[HacktionLab] Open Source / federated VOIP?
johnc at aktivix.org
Wed Jan 14 16:07:09 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
I haven't used this yet but have done a little research on the program:
- - it easy to use
- - Available on a range of OS's + devices.
- - reasonably decentralised - but I believe it still has some known
"good/online" user IP's hard coded for bootstrapping like bitcoin has.
- - Currently no independent security review has been performed.
- - It's DHT implementation is vulnerable to Cybil attack=> not that hard
- - No group voice chat.
- - Main developer (irungentoo) is anonymous.
On 01/12/15 22:17, Jim McTwanky wrote:
> .....educated /opinion/......that is.
> On 11/01/15 20:44, nmd wrote:
>> Hi, Thanks for everyone's suggestions and thoughts - I tried jitsi and was
>> semi-successful (got sound and video working in one direction and the
>> may have been specific to one of the laptops). Might try that again in the
>> future but will also hope that these things get a bit simpler with time!
>> On 02/01/15 11:26, Tim Dobson wrote:
>>> On 31/12/14 16:24, johnc wrote:
>>>> Some Problems: -Mobile phone specific: -- mobile phones vary
>>>> greatly in their ability to run sip clients using crypto. I've seen
>>>> sip clients use 100%CPU with awful audio quality on a few phones
>>>> including high end samsung models. -- The latency on 3G is
>>>> typically around 1 second. Expect horrible lag etc. Using WiFi is
>>>> the only way to go unless you are lucky enough to be on 4G.
>>>> Non mobile phone specific: - ostel's only server is in the US,
>>>> latency is about 120ms. Not so good if you are in Europe. We could
>>>> build our own :-). - If you are going to build an ostel system I
>>>> suggest you include the topology hiding setup from my wiki or
>>>> elsewhere in your Kamailio config. SIP leaks IP/location
>>>> information unless you make an effort to obfuscate it.
>>> One solution I quite like, which works *if* you:
>>> a) trust the clients to a degree
>>> b) are happy with non-federated, centralised phone system, with the
>>> PBX as a single point of failure
>>> Your favourite SIP-based PBX system over OpenVPN.
>>> So, your phone connects to OpenVPN, and then the sip clients connects
>>> to the PBX via SIP, over a VPN.
>>> a) as secure as your deployment of OpenVPN
>>> b) removes NAT issues - there aren't any - the SIP/RTP goes via OpenVPN
>>> c) It mostly 'just works' (tested with .bg client connected to .uk
>>> server with no issues)
>>> d) possible on mobile [android], desktop and in modern Snom firmwares
>>> a) nontrival to setup
>>> b) centralised [not federated, and not designed to be]
>>> c) requires the giving out of VPN certificates to each client in advance
>>> d) SPOF [or compromise] on PBX system
>>> e) not really possible to 'just leave on' on mobile without emptying
>>> your battery
>>> f) only known to be *super reliable* on Snom desk phones, connected to
>>> an uncongested network
>>> g) certainly not without points of weakness
>>> It's not foolproof. It's not bombproof. But it is a nice architecture
>>> that works for some scenarios. :)
>>> HacktionLab mailing list
>>> HacktionLab at lists.aktivix.org
>> HacktionLab mailing list
>> HacktionLab at lists.aktivix.org
> HacktionLab mailing list
> HacktionLab at lists.aktivix.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the HacktionLab