[HacktionLab] Open Source / federated VOIP?

johnc johnc at aktivix.org
Fri Jan 16 14:08:09 UTC 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

The tox developer who goes by the name of irungentoo has not published
any other work (at least under that name) that I can find. I'm more
bothered about the lack of a proven track record than personally
identifying the individual to be honest.

By contrast take ZRTP voice encryption. This was written by Phil
Zimmermann who also wrote PGP (which GPG is based on). Zimmerman is a
respected programmer and cryptographic expert with a proven track
record. Blackphone also comes from the same stable.

Cheers,
John

On 14/01/15 16:12, Gareth Coleman wrote:
> Hiya John
> 
> Just a thought - would you always put an anonymous author as a negative?
> 
> loads of love
> 
> g
> 
> On 14 January 2015 at 16:07, johnc <johnc at aktivix.org
> <mailto:johnc at aktivix.org>> wrote:
> 
> I haven't used this yet but have done a little research on the program:
> 
> +'s:
> - it easy to use
> - Available on a range of OS's + devices.
> - reasonably decentralised - but I believe it still has some known
> "good/online" user IP's hard coded for bootstrapping like bitcoin has.
> 
> -'s:
> - Currently no independent security review has been performed.
> - It's DHT implementation is vulnerable to Cybil attack=> not that
> hard
> to DOS.
> - No group voice chat.
> - Main developer (irungentoo) is anonymous.
> 
> 
> On 01/12/15 22:17, Jim McTwanky wrote:
>> .....educated /opinion/......that is.
> 
> 
>> On 11/01/15 20:44, nmd wrote:
>>>  Hi, Thanks for everyone's suggestions and thoughts - I tried
> jitsi and was
>>> semi-successful (got sound and video working in one direction and the
>>> problems
>>> may have been specific to one of the laptops). Might try that
> again in the
>>> future but will also hope that these things get a bit simpler
> with time!
>>> Cheers,
>>> Nick
>>>
>>> On 02/01/15 11:26, Tim Dobson wrote:
>>>> On 31/12/14 16:24, johnc wrote:
>>>>> Some Problems: -Mobile phone specific: -- mobile phones vary
>>>>> greatly in their ability to run sip clients using crypto. I've seen
>>>>> sip clients use 100%CPU with awful audio quality on a few phones
>>>>> including high end samsung models. -- The latency on 3G is
>>>>> typically around 1 second. Expect horrible lag etc. Using WiFi is
>>>>> the only way to go unless you are lucky enough to be on 4G.
>>>>> Non mobile phone specific: - ostel's only server is in the US,
>>>>> latency is about 120ms. Not so good if you are in Europe. We could
>>>>> build our own :-). - If you are going to build an ostel system I
>>>>> suggest you include the topology hiding setup from my wiki or
>>>>> elsewhere in your Kamailio config. SIP leaks IP/location
>>>>> information unless you make an effort to obfuscate it.
>>>> One solution I quite like, which works *if* you:
>>>> a) trust the clients to a degree
>>>> b) are happy with non-federated, centralised phone system, with the
>>>> PBX as a single point of failure
>>>>
>>>> is:
>>>>
>>>> Your favourite SIP-based PBX system over OpenVPN.
>>>>
>>>> So, your phone connects to OpenVPN, and then the sip clients
> connects
>>>> to the PBX via SIP, over a VPN.
>>>>
>>>> Pros:
>>>> a) as secure as your deployment of OpenVPN
>>>> b) removes NAT issues - there aren't any - the SIP/RTP goes via
> OpenVPN
>>>> c) It mostly 'just works' (tested with .bg client connected to .uk
>>>> server with no issues)
>>>> d) possible on mobile [android], desktop and in modern Snom
> firmwares
>>>>
>>>> Cons:
>>>> a) nontrival to setup
>>>> b) centralised [not federated, and not designed to be]
>>>> c) requires the giving out of VPN certificates to each client in
> advance
>>>> d) SPOF [or compromise] on PBX system
>>>> e) not really possible to 'just leave on' on mobile without emptying
>>>> your battery
>>>> f) only known to be *super reliable* on Snom desk phones,
> connected to
>>>> an uncongested network
>>>> g) certainly not without points of weakness
>>>>
>>>> ---
>>>>
>>>> It's not foolproof. It's not bombproof. But it is a nice
> architecture
>>>> that works for some scenarios. :)
>>>>
>>>> -Tim
>>>>
>>>> _______________________________________________
>>>> HacktionLab mailing list
>>>> HacktionLab at lists.aktivix.org <mailto:HacktionLab at lists.aktivix.org>
>>>> https://lists.aktivix.org/mailman/listinfo/hacktionlab
>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> HacktionLab mailing list
>>> HacktionLab at lists.aktivix.org <mailto:HacktionLab at lists.aktivix.org>
>>> https://lists.aktivix.org/mailman/listinfo/hacktionlab
> 
> 
> 
>> _______________________________________________
>> HacktionLab mailing list
>> HacktionLab at lists.aktivix.org <mailto:HacktionLab at lists.aktivix.org>
>> https://lists.aktivix.org/mailman/listinfo/hacktionlab
> 
> 
> 
>     _______________________________________________
>     HacktionLab mailing list
>     HacktionLab at lists.aktivix.org <mailto:HacktionLab at lists.aktivix.org>
>     https://lists.aktivix.org/mailman/listinfo/hacktionlab
> 
> 
> 
> 
> -- 
> ------------------------
> Gareth Coleman
> layer zero labs
> l0l.org.uk <http://l0l.org.uk>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJUuRsnAAoJELy1jPQ1KER7LXMP/0hqeOXXkzVsnsvc8KrzKBoa
HCPSYp7YmEshKy5LqsWgM9nVP8rFL503TlhWw29Vd82ARSPSB5Sr/YA4JOTdJWXh
bMUx5/Zqbe+ftc4WhTuSYf1aJBBENYwtAcdcWDTGw1eP0zJWSyhqZ2FsgfsDQ/PK
niz9kNHj1RDZQa0u6ZzPfosvC6DdSXPepcF2jA6sPwMsTur6QJYOFcyqcIZHCZ4w
AYn53iT7Wrnr/3WZ8cKOuAe14ACAf/eIUZ2R2YjTffEcgEFcr6xUqOFGtTSCt1D2
yrrSzOvMIPGBiSFW1kn41tlV3sOivnoJpExG9mgXOIYP7T/3K0gj4EmcUAoT/Z54
9+wdad7v8cOT66jgqTBnwdy71D/iqLaHlbS9a7pptUuOnFluOM+MqLoBmJ4s5erk
iDab9XdQkm4YEhl+yRX4IQ70Zz6z7itCP/ytyWjq4sPpUDKfG8o7GJsEnnXWIngS
eGEOOTymhGOM1GfjXra7rcbbVaeteW8dYLrCotmAqosKZTYyOjNccQ1OkieO1E8g
w8/BMGBmoC14OJPbZYt3aa9+Bw0xSbcaBuzTixnlHMaVrZAclu8NPlA6/SOZWV/e
jLqJ1YBd56e18gSrai0IRVKA0vL3U4j2dAhL0vLkWC1gw90uzgdXA7bD3A27S+Qh
xvZF29ytAq/O7xXJc8o3
=Limw
-----END PGP SIGNATURE-----



More information about the HacktionLab mailing list