August 30, 2013 archive

STIR Working Group Officially Formed to Work on Secure Caller ID For VoIP (Featured Blog)

Interested in working on an open standard for "secure Caller ID" for voice-over-IP (VoIP)? If so, the new "Secure Telephone Identity Revisited (STIR)" working group was just officially chartered within the IETF and the mailing list is open for all to subscribe. More...

Third Time’s A Charm, Right? (For A Half-Marathon)

This Sunday I'll be spending the middle of my 3-day Labor Day weekend running the Covered Bridges Half-Marathon in nearby Swanzey, NH. This will be my third run of the race and this year I have a very simple objective:
Make it through mile 12 and still have energy!

Both of the last two years I've done pretty well up until mile 12. In fact, last year I was running with a friend and we had a very constant 10-minute/mile pace all the way up through mile 10 and maybe even into mile 11.

And then we got to the mile 12 aid station and I walked through it to have a drink... and kept on walking. :-(

I did get enough energy back to run the final bit... but it was a hard slog and I looked like I was ready to collapse.

A year later I've been running a good bit these days, although not as long as a half-marathon, and in talking to multiple people it seems my issue is most likely all about a lack of fuel inside my body. A friend who runs full marathons (and longer distances!) said that our livers have about 2 hours worth of fuel in them to power our body... and, gee, it's right about the 2 hour mark that I'm fading!

I did eat a bit during the race last time, but not that much. So this time I'm going to make that a regular part of the running... plus I'm doing some pre-race fueling, too.

We'll see how it goes on Sunday... as we often say, "third time is a charm!" (Of course, we also say "three strikes and you're out!")

P.S. There's still time to register to run if you want to join in - and they do same day registration as well. This year they are also offering a 2-person relay race option, too.

TDYR #032 – Kevin Spacey’s Powerful Speech On The Future Of TV, Film And Video

What is the future of TV? Of film? Of online video? Kevin Spacey recently gave a powerful speech on the future of TV, video and film at the Edinburgh International Television Festival. In this episode I speak about my thoughts on his commentary. You can view both the full 45-minute presentation as well as a 5-minute edited set of highlights at: http://www.disruptiveconversations.com/2013/08/its-all-content-its-just-story-they-want-stories-they-are-dying-for-them-kevin-spaceys-brilliant-speech.html

STIR Working Group Officially Formed To Work On Secure Caller ID For VoIP (Featured Blog)

More...

2 Asterisk Security Vulnerabilities Could Lead To Remote Crashes

Asterisk logoThe great folks on Digium’s security team published two security advisories this week that could lead to remote crashes of an Asterisk server.

The first, AST-2013-004, Remote Crