August 2013 archive

STIR Working Group Officially Formed to Work on Secure Caller ID For VoIP (Featured Blog)

Interested in working on an open standard for "secure Caller ID" for voice-over-IP (VoIP)? If so, the new "Secure Telephone Identity Revisited (STIR)" working group was just officially chartered within the IETF and the mailing list is open for all to subscribe. More...

Third Time’s A Charm, Right? (For A Half-Marathon)

This Sunday I'll be spending the middle of my 3-day Labor Day weekend running the Covered Bridges Half-Marathon in nearby Swanzey, NH. This will be my third run of the race and this year I have a very simple objective:
Make it through mile 12 and still have energy!

Both of the last two years I've done pretty well up until mile 12. In fact, last year I was running with a friend and we had a very constant 10-minute/mile pace all the way up through mile 10 and maybe even into mile 11.

And then we got to the mile 12 aid station and I walked through it to have a drink... and kept on walking. :-(

I did get enough energy back to run the final bit... but it was a hard slog and I looked like I was ready to collapse.

A year later I've been running a good bit these days, although not as long as a half-marathon, and in talking to multiple people it seems my issue is most likely all about a lack of fuel inside my body. A friend who runs full marathons (and longer distances!) said that our livers have about 2 hours worth of fuel in them to power our body... and, gee, it's right about the 2 hour mark that I'm fading!

I did eat a bit during the race last time, but not that much. So this time I'm going to make that a regular part of the running... plus I'm doing some pre-race fueling, too.

We'll see how it goes on Sunday... as we often say, "third time is a charm!" (Of course, we also say "three strikes and you're out!")

P.S. There's still time to register to run if you want to join in - and they do same day registration as well. This year they are also offering a 2-person relay race option, too.

TDYR #032 – Kevin Spacey’s Powerful Speech On The Future Of TV, Film And Video

What is the future of TV? Of film? Of online video? Kevin Spacey recently gave a powerful speech on the future of TV, video and film at the Edinburgh International Television Festival. In this episode I speak about my thoughts on his commentary. You can view both the full 45-minute presentation as well as a 5-minute edited set of highlights at:

STIR Working Group Officially Formed To Work On Secure Caller ID For VoIP (Featured Blog)


2 Asterisk Security Vulnerabilities Could Lead To Remote Crashes

Asterisk logoThe great folks on Digium’s security team published two security advisories this week that could lead to remote crashes of an Asterisk server.

The first, AST-2013-004, Remote Crash From Late Arriving SIP ACK With SDP, has this description:

A remotely exploitable crash vulnerability exists in the SIP channel driver if an ACK with SDP is received after the channel has been terminated. The handling code incorrectly assumes that the channel will always be present.

The second, AST-2013-005, Remote Crash when Invalid SDP is sent in SIP Request, has this description:

A remotely exploitable crash vulnerability exists in the SIP channel driver if an invalid SDP is sent in a SIP request that defines media descriptions before connection information. The handling code incorrectly attempts to reference the socket address information even though that information has not yet been set.

My one critique of the security advisories is that they don’t contain any “mitigating circumstances” that explain the circumstances under which the vulnerabilities could be exploited. For instance, it would seem from reading the documents that at least in the first case there would need to be a successful SIP connection established first – and then ended – before the packet could be received that would cause the crash. Unfortunately I don’t personally know Asterisk’s internals well enough to comment on that.

Regardless, the fix here is to upgrade to the latest versions of Asterisk as documented in the security advisories.

Kudos to the Digium folks for issuing these advisories and continuing their clear process of letting people know about security within Asterisk.

50% Off All O’Reilly Ebooks Through Sept 10, 2013

The good folks at O’Reilly let me know that you can now get 50% off the purchase of “Migrating Applications to IPv6” (and all other O’Reilly ebooks) through September 10, 2013, simply by using the discount code “B2S3″ when you are checking out. The sale page has more information:

Back to school sale

I would definitely encourage you to buy my book directly through O’Reilly when you can because you get:

  • DRM-free – you can put it on as many devices as you want, and it’s yours.
  • As many formats as you want – EPUB, Mobi, PDF, whatever…
  • Notification of (free) updates – and, as I noted, I’m working on some updates now.

It’s well worth it… I’m buying my tech ebooks directly from O’Reilly whenever I can now, simply because of these three points!

Thank you for considering the purchase of this book – and please do let me know if you have any suggestions or feedback to help make it better. The entire point of the book was to help application developers be able to make their application work over IPv6… so I want to hear from you about how this book can help!

Blog Chronicles A Couple’s Automation Of Their Home Using IPv6

Interested in how IPv6 could be used in home automation? Nathalie Trenaman and her soon-to-be-husband have started a blog at where they are documenting their work automating their home with IPv6:

Our adventures in IPv6 home automation

Nathalie, an IPv6 trainer, wrote back in April about why she was starting upon this path. It has been fun to read about their adventures, and hey, wouldn’t we all like to ping our front door over IPv6? (Okay, we would!)

