and then suddenly is much louder. After the reconnect, he wound up with more volume.) If I could get the audio quality in a softphone without the fade outs, I'd probably drop my post-production time by a good bit.

However, this week I couldn't blame Skype. I record the show in Audacity and it appears that because I had been previously editing a file located over on a USB hard drive, Audacity started writing its files for the new episode over on that hard drive. As anyone using Audacity will know, it writes a huge number of files to disk. Basically many, many little files with small pieces of audio in them. What seems to have happened is that periodically parts of the audio didn't get written. Or the files got destroyed. Or who knows what. Perhaps I had too many other apps running on the older computer I'm using for recording and Audacity couldn't keep up with what was being sent to it. Perhaps there was too much latency going to the USB hard drive. I don't know, but the end result was that there were gaps in the audio that got worse as the show went on. Just missing pieces of audio.

Unfortunately, I discovered it after the holidays were already underway and I couldn't really reconnect with Jonathan to rerecord. And also unfortunately, I wasn't running a backup record as I have in the past.

Given that my goal is high-quality audio production, this was a rather disappointing turn of events, but in the end I did put it out there with a big caveat in the show notes.

We just recorded show #49 today and I made sure to have nothing else running on the PC, to be writing to the main hard drive and to have a backup recorder. Hopefully I'll not experience the issue again.

Technorati Tags: security, skype, skype security, openid, voip, voip security, voipsa, voipsecurity

It's nice to see Phil Wolff and Jim Courtney are back online at Skype Journal. Phil explains a bit, and Jim gives a bit more detail, but the good news is that they're back after not having any posts online since December 4th. Good to see them as I've definitely enjoyed reading their research and insight into Skype. Welcome back, guys!

As I noted in my Voice of VOIPSA post today, Mark Collier (of hackingvoip.com fame) took some time in December to give www.voipsecurityblog.com a graphical makeover. He's got a cute new header image and an updated picture of himself. Although, Mark, I really have to say... you are violating the security "code of dress"! Don't you know that all good security people are supposed to wear black? Preferably a black turtleneck? Come on, now, you're going against the motif!

Ah, well... in any event, if you haven't checked out Mark's blog, it's a good one... even if he is wearing white. :-)

Technorati Tags: security, mark collier, voip, voip security, voipsa, voipsecurity

As I wrote over at Voice of VOIPSA, I was quoted in an article out today at VoIP News: How Secure Are Your VoIP Calls? The Voice of VOIPSA post has my (generally positive) reaction.

Technorati Tags: voip, voip security, voipsa, voipsecurity