sip5060.net / en es

RSS Atom

Planet SIP

April 16, 2021

• Enable Security OpenSIPIt'01: Lessons learned, STIR/SHAKEN security testing and RFC 8760
  Executive summary (TL;DR) It was a great event, highly recommended if you’re a SIP developer. We developed new STIR/SHAKEN capabilities in SIPVicious PRO. And we found some vulnerabilities during the event that got fixed in the process. What was OpenSIPIt#01 about? This week the humble security researchers from Enable Security participated in OpenSIPIt#01, an online event run by the community to test interoperability across various independent open-source SIP implementations especially when it comes to new RFCs.

April 15, 2021

• Digium Returning Back To Normal: Part One

  It’s impossible to say for certain that the pandemic is winding down. At this point, health experts are still trying to reign in COVID-19 and distribute vaccines to the public. The return “back to normal” is in sight, but we’re still in the thick of it. And in this period of transition, there is considerable debate over what “normal” will look like.

  Most businesses are looking forward and forming strategies to safely resume some in-person operations. This two-part series will explore some of the structural changes that are taking place across various industries, as companies pivot to the “next” normal of the pandemic.

  Back To Normal With A Twist: Shifting To Hybrid Work

  Despite the rocky transition to remote work at the onset of the pandemic, feelings about the trend appear to be mostly positive across the board. In a recent benchmark survey from PwC, 83% of employers said the shift to remote work has been successful for their company, up from 73% in June 2020.

  Most companies have established at least base level remote connectivity and security, and are now in the process of upgrading their services and laying the groundwork for permanent remote work.

  That said, the future of remote work will most likely be much different. A gradual shift to hybrid work is already starting to take place, which is expected to accelerate in the coming months as more people get vaccinated. Eventually, hybrid work will be the new normal.

  Consider the fact that in PwC’s survey, only 13 percent of executives claimed they are ready to permanently ditch their offices. And 75 percent of executives believe at least half of their office employees will return to the office by June 2021.

  It’s clear that executives will need to tread lightly when asking employees to resume on-site operations though, or pushback will occur. PwC found that employees want to return back to normal more slowly than employers in regards to in-office operations, with 61% of employees expecting to spend half their time on-site by July. Hybrid work acceleration will largely depend on how the next few months pan out.

  Retrofitting Offices for Hybrid Work

  PwC also found that U.S. executives are planning many new investments to support hybrid work. Some of the top investments include tools for virtual collaboration (72%), IT infrastructure to secure virtual connectivity (70%) and training for managers to manage a more virtual workspace (64%). Additional investments include fitting conference rooms with enhanced virtual connectivity, and hoteling applications, among others.

  Many companies have been forced to retrofit their office environments to enable social distancing. The majority of companies will also be using scheduling systems to limit on-site workers and reduce the spread of germs.

  Further, social distancing requirements are increasing demand for mobile solutions that enable workers to move around throughout the day, instead of being tethered to their desks. Some companies are also implementing hardware with antimicrobial components to limit the spread of COVID-19 on shared surfaces.

  Surging Cloud Adoption

  The cloud is more important than ever, as companies prepare for the “work from anywhere” trend that has become a standard business requirement in getting back to normal.

  Two trends to watch include multi-cloud adoption, which increased by 70% year over year during COVID-19, and cloud native growth. Many organizations are embracing modern cloud architectures built with microservices, which make it easier and cost-effective to build and manage applications.

  In addition, there is skyrocketing demand for UCaaS, which keeps teams connected and secure regardless of their location. By implementing UCaaS, companies can achieve reliable communication at all times for both on-site and remote workers.

  Stay tuned for the next blog in this series, which will focus on cloud computing and the return of retail in the transition of returning back to normal.

  The post Returning Back To Normal: Part One appeared first on Sangoma.

April 13, 2021

• Digium Why Video Can’t Be Your Sole “Go-to” Communications Platform

  I’m sure we can all agree that the year 2020 changed all of us in different ways, and for many of us it changed the way we communicate. It’s not uncommon for me to have multiple video meetings every    single    day. We get those video meeting invites in our calendar and we just go to them. We start in video and end in video. While I used to be on many audio conference calls, those are becoming less frequent and a thing of the past. I am on our video meeting platform, Sangoma Meet, all the time. It’s now like my best friend. I know its personality.

  And since it’s so integral to communications these days, that is why we are incorporating our video meeting platform, Sangoma Meet, into our mobile and desktop client, Sangoma Connect. Sangoma Connect will incorporate a talk aspect, a collaborate aspect, and a video meeting aspect. You’ll be able to move seamlessly between all three and launch a video call from our collaborate app for instance. It’s critical that we offer our customers the ability to communicate via voice, chat, or video. And to have our customers choose which one they want to “start” with.

  To me, this is just an evolution of the PBX. While the PBX notion is very voice centric, as Unified Communication features started to get incorporated, such as mobility, and the ability for the office phone number to ring on your smartphone or desktop, the notion of a “PBX” became antiquated. Unified Communication systems are what this industry has evolved to. And if the UC vendors want to survive, the UC systems will continue to need to evolve. And that means integrating video and chat as if it is native voice. And that is what we are doing. You want voice. Check. You want chat. Check. You want video. Check.

  But what about this concept of “video first” that I described in the first paragraph? I think in some use cases, like I was describing above with internal employee team calls, or calls with your channel, sure video meetings are good, and you will start and end with that.

  But for many small businesses, their customers are people – someone wanting to make an appointment or order something or whatever. Calling is efficient, so they call, or maybe use a self-service portal and maybe text. And that’s why a company with a sole focus on video meetings or video calling won’t be able to service a small and medium business. A Unified Communication system, that knows how to handle phone numbers, and texting, and all kinds of call control as is found in a “PBX” is required.

  A Unified Communication platform, able to do true multi-modal communications, such as Switchvox, PBXact, or Star2Star Business Voice will be required.

  The post Why Video Can’t Be Your Sole “Go-to” Communications Platform appeared first on Sangoma.

April 09, 2021

• Digium 6 Tips For A Smooth Collaboration Migration

  Communication and collaboration platforms skyrocketed in use following the outbreak of Covid-19, among organizations across all verticals.

  For example, by March 2020, Microsoft Teams an integration option that Star2Star, A Sangoma Company offers shot up to 44 million users. By April 2020, Teams reached 75 million users. And by October, it climbed to 115 million — and remains one of the leading enterprise platforms for connecting users across remote locations. Organizations are also relying heavily on programs like Zoom, Slack and Webex to keep team members in touch and productive.

  At this point, your organization may be considering migrating to one of these platforms. Yet, there are some important considerations to keep in mind to ensure optimal results.

  1. Round Up Your Admins & Users

  Chances are your enterprise has a fragmented messaging framework in place, with teams utilizing a variety of platforms to communicate. This is a good time to do a gut check and determine what your organization is currently using, and where and if any of these solutions can be extended. For example, sales may be using Zoom for video, while customer support uses Microsoft Teams for chat collaboration, and you may have yet another solution for your voice communications. You may be able to leverage a full suite of communications and collaboration from these vendors versus single solutions once you understand the use cases. A proposed tool may or may not be the most cost-effective solution so it’s essential to understand how your business needs to communicate and collaborate.

  Bring your users and IT administrators together and form a deployment committee to determine where various platforms could make sense in the enterprise. You may find that some platforms perform better in certain environments and user groups than others.

  For example, some teams may be able to get by using a bare-bones platform with limited tools. Other teams may require advanced collaboration hubs for sharing files and notes and collaborating with each other.

  During this meeting, you should also outline potential friction points and technical considerations to ensure a smooth migration.

  2. Set Policies

  You may wind up with a situation where multiple teams can create and manage deployments. Set clear governance policies to avoid running into operational and security issues down the road.

  For example, Microsoft provides various governance tools for Teams, enabling you to control things like how Teams are named and classified, who can create Teams, and whether guests are allowed. Competitive solutions may offer greater or lesser capabilities, so it’s important to decide what kind of oversight you will need prior to evaluating tools.

  3. Optimize & Secure Your Cloud

  Next, you’ll want to analyze and optimize your overall cloud environment. Talk to your admins about where emails and files live — and consider correlating specific platforms with appropriate cloud systems. Make sure your new platform has the right supporting cloud environment. If you still have applications you are hosting in your own data center or in a third-party data center that require your employees to VPN to access, there may be a better way to enable their productivity.

  If this is the case you should consider using a desktop as a service (DaaS) solution to securely deliver your app to any location. This way, end-users can log into a secure portal and access apps and data instead of having them live on their machines or by leveraging complicated secure VPNs to access.

  4. Upgrade Your Voice Quality, Workflow Integrations & More

  Look for opportunities to enhance the platform for better results. For example, Microsoft makes it very easy to integrate additional services into Teams and there are hundreds of apps to explore. One thing to consider is that the platform doesn’t offer great native voice functionality, and users often complain about poor quality on calls. We’ve found that you can easily augment Teams by using third-party enterprise business voice services in conjunction with Microsoft’s infrastructure. In doing so, you can ensure crystal clear calls and achieve much greater flexibility.

  It’s also important to understand if you need any IoT integrations to manage your business. This could be anything from integration with overhead paging systems, to door strike/telephony integrations, or integration to older analog devices. While these may not come natively in a potential solution, if you need to support these, they can be managed by choosing a telephony partner that works with the solution you end up choosing.

  Connected worker apps may include urgent notifications, mass notifications, employee alerts, curbside service, and CRM integrations, and are designed to provide better control over your unique workflows via your communications. These applications are not necessarily natively supported in your solution of choice. However, by leveraging solutions from companies that work to integrate tools, you can further extend productivity and responsiveness for your business.

  5. Test Your Platform Before Deploying

  Before deploying a platform across the enterprise, it’s a good idea to test it in a small and controlled setting.

  Approach various user groups, and identify users that may benefit from the new platform. Have your IT department deploy it, and test the platform for quality and reliability.

  If the platform is a success and the users enjoy the experience, consider integrating the platform into that unit and move onto another one. This accomplishes a few things. First, it lets your IT team educate users and explain the reason for the migration and the benefits that the platform offers. It also gives administrators the ability to identify possible areas of friction and make changes to avoid potential disruptions.

  6. Deploy

  Once you’ve completed all of the above steps, the only thing left to do is deploy across your entire organization. Your employees will be more comfortable and productive when you take the time to migrate to a new collaboration solution according to these guidelines. And for the long term, you will have set up your business for ongoing success as remote work and team collaboration become even more critical to daily operations.

  Article originally featured on Forbes.com.

  The post 6 Tips For A Smooth Collaboration Migration appeared first on Sangoma.

April 08, 2021

• FreeSWITCH The Struggles of Real-Time Translation

  Communication technologies have come a long way over the last couple of decades. Some of the craziest innovations involve what AI is now capable of, like real-time translation.

  Imagine being able to speak to anybody on Earth despite language barriers, in real time. In a globally connected world, computational linguistics will have to build better tech that can actually serve a wider variety of people in this sort of way. Translation is going to play a huge role, since over half of internet content is supposedly in English, but only 20% of the world’s population have any English skills. And while there are some new products that are doing real-time translation, usually it’s for between 20-40 languages, which is such a small fraction of the more than 7,000 languages being spoken all over the world today. 

  Artificial intelligence and machine learning have been and will continue to be taking over all kinds of industries and processes. But the area of language and linguistics has always been a tricky one – human language is crazy complicated, even for computers. Meaning is constantly evolving, context shifting, and it can take a lot even for a computer to identify language patterns and logic. As Stanford University Professor John McCarthy put it, “natural language does not have a full set of rules of inference.” Data, data, and more data is how AI functions. But how can machines be built that fully understand all human language, when there are no strict rules in place, and what few rules there are vary across languages and even dialects? 

  Progress is happening fast. Just several years ago, AI struggled to understand the context of a full sentence, prohibiting language fluency. Early systems broke up sentences into chunks to interpret individual words, disconnecting meaning from them entirely. But the day of completely reliable real-time translation could still be further off than you might think.

  There are all kinds of bumps in the road that could mess up a computer’s ability to understand human language. Think different dialects of the same language – what if the technology fails to understand a thick regional accent? What happens when a single language has hundreds of dialects? If only some of those dialects are used to train the software, it can still be hard to use for people who speak the same language, just not in the same exact way. 

  Automatic speech recognition is a huge product of computational linguistics, and we all know it’s far from perfect at this point. Sometimes Alexa or Siri simply doesn’t understand you or can’t give you the answers you want. And it really depends on the specific technology for why this could be – biases in the data used to train the technology, the software’s interpretation of that data, or simply the difficulties around a computer not being as adaptable as a human on the fly. 

  Have you ever tried to change your flight, or contact your pharmacy, and you just can’t get a hold of a human person no matter how hard you try? And the IVR just won’t understand what you have to say no matter how many times you say it. Or you use a speech-to-text tool and it catches a string of funny words that are completely wrong. These are pretty inconsequential examples, but where AI is being used in more serious circumstances, some of these mistakes can be important and difficult to notice. AI is notorious for being bad at negation – and considering “did” and “didn’t” are opposites, it has to be able to identify the right one to get the meaning correct. Even if it’s hard for a human ear to pick up this difference, we make up for it with inferences on the context, tone, or other information. The human brain doesn’t really need the clearest set of data possible in order to understand something, and we still miscommunicate with each other all the time.

  When it comes to real-time translation, things can get even weirder. With phrases like idioms, often one-to-one translations are just not accurate. In English, if you’re talking about “getting cold feet” in reference to being nervous about something, how would an AI go about translating that to another language? The tech has to actually pick up the context of idioms and maybe even translate into equivalent idioms, if they even exist. The examples of weird idioms are endless, and so many of them make no sense based on words alone; you just know them from speaking a language for a while. And what happens if you’re actually talking about your feet being cold, in the literal sense? How would an AI understand that context to know you mean it idiomatically or literally? Translation models are sort of designed to pick up on it for the most part, but it doesn’t always work.

  The progress that translation technology has made in recent years is really impressive for casual use, especially on the internet. Google, Microsoft, Facebook – tech companies and social media have implemented translation tools for a long time now. But for serious legal or medical documentation, AI still isn’t good enough to be trusted just yet. Human translators are still doing it better. Some really weird stuff can happen when mistakes are made by AI – for example, recently, the name of Chinese leader Xi Jinping turned up as a curse word when posts were translated from Burmese to English on Facebook. The name was missing from the Burmese language database model, and in the system’s attempt to replace it with similar syllables, things went offensively wrong.

  As we all know, the more data, the better. There’s tons of knowledge shared by many people when it comes to English to Spanish translation, for example, so you can get fairly accurate results most of the time from common translation tools. But what if you’re trying to translate Burmese to Finnish? Well, that could go weirdly. Sometimes the systems are trained with an intermediary language like English to help make the process easier to understand for the computers, but this solution can really mess up meaning too.

  There are fields of computer science and linguistics designed to try and tackle these issues, such as Natural Language Processing. This area is ultimately devoted to getting computers to actually understand human language in a way that allows them to communicate more closely to how humans do. This is accomplished by using huge amounts of language data with all of its complexities. NLP includes simple tasks like a short command, or highly complex tasks like getting a computer to actually comprehend an entire text like a poem. This field has been studied for half a century now, and there are still so many problems to solve. As it turns out, learning language is hard, for everyone from children, to adult learners of a second language, to scientists, to literal computers.

  One area of computational linguistics in which it seems AI can beat humans is in the study of dead languages. Studying and comprehending a dead language is a difficult process for many reasons – minimal records, a lack of relative languages to be compared to, or an entirely different structure (think something like a lack of spaces between words). In 2020 MIT’s Computer Science and Artificial Intelligence Laboratory made major progress in developing an AI that can decipher a lost language without having to understand anything about related languages in advance. The system is also capable of determining the relationship between two languages. This tech so far exceeds human capabilities to interpret lost languages that it will open many doors for academics studying relics of ancient communication, and hopefully speed up these processes. 

  Some languages take human linguists decades to figure out. We still haven’t determined where certain languages even came from. But if AI can be programmed to pinpoint what a dead language is related to or what it’s saying, maybe it’s not crazy to think real-time translation will also evolve in the not-too-distant future to become smarter than humans. Although, it tends to be believed that by that point, literally everyone from doctors to lawyers will be replaced with AI as well. Human language, and how we communicate, is seriously that complicated!

  The post The Struggles of Real-Time Translation appeared first on FreeSWITCH.

April 07, 2021

• Jitsi Winning over the classroom with Jitsi

  Hey there Fellow Jitsters! Today we are very excited to announce we are launching an education themed hackathon together with the European Commission. The ultimate goal is to improve Jitsi for education usage, which has seen incredible growth in the past year, as you can imagine. Come and join us in this new hackathon, running from the 26th of April until the 3rd of May.

  

  Checkout the press release after the jump!

  ---

  We are calling out developers to attend the “Winning over the classroom with Jitsi” Hackathon online from 26 of April to 03 of May 2021. The event is being organised by Tipik, the event partner for the European Commission’s Open Source Initiative under ISA2 Sharing and Reuse action.

  The hackathon will bring together Jitsi (Core Team) members and Advanced users from across Europe and around the world. The plan is to propose new features for Jitsi focused on education. On our Hackathon page, you can see suggestions of challenges to solve during the event but you are welcome to add your own ideas to this evolving list.

  If you feel qualified to do this work and wish to contribute, you are invited to fill out the registration form.
  Do not miss this rare opportunity to meet key Jitsi committers, like-minded colleagues and staff from the European institutions, and shape the future of Education with Jitsi. Register now.
  Should you have any questions, please feel free to get in touch with us anytime.

   

  About the Open Source Initiative under ISA2 Sharing and Reuse Action

  This hackathon is an ISA² sponsored component of the Sharing and Re-use action (2016.31), which aim to bring together European Public Services on the subject of open source. The action has four areas of focus:

  • Inventory: Creating an initial, first cut, inventory of open source software used by European Public Services
  • Funding: Studying the need for a European Open Source Funding Mechanism, and then defining how it could work
  • Security: running bug bounties on software selected from consulting multiple public administrations
  • Hackathons: Holding events/hackathons to tackle common issues in open source that the European Public Services may be facing.

   

  Timings:

  Start Time: 16:00 pm CET on Monday 26 of April

  End Time: 16:00 pm CET on Monday 03 of May

  Award Ceremony: 16:00 on  Monday 10 of May

  The post Winning over the classroom with Jitsi appeared first on Jitsi.

April 06, 2021

• Digium Sangoma Completes Acquisition of Star2Star

  On January 29th, Sangoma announced a definitive agreement to acquire Star2Star, a cloud-based Communications as a Service provider with a leading UCaaS offer. We’re pleased that the deal closed last week.

  So, why did we do this deal? First off, Star2Star targets medium and large enterprise and managed service providers, with channels that don’t really overlap with Sangoma, so the “fit” is very nice. Star2Star has almost 10,000 business customers with tens of thousands of locations. We feel like now we can confidently go after and win the full spectrum of UC prospects, from small business to large enterprise.

  Together, we will have increased scale, and given both of us are profitable, we will remain a profitable entity with approximately 70% recurring revenue. As a Channel Partner or end-customer, you shouldn’t have to worry about whether we’ll be around in the future. Whatever side you come from, the transaction represents a very positive development for the future of the new Sangoma (the combined company) since there will be benefits from the improved scale/financial stability, a broader portfolio of products, expanded global services, and a continued commitment to invest in innovation.

  We feel we’ll have the most complete UC portfolio in the market: From on-premises to Cloud UC that can work in businesses of all sizes, with our own phones, headsets, gateways, SBCs and SIP Trunking. As such, a business would be able to deploy Sangoma products across their entire enterprise, avoiding any interoperability “finger pointing” which crops up sometimes. Additionally, we’ll have a full suite of Communication as a Service offers, from UCaaS to Video Meetings to Collaboration to Wholesale Voice Services to Access Control. Truly all that a business needs from a single vendor, obviating the need to put all kinds of different communication products into your enterprise network.

  During the past few months, when we were not yet closed, we understandably received questions about the future of the different UC platforms. Yes, we understand them. We got the same ones when Sangoma merged with Digium and we said both Switchvox and PBXact would remain. And both have remained. So we certainly understand. And all UC platforms will remain now.

  As I intimated above, the target market overlap was not that great. Switchvox and PBXact predominantly served the SMB. And both are also on-premise products in addition to cloud products. And Star2Star predominately services the mid-size enterprise to MSP market, with a cloud offer. Because of that, all platforms with remain as long as there is market demand for them. We may choose to do work to consolidate to a single mobile and desktop client, like we have done with Sangoma Connect for Switchvox and PBXact, and other similar things, but there are no plans to announce any of that in the short term.

  And Sangoma plans to continue to sell, develop and support our hardware business including phones, cards, gateways, SBCs, and UC appliance businesses. And we also plan to continue to be the stewards of Asterisk and FreePBX. So, no big changes.

  Right now, we need to integrate the teams and that will take some time. Customers on both sides will continue to receive the same products, quality and service they have come to expect from both companies.

  If you are a partner, we are looking forward to growing with you. If you are a prospect or customer, we look forward to serving you in the future!

  The post Sangoma Completes Acquisition of Star2Star appeared first on Sangoma.

• WebRTC Hacks How Go-based Pion attracted WebRTC Mass – Q&A with Sean Dubois

  Pion seemingly came out of nowhere to become one of the biggest and most active WebRTC communities. Pion is a Go-based set of WebRTC projects. Golang is an interesting language, but it is not among the most popular programming languages out there, so what is so special about Pion? Why are there so many developers […]

  The post How Go-based Pion attracted WebRTC Mass – Q&A with Sean Dubois appeared first on webrtcHacks.

March 30, 2021

• Digium Wrapping Up Women in Tech Month Podcast Series

  Throughout March, we conducted a weekly “Women in Tech” podcast with four different women in Sangoma, ranging from engineering to product management to general manager to lawyer. Each of these women told interesting stories and gave excellent advice.

  Advice, I might add, pertinent to everyone in the workforce, not just women. Their stories are interesting and powerful.

  Setareh Nezami (Product Management) talked about “Leading Without Authority,” important for anyone who needs to get other organizations to execute.

  Michelle Fleming (Legal) talked about the need to speak up.

  Bhawna Gaba (Engineering) talked about needing to be confident, taking a chance, and finding a mentor.

  Paula Griffo (General Manager) talked about loving the fast-paced tech industry and needing resilience.

  To listen to their stories, please go here.

  I would recommend taking the time to listen. It’s well worth it.

  The post Wrapping Up Women in Tech Month Podcast Series appeared first on Sangoma.

March 27, 2021

• François Marier Connecting a VoIP phone directly to an Asterisk server

  On my Asterisk server, I happen to have two on-board ethernet boards. Since I only used one of these, I decided to move my VoIP phone from the local network switch to being connected directly to the Asterisk server.

  The main advantage is that this phone, running proprietary software of unknown quality, is no longer available on my general home network. Most importantly though, it no longer has access to the Internet, without my having to firewall it manually.

  Here's how I configured everything.

  Private network configuration

  On the server, I started by giving the second network interface a static IP address in /etc/network/interfaces:

  auto eth1
  iface eth1 inet static
      address 192.168.2.2
      netmask 255.255.255.0
  

  On the VoIP phone itself, I set the static IP address to 192.168.2.3 and the DNS server to 192.168.2.2. I then updated the SIP registrar IP address to 192.168.2.2.

  The DNS server actually refers to an unbound daemon running on the Asterisk server. The only configuration change I had to make was to listen on the second interface and allow the VoIP phone in:

  server:
      interface: 127.0.0.1
      interface: 192.168.2.2
      access-control: 0.0.0.0/0 refuse
      access-control: 127.0.0.1/32 allow
      access-control: 192.168.2.3/32 allow
  

  Finally, I opened the right ports on the server's firewall in /etc/network/iptables.up.rules:

  -A INPUT -s 192.168.2.3/32 -p udp --dport 5060 -j ACCEPT
  -A INPUT -s 192.168.2.3/32 -p tcp --dport 5060 -j ACCEPT
  -A INPUT -s 192.168.2.3/32 -p udp --dport 10000:20000 -j ACCEPT
  

  Network time synchronization

  In order for the phone to update its clock automatically using NTP, I installed chrony on the Asterisk server:

  apt install chrony
  

  then I configured it to listen on the private network interface and allow access from the VoIP phone by adding the following to /etc/chrony/chrony.conf:

  bindaddress 192.168.2.2
  allow 192.168.2.3
  

  Finally, I opened the right firewall port by adding a new rule to /etc/network/iptables.up.rules:

  -A INPUT -s 192.168.2.3 -p udp --dport 123 -j ACCEPT
  

  Accessing the admin page

  Now that the VoIP phone is no longer available on the local network, it's not possible to access its admin page. That's a good thing from a security point of view, but it's somewhat inconvenient.

  Therefore I put the following in my ~/.ssh/config to make the admin page available on http://localhost:8081 after I connect to the Asterisk server via ssh:

  Host asterisk
      LocalForward 8081 192.168.2.3:80
  

  Allowing calls between local SIP devices

  Because this local device is not connected to the local network (192.168.1.0/24), it's unable to negotiate a direct media connection to any other local (i.e. one connected to the same Asterisk server) SIP device. What this means is that while calls might get connected successfully, by default, there will not be any audio in a call.

  In order for the two local SIP devices to be able to hear one another, we must enforce that all media be routed via Asterisk instead of going directly from one device to the other. This can be done using the directmedia directive (formerly canreinvite) in sip.conf:

  [1234]
  directmedia=no
  

  where 1234 is the extension of the phone.

March 25, 2021

• Jitsi March update: virtual backgrounds, new toolbar UI and more!

  Hey there Fellow Jitsters!

  You might have noticed some changes on meet.jit.si. We rolled out a new release yesterday and we want to tell you all about it!

  New web toolbar UI

  The toolbar is one of the first things you see as a Jitsi Meet user. It needs to have the buttons you need, just when you need them. We have redesigned it to give it a more polished aesthetic while improving its usefulness.

  

  New toolbar!

  The toolbar is now responsive and will show the actions you may need on a single click front an center, while the rest are part of the overflow menu.

  

  Responsive toolbar

   

  The overflow menu also got a fresh coat of paint and now it’s now mobile friendly.

  

  Redesigned overflow menu

  Virtual backgrounds

  We know you wanted them, so here they are! In order to properly implement virtual backgrounds we had to completely reimplement our background blur feature with a better segmentation model. Instead of using TensorFlow with the BodyPix segmentation model we are using TFLite with the MediaPipe Meet Segmentation model as outlined in their blog post. This, paired with WebAssembly SIMD instructions provided the performance boost we needed to improve blur and implement virtual backgrounds in a way that works well in Jitsi Meet.

  

  Choose a background, or upload yours!

  You can try it for yourself on meet.jit.si, but if you’d rather see a GIF…

  

  Look mom, we got backgrounds!

  More!

  Lots of improvements have also happened in the backend, including better bandwidth estimations and performance improvements in large conferences, stay tuned for more updates on this!

  ---

  We hope you enjoy these as much as we did while building them!

  — Your personal Jitsi meetings team.

  The post March update: virtual backgrounds, new toolbar UI and more! appeared first on Jitsi.

• Enable Security SIPVicious OSS 0.3.3 released with new STDIN and target URL specification
  Without further ado, please say hello to SIPVicious OSS 0.3.3! SIPVicious OSS 0.3.3 is out! To install or upgrade run pip install -U sipvicious. For more installation methods, see the wiki. What’s new? SIP extensions and passwords from standard input We have a new feature which seems so simple yet so powerful: STDIN for dictionary input! This works for both svwar and svcrack. It is similar to what we did with SIPVicious PRO, which (surprisingly) proved to be a very popular feature.

March 24, 2021

• Enable Security Get help by hiring us
  Our clients Service providers, telecom carriers, mobile operators Vendors of VoIP/IMS and WebRTC solutions CPaaS (communications platform as a service) Video conferencing platforms Contact center platforms What we do Penetration Testing Security analysis and consultancy Denial of service simulation (DoS) Fuzzing exercises and setup Configuration security review Secure code audit Experience Target Examples Session Border Controllers (SBCs) Kamailio, OpenSIPS, Audiocodes, Sonus SBC IP PBX servers Asterisk, FreeSWITCH, Avaya Aura, Cisco Unified Communications Media servers RTPEngine and proprietary solutions IM/Presence systems, XMPP servers Ejabberd, OpenFire and Prosody Telecom solutions and Unified Communications systems Broadworks (Cisco) Mobile softphones Cisco (Broadsoft) Communicator and custom solutions Customer premises equipment (CPE DSL, cable modems, SIP gateways Hardware phones and conference call equipment Proprietary solutions WebRTC media gateways Janus, proprietary solutions TURN server Coturn SMPP servers OpenSMPP, Kannel, Cloudhopper Protocols and Standard test cases SIP (RFC 3261, 3264, 3265, 3665, 4568, 5621, 8760) Call relaying / dialplan security bypass INVITE flood (INVITE of death) / REGISTER flooding (Denial of Service (DoS) testing) SIP extension enumeration SIP digest leak attacks on vulnerable SIP endpoints and SIP proxies SIP routing vulnerabilities SIP header injection / smuggling tests Caller-ID spoofing SIP online cracking / password bruteforce Injection tests, for SQL injection / other injection vectors introduced through SIP Authentication bypass testing RTP (RFC 3550, 3711, 5761) RTP Flooding (Denial of Service (DoS) testing), especially targeting recording systems Media encryption tests, especially related to SRTP, SDES and DTLS RTP bleed and RTP injection attacks Call interception, eavesdropping due to lack of media or signalling encryption DTLS (RFC 6347, 5763, 5764) DTLS denial of service Certificate handling Weak ciphers Information disclosure vulnerabilities XMPP (RFC 6120, 6121) XMPP attacks for several XEPs (XMPP protocol extensions) and XMPP servers SMPP (version 3.

March 23, 2021

• Ovidiu Sas Troubleshooting OpenSIPS encrypted SIP traffic

  Sometimes we need to have a quick way to troubleshoot encrypted SIP traffic. Using Homer is great, but if not setup yet, here’s how we can do it with sngrep.

  Setting up sngrep

  We will configure sngrep to accept and decode HEP/EEP version 3 packets. For this, we will create a configuration file for sngrep:

  cat <<EOF >> ~/.sngreprc
  set eep.listen on
  set eep.listen.version 3
  set eep.listen.address 127.0.0.1
  set eep.listen.port 5065
  EOF

  Note1: replace lo, 127.0.0.1 and 5065 with the network interface, IP and port that matches your local setup.

  Note2: sngrep can run on a different machine then opensips (example: use the local interface eth0 and local IP 10.10.10.10 as the capture device and the listening address).

  Setting up opensips

  Next step is to configure opensips as a HEP/EEP capture agent. For this we will load the following modules:

  • the proto_hep module
  • the tracer module

  socket=hep_udp:127.0.0.1:6060 use_workers 1
  ...
  loadmodule "proto_hep.so"
    modparam("proto_hep", "hep_id", "[sngrep_hep_id] 127.0.0.1:5065; transport=udp; version=3" )
  loadmodule "tracer.so"
    modparam("tracer", "trace_on", 0)
    modparam("tracer", "trace_id", "[sngrep_trace_id]uri=hep:sngrep_hep_id")

  Note: The IP and port in the “hep_id” proto_hep module parameter must match the IP and port in the sngrep config file. Same for version.

  At the beginning of the main route we trace all transactions:

  route {
    if (!has_totag()) {
      if(is_method("INVITE") ) {
        # We need to use the dialog module to have the outgoing ACK traced
        trace("sngrep_trace_id", "d", "sip");
      }
    }
    else {
      match_dialog();
    }
    if (!is_method("INVITE,ACK,BYE,PRACK")) {
      # Requests that are not part of an established dialog will be transaction base traced
      trace("hep_lo", "t", "sip");
    }
    trace("sngrep_trace_id", "t", "sip");
    ...
  }

  If we want to trace locally generated requests, we setup tracing in the local_route route:

  onreply_route[local_route_reply_handle] {
    trace("sngrep_trace_id", "m", "sip");
  }
  local_route {
    trace("sngrep_trace_id", "m", "sip");
    t_on_reply("local_route_reply_handle");
    ...
  }

  With the above code snippet, we can trace OPTIONS pings generated by the drouting module.

  Capturing

  Start opensips:

  sudo systemctl start opensips

  Start sngrep with dialog rotation:

  opensips-cli -x mi trace mode=on
  opensips-cli -x mi trace mode=on id=sngrep_hep_id
  sudo sngrep -l 4000 -R -Ludp:127.0.0.1:5065 port 5065
  opensips-cli -x mi trace mode=off id=sngrep_hep_id
  opensips-cli -x mi trace mode=off

  Start sngrep with dialog rotation and OPTIONS and REGISTER requests filtered out:

  opensips-cli -x mi trace mode=on
  opensips-cli -x mi trace mode=on id=sngrep_hep_id
  sudo sngrep -l 4000 -R -Ludp:127.0.0.1:5065 -v "OPTIONS\ sip|REGISTER\ sip" port 5065
  opensips-cli -x mi trace mode=off id=sngrep_hep_id
  opensips-cli -x mi trace mode=off

  Enjoy visualising SIP message flows in realtime! Based on this initial setup, more complex tracing scenarios can be implemented.

  Note1: ACKs related to a transaction that are leaving OpenSIPS are not traced if dialog tracing is not enabled.

  Note2: Locally generated requests don’t have the proper destination IP and port.

  Note3: sngrep is not able to export in pcap format packets captured in HEP/EEP format.

• Digium Video Interview: Catching Up with Rich Tehrani

  In January, I did a video interview with Rich Tehrani. Usually, we’re in Florida for the IT Expo / Tech Super Show at that time of the year, and we do an in-person video interview. I’ve been there so many times I’ve lost track of how many we’ve done together. When he first started doing video interviews, I believe at a show in Los Angeles, if I recall correctly, it was a very new thing, and I think I might have been the 3rd person he did it with. Yeah, Rich and I have known each other a long time, going back to 1998.

  We were just little kids then…

  And while I’ve talked to Rich multiple times in 2020, we decided to do another video interview like we usually do during this January time frame.

  We just did it remotely this time.

  We talked about a bunch of things, such as the Frost and Sullivan UC and Collaboration Competitive Strategy Leadership Award that we received just a few weeks before the interview. I won’t go over that here because I’ve written about that already.

  He also asked me how our integration of VoIP Innovations is coming along. It’s going well, and we’ve put investment into the wholesale services / SIP trunking business and CPaaS. We have introduced a service that is available now that helps address Caller ID spoofing. It is available both with our Wholesale SIP trunking but also can be used by other carriers, available via an API. It combines analytics, caller authentication, and verification to help address Caller ID spoofing now. We also introduced new fraud mitigation and E911 monitoring solutions in 2020.

  We’re also currently working on complying with STIR/SHAKEN.

  And he asked me about what’s next for Sangoma. Obviously, I could not talk about Star2Star at that time because it was not announced yet. Still, we did touch on our vision of continuing to see Sangoma adding to our suite of Communication-as-a-Service product portfolio. Beyond UCaaS, we also offer other “As a Service” offerings such as retail and wholesale SIP trunking, CPaaS, Fax, Video Meetings, and our soon-to-be-released access control solution. Similar in concept to our “End-to-end UC Solution” that I discussed when talking about the Frost and Sullivan award, we want to offer “End-to-end As a Service Communications.”

  As always, it was a pleasure talking to Rich. I am looking forward to doing it in person at some point, hopefully relatively soon. To watch the video interview, please go here.

  The post Video Interview: Catching Up with Rich Tehrani appeared first on Sangoma.

March 22, 2021

• Ovidiu Sas Troubleshooting Kamailio encrypted SIP traffic

  Sometimes we need to have a quick way to troubleshoot encrypted SIP traffic. Using Homer is great, but if not setup yet, here’s how we can do it with sngrep.

  Setting up sngrep

  We will configure sngrep to accept and decode HEP/EEP version 2 packets (HEP/EEP version 3 packets work only with sngrep 1.4.7 and above). For this, we will create a configuration file for sngrep:

  cat <<EOF >> ~/.sngrephep2rc
  set capture.device eth0
  set eep.listen on
  set eep.listen.version 2
  set eep.listen.address 10.10.10.10
  set eep.listen.port 5065
  EOF

  Note1: replace eth0, 10.10.10.10 and 5065 with the network interface, IP and port that matches your local setup.

  Note2: sngrep can run on the same machine as kamailio (use lo and 127.0.0.1 as the capture device and the listening address) or on a different machine.

  Setting up kamailio (easy way)

  Next step is to configure kamailio as a HEP/EEP capture agent. For this we will load the siptrace module:

  
  loadmodule "siptrace.so"
    modparam("siptrace", "trace_mode", 0)
    modparam("siptrace", "trace_to_database", 0)
    modparam("siptrace", "trace_on", 1)
    modparam("siptrace", "duplicate_uri", "sip:10.10.10.10:5065")
    modparam("siptrace", "hep_mode_on", 1)
    modparam("siptrace", "hep_version", 2)
    modparam("siptrace", "hep_capture_id", 1)

  Note: The IP and port in the “duplicate_uri” siptrace module parameter must match the IP and port in the sngrep config file. The version number in the “hep_version” siptrace module parameter must match the version in the sngrep config file.

  At the beginning of the main request_route we trace all transactions:

  request_route {
    sip_trace_mode("t");
    ...
  }

  We want to trace also relayed ACKs and we do that in the onsend_route:

  onsend_route {
    if (is_method("ACK")) {
      sip_trace();
    }
  }

  If we want to trace locally generated requests, we setup tracing in the tm:local-request route:

  onreply_route[local_request] {
    sip_trace();
  }
  event_route[tm:local-request] {
    t_on_reply("local_request");
    sip_trace();
  }

  With the above code snippet, we can trace OPTIONS pings generated by the dispatcher module.

  Setting up kamailio (easiest way)

  Next step is to configure kamailio as a HEP/EEP capture agent. For this we will load the siptrace module:

  loadmodule "siptrace.so"
    modparam("siptrace", "trace_mode", 1)
    modparam("siptrace", "trace_to_database", 0)
    modparam("siptrace", "trace_on", 1)
    modparam("siptrace", "duplicate_uri", "sip:10.10.10.10:5065")
    modparam("siptrace", "hep_mode_on", 1)
    modparam("siptrace", "hep_version", 2)
    modparam("siptrace", "hep_capture_id", 1)

  Note: The IP and port in the “duplicate_uri” siptrace module parameter must match the IP and port in the sngrep config file. The version number in the “hep_version” siptrace module parameter must match the version in the sngrep config file.

  Capturing

  Start sngrep:

  sudo sngrep -f ~/.sngrephep2rc

  Start kamailio:

  kamctl start

  Enjoy visualising SIP message flows in realtime! Based on one of this initial setups, more complex tracing scenarios can be implemented.

  Note: sngrep is not able to export in pcap format packets captured in HEP/EEP format.

• François Marier Using a Let's Encrypt TLS certificate with Asterisk 16.2

  In order to fix the following error after setting up SIP TLS in Asterisk 16.2:

  asterisk[8691]: ERROR[8691]: tcptls.c:966 in __ssl_setup: TLS/SSL error loading cert file. <asterisk.pem>
  

  I created a Let's Encrypt certificate using certbot:

  apt install certbot
  certbot certonly --standalone -d hostname.example.com
  

  To enable the asterisk user to load the certificate successfuly (it doesn't have permission to access the certificates under /etc/letsencrypt/), I copied it to the right directory:

  cp /etc/letsencrypt/live/hostname.example.com/privkey.pem /etc/asterisk/asterisk.key
  cp /etc/letsencrypt/live/hostname.example.com/fullchain.pem /etc/asterisk/asterisk.cert
  chown asterisk:asterisk /etc/asterisk/asterisk.cert /etc/asterisk/asterisk.key
  chmod go-rwx /etc/asterisk/asterisk.cert /etc/asterisk/asterisk.key
  

  Then I set the following variables in /etc/asterisk/sip.conf:

  tlscertfile=/etc/asterisk/asterisk.cert
  tlsprivatekey=/etc/asterisk/asterisk.key
  

  Automatic renewal

  The machine on which I run asterisk has a tricky Apache setup:

  • a webserver is running on port 80
  • port 80 is restricted to the local network

  This meant that the certbot domain ownership checks would get blocked by the firewall, and I couldn't open that port without exposing the private webserver to the Internet.

  So I ended up disabling the built-in certbot renewal mechanism:

  systemctl disable certbot.timer certbot.service
  systemctl stop certbot.timer certbot.service
  

  and then writing my own script in /etc/cron.daily/certbot-francois:

  #!/bin/bash
  TEMPFILE=`mktemp`
  
  # Stop Apache and backup firewall.
  /bin/systemctl stop apache2.service
  /usr/sbin/iptables-save > $TEMPFILE
  
  # Open up port 80 to the whole world.
  /usr/sbin/iptables -D INPUT -j LOGDROP
  /usr/sbin/iptables -A INPUT -p tcp --dport 80 -j ACCEPT
  /usr/sbin/iptables -A INPUT -j LOGDROP
  
  # Renew all certs.
  /usr/bin/certbot renew --quiet
  
  # Restore firewall and restart Apache.
  /usr/sbin/iptables -D INPUT -p tcp --dport 80 -j ACCEPT
  /usr/sbin/iptables-restore < $TEMPFILE
  /bin/systemctl start apache2.service
  
  # Copy certificate into asterisk.
  cp /etc/letsencrypt/live/hostname.example.com/privkey.pem /etc/asterisk/asterisk.key
  cp /etc/letsencrypt/live/hostname.example.com/fullchain.pem /etc/asterisk/asterisk.cert
  chown asterisk:asterisk /etc/asterisk/asterisk.cert /etc/asterisk/asterisk.key
  chmod go-rwx /etc/asterisk/asterisk.cert /etc/asterisk/asterisk.key
  /bin/systemctl restart asterisk.service
  
  # Commit changes to etckeeper.
  pushd /etc/ > /dev/null
  /usr/bin/git add letsencrypt asterisk
  DIFFSTAT="$(/usr/bin/git diff --cached --stat)"
  if [ -n "$DIFFSTAT" ] ; then
      /usr/bin/git commit --quiet -m "Renewed letsencrypt certs."
      echo "$DIFFSTAT"
  fi
  popd > /dev/null
  

March 19, 2021

• Digium The Rise of SMS and Unified Communications

  “Just text me”

  Those three words are being said now more than ever. It’s the perfect way to send a message without verbally interrupting a current conversation, meeting, class, ride – really anything. I even have some friends that, if they call me, I automatically assume something is wrong, because they never call… they just text.

  With gen-Zers and even young millennials thinking that a phone call is just “old fashioned” or “formal”, choosing to send a text over making a phone call truly is the new normal. Now, it’s becoming highly requested and, in some cases expected, in the business communication world.

  SMS stands for “Short Message Service”, and it’s basically a technical term for a text message. Business owners can now harness the immediacy and convenience of SMS messaging with many UC (Unified Communications) business phone systems. Imagine sitting in an Uber on your way to the airport, or sitting in a drive-thru on your lunch break. You have a simple question you want to ask your realtor/broker/child’s teacher/lawyer/insert profession here, and you don’t want to navigate the formalities or time of an actual phone call. Imagine being able to both call or text the exact same business phone number to ask that question. In my opinion, that’s a dream come true!

  SMS is getting business accomplished faster than ever. Companies can protect their employees by giving them a way to receive messages from customers or clients without having to give up their personal phone number. With an SMS-enabled business phone system, you can add “Call or Text” to your business cards, and potentially get more business than you would have if it involved an actual call. I’d rather send a quick text message to a company for a rough quote or set-up a meeting without having to dial and sit in an IVR waiting to speak with someone. And voicemails….don’t even get me started! Yes, they are a way to communicate a message, but a text – now that’s immediate! The industries that can benefit from this are virtually everywhere!

  Here are some examples of how customers and prospects can use SMS to communicate with a business:

  

  Here are some ways business owners and organizations can use SMS to offer better service and improve customer experience:

  

  I could go on and on. Minimally invasive yet effective and convenient ways to communicate will win every time. It’s not just sales departments that benefit: SMS is a great way for customer service teams to check-in with a customer, or for a small business to put a personal touch on recent orders. I personally text my hairdresser on her business number to see what she has available for a haircut next week.

  According to Forbes: “64% of consumers believe that businesses should use SMS messages to interact with customers more often than they currently do.”

  Texting is the most prominent form of communication in the industry today, and it deserves its place in day-to-day business communication. SMS gives businesses a way to stand out from their competitors and offer unmatched availability. It saves your company time, gets you feedback from customers faster, and helps you engage with your customers on a more personal level.

  Having been in the game for quite some time and listening to our customers and partners requests, Sangoma has implemented SMS capabilities with it’s UC phone systems. Tying in SIPStation Retail with Switchvox provides users the convenience of the “call and text” from the same number feature with messages coming straight to your desktop softphone.

  Not to mention that SIPStation is saving them money each month (up to 80%) from costly analog or PRI lines. Switchvox Cloud now has access to Sangoma Connect Mobile, SMS text messaging, an updated Switchvox Desktop Softphone, and more built right in. And as always, with Switchvox ALL features are included. Our Sales Team is standing by.

  The post The Rise of SMS and Unified Communications appeared first on Sangoma.

March 18, 2021

• Digium Choosing a Business Phone System Vendor: The Value in an End-To-End Unified Communications

  Are you using multiple communications vendors?

  If you’re using more than one Unified Communications vendor, that can be a problem – or at least a nuisance. Managing multiple tools, different training resources, and installations can take up your valuable time.

  Many organizations are opting to go with single-vendor Unified Communications solutions for their business phone system, IP phones, and video conferencing software.

  The Benefits of a Single Unified Communications Vendor

  Rather than emailing one vendor about your employee instant messaging platform, calling a different one for your IP phones, and reaching out to yet another about your video conferencing app, wouldn’t it be great if it all came from a single vendor?

  With an end-to-end UC vendor who is focused on their end customer, you can streamline the purchase of any telephony hardware, collaboration software, and support for all your communications needs. You should also be able to easily integrate your existing CRM and email platforms with your business phone system.

  According to Michael Brandenburg, Senior Analyst at Frost & Sullivan, “Sangoma ranks as one of the few remaining competitors in the unified communications market that delivers a complete portfolio of on-premise, hybrid, and cloud-based solutions. Both businesses and service providers appreciate Sangoma as a one-stop-shop partner that meets their diverse communications requirements.”

  Click here to download the full award report.

  Can your current phone system vendor offer necessary support?

  Need emergency support or some hardware upgrades? Looking to switch to a UCaaS solution? You might have even been wondering “What is UC?” in the first place. Being able to reach out to a single source to get these answers or services is immeasurable when running a business.

  Regardless of your current communications set-up, your vendor should be able to provide you with all the products and services you require. Unfortunately, not all vendors are up to the task.

  Sangoma – A Trusted UC Advisor

  Sangoma’s products and services include from video conferencing software, business phone systems, telephony cards, and everything in between. And with ‘all features included’ pricing on Sangoma’s Switchvox Unified Communications solution, you get a future-proof system without the fear of paying extra for robust functionality. You get to enjoy the full suite of features, so you never miss out on the many benefits of UC.

  The breadth of products and services offered and supported was an important factor in Sangoma receiving the 2020 North American Unified Communications and Collaboration Competitive Strategy Leadership Award from the industry experts Frost & Sullivan.

  Click here to download the full award report.

  The post Choosing a Business Phone System Vendor: The Value in an End-To-End Unified Communications appeared first on Sangoma.

March 16, 2021

• Digium Applications Enable Cloud Communications Services Customization

  A few weeks ago, I wrote a blog titled “Is CPaaS a channel opportunity?”. I got a few questions about CPaaS in general and why it might be important to “service providers” who offer cloud services.

  CPaaS is an important and easy way to add some kind of service to or augment an existing service already in your communication cloud offering. Since Sangoma offers cloud unified communication services, sometimes we have customers who want to do something more, something specific. And while CPaaS is typically historically talked about as a way for a developer to create an application or enhance an application, and that’s fine, a developer could easily be us. We could use our own CPaaS to enhance the cloud offer. And that’s important so we can help our customers service their customers better.

  So, it’s important to understand if your cloud communications provider has a CPaaS offer, not only for the developers out there but for themselves to use.

  The post Applications Enable Cloud Communications Services Customization appeared first on Sangoma.

• Enable Security Bug discovery diaries: Abusing VoIPmonitor for Remote Code Execution
  Executive summary (TL;DR) We fuzzed VoIPmonitor by using SIPVicious PRO and got a crash in the software’s live sniffer feature when it is switched on. We identified the cause of the crash by looking at the source code, which was a classic buffer overflow. Then we realized that was fully exploitable since the binaries distributed do not have any memory corruption protection. So we wrote exploit code using ROP gadgets to get remote code execution by just sending a SIP packet.

March 15, 2021

• Enable Security VoIPmonitor advisories: buffer overflow leading to RCE + XSS vulnerabilities
  VoIPmonitor released updates to both the sniffer component and the web application to address vulnerabilities that your favourite Enable Security researchers identified and reported. The sniffer component had a buffer overflow flaw that we actually abused to run arbitrary code (yes, in 2021!). The web application, on the other hand, was vulnerable to cross-site scripting introduced through SIP messages with XSS payloads - which is pretty bad. And so, we just released three advisories to provide further details so that organisations using this software can make better informed decisions.

March 09, 2021

• Digium One Year for .e4 in Sangoma and will Star2Star Impact our Open Source focus?

  It’s been a little over a year that Sangoma purchased .e4. At the time of purchase, we said, “This deal significantly strengthens Sangoma’s sales and support for both FreePBX and Asterisk, as well as further demonstrates Sangoma’s deep commitment to the open source market.” So I think it’s fair to ask if we have accomplished that goal.

  From my perspective, yes, we have. Mike White and the team have focused on the open source customer base like we wanted them to. We have more dialogue going with the community. The business we derive from the open source projects FreePBX and Asterisk, such as selling phones, SIP trunking and FreePBX modules, remains strong. We wanted Mike and his team to spearhead this. That was our plan, and that’s what’s happened.

  Coincident with the acquisition of .e4 was also putting dedicated open source marketing plans in place. You may have seen we refreshed the logo for FreePBX and created an Asterisk mascot. These are small examples of an increased marketing focus, but nonetheless important. We also ran a multi-day virtual AstriCon conference since we couldn’t do an in-person one. Frankly, this was more work than running an actual conference.

  We’ve also had a few questions about whether the pending acquisition of Star2Star will impact our focus on open source. It’s a natural question to ask – “As you grow, the percent of revenue coming in from the adjunct businesses that support open source changes.” Yes, it changes, but that doesn’t mean we don’t care about it. There are no plans to decrease the engineering, marketing or sales spend on open source. We’ve actually grown this total spend in 2020. We have a focus on it now, and that will continue. The teams will remain the same. And it’s important to remember open source to us is also about innovation and supporting innovation, and that commitment remains strong.

  I recently did a podcast with Mike, so if you want to listen to that, please go here.

  The post One Year for .e4 in Sangoma and will Star2Star Impact our Open Source focus? appeared first on Sangoma.

March 03, 2021

• Enable Security SIPVicious OSS 0.3.2 released with more IPv6 goodness!
  The free and opensource version of SIPVicious has been updated so that support for IPv6 is also available in svmap. If you can’t wait to try it out, you can get it at the official repository or by using pip3 install sipvicious --upgrade. So now, with svmap’s IPv6 support, you can do stuff like: sipvicious_svmap -6 -v 2a01:7e01::f03c:92ff:fecf:60a8 INFO:DrinkOrSip:trying to get self ip .. might take a while INFO:root:start your engines INFO:DrinkOrSip:-:61500 -> 2a01:7e01::f03c:92ff:fecf:60a8:5060 -> kamailio (5.

March 02, 2021

• Digium Appleton Harley Davidson and Switchvox

  I usually don’t write too many blogs about our success stories, but I wanted to write this one since the installation occurred within the past few months, during all these trying times we are in. And a shout-out to our partner in Appleton, Wisconsin, Unitel, who played a huge role in making this happen.

  Appleton Harley-Davidson was looking to upgrade from their existing old phone system. They wanted something modern, such as touch screen phones, something that would connect their campus easily, something that would save them money, something that would be easy to manage and most importantly something that would give them contact center functionality such as auto-attendant simply and easily. And they did not want any hidden costs. A Switchvox on-prem solution fit their needs perfectly.

  Remote / Online training enabled early learning, and Unitel also hosted in-person training, so that the installation would go smoothly. Given Harley-Davidson colors are black and orange, Unitel also supplied orange phone cords with the phones.

  It’s nice to see during these times how a new customer got going.

  To read the full case study, please go here.

  The post Appleton Harley Davidson and Switchvox appeared first on Sangoma.

March 01, 2021

• FreeSWITCH Communicating in Space and Exploring Mars in 2021

  February 2021 was a busy month for exploring Mars. Three separate projects that launched back in July 2020 have arrived at the red planet just this last month. The United States, China, and the United Arab Emirates now all have new vehicles orbiting the planet and investigating the surface. Each of these projects has its own set of goals to achieve, and all three are scheduled to last about one year on Mars, which is 687 days on Earth. 

  On February 18th, NASA’s Perseverance rover and its partner helicopter named Ingenuity successfully landed on Mars. Ingenuity is a technology demo with the goal of being the first vehicle on another planet to achieve rotor-powered flight and it will then map roads for future rovers. Meanwhile, Perseverance is tasked with searching for signs of past life on Mars. After landing, Perseverance snapped photos of the landing site and listened to the breeze, beaming this information back to Earth. 

  The team of engineers and scientists working on this project will now spend its next phase diligently testing all the functions and instruments before moving forward to send back higher quality photos of the landscape and sniff around water deposits in an area called the Jezero Crater. Once it’s good to go, the six-wheeled vehicle will start to look for signs of microbial life on the planet, collect dust samples from the Martian surface, and help us better understand the climate and geology of Mars. 

  High definition cameras captured the excitement of Perseverance’s landing last month (you can watch the footage here), giving Earth observers an unprecedented view of the descent. A few days later, on February 21st, NASA released a panoramic photo of the landing site, which is actually stitched together from 142 individual images. Perseverance is equipped with a Mastcam-Z, a dual camera system with capabilities to zoom and focus to take high definition photos, as well as provide panoramic color and 3D images. This powerful camera system can reveal details as small as 3 to 5 millimeters across nearby and as large as 2 to 3 meters across in the distance. 

  

  The Jezero Crater, where Perseverance will live for its 1-Martian-Year-Long mission, is located just north of the Mars equator and was once home to a river delta. The land is 3.6 billion years old and can help answer some serious questions about the past on Mars, with a long history of water in this area making it an ideal spot to search for past microbial life.

  Perseverance is about the size of a car and overall looks similar to its predecessor, Curiosity. Some of the science instruments the vehicle contains include the Mastcam-Z, a subsurface radar, laser micro-imager, weather station, x-ray spectrometer and an ultraviolet spectrometer named Sherloc (which stands for Scanning Habitable Environments with Raman & Luminescence for Organics & Chemicals) and its camera, affectionately named Watson. Sherloc is the main tool that will be hunting for life while its companion camera will take microscopic images of Mars. An instrument called Moxie will make oxygen from carbon dioxide in the atmosphere, an experiment designed to prepare humans to go to Mars, which is a feature unique to the Perseverance project.

  The rover is also equipped with microphones to send back audio samples of the red planet. Perseverance successfully recorded a snippet that features the whirring of its own fan, ended with a brief gust of wind. Though that’s maybe not the most exciting thing, these microphones will hear more wind, storms, and other movements on Mars, and sound can become a new tool in listening to the rover to diagnose problems. Unfortunately, members of the Perseverance team don’t know if (or when) the microphones will give out, due to extreme conditions like frigid temperatures and radiation. 

  Missions like that of Perseverance are possible thanks to the satellites of the Mars Relay Network allowing telecommunications through space, from Earth to Mars and back. Images and sound are transmitted through this network of several satellites, which includes all the NASA orbiters. The collaboration of the orbiters will be key in handling the tremendous amount of data Perseverance will transmit back home. These orbiters have telecommunications subsystems that are composed of a radio system operating in X-band microwave frequencies and ultra high frequencies. The X-band system is used for communication between Earth and the orbiter, while the ultra high frequency system is used for conversations between the orbiter and any rovers on Mars. Entry, descent, and landing data were all sent in near-real-time and the rover is currently communicating with Earthlings twice a day. Large, sophisticated satellites on Earth are also required for this communication, including NASA’s Deep Space Network, an international connection of antennas with locations in California, Spain, and Australia.

  Ingenuity, the helicopter, will continue to live under Perseverance for a month or two before it’s ready to be deployed in a suitable location. These two join some other NASA bots hanging out on Mars, including Curiosity and the InSight lander. Back in 2018, the Opportunity rover lost contact with home due to a dust storm, and Perseverance is designed to avoid suffering the same fate, running on a nuclear power source like Curiosity that won’t require sunlight to keep going. 

  Meanwhile, China’s Tianwen-1 entered Mars’ orbit on February 10th. Tianwen-1 contains an orbiting spacecraft, a lander, and a rover, and it will remain in orbit for the next couple of months before landing in May or June. Its ambitious landing goal is to orbit, land and release the rover on its first try while coordinating observations with the orbiter. The objectives of Tianwen-1 are to provide a global survey of the entire planet, as opposed to Perseverance, which will stay in one area. 

  The Chinese project will be investigating gravitational trends, the atmosphere and climate, analyzing soil and dust samples, and searching for water deposits. The orbiter will study the planet from above using a high resolution camera while the rover will hunt for pockets of water deep beneath the red dirt. For about 90 Martian days, the currently unnamed rover will explore, while the orbiter serves as the telecommunications relay and continues to observe the planet from above. Because this is China’s first interplanetary mission, one of its foremost goals is to validate the communication technologies for Mars exploration like those of the Chinese Deep Space Network.

  The United Arab Emirates’ orbiter, named Hope, made it to the red planet on February 9th. Equipped with a high resolution camera, infrared spectrometer and ultraviolet spectrometer, and giant unfolding solar panels to charge the onboard battery, Hope will study large scale atmospheric phenomena exclusively and won’t land on the ground. It contains no rover or lander, just an orbiter. Its goal is to investigate mysteries of Mars’ atmosphere and be the first probe able to give a full picture of the climate of Mars throughout the year.

  The pictures Hope has taken so far are out of this world, showing 3 giant volcanoes in a row from space, including the biggest volcano in our solar system, Olympus Mons. Mars orbiters typically work as telecommunication stations for rovers to contact Earth. But Hope will be busy studying neutral atoms of hydrogen and oxygen in the atmosphere to help add to the research on how Mars could have gone from a warm, wet planet to the cold red desert of today.

  

  About half of all missions to the red planet fail, so it’s impressive that so far all three projects survived the journey. The landing process is extremely risky, and in general there’s still plenty of room for some road bumps later in 2021. Assuming each project will survive the upcoming months, it’s going to be a big year for space exploration!

  The post Communicating in Space and Exploring Mars in 2021 appeared first on FreeSWITCH.

February 26, 2021

• Digium DPMA – SSL Certificate Expiration

  Overview

  D-Series telephones and the Switchvox Mobile Softphone possess an embedded certificate that is used to encrypt their communications with a Sangoma phone system server.  The certificate will expire on Friday, May 28, 2021 at 4:45:20pm EDT (GMT -5).  If this certificate is invalid, D-Series phones and the Switchvox Mobile softphone are unable to provision against any Switchvox or DPMA-equipped system.  There is no in-place mechanism for remotely forcing an update on a server that will provide remediation.

   What is Affected?

  • All released versions of Switchvox that support D-Series telephones and/or the Switchvox mobile softphone including versions 5.5 through 7.6.1.  
  • FreePBX and PBXact systems using the deprecated “Digium Phones Add-On for FreePBX”
  • FreePBX and PBXact systems using the “DPMA” option for Endpoint manager
  • All released versions of DPMA used with open source Asterisk. 

  Remediation Plan

  Sangoma has produced new versions of DPMA, Proxy, D-Series telephone firmware, and Switchvox mobile softphone that remediate the problem.  Administrators (except Switchvox Cloud and PBXact UCC) MUST take action prior to the expiration date.  For Switchvox users on 7.x, the new firmware is included in Switchvox version 7.6.2.  For Switchvox users on 6.x or 5.x, the new releases are 6.8 and 5.12 respectively.  

  Steps to Take

  Sangoma has developed quick to implement and future proof solutions. Please visit the resource page for complete information on how to resolve the issue.

  Action must be taken before May 28, 2021

  The post DPMA – SSL Certificate Expiration appeared first on Sangoma.

February 23, 2021

• Digium Is CPaaS a Channel Opportunity?

  I get asked every once in a while, “Is CPaaS a channel opportunity?”. It potentially can be, but CPaaS being a channel opportunity needs some context. CPaaS itself means essentially selling the use of APIs, which are typically charged by usage. Applications written with CPaaS access these APIs (and, in turn, specific functions the application has asked to do) during the execution of the application they’ve written. This application “goes and gets the resources” the API asks for via the cloud.

  CPaaS is a hot topic these days because using them is easy, and one can add in voice or SMS to an already existing application relatively inexpensively. For example, one might want to add text messaging to an appointment application from a dentist or hairdresser.

  When talking about CPaaS being a channel opportunity, we are really talking about the applications that run on CPaaS. So if you as a channel are already selling cloud services, and used to selling in a recurring revenue model, then yes, CPaaS could be a channel opportunity for you.

  As a channel partner, there wouldn’t be a “make a big deal” and get the revenue from the enterprise all at once, then sell maintenance contracts. It would be a revenue model based on continuous usage that could go on for years. That’s very different if you aren’t familiar with cloud.

  And you would either need a stable of applications to sell, likely from some kind of store the CPaaS provider would have or develop a couple of applications yourself.

  So yes, it could be.

  The post Is CPaaS a Channel Opportunity? appeared first on Sangoma.

February 12, 2021

• Daniel Pocock Comparing private and peer-to-peer VoIP solutions

  One of the top questions people ask RTC developers around Valentine's Day is whether we finally have a private solution people can use to communicate with their partner.

  There is fresh attention on the issue this year after Twitter and other large providers flexed their muscles and demonstrated that they are more powerful than the US President.

  Suggestions

  Two products to try are Jami (Chat, voice, video) and Briar (Chat only).

  Neither of these is complete or perfect.

  Nonetheless, they are now at a stage where you can try them with friends and give useful feedback to the developers or help packaging them in distributions.

  Getting the latest Jami and Briar on Fedora and Debian

  I started a discussion on the Fedora devel list about packaging the latest Jami code. Due to ffmpeg patent issues, it will need to be distributed through RPM Fusion.

  For users of Debian 10 (buster), I've published backports of the latest build in the Debify repository. You can install like this:

  wget -O - http://apt.debify.org/add-apt-debify | bash

  sudo apt update

  sudo apt install -t debify-buster-backports jami

  You can ask questions about Jami on the Jami mailing list here.

  Briar packaging is held up by politics in Debian. I had been working on some of the Java packaging toolchain before people decided to put politics first. If anybody would like to see Briar on Debian, here are some of the outstanding technical issues.

  

  Both Jami and Briar apps are available, you can install them with F-Droid too.

  Privacy

  Achieving independence from cloud services doesn't necessarily give you privacy. There are trade-offs to be made. John Goerzen recently published a blog about privacy issues in current P2P tools.

  Ask us

  You can ask questions about any RTC and VoIP products on the FreeRTC discussion list. To receive periodic announcements about new products, subscribe to FreeRTC announce.

  Standardization

  There are various efforts to develop standards for true peer-to-peer communications. The SIP P2P / RELOAD effort and Serverless XMPP are worth looking at. reSIProcate includes initial efforts to support SIP RELOAD.

  
• Enable Security Communication Breakdown / rtcsec also on FreeRTC and SIP Planet
  At Enable Security, we often contribute the open source RTC communication in various ways - vulnerability reports, blog posts and analysis. And so, this blog is now aggregated on Free Real-Time Communications (RTC) and SIP planet sites! Now that was a short post :-) Next one will be longer.

February 11, 2021

• Digium Buyer’s Guide: Business IP Phone Systems

  There’s a wealth of information for buyers looking at business IP phone systems, and it can get confusing to understand the different options available. To start learning more about the basics of IP phones, business IP phone systems, and VoIP, read through this helpful article.

  What is an IP Phone?

  IP phones, also known as VoIP phones, look similar in appearance to traditional desk phones but are far more advanced. Like small computers, all the on-board features are applications, and the user can customize the display and buttons.

  IP phones are wired using Ethernet cables and connect to an IP-based phone system. In contrast, traditional desk phones use an analog cable and typically connect to analog or legacy digital phone systems. IP phones are powerful because they use an Internet protocol called SIP (Session Initiation Protocol) to send and receive audio.

  To explore Sangoma IP Phones, click here.

  What are the benefits of a business IP phone system?

  In the modern office, business IP phone systems are widely used. There has been a significant advancement in IP telephony, making it the most desired way of business communication. Some of the top benefits include:

  1. Flexible and scalable with plug-and-play installation and simple integration with other systems
  2. More robust feature set for better customer service and productivity
  3. Using your existing infrastructure is more cost-effective.
  4. Simple installation and use for remote employees
  5. Built-in backup plan

  Click here to read more on the benefits of an IP phone system.

  Flexible Hosting Options: On-Premise and Cloud Phone Systems

  Business IP phone systems can be hosted on-premise, in the Cloud, or a virtual environment. Each solution type carries its own set of unique advantages and disadvantages. The decision on how to deploy your VoIP system should only be taken after a detailed analysis, keeping in mind all your requirements. You should consider:

  1. Cost: Feature cost, upfront vs. recurring cost, and total cost of ownership
  2. Existing infrastructure
  3. Scalability
  4. Flexibility of deployment
  5. Redundancy
  6. Security
  7. The Cool Factor

  Download Sangoma’s guide to help you identify and prioritize your needs and guide you through the pros and cons of each deployment method.

  

  For a quick overview, download the hosted vs. on-premise infographic.

  How to Switch to VoIP

  1. Prepare your network infrastructure: Unified Communications (UC) solutions can be utilized with Voice over Internet Protocol (VoIP) systems and bring many benefits to businesses, including reduced IT costs and the ability to integrate business processes such as chat, presence, screen, and video sharing, CRM and support functions, and more. However, the role of networking is crucial during migration to VoIP/UC.

  Download this white paper to learn helpful tips for preparing your network for a VoIP/UC deployment; click here.

  2. Test if your internet connection is strong enough for VoIP: If you’re considering a VoIP phone system for your business or organization, you’re probably well aware of the many benefits a VoIP phone system has to offer. Bandwidth is a series of essential aspects of your VoIP phone system setup that is critical for success. To help you determine how much bandwidth you will need to support a new phone system, users can use the following equation:

  • G711 – A standard VoIP call protocol requires approximately 64kbps.
  • Using G711, you can have approximately 12 concurrent calls for each 1Mbps of bandwidth.
  • So, if your company needs to support 120 concurrent calls, you’d need a 10Mbp service.

  To test your current Internet speed for free, check out our VoIP Network Test tool. It will provide you with an easy-to-read report that will help you determine whether your services will support a voice platform or whether you should consider an upgrade.

  To read the full article, click here.

  3. Find the right VoIP provider: Now that you understand what VoIP is, the next step is to figure out your business requirements. To do that, however, you will have to start by identifying your organization’s business communications needs.

  Once you have identified your operational needs, you can start to look for VoIP providers that can meet your requirements. There are different types of VoIP providers in the marketplace that generally fall under three categories: VoIP-only providers, VoIP with cloud phone system providers, and VoIP as part of unified communications solution providers. The third option addresses the most common business communications needs while improving efficiency by combining solutions in one platform.

  “Sangoma’s UC platforms can be augmented with a range of hardware and accessories designed to provide the tightest possible integration with our phone system software. Customers no longer have to purchase software, system appliances, phones, and other hardware from separate sources. With Sangoma, customers can expect a complete custom solution, all from one vendor.”

  4. Know the key features your VoIP provider is offering: Even if a VoIP provider meets all your business communications requirements, you must ensure the provider’s reliability and security features. Securing a network is never a trivial task and requires ongoing attention as threats evolve.

  It is essential to understand the protection features of a business phone system. Toll fraud is a costly lesson to learn and can cost businesses a lot of money over a short period. 

  A sound business phone system should:

  • Limit the amount of call traffic a hacker can create
  • Lockdown extensions from specific IP addresses or subnet ranges
  • Change the default port for SIP.

  Learn more about Sangoma’s VoIP security best practices to download our free white paper, click here.

  5. Research the VoIP Provider: You should always read about the VoIP provider’s background, case studies, and reviews to find the market position of the brand.

  Frost and Sullivan have chosen Sangoma to receive their North American Unified Communications and Collaboration Competitive Strategy Leadership Award for our UC products and what we’ve been doing to bring them forward. To read more, click here.

  The post Buyer’s Guide: Business IP Phone Systems appeared first on Sangoma.

February 09, 2021

• Digium Frost & Sullivan Communications & Collaboration Competitive Strategy Leadership Award Video Q&A

  As some of you may know, Sangoma recently was chosen by Frost and Sullivan as a recipient of the North American Unified Communications and Collaboration Competitive Strategy Leadership Award.

  I also just finished a video interview about this with Michael Brandenburg of Frost and Sullivan. We talked about why Sangoma won the award, what this means to us, and where we go from here.

  One of the reasons Sangoma won the award is because we have both on-prem and cloud solutions and they utilize the same code base, and our resellers can also sell both solutions. And as Michael says in the interview, this means we “don’t have to push” the customer one way or another. We can recommend the solution that best fits their needs.

  And Michael asked me, “where do we go from here.” You can hear me talk about Sangoma’s continued addition of Communication as a Service products to our overall cloud portfolio, beyond just UCaaS. Similar in concept to our “end-to-end UC solution,” we want to offer “end-to-end As a Service Communications.” And you can also hear me give some viewpoints on where UC clients should go.

  But, I wasn’t able to talk about Star2Star when I gave this interview.

  The post Frost & Sullivan Communications & Collaboration Competitive Strategy Leadership Award Video Q&A appeared first on Sangoma.

• Enable Security SIPVicious PRO 6.0.0-beta.2 takes STDIN and fixes various bugs
  What we’re excited about in this minor update is the addition of a new feature to the SIP cracker in SIPVicious PRO. Basically, it now takes input from external tools through standard input. Why? Because it allows infinite ways of generating potential usernames, passwords and/or SIP extensions when making use of external tools such as the maskprocessor included in the well known password cracker, hashcat. Here’s an animation showing usage of the maskprocessor to generate passwords for the SIP online cracking tool:

February 02, 2021

• Digium Stopping Robocalls Using Analytics and How STIR/SHAKEN Gets Into the Mix

  Seemingly every day, we get a robocall. In 2019 in the US, it was close to 60 Billion of them! So it’s no exaggeration if people say they get called every day. It’s a problem for sure that the government is trying to resolve.

  Many people don’t even answer their phone anymore unless they know the DID or seems reasonable (like from a local number). But even that is not entirely safe anymore. And that’s what STIR/SHAKEN is trying to fix. STIR/SHAKEN are protocols and standards that help implement robust caller ID authentication.

  STIR stands for Secure Telephone Identity Revisited, and SHAKEN stands for Signature-based Handling of Asserted information using toKENs. (I bet they worked hard to get the SHAKEN acronym going.) According to the FCC, “This means that calls traveling through interconnected phone networks would have their caller ID “signed” as legitimate by originating carriers and validated by other carriers before reaching consumers. STIR/SHAKEN digitally validates the handoff of phone calls passing through the complex web of networks, allowing the phone company of the consumer receiving the call to verify that a call is, in fact, from the number displayed on Caller ID.”

  This means any kind of VoIP carrier would need to implement STIR/SHAKEN so as the call goes through the network, and the handoff validates the caller ID is proper and has not been altered as it’s traversed the network. Implementation of these standards needs to be done by June 2021, according to the Traced Act.

  So if you implement a VoIP Network and use Wholesale SIP Trunking as an example, you’ll need to make sure your provider has implemented STIR/SHAKEN by June 2021. Since Sangoma is a Wholesale SIP Trunking provider, we’ll have implemented those standards by June 2021.

  But there are steps you can take now to help protect your customers. We also have a service that is available now that helps address Caller ID spoofing. It is available both with our Wholesale SIP Trunking and can be used by other carriers, available via an API. It combines analytics, caller authentication, and verification to help address Caller ID spoofing now. Maybe you have noticed “suspected suspicious call” pop up on the phone when you get a call. Our service enables this for your network if you are a Sangoma (VoIP Innovations) customer, or like I said, even if you are not but want to use this service on your network. If you want to learn more about this, please go here.

  The post Stopping Robocalls Using Analytics and How STIR/SHAKEN Gets Into the Mix appeared first on Sangoma.

• Jitsi We need your feedback!

  Calling out to all Jitsi users and aficionados: please take a minute to make Jitsi better by answering these 9 quick questions!

  The post We need your feedback! appeared first on Jitsi.

January 29, 2021

• FreeSWITCH The Death of Flash – a Eulogy

  R.I.P. Flash, 1996-2021

  Remember Flash? Has any platform on the internet ever suffered such a long, drawn out, and painful death? Its discontinuation was announced by Adobe back in 2017, but it was officially killed on all browsers with no support functions any further on January 12, 2021. Although it’s likely that for you, it’s already been dead for years anyway.

  If you were online a decade ago, you know exactly what Flash was. It was everywhere, constantly telling you to download it or enable it when you viewed certain web pages, or played almost any online games. In the 90’s Flash was owned by Macromedia before Adobe bought the platform and developed it for many years. From there it grew in popularity pretty rapidly since it was so easy for content creators to use. For a part of the 2000’s, it was installed on more computers than all other media players combined. Videos, music, gaming – back in 2005, you couldn’t do anything without Flash. And it turns out, if smartphones didn’t exist, maybe it would still be relevant. 

  The first step towards the vicious murder of Flash was around 2007 when the iPhone was released. War was officially declared. Flash was not allowed on any iPhones, iPads, or iPods. Steve Jobs actually wrote a memo called “Thoughts on Flash” in 2010 in which he cited many issues with the platform, including negative effects on battery life, bad performance, unreliability, and poor security. In its early days, Flash was THE plugin for anything fun: animation, sound, video. It was Jobs’ opinion that HTML 5 would take its place. In retrospect, it would seem like that makes sense, as it did play out that way – but at the time, it was massively controversial. Some believed iProducts would never be able to access the full internet without it because basically everything ran on Flash. 85% of the top websites in 2010 contained Flash content.

  Not long after, Google sided with Apple in the great war on Flash, and by 2015, YouTube videos were all switched to the HTML 5 format. A tool called Swiffy was also launched to convert Flash content to HTML 5. But the following year, it literally just shut down because nobody used Flash anymore, so tools to convert it were simply redundant. As long as 5 or 6 years ago, browsers like Safari, Edge, and Chrome disabled Flash by default. 

  As this all played out, even Adobe started to distance itself from Flash, discouraging content creators from using it. In 2016 the platform was outed as having a severe security flaw on Windows 7 and XP. Adobe itself had to issue a warning about the flaw. This vulnerability was so nasty, an attacker could crash a PC and take control of the system. In 2017, the oncoming death of Flash was officially announced by Adobe. Updates and security patches stopped being issued around that time (yes, with over three years to go). 

  Even INTERNET EXPLORER was ahead of the death of Flash, disabling it by default in 2019. Which is still a little late to the party. But it does demonstrate how Flash crashed and burned so slowly as one by one, any and all browsers dropped support for it, adding a little more fuel to the fire year by agonizing year.

  Though the death of Flash has been welcomed by many, maybe there is space to mourn it, too. Before the days of a sleek and polished internet, there were all kinds of messy Flash games everywhere and entire Flash websites covered in annoying animations, since it was so easy for content creators to use. Flash changed how animation was created online. What could previously only be produced in months could be made in days. It was a chaotic time, with anyone able to easily create whatever they wanted, leading to some really weird stuff.

  It will be a safer internet for everyone without Flash, but we remember it fondly for its service in the early days of the world wide web. Any game you were addicted to online, almost any video you watched – Flash was the tool that made it all possible. Ultimately, the internet has outgrown it.

  In conclusion, it was time. But anyway, R.I.P. You probably won’t be missed since so many of us were living without you for years anyway, but we’re glad your long, drawn out death has finally come to an end. You served the internet well! 

  The post The Death of Flash – a Eulogy appeared first on FreeSWITCH.

January 28, 2021

• Digium The Positive Benefits of a User-First, not Cloud-First or Prem-First, UC Portfolio

  Sangoma has many unique positions. A lot of companies can say that. A lot of companies do say that. Sometimes unique positions are things that most people will agree on:

  Walt Disney World is unique, a family vacation experience unlike no other, because no other company operates a theme park and resort complex at anything approaching its scale or scope.

  Sometimes unique positions really aren’t all that unique:

  Popeyes Chicken’s new chicken sandwich is unique, and completely unlike the one you’d get from Chick-fil-a, or McDonald’s, or Wendy’s, because it’s got a *brioche* bun.

  Sangoma is unique because it delivers a broad array of hardware products. Most other companies can’t sell you a headset, a desk phone, a wireless phone, a small business communications gateway, and a carrier-class gateway.

  Sangoma is also unique because it offers a broad array of software products. Most other companies can’t offer you an open source telephony toolkit for constructing your own applications (Asterisk), a free-to-use PBX platform (FreePBX), a commercial UC software solution (Switchvox and PBXact), a retail SIP platform (SIPStation Retail), a wholesale SIP platform (SIPStation Wholesale) and a communications API (also SIPStation Wholesale).

  And, Sangoma is unique because it offers a user-first, not cloud-first or prem-first, UC portfolio.

  How so?

  Sangoma delivers two different UC offerings: Switchvox and PBXact. We provide both solutions to customers as cloud solutions, hosted directly by Sangoma. For a lot of users, this is the best option for their business. Sangoma handles the hosting, rents the desk phones, the mobile clients, the desktop computer clients, the software updates, the PSTN connectivity, and can assist with amendments. The customer gets a monthly bill; they’ve outsourced the rest.

  For another set of users, this isn’t the best option for their business.  They want to do their own hosting (private cloud or premises-based hardware), own their desk phone, do software updates on their own scheduling, provide their own PSTN connectivity (sometimes it’s Sangoma’s SIPStation Retail or Wholesale), and make all of their own changes. The customer pays upfront; they’ve insourced their UC.

  At Sangoma, we’re unique because the software for both customers is the same software. If a self-hosted customer wants to turn over the reins to Sangoma, we’re happy to help. If a Sangoma cloud customer wants to self-host, we’re ready for that, too, without a loss or change in functionality. We fully support both users by thinking and operating user-first.

  The post The Positive Benefits of a User-First, not Cloud-First or Prem-First, UC Portfolio appeared first on Sangoma.

• Jitsi JaaS: the Team that Builds Jitsi Can Now Also Run it for You!

  TL;DR The Jitsi team at 8×8 are proud to announce the brand new and awesome Jitsi as a Service: world’s easiest way to embed video meetings in your apps and websites! All the power of Jitsi and none of the hassle of running it. Check out JaaS now!

  

  Ever since early last year we were proud to see a huge uptake in Jitsi adoption. Many were downloading and running it for their schools, companies and communities. Many others were simply using it on meet.jit.si.

  To our great satisfaction we also saw a number of very creative teams and developers embedding Jitsi into their apps and tackling all sorts of different use cases ranging from work collaboration through education all the way to happy hours and Dungeons and Dragons sessions.

  We find this absolutely exciting as we firmly believe that video meetings should be right where you need them: well integrated in the apps where you use them.

  The Jitsi team at 8×8 is therefore proud to now announce the brand new and awesome Jitsi as a Service. JaaS lets you use the Jitsi iFrame API and mobile SDK to embed meetings in any web or mobile app. In addition to that it also gives you full control of meeting access through strong authentication and supplies a comprehensive set of webhooks that let your app nicely interact with the meeting. All of that comes with a very simple pricing model based on the number of users that connect to your service every month.

  To see how easy it actually is to embed into a website, we asked Matt Gardner, the DevRel leader at 8×8 to try it out. Here’s the short video where Matt demonstrates how to do it. 

  We already have many interesting apps hosted on JaaS and we will be telling you all about them very soon! Until then, make sure you check out all that JaaS!

  Love,
  Your Personal Jitsi Team

  The post JaaS: the Team that Builds Jitsi Can Now Also Run it for You! appeared first on Jitsi.

January 26, 2021

• Digium Update on LTE and 5G Networks

  Given that mobility is such an important part of the Unified Communications experience, I have periodically written about the proliferation of WiFi, and about the expansion of faster cellular networks. More WiFi out there in the world, and the better the cellular networks, means the remote work aspect of UC will just continue to grow. That’s not really any big news, but I still check in on the growth and proliferation.

  So let’s take a look at LTE and also at 5G. As indicated in the chart to the right, the Global Mobile Suppliers Association (GSA) is a good place to go to get some stats.

  LTE has been the fastest growing mobile system technology ever. It has over 5.4 billion subscriptions, connecting nearly 60% of mobile users worldwide. Most readers of this blog probably use some version of LTE every day.

  But now we hear about 5G being rolled out. According to the GSA report, 125 operators in 52 countries/territories have (as of mid-November 2020) announced 3GPP-compatible 5G service launches (either mobile or FWA). If you read the specs, the speeds and latency for 5G are supposed to be significantly better than 4G in terms of downloading video content, watching video content, etc. Yet in commercials in the US, that part is muted and we typically hear “get 5G speeds” whatever that means. Specificity is lacking.

  To me, that means I don’t need to rush to go get a 5G capable phone right now. But what is in the specs will occur someday. It will just take some time.

  And while there will be some stand-alone 5G networks, most networks will take the form of integration and then migration of the LTE/5G network. This paper from Ericsson is good reading if you want the specifics.

  At any rate, going back to the first paragraph of this blog, it means that mobile UC will continue its growth, and the advent of video to UC will continue to grow and won’t just be limited to your day to day “office” setup, whatever or wherever that may be.

  The post Update on LTE and 5G Networks appeared first on Sangoma.

January 19, 2021

• Digium Conjuring Up JCT, CG, Diva and IMG

  If you read the headline of this blog and have read this far, you likely know the meaning of these letters – they are all names of CTI (computer telephony integration) boards and VoIP gateways from the division of Dialogic that Sangoma bought pretty much exactly 3 years ago. I have to say, for all of us that came over to Sangoma from Dialogic, it’s been a quick three years!

  We still sell them, and we still use a contract manufacturer based in North America to manufacture them. And we’ll continue to make them while we can and while there is still demand.

  Is there still demand? Yes, you see, the whole world is not yet on VoIP (even though a lot of the people in the communications industry act like that). Some solutions are still connected to the PSTN and require these boards for that purpose. And some solutions are connected to a VoIP network through a gateway, but the solution does not need to be re-architected because of the existence of that VoIP gateway, so the boards are still used in the solution.

  So, if you need Dialogic boards or gateways and don’t know where to go, visit our website or give us a call.

  The post Conjuring Up JCT, CG, Diva and IMG appeared first on Sangoma.

January 14, 2021

• Digium Cloudy With a Chance of MRR

  If you know, you know. But if you’re new to the game (no shame in that), then MRR stands for Monthly Recurring Revenue; and, in today’s rapidly growing UCaaS (or any “as a service”) environment, the money is rolling in! In fact, within the cloud industry, it’s honestly hard to not make recurring revenue. While customers subscribe to a service, agents subscribe to a paycheck. 

  A Little Background

  Traditionally, with on-premise systems, you get paid once then you’re done. You’re left hoping that the customer has a need for additional phones, extensions, and support, or the system dies in 8-10 years and requires a spare. In the world of hosted services, not only does the vendor usually host and maintain the service, but the partner (agent) gets recurring revenue each month instead of the one-time payout.

  Master Agents

  If you don’t have one, you should get one – and Sangoma is partnered with the best in the industry. What is a master agent and what do they do? Think of them as a distributor/organizer/supporter of cloud-based solutions. 

  An agent (a partner who sells hosted services and is partnered with a master agent) will contact their master agent whenever they have a customer who needs a quote, as well as any situation that requires supporting collateral. 

  The master agent represents a LOT of vendors, from telecom to ISP, IT, MSP, network security services, and so much more. That agent can get a quote for internet service, a hosted phone system, access control, and more all through one contact. Then, when that agent closes the deal (thanks to the support and product knowledge a master agent has), the agent is paid any SPIFFS the vendors might be offering through the master agent. MRR for days!

  Master Agent Dating

  There are LOTS of master agents out there. On the surface, they may all start to look the same; but I’d encourage you to talk to them and see what sets them apart. They are usually quick to tell you, but if you are a partner looking for a master agent, I’d advise you find one that brings new products to your portfolio. This increases your chance to offer your customers more products or services to meet their unique needs.

  In Review

  Master agents pay out your spiffs and help you close the deals that you bring to the table. They often offer support by: 

  • Recommending complementary products and services
  • Negotiating with vendors if needed
  • Helping craft a custom solution
  • And so much more!

  All of these services combined result in more time for you to focus on what’s important: your business and your customers. Agents are enjoying the plentiful benefits of cloud-based solutions, reaping what they sow, and making money in the cloud industry. If you are looking for a hosted business phones system, SIP trunking, or a hosted fax offering, Sangoma has your back. Click here to learn more about our hosted services. Set yourself up for success and start selling cloud today.

  The post Cloudy With a Chance of MRR appeared first on Sangoma.

January 13, 2021

• FreeSWITCH A Year of 2 ClueCons: What 2021 holds for your favorite developers’ conference

  Register Now!

  You read that right. 2021 will be a year unlike any other, a year of TWO ClueCons. Here’s what to expect if you plan on attending both!

  2020 was more successful than we could have imagined. ClueCon Deconstructed was our first ever virtual version of ClueCon. Despite all the challenges 2020 brought us, our community showed up and made it a ClueCon to remember.

  2021 is almost as uncertain as last year. Just like everyone else, we don’t really know what will be possible when it comes to in-person events. But because of the insanely positive response from our community, we decided to host a mini version of ClueCon next month, February 16th and 17th: ClueCon TGI2021! This shortened version of the conference will mainly focus on the essentials of a typical ClueCon, workshops and presentations brought to you by brilliant industry experts. We’ve squeezed in a little networking time as well! You can expect that both days will alternate between presentations and open source workshops, with built-in breaks throughout the conference, and networking events at the end of the day.

  If you’re excited about the Coder Games, we have news for you: even though ClueCon TGI2021 won’t include the usual hack-a-thon, we will be unveiling the challenges and you’ll be able to sign up to participate later in August. The challenges can be completed month by month. The sooner you get started, the better.

  The full version of ClueCon will take place the first week of August as it usually does. We are optimistic that it could be in-person in Chicago, but like the rest of the world looking forward to what 2021 holds, we just don’t know yet. What we can tell you is that you can expect a full version of ClueCon online, no matter what happens. If the COVID situation is not safe, we will have the entire event online as we did last year with ClueCon Deconstructed. But even if we are able to host an in-person event, it will be a hybrid conference – that is, we will be hosting it online at the same time. We know that even as things get better this year, it’s likely that many members of our community simply won’t be able to travel yet, and we want you to know that you won’t be missing out. No matter what corner of the world you call home, you’ll be able to attend both ClueCons this year.

  ClueCon TGI2021 will be an entirely FREE, online event. We hope to see you there!

  Register Now!

  Workshop Lineup

  Speaker Lineup 

  The post A Year of 2 ClueCons: What 2021 holds for your favorite developers’ conference  appeared first on FreeSWITCH.

January 12, 2021

• Digium Panasonic Exiting PBX Business, and What to Do Next

  As most of you know by now, Panasonic is exiting the PBX business by the end of 2022. It’s sad to see Panasonic exiting the PBX business. They have been around a long time, and their products are solid.

  However, it should also not be a surprise.

  The PBX market has changed in the last ten years quite a bit – today, we call the market Unified Communications because the phone systems support voice and video, collaboration, file sharing, and messaging. And UC systems today also include support for office phone numbers to your laptop and your smartphone in addition to your desk phone. And Panasonic’s letter to their partners (I just chose a random posting by a partner if you want to read it) referenced a shift to cloud, lagging behind competitor R&D and new types of communications demand. Innovation is essential to keep a viable business, no matter what the business.

  So if you are a reseller selling Panasonic products, what is next? For sure, you will support this business, and I’m sure Panasonic will do the exit right and support you for the periods they have stated.

  But I’m sure you are looking, or have been looking, for a new UC system to sell to your prem and cloud base. One way to look at this is in a positive way – how to move forward and grow your business. You know business phone systems, and you know the prem business well. And you also see the market changing right in front of you.

  So you might want to look at a UC company that sells both prem and cloud and has the new types of communication being demanded today, such as video and collaboration, so you have a modern UC system to sell. And you want to look for a channel-friendly such company. And you want the company not to be so big, so you are just a number.

  Sangoma is the company for you.

  Not only do we have award-winning UC systems (we recently earned Frost and Sullivan’s North American Unified Communications and Collaboration Competitive Strategy Leadership Award), but we also have our own end to end solution that works seamlessly together (UC system, phones, headsets, SIP Trunking, SBCs, and Gateways) all coming from Sangoma. We treat our partners like family and want you to succeed; therefore, we offer quote assistance for cloud with a 15-minute turnaround, customized demonstrations for your customers that are vertical-specific, showing the customer exactly what they want to see. Finally, through our new partner portal, we offer customizable and co-brandable collateral, as well as content and social syndication, keeping your feed and website always up to date.

  Our UC systems include advanced collaboration and productivity-enhancing features for every user and can be deployed on-premise or cloud-hosted, allowing businesses to select the best option for their needs. Visit our Partner Program or give us a call.

  The post Panasonic Exiting PBX Business, and What to Do Next appeared first on Sangoma.

January 11, 2021

• Enable Security Details about CVE-2020-26262, bypass of Coturn's default access control protection
  Video demonstration The following demonstration shows the security bypass of the default coturn configuration on IPv4: Turn on the captions by clicking on the CC button and watch on full screen for optimal viewing experience. Background: why does coturn have default access control rules in the first place? TURN servers are an important part of many WebRTC infrastructures because they make it possible to relay the media even for hosts behind restrictive NAT.

January 05, 2021

• Digium Frost and Sullivan’s North American Unified Communications and Collaboration Competitive Strategy Leadership Award

  Today Sangoma has announced we have been chosen by Frost and Sullivan to receive their North American Unified Communications and Collaboration Competitive Strategy Leadership Award. Yes, a long-winded name for an award. In a nutshell though, we’ve been recognized by Frost and Sullivan for our UC products and what we’ve been doing to bring them forward. And we are very proud of that.

  Frost and Sullivan has criteria for the award around strategy innovation and customer impact that you can read about in the award write up. Sangoma met all of them. A few items with our solution particularly stood out to them though:

  • The concept of a full end to end solution and the fact that Sangoma can be a one-stop show for a full UC solution is unique. Sangoma offers UC but also our own collaboration clients for both mobile and desktop, phones, headsets, gateways/SBC if required, and our own SIP Trunking for prem solutions.
  • The fact that we offer both on-prem and cloud solutions means we can be a true trusted advisor to our customers. This means we aren’t “pushing” the customer to cloud or prem but instead guiding the customer towards what is best for them.

  Sangoma looks at this award also as a kind of award for our customers as well. Without them, we wouldn’t have won this. And they put faith in our product, and the value it provides them. So, we thank them as well.

  But we’re not standing pat with this award. We continue to drive ourselves forward, and you will continue to see Sangoma innovating in the UC space as well as adding to our suite of Communication as a Service product portfolio. While this award is about UC and UCaaS, we also offer other “As a Service” offerings such as Retail and Wholesale SIP trunking, CPaaS, Fax, Video Meetings and Access control. So similar in concept to our “end to end UC solution” we discussed before, we want to offer “end to end As a Service Communications”.

  As indicated above, if you want to read the entire award write-up, please go here.

  The post Frost and Sullivan’s North American Unified Communications and Collaboration Competitive Strategy Leadership Award appeared first on Sangoma.

• Enable Security Bug discovery diaries: uncovering sngrep overflow issues with blackbox fuzzing
  Executive summary (TL;DR) During OpenSIPIt, we crashed sngrep by mistake while briefly fuzzing OpenSIPS. Later on we setup a docker environment to reproduce the issue, identified the actual bugs and reported them upstream. If you want to learn the simple steps to do this, you actually have to read the rest of the post :-) sngrep crash during the live OpenSIPit event Last year we participated in OpenSIPIt’s interoperability testing event which was held between the 14th and 15th of September 2020.

January 04, 2021

• FreeSWITCH Animals & Tech: 6 Lighthearted Stories to Kick Off the New Year

  2020 was a rough year for everybody. But now it’s over, TGI2021!!! 2020 seemed to be a year buried in constant bad news, but a few uplifting stories about techy animals might have slid under your radar. From GPS turtle eggs to video matching schemes that rehome rescue cats, these stories are sure to warm your heart and brighten your new year.  

  Decoy GPS eggs track down endangered sea turtle poachers

  In order to stop the illegal trade of baby sea turtles, researchers are placing decoy eggs into nests on beaches in Central America to track down poachers. The GPS-enabled decoy, named “InvestEggator,” was developed to combat the poaching of endangered sea turtles and their eggs, but they may be used to help other animals in the future. Typically, turtles are smuggled from beaches and sold as delicacies to supermarkets and restaurants. The egg decoys are very difficult to distinguish from real eggs and have already led the researchers directly to some poachers. Tech is saving the turtles!

  Invite a llama to your next video conference

  Too many long boring company video conference meetings? Why not spice things by inviting a goat or llama on the call? A farm sanctuary called Sweet Farm in California is offering a service that allows a llama, goat, or cow to make an appearance on your next video call. Because why not? The whole idea is to simply lighten the mood during the global pandemic while raising awareness – proceeds go towards the effort to rescue farm animals and educate the public on the negative impacts of industrialized farming.

  U.S. Army trains dogs with augmented reality goggles

  Augmented-reality ‘doggles’ have been designed for canines working special missions in the U.S. military. Goggles were already used for eye protection for military dogs, but to create mixed-reality goggles, an optoelectronic element was added to create a heads-up display where visual cues are placed in a digital overlay of the real world to guide animals in the real world. A military working dog is typically hunting down narcotics, explosives, and occasionally even people. The goggles are connected to a command interface, allowing the handler to see what the dog is seeing and communicate in real time from a safe distance. A simple click on an object will send the canine to go check it out. 

  We can now translate bat talk. Turns out they argue a lot

  The Egyptian fruit bat is a highly social animal that roosts in crowded colonies. Just like any other animal, they communicate with each other, but it was recently discovered that their high-pitched squeaks were actually communicating specific problems. Originally, scientists thought the noises were entirely random, but they were able to classify 4 different categories of their calls. And they are ALL about arguing. Common causes for disputes include: food, sleeping positions, unwanted mating advances, and violations of personal space. Similar to humans using different tones of voice with different people, the bats’ calls can change depending on who they’re talking to. This, particularly, is pretty rare as far as humans are aware, as only dolphins and a handful of other species have been known to communicate this way.

  Bunny the dog has been communicating with humans through TikTok

  Bunny the dog has over 5 million TikTok followers who want to hear to what she has to say. She can communicate specific things by hitting different combinations of buttons on a board that each play pre-recorded words. The board is an augmentative and alternative communication device used to generate speech, typically a tool for nonverbal people. A study is being done at UC Sandiego to see if Bunny and other animals like her can really communicate using language. The study now includes over 700 creatures including dogs, cats, and horses. The hope is to study their cognition and determine how their communication works. The most puzzling part of this to researchers is the animals’ concepts of time and space – Bunny has demonstrated an understanding of words like ‘morning,’ ‘yesterday,’ and ‘tomorrow.’ Thanks to Bunny, we could learn a lot about how animals think!

  Video matching scheme rehomes thousands of cats

  Back in March of 2020, an animal charity called Cats Protection launched a program called “Hands Free Homing” to rehome cats during lockdown restrictions by delivering them right to your doorstep. The charity has helped to rehome over 10,000 cats since the launch of the program, which uses interactive video technology to match prospective adopters with cats, and then their new pet is delivered right to their home. In 2021 you can really get anything delivered!

  If you’re looking for more ways to brighten the new year, the FreeSWITCH team will be celebrating online in February with ClueCon TGI2021! Learn something new with free open source workshops and watch brilliant presentations by industry experts, all for free and from the comfort of your own home. Who knows, we might even invite a llama.

  The post Animals & Tech: 6 Lighthearted Stories to Kick Off the New Year appeared first on FreeSWITCH.

December 22, 2020

• Digium The Best of the Machi Minute: 2020 Edition

  As readers of my blog know, I’m pretty good about getting a blog a week out on Tuesday mornings. But I’m taking 2 weeks off of blog writing this year and instead we’ll do a top 10 of sorts here. We’ve all been part of a very strange year, one that will spill over into 2021. But we also have hope of returning to normal in 2021, something that I’m sure we are all looking forward to. Have a great end of year and l’ll be back on January 5th, like normal.

  

  1. Introducing Sangoma Meet
  Unified Communications systems, as I’ve blogged about numerous times already, with their ability to offer softphones with your business number, conferencing, collaboration, presence, and mobile phones that also utilize your business phone number, are at the forefront for enabling this new work remote / work from home environment we’re all experiencing right now. Read More

  

  2. Sangoma Welcomes .e4 to the Team
  Sangoma today announced we have signed definitive agreements to purchase .e4, based in Traverse City, Michigan. .e4 is Sangoma’s leading valued added distributor focused on open source offerings and a vital part of both the FreePBX and Asterisk ecosytems. The completion of this deal is expected to occur within our quarter. Read More

  

  3. Working from Home Now and Its Impact on the Future of Work
  it’s almost mandatory to have a UC system to effectively work from home. That’s because you can have the same work phone number, you can access the same applications, you can be part of collaboration teams, your colleagues can dial you on a 3 or 4 digit extension, you can have instant messaging, etc. You’re basically at your desk at work, except the desk is now in your home. Read More

  

  4. Support for Kari’s Law / Ray Baum’s Act
  On Feb 16, 2020, the federal version of Kari’s law goes into effect. It’s a complex but important topic, and justifies a comprehensive treatment in this update, something Sangoma is uniquely qualified to offer. But it is indeed complicated, so after reading this, if you have any questions whatsoever, please do not hesitate to contact us! Read More

  

  5. Why are there 5G Routers and Gateways?
  First of all, the question is really why would anyone need a cellular router? They could be useful as a backup mechanism in case your landline internet goes down.

  That’s why I first thought of this blog. Everyone on the street was WFH, kids were “going to school” on the internet, and, poof, the internet goes down. Sheer panic, right? What does everyone do? Read More

  

  6. Wi-Fi 6 and Why It’s Important
  There’s a lot going on now, and for this week at least, I didn’t want to write another remote work or WFH type of blog. So I figured I’d take a look at some new technology that we’d all be using someday soon in your house or your enterprise. So I zeroed in on Wi-Fi 6 as a good thing to write about. Read More

  

  7. Working from Home, the Future of Work, and How UC Fits In
  Many people today are thinking more about working from home, especially in the coming months. We’ll see how it all plays out, but it certainly is possible to work from home quite easily. Read More

  

  8. Communications Trends for 2020
  People ask sometimes what’s going to happen in our industry in 2020. And I typically say “I don’t know” because I really don’t know. The telecommunications industry will always surprise you. But, usually, there are hints of what’s going to happen because something is already brewing in the background, and it will just come to fore or become more of a force in the coming year. Read More

  

  9. The Difference Between Retail and Wholesale SIP Trunking
  SIP trunking is growing. According to the Eastern Management Group, the global SIP trunking market was approximately valued at $14.4 billion in 2018 and projected to grow 7.6% annually through 2020. The predominant reason for this is the growth of IP phone systems, which need to be connected to SIP Trunks.

  But if you are a business, what types of SIP trunks should you buy – retail or wholesale? Read More

  

  10. A Modern Approach to Wholesale SIP Trunking
  SIP Trunking is important for any enterprise these days – this is the connection into your building that carries phone calls to an on-premise UC platform, or is the underpinning of any cloud communications service. It must be robust, be resilient, be able to offer a wide array of DIDs, and comply with local telephony laws such as location service. Read More

  The post The Best of the Machi Minute: 2020 Edition appeared first on Sangoma.

• WebRTC Hacks WebRTC Today & Tomorrow: Interview with W3C WebRTC Chair Bernard Aboba

  Interview with WebRTC standards co-chair and author, Bernard Aboba. We cover the current status of WebRTC and where it is headed including WebRTC-NV, Simulcast, SVC, AV1, WebTransport, WebCodecs, ML and more.

  The post WebRTC Today & Tomorrow: Interview with W3C WebRTC Chair Bernard Aboba appeared first on webrtcHacks.

December 17, 2020

• Digium The Abundant Usefulness of Wireless DECT Devices in a Work-from-home Reality

  Let’s talk about 2019. In 2019, I worked in an office, the Huntsville office, just about every day. If I wasn’t visiting another Sangoma office to collaborate (in person?!?!) with co-workers, attending a conference, or on customer ride-alongs with sales (it’s like COPS, but fun, and not at all dangerous), I was in my office. And in my office, my trusty deskphone was always with me. From time to time, I’d visit other parts of the office. In other offices, I’d have other trusty deskphones. When walking from one wing of the building to another, I could stop along the way and use a public deskphone that we have strategically placed throughout the building. Communication was always in-reach.

  All of that was about 9 cat-lives, and now, in the great calendar year of 2020, I spend a lot more time at home, where the work still happens. My home’s probably a lot like yours. There are kids with activities and school assignments filled with math word problems I’ve not attempted in a quarter-century. There are chores – my dishwasher and the clothes washing machine guffaw every time I empty them because it’s always followed by a refilling activity. And there are pets, which come with pet incidents and accidents. No conference call is safe, no one-on-one meeting is immune. I’ve discovered multitasking muscles that I never knew I had.

  Here, at home, I’m extremely grateful for two things that are both, blessedly, products offered by Sangoma; and without which, my kids, pets, and significant other would have incomplete homework, carpet stains, and heartburn. What helps us retain sanity through the workweek are Sangoma’s wireless DECT devices.

  First, I make extensive use of my Sangoma H20 wireless DECT headset. I use it to connect to my Macbook for my PC-calling and collaboration needs using the Switchvox Desktop Softphone, Zulu Desktop, and Sangoma Meet. I also connect it to a Sangoma Deskphone – yes, I still have a deskphone, too, even though I’m at home; there’s no substitute for a good, dedicated device with excellent speakerphone qualities. The H20 allows me to use both of my hands as I type, tutor, and perform laundering activities. Because it uses DECT, it’s got range throughout my home, my WiFi devices don’t interfere with it, and the battery goes all day.

  Second, I also use Sangoma’s DC201 DECT base station and wireless handset combo. I have my calling rules on our UC system set to ring both devices. I don’t always want to wear a headset, and I can put the handset in my pocket. If I need to make a call, I’ve got access to a keypad, my corporate contacts, and I can turn on the loudspeaker mode and set it down while I practice amateur home repair.

  Together, these wonderful applications of simple technology have a significant impact on my ability to remain productive throughout the new working day. If you’re not using solutions like these to help you work better from home, maybe you should. Unless, perhaps, you embrace the chaos?

  The post The Abundant Usefulness of Wireless DECT Devices in a Work-from-home Reality appeared first on Sangoma.

December 15, 2020

• Digium System Integration and Security will be Important for the Future of UC

  Unified Communication was driven by many things – technological advances in networks for example that made this possible. But even beyond that, it was driven by people wanting to communicate in different ways – ways that were easier and more efficient for them. And it was also driven by companies wanting to reduce costs, because if customer communication could become more structured towards self-help and less towards people and real time communications, costs would be reduced and customer satisfaction could also potentially go up.

  Because UC has taken center stage during WFH, business owners have started to understand that having a basic contact center would enable so much better customer service and are demanding basic multimodal contact center features in the UC system. Why have another specific expensive contact center unit (either on-prem or another monthly cloud expense) if the UC system can handle the basic contact center features that would help a small business? Because why not – the UC system already includes multimodal communication potential.

  This trend of adding more and more contact center features start to become part of the UC phone system will continue because it saves customers money.

  One of the benefits of remote working is that your “office comes with you” – you can access all your applications, including communications, remotely, and people won’t really even know that you’re not in the office. However, there is one big difference, even if it may not be noticeable to you. When you are in the office, you are behind any security protections your company has set up. When you access the internet for example, you are behind security protections. But when you work remotely, these are not necessarily in place. Yes, you may VPN in, which gives some protection, but your house Wi-Fi may still be at risk.

  So what does this mean? If remote work is here to stay, then there will be some changes on the security front for sure.

  For one thing, it means the employee is taking on more of a role on security whether they like it or not. One idea that will likely gain more traction in a company to make sure you are the person accessing the network is adding biometrics to the access points. Right now, you likely have a password and it is likely a strong password. In the future, we are also likely to see additional security such as voice recognition or fingerprint reading as examples.

  Second, more remote working means more cloud-based services. And these cloud-based services are not behind any corporate protection. As such, the cloud providers need to ensure their systems are secure. It likely will involved added security on end devices so there is an end to end secure transmission between your end device and the cloud environment.

  IoT will also bring added security risk. The more devices connected to your network, the more potential access points there are. To combat this, we will likely see AI enter the security realm as well. AI can look at trends and see any access anomalies and act on them.

  Unified Communications has played a major role in the shift to remote working for knowledge workers. With remote work in some form poised to remain a part of the way most businesses work, UC will continue to be center stage. And that will mean an array of new requirements will be coming to the UC systems, which in turn will mean the UC systems will continue to innovate and evolve.

  The post System Integration and Security will be Important for the Future of UC appeared first on Sangoma.

• Jitsi End-to-end Encryption Beyond Buzzwords

  Trying to navigate the complexities of privacy protection and end-to-end encryption for real-time comms? This talk from Jitsi founder Emil Ivov will help clarify things!

  The post End-to-end Encryption Beyond Buzzwords appeared first on Jitsi.

December 10, 2020

• Digium Switchboard Tips for Remote Workers

  Switchvox has great call-handling tools that can be overshadowed sometimes by the focus on the more complex Call Queues. If your teams work closely with each other but don’t necessarily have the call-volume for a queue, the Quickdial and Call Activity widgets can be quite helpful. And when your teams are working remotely, these widgets can provide the visibility that you all need to help each other and your customers.

  The Switchboard Quickdial Widget came about when our customers asked for a quicker way to transfer a caller without putting the caller on hold. So that’s what it does: You can have a Quickdial widget that includes your Rapid Dial list or a custom list of contacts, and for each contact, you can dial them, transfer your active call to them, or dial or transfer to their voicemail. That’s all it does, but it puts those tools right at your fingertips for one-click use.

  The Switchboard Call Activity Widget gives you more insight into what your coworkers are doing so that you can help each other assist your customers. You can put individual contacts and groups into the widget, and then you can see what those people are doing and pitch in to help them. Each call they’re on is listed in the widget, and you have options for picking up a call when the person isn’t answering, ‘monitoring’ their call when you need to hear what’s discussed but don’t need to be part of the conversation, ‘whispering’ into their call when you think they might need help (the other party can’t hear when you whisper), or ‘barging’ into their call when you need to join the conversation.

  Call Activity is an excellent tool for teams to assist their customers better, but it’s also a great tool for training purposes. When you are training a new team member, particularly when you’re all working remotely, everyone can help the trainee. They can make themselves available when they see an important customer on the line, and monitor, whisper, or barge in when necessary.

  Both of these widgets display a green bar when the contact is on a call, so a quick glance can indicate whether or not they’re available to help you. The Call Activity Widget can tell you if they’re talking to a customer or to each other, which can help you decide if you want to interrupt them for what you need. The widgets also display a contact’s Switchvox Status, which can indicate, for example, that they’re away for a bit, or on DND (Do Not Disturb), or on vacation.

  To see these widgets in action, visit the Switchvox Switchboard Training web page, and look at the training video.

  As we all learn how best to work remotely from each other, we need to be creative and take advantage of the tools at hand. I hope these Switchboard widgets contribute to valuable conversations with your teams and your customers!

  The post Switchboard Tips for Remote Workers appeared first on Sangoma.

December 08, 2020

• Digium Requirements for the Future of UC

  If the future of Unified Communications means even more mobility, what does that all really mean? Some essential requirements emerge:

  1. Mobility
  2. Collaboration
  3. Ease of Use
  4. Integration
  5. Security

  If the future is yet more and more working remote, then collaboration capability will become even more critical. If you are not going to be right next to someone, or in the same room, talking about something you both need to see, then the next best thing is sharing it on a screen. Your presence tool is the best place to do that. Or, put another way, this needs to be part of the unified communication suite. You should have a presence tool that can also make phone calls and share documents, and allow for standard editing.

  Additionally, the need to be connected is more significant than ever with a truly mobile and remote workforce. So group video calling and sharing of documents as well, in a group environment is critical.

  Another obvious step for the UC system is to utilize and analyze all that data available to it. In other words, integrating Artificial Intelligence into the platform. As Artificial Intelligence gets integrated, the business communication system can start making decisions based on context, past similar decision history, etc. This is happening already with the chatbot’s emergence, which will engage you more and take you further down the discussion as time goes on. Chances are you have talked to a Chatbot and did not even know it. Like most contact center innovations, Chatbots have been driven by the oxymoronic need to reduce costs and provide better service. And as speech recognition and text to speech programs, and computing power have improved and come down in cost, the advent of computer-driven speech into the contact center occurred.

  Again, with Artificial Intelligence, the possibilities are endless. The system could predict who you might call based on past history, and how they might want to get connected, who might need to be on a conference call, and the system could ID you based on voice recognition. And, of course, the helper bots will continue to grow. Maybe someday my bot will-call, or message, or communicate somehow with your bot.

  Next week we will cover the last two major requirements.

  The post Requirements for the Future of UC appeared first on Sangoma.

December 07, 2020

• FreeSWITCH Cool Gadget Gift Ideas for the 2020 Holidays

  2020 has been a life-changing year for everyone – we’re all either working from home, learning from home, switching from in-person to virtual gatherings, or simply staying in more. We’re in our homes more than ever, using our tech more than ever, and people are adjusting to that in different ways. For some it’s sprucing up the home office, or cooking more, maybe playing more video games or watching more netflix. And with winter coming, many of us in colder climates will be stuck inside more often anyway on top of the challenges of a global pandemic. Here’s a list of some gadgets to treat your loved ones (or yourself) to this season – tech to suit the range of lifestyle changes 2020 has brought us, toys to brighten up the dark winter months, and frivolous gadgets suited to making home life easier and more pleasant in what’s been a really tough year for everybody. 

  Under $100

  Wireless Bluetooth Beanie Hat – $25

  If you or someone you love has really gotten into walking or running as a way to get out of the house this year, a hat is always a great winter gift for a cooler climate. Especially a hat with bluetooth function in it – it can be really annoying to layer headphones underneath a hat underneath a hood underneath a scarf when one suddenly pops out of your ear. Tenergy has a super affordable version and you can buy them pretty much anywhere.

  Laser Projection Keyboard – $50

  A keyboard and mouse alternative, a laser keyboard projects onto any surface, perfect for travel. It’s great for connecting with tablets and smartphones in a pinch, useful for any writer or coder in your life always on the go. The AGS keyboard can be bought from many big retailers, but there are plenty of other brands available as well.

  Wireless Charging Stand – $55

  It’s 2020. We have the technology. It’s time to ditch the mess of cables piling up around desks and couches and set up a wireless charging station for ultimate ease of access in your home. Mophie has a bunch of different options available at varying price points.

  Indoor Gardening Kit – $60-$500 

  Winter is a great time to bring greenery indoors, but some of us just don’t naturally have a green thumb. Luckily, technology is here to help us out. AeroGarden has several sizes so you can grow a few herbs or an entire garden. These gadgets provide light, grow plants faster than soil, and they have a water level indicator so you never under or over water. Caring for plants is a great way to fight the winter blues, and now’s as a good a time as ever to pick up a gardening hobby!

  Phone Disinfection and Charging Station – $80 

  We should all probably be cleaning our phones more often than we do. With the global pandemic raging on, you can probably never wash your hands and sanitize your phone too much. But even in normal times, most smartphones, it turns out, are absolutely filthy. There’s a gadget that makes cleaning your phone as easy as simply charging it: the PhoneSoap charges and sanitizes at the same time using UV light. Great for the germaphobe in your life, or the person who can never remember to clean anything. 

  Personal Heater – $70

  Heatcore is a personal, powerful heater designed to save money on heating bills. Whether the person you buy it for is working at home or in the office, or they will be going back to the office eventually, it’s a useful gift for any environment. It has a compact design, is made to be energy efficient, and unlike many other portable heaters, it filters the air, keeping you warm and fresh at the same time. Perfect for the person always hiding under a pile of blankets during the workday.

  $100-$200

  Floating Speaker – $100

  MPG Maglev is a levitating speaker, but it also looks like a beautiful sculpture: a dark shining orb floating above a color-changing, LED-lit base. If someone in your house needs a new speaker, this is a two-for-one, as it also serves as futuristic, techy decor. If you’re spending time at home now more than ever, there’s never been a better time to spruce up the decor of the home office with something so practical. 

  Mobile Printer – $100

  Does someone in your life need a new hobby this year? Have them test the waters of photography with a mobile printer. Being able to use your phone as a camera can really open up the possibilities in the world of photography. Fujifilm Instax SP-3 Mobile Printer is one great option to fill your home with photos snapped over the years on a smartphone.

  Smart Mug – $100

  Does your coffee always get cold before you can finish it? If you want to be a little bit extra this season, smart mugs are a thing. This gadget might not be something you would purchase for yourself on any old day, but it makes a super cute gift – mugs like the Ember keep your drink perfectly hot and temperature can be controlled with a smartphone. If you’re shopping for someone who’s drinking coffee and tea all day long and is about to enter the long, cold winter, this gift could be more handy than you might think. 

  Long distance touch lamps – $100-$200

  This year might be the first time you’re being separated from some of the people you love the most. For those that aren’t in our households, these sweet lamps change colors when touched, letting you know that person is thinking of you. Aww! You can even get a whole network of these lamps going for a group of friends and set specific colors for different people. There are many different versions at a variety of different price points, so you can choose which is best for your budget.

  $200-$400

  Casper Glow light – $200

  Did you know that there’s a light designed to help you sleep better? The light slowly dims out as you’re falling asleep, and gently brightens the room as you wake up. As the winter days will be mostly dark and gloomy for a lot of us, someone in your life who’s more of a summer person might really appreciate the special lighting in this not-so-usual winter season.

  Roomba – $250-$900

  Why not? At this point, a lot of us probably vacuum a lot more often since we’re home so much, stuck inside, and noticing right away when stuff starts getting dusty and dirty. Vacuuming can be a time consuming chore for anybody, so having a gadget that does it for you really is a luxury worth indulging this year. And these aren’t new, so there are many other brands to purchase in 2020 if the cheapest Roomba is simply outside your budget. 

  Nintendo Switch – $300

  Nintendo games are always in season for most of us. Get it for your household or for yourself and everybody can enjoy playing games together. Really, when you’re stuck inside for days on end because it’s blizzarding out, what better way to pass the time than to binge Animal Crossing or Mario Kart? In the year of the global pandemic, we’ve all got more free time than we’re used to for this stuff. If it’s a little outside your budget this year, you could always attend ClueCon 2021 where we have a habit of giving gadgets like this away as prizes!

  Coffee & Tea Alarm Clock – $400

  Coffee in the morning is a must for most people. And as many of us enter the winter season, cold snowy weather brings dark gray sleepy days. If you’re working from home for the first time, you might have found your coffee habits changing from a rushed, on-the-go caffeine chug to a luxurious moment of indulgence at the start of the workday. And while it’s gloomy out and snow is falling heavily, getting your caffeine boost right as you roll out of bed makes mornings even easier. The Bariseur Coffee & Tea Alarm Clock is a dual-functioning alarm clock and coffee maker that you can keep on your nightstand. The price point is a little high, but there are cheaper versions available on Amazon as well.

  However you’re celebrating this year, above all else, we hope you and your loved ones stay healthy and safe. Happy Holidays from the team at FreeSWITCH & SignalWire!

  The post Cool Gadget Gift Ideas for the 2020 Holidays appeared first on FreeSWITCH.

December 03, 2020

• Digium Getting the Most Out of Toll Free Numbers

  Even in today’s world, most call plans include what used to be referred to as “long-distance,” toll-free Numbers are still seen as a sign of a respectable business. They project a feeling of importance and of a business that has clients all over the nation.

  The original “800” area code was introduced in January of 1966, and calls were completed over unique fixed-rate trunks accepting calls from certain calling areas along with the possibility of limiting the number of hours per month. Itemization was not possible for billing initially, and the fixed-rate trunks were costly and only used by government agencies and large corporations.

  Since then, the system has evolved and has become much more accessible. In 1986, the toll-free market was opened to competition, and in 1993 the existing RespOrg system was introduced to allow portability between these competitors inside the SMS/800 database, which manages the toll-free ecosystem. RespOrgs (Responsible Organizations) are ultimately the companies that manage and own their toll-free numbers directly from Somos, the SMS/800 database manager.

  While most companies are content with purchasing toll-free numbers from carriers and letting the carrier maintain ownership over the phone number, many ITSPs and MSPs have gone through the process of becoming a RespOrg themselves. Becoming a RespOrg gives you much more control over your toll-Free numbers, control that you’re typically not given by toll-free providers; time of day routing, emergency or disaster routing, and area code and exchange routing, to name a few.

  Some of this functionality has been added to PBXs and soft switches, but the area code/exchange routing opens a whole new world for RespOrgs, the least-cost route. Most toll-free providers will offer toll-free services as a blended, flat rate, backbone carriers that most RespOrgs use typically uses rate-deck based billing like an outbound call. Calls made to your toll-free numbers will be billed differently depending on where the caller is calling from. This means that calls from an area predominantly serviced by AT&T might be more expensive if you’re using Verizon as a toll-free provider instead of using AT&T.

  Becoming a RespOrg allows you to make granular changes to how your toll-free number is routed, allowing you to take advantage of the cheaper rates with various carriers. This is an invaluable tool for toll-free numbers that take calls from various areas across the US, ultimately allowing RespOrgs to save a lot of money by making those distinctions. Also, the control over what carriers your calls go over means that in the event of a carrier outage, you can swap out the bad carrier for another provider that you have service with, mitigating the time you or your customer are unavailable.

  As a RespOrg, building and maintaining relationships with several larger toll-free service providers is certainly not an easy thing to do. Some providers have minimums, which may mean the cost savings aren’t worth it. Other larger carriers are challenging to even create a relationship with. These issues mean that several valuable features in the Toll-Free service system have been kept out of reach of many small to medium-sized RespOrgs.

  At VoIP Innovations, we’re trying to bridge that gap to give those small to medium-sized RespOrgs access to 6 different top tier Toll-Free service providers. Customers can retain RespOrg on their toll-free numbers and select from a list of what carriers they want us to give them access to. Once we confirm that those carriers have built the routes for your toll-free numbers, you can start routing directly to them. This gives our customers access to carriers that may be inaccessible for them and allows us to manage the multiple relationships and give you a single contact to work with.

  Suppose you have no desire to become your own RespOrg. In that case, VoIP Innovations is a RespOrg and utilizes these features to offer an affordable, reliable toll-free service with six underlying providers available for redundancy. We know how important it is for your service to work and have built a fully redundant network with additional carrier redundancy to ensure optimal uptime.

  To learn more about VoIP Innovations, check us out https://carrierservices.sangoma.com/.

  Questions about our service? Want a demo of the service and to know what we can do for you? Fill out this form, and we’d be happy to help you https://carrierservices.sangoma.com/contact/.

   

  The post Getting the Most Out of Toll Free Numbers appeared first on Sangoma.

• Enable Security SIPVicious PRO beta release contains SIP fuzzer and better automation
  We just made SIPVicious PRO v6.0.0-beta.1 available to our beta testers. This latest release brings a new SIP fuzzer and enhancements for automation to your favourite RTC offensive security toolset. We have the following highlights with this release: New fuzzing tools - sip fuzz method. This used to be in a separate internal tool called gasoline (see our toolset page); this now been polished and has joined the SVPRO toolset; this has been used to identify vulnerabilities in Kamailio (advisory), sngrep (advisory 1 and 2) and other SIP servers.

December 01, 2020

• Digium The Future of Unified Communications Ties Into the Future of Work

  The benefits of Unified Communication systems have emerged front and center for businesses of all sizes. UC has enabled many businesses to keep going forward in this remote work environment, almost as if nothing had happened. Given the spotlight on UC now, and given many businesses have signaled that remote work, at least in some form, will remain a part of the company even when it’s time to go back to a physical workplace, many people are asking, “what’s next” for UC?

  Let’s level set on UC before we get to that question, though. At the very least, UC should include presence and instant messaging capability as part of a mobile client who works on laptops and smartphones. And within that IM capability, there should be the ability to make phone calls on that client. And that client should not only be able to handle peer to peer phone calls for those on the client, but it should be able to handle phone calls from outside the enterprise network. In other words, the client should be able to take phone calls to and from your office phone number. Over the past few years, UC has also started to include screen sharing capability on the client and has started to include video conferencing and collaboration capabilities.

  We also need to understand the requirements of a future workplace because that will drive where UC goes. The future workplace will certainly involve anywhere, anytime, borderless collaboration, and communications. Even before the pandemic, companies were reducing office square footage per employee.

  And many companies are also exploring ways to be more socially conscious, including becoming “more green.” This can involve supporting a myriad of carbon offset projects or initiatives that offsets what your company is putting into the environment. And some companies are exploring more mandatory work from home scenarios as that creates less driving and fewer carbon emissions. Being able to help customers remotely would also obviate the need for truck rolls or plane trips to see them. Utilizing video, incorporating IoT for data information about your customer deployment, and utilizing AI to help analyze all that data would play a large role in this overall vision. Unified Communications systems’ ability to enable remote work, video, and potentially even tie into IoT communications is critical to realizing this overall vision effectively.

  In other words, UC will need to enable more mobility, more collaboration, and more customer service, all while making it easier to use.

  In next week’s blog, we’ll look more in-depth at the future requirements and how they might drive UC functionality.

  The post The Future of Unified Communications Ties Into the Future of Work appeared first on Sangoma.

November 27, 2020

• Enable Security Privacy Policy
  Owner and Data Controller Enable Security GmbH Neuburger Straße 101 b 94036 Passau Germany Privacy Compliance Officer email: contact@enablesecurity.com Types of Data collected Personal Data may be freely provided by the User, or, in case of Usage Data, collected automatically when using this Website. Unless specified otherwise, all Data requested by this Website is mandatory and failure to provide this Data may make it impossible for this Website to provide its services.
• Enable Security Impressum
  Enable Security GmbH Neuburger Straße 101 b 94036 Passau Germany Telefon: +49 15735985664 E-Mail: contact@enablesecurity.com Register of Companies: Amtsgericht Berlin-Charlottenburg HRB 173016 B Tax ID: 37 / 277 / 50040 VAT ID: DE 304514226 Managing director: Sandro Gauci