We wish them all the best on this journey and look forward to reading future updates about more IPv6 automation in their home!

Fun Tool To Learn More About Git Branching And Merging

Want to learn more about how to work with branches in git? Confused about what “git rebase” does? By way of a post on Google+ I learned about this great tutorial site at:

Learn git branching

You can step through a whole series of guided lessons (type “levels”) that walk you through all different aspects of using git – or you can type “sandbox” and go into a private area to play. All from the comfort of your own web browser.

More information (and the source code) can be found on Github at There is a neat aspect of this where people can (and I guess have) contribute additional tutorial levels.

Very cool tool!

"It’s all content! It’s just story!… They want stories! They are dying for them." – Kevin Spacey’s Brilliant Speech

Kevin spaceyDo you want to understand the future of television? of online video? of the future of creating video content? Actor Kevin Spacey really nails it in this speech at the Edinburgh International Television Festival.

If you have 45 minutes, the entire speech can be found on YouTube:

Some of the key points I enjoyed were around the 39-minute mark, but the whole piece is a brilliant look at where online video and television is at right now.

If you only have a few minutes, someone at the Telegraph in the UK made a 5-minute edited version that hits many of Spacey's key points:

It truly is a great analysis of where we are today... and where the opportunities are...

I loved, too, that Spacey said something very close to what I wrote here back in January 2012 about the key to reducing piracy: give the people the content they want in the channel they want at a reasonable cost. It really is that simple.

I do hope that people in leadership positions within the media industry will watch / listen to this speech... if they want their businesses to survive and thrive in our new world, I believe many of the keys can be found here in this talk.

What do you think? Do you agree with Kevin Spacey?

If you found this post interesting or useful, please consider either:

10 Years Of Skype – Massive Disruption… But Will Skype Remain Relevant?

Skype's 10th anniversaryTen years ago today, on August 29, 2003, a group of entrepreneurs and developers from Denmark, Sweden and Estonia unleashed a small software program that would fundamentally and irrevocably disrupt telecommunications and just communications in general. Everything would change. Skype has a 10th anniversary blog post out today that highlights some of those changes that have been brought about by Skype, although I personally find their 9th anniversary infographic a bit more interesting because it traced back the history of Skype.

Massive Disruption

There is a GREAT amount for Skype to celebrate on it's 10th birthday. The disruption that has occurred within telecom is truly massive:

  • The cost per-minute of international phone calls has been commoditized to near zero. (Indeed, how many people actually make real "phone calls" internationally anymore?)

  • Telcos - and governments! - who depended upon those per-minute fees have seen almost that entire revenue stream evaporate, or at least show that it is rapidly fading away. Economic disruption on a massive scale!

  • Skype came to be a prime example of how "over-the-top (OTT)" apps could exist on top of the existing telecom networks - and take both marketshare and revenue from those networks.

  • Skype introduced the masses to high quality audio and helped people understand that the "phone quality" they were used to was actually really poor quality and that they could do so much better... that they could have the experience of "being there" with someone else.

  • Video calls, while they had been around for quite some time in many other apps and devices, were made available to everyone for free using the easy Skype user interface (and were helped by the rise of ubiquitous webcams embedded in laptops and mobile devices). An entire industry around video-conferencing was disrupted through the simple combination of Skype and webcams.

  • Long-distance audio and video collaboration became extremely routine. Think of the thousands of podcasts that use Skype between contributors? (Such as my own Blue Box or the FIR podcast to which I contribute.) Think of the number of video news reports you have seen coming in over Skype... or the guests coming in to talk shows.

  • Skype demonstrated that you could have secure, encrypted phone calls and IM chats, at least with the pre-Microsoft peer-to-peer architecture. They enabled those of us advocating for more secure phone connections to be able to go to other vendors and say "Really? You can't do secure calls... but Skype can?

  • Speaking of that p2p architecture, it, too, was something new and fascinating... perhaps one of the most innovative things to hit telecom in ages... that showed that you could think differently about how to connect endpoints.

  • Curiously, Skype also demonstrated the incredible power of persistent group chats in creating a system that enabled people to continually participate in conversations, even as they came and went from the network. Skype chats still to this day are better that most every other system out there.

  • Skype showed the power - at least in their earlier versions - of focusing on creating an extremely simple user interface and focusing on the user experience. The simplicity of using Skype was a large part of why so many people started to use it. That and the fact that Skype "just works" from behind most firewalls and in most network environments.

  • Along the way, Skype built up a massive directory of users... estimated at 300 million now. Most people I interact with do have a "Skype ID" and those names are exchanged at conferences, printed on business cards, listed on websites and generally made available.

  • Skype became a verb. It's routine now to say: "Let me skype you.", "Can you skype me?", "Let's skype", etc. We don't "call", we "skype".

At a fundamental level, Skype rocked the world of telecom and enabled so much more communication to happen all over the world. As a frequent global traveler, Skype has been such an incredible means by which I can keep in daily touch with my family back at home.

Skype has indeed MUCH to celebrate on it's 10th birthday.

And Yet...

And yet as Skype turns ten, I find myself wondering what the next 10 years will be like... and whether Skype will remain relevant.

You see, that list of disruptions I wrote above is pretty much the same list I wrote about two years ago on Skype's 8th anniversary, just with updated numbers.

What happened in the last two years?

Last year on the 9th anniversary I was asking the "what comes next?" question and Jim Courtney was similarly saying "whither Skype?" Phil Wolff was asking "is Skype boring?", a theme I picked up on for my own post.

Fast-forward a year and the questions are still relevant. Skype is no longer the "bright shiny object" that so many of us were so incredibly passionate about. Indeed, for so many years Skype was the single biggest topic I wrote about here on Disruptive Telephony. There was a reason that my phone number became associated with Skype and I was getting all sorts of calls for Skype's corporate office.

And yet... how many posts did I write here on this blog about Skype in the last year since the 9th anniversary?


Just one post... and at that a short and simple post about a new Skype version being available for the iPhone/iPad.

That's it.

Now, there's a larger issue that I'm simply not writing as much here on Disruptive Telephony as I used to, given that my energy these days is focused so much more on the worlds of IPv6, DNSSEC and Internet routing. But still... had something struck me as exciting or useful about Skype, I probably would have written about it.

I still use Skype each and every day - or at least every work day - and it is a critical part of my day when I'm traveling. But the reality is now for me:

Skype is just a tool.

That's it. A tool to be used. A tool to be expected to be there.

In one way, that's a massive success for Skype, in that millions of people now just expect Skype to be there and to be able to help them communicate.

But it's no longer anything to get excited about. It's a tool. Nothing more. Nothing less.

In a chat earlier today about this feeling shared by a number of us, Phil Wolff, long-time editor of the Skype Journal, said this (reprinted here with his permission):

Skype is boring, like electricity. The BBC interview that came out today where Skype said they'd done proof-of-concept 3D video chat in the lab says it all.

They are busy working on customer acquisition (the next billion users), usage (more conversation per user per month),  and more Microsoft integration (% of MSFT products with Skype inside, a la

They are busy getting more than 2000 employees to work together, nearly half on the job less than a year.

They are figuring out how to make money when the price of minutes - even international PSTN minutes - are falling faster than Skype can pick up share.

They are learning how to stay relevant in a universe where talk is a feature anyone can add to any app for free/cheap.

Bigger scale usually means innovation on plumbing moves faster than innovation on user experience. Skype hasn't offered up new experiences as shiny as "now with video!" in a long time.

Phil's second-to-last comment is particularly relevant as we think about WebRTC and how much it has opened up the world of voice, video and chat to so many more developers.

What Could Have Been...

Stuart Henshall, an original founder of the Skype Journal and someone promoting Skype for pretty much all of its 10 years, said something similar in a post today, "Skype’s First Decade – A Wasted Opportunity. He sums up rather well how I think some of us who were early adopters of Skype now feel:

Today Skype is a feature, part of Microsoft. While it may generate substantial dollars it isn’t the company it could have been. Skype was one of those once in a lifetime products that today could have been revolutionizing how the world evolves. It was once secure, outside the reach of the NSA. It had the network and the membership so it could have been a Facebook, or a Twitter. It had strong developer support in the early days and it’s own store. Most of us still use Skype some of the time today. It is still the most universal free calling solution. It works across platforms including the PSTN, PC, Mobile. And yet Skype today is a brand without a “soul”. That’s what you get when you sell-out one too many times and lose a passion for changing the world.

Ten years in, Skype went from being the scrappy, interesting, exciting underdog challenging the telecom infrastructure... to in fact becoming that telecom infrastructure to the point where they can't innovate as much as they once did because they do have such an enormous installed base.

Ten years ago, Skype was the disruptor - now the question is if Skype will be disrupted by all the new entrants. Maybe Skype still has some innovation in store and may surprise us... but I'm doubtful at this point.

There is a lot to celebrate in 10 years of Skype, but the question is really whether Skype is today coasting on the innovation of those earlier years and now the increased integration with Microsoft products.

As Stuart wrote:

In Internet years like dog years Skype has had a good run. Still it’s aged some and I know it’s no longer my primary communication method. If I had one wish I’d love to see another Skype P2P like system take root although this time on mobile resetting the rules for the telecom stack. That’s still something I could promote.

I, too, would like to see some system that was truly innovative and brought back many of those innovations of how Skype used to be - and did once again truly disrupt telephony as we know it.

An audio version of this post can be found at:

If you found this post interesting or useful, please consider either: