[HacktionLab] Open Source / federated VOIP?
johnc
johnc at aktivix.org
Wed Jan 14 16:07:09 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I haven't used this yet but have done a little research on the program:
+'s:
- - it easy to use
- - Available on a range of OS's + devices.
- - reasonably decentralised - but I believe it still has some known
"good/online" user IP's hard coded for bootstrapping like bitcoin has.
- -'s:
- - Currently no independent security review has been performed.
- - It's DHT implementation is vulnerable to Cybil attack=> not that hard
to DOS.
- - No group voice chat.
- - Main developer (irungentoo) is anonymous.
On 01/12/15 22:17, Jim McTwanky wrote:
> .....educated /opinion/......that is.
>
>
> On 11/01/15 20:44, nmd wrote:
>> Hi, Thanks for everyone's suggestions and thoughts - I tried jitsi and was
>> semi-successful (got sound and video working in one direction and the
>> problems
>> may have been specific to one of the laptops). Might try that again in the
>> future but will also hope that these things get a bit simpler with time!
>> Cheers,
>> Nick
>>
>> On 02/01/15 11:26, Tim Dobson wrote:
>>> On 31/12/14 16:24, johnc wrote:
>>>> Some Problems: -Mobile phone specific: -- mobile phones vary
>>>> greatly in their ability to run sip clients using crypto. I've seen
>>>> sip clients use 100%CPU with awful audio quality on a few phones
>>>> including high end samsung models. -- The latency on 3G is
>>>> typically around 1 second. Expect horrible lag etc. Using WiFi is
>>>> the only way to go unless you are lucky enough to be on 4G.
>>>> Non mobile phone specific: - ostel's only server is in the US,
>>>> latency is about 120ms. Not so good if you are in Europe. We could
>>>> build our own :-). - If you are going to build an ostel system I
>>>> suggest you include the topology hiding setup from my wiki or
>>>> elsewhere in your Kamailio config. SIP leaks IP/location
>>>> information unless you make an effort to obfuscate it.
>>> One solution I quite like, which works *if* you:
>>> a) trust the clients to a degree
>>> b) are happy with non-federated, centralised phone system, with the
>>> PBX as a single point of failure
>>>
>>> is:
>>>
>>> Your favourite SIP-based PBX system over OpenVPN.
>>>
>>> So, your phone connects to OpenVPN, and then the sip clients connects
>>> to the PBX via SIP, over a VPN.
>>>
>>> Pros:
>>> a) as secure as your deployment of OpenVPN
>>> b) removes NAT issues - there aren't any - the SIP/RTP goes via OpenVPN
>>> c) It mostly 'just works' (tested with .bg client connected to .uk
>>> server with no issues)
>>> d) possible on mobile [android], desktop and in modern Snom firmwares
>>>
>>> Cons:
>>> a) nontrival to setup
>>> b) centralised [not federated, and not designed to be]
>>> c) requires the giving out of VPN certificates to each client in advance
>>> d) SPOF [or compromise] on PBX system
>>> e) not really possible to 'just leave on' on mobile without emptying
>>> your battery
>>> f) only known to be *super reliable* on Snom desk phones, connected to
>>> an uncongested network
>>> g) certainly not without points of weakness
>>>
>>> ---
>>>
>>> It's not foolproof. It's not bombproof. But it is a nice architecture
>>> that works for some scenarios. :)
>>>
>>> -Tim
>>>
>>> _______________________________________________
>>> HacktionLab mailing list
>>> HacktionLab at lists.aktivix.org
>>> https://lists.aktivix.org/mailman/listinfo/hacktionlab
>>
>>
>>
>>
>> _______________________________________________
>> HacktionLab mailing list
>> HacktionLab at lists.aktivix.org
>> https://lists.aktivix.org/mailman/listinfo/hacktionlab
>
>
>
> _______________________________________________
> HacktionLab mailing list
> HacktionLab at lists.aktivix.org
> https://lists.aktivix.org/mailman/listinfo/hacktionlab
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBAgAGBQJUtpQkAAoJELy1jPQ1KER76nAP/jcxe4y4bpN3Wn85gDHGILaC
KXQUCbwHRJepYgic9AfdIGP47fSmWCAms0BbeJDjrIYGlhWfv6oQI0Y7x1snfZFe
+CXapPzdIgQyafKKet+IZrjPTsPXp4FRwf4Pqv3rmxARBZQEJ9Ii+nAoOmxzf53R
uiJHXEC46fECaON0W/5ueNg7XL90l2WkucKm4gvCMvvvyh+H+/olwECzt/IskZw9
jqc3FWiOV9eIlg+jQ+jleY/xXiM5mSb9qdhZPcPDVK7Fr3Sr75Hbhndzy6MyT3qe
xT5lsVarOwjgKABahfIFDR5ZHasGw/Wa4Yv3sqn4+OVbflntNYkseyfCUnkOq3gc
LJtdYWN7A64H2W7/RRAs6/llnCVKgQE31eDAGXMtkLQVWy7UgBjtQSeX8BgrSXvB
hVuqU8Ec1BhYR+FxjfqZve6KDZ/ckS2pQAvq3bopG4CM6VBElr7XoyO6nyUdFQdM
JRsucYLx8sPnI6ERBPeoDO8pPr/vLW75KRVu/wRAZtSFZP0iZSrn2Cei+DAKIU+I
GUNFheZzCDp8Mmq24pyIDenTKx3jI0kPmBr+V+gkMTdzTsoctqJwvEm04S36MDrd
ND1D7urWVh95WKT9nQKzQR4RKcG1jj+eJE1dkhf9hbS88+E5qCHHvNwLu5ar8AUr
aKowOXTZQVisVFJPeyzw
=4MGY
-----END PGP SIGNATURE-----
More information about the HacktionLab
mailing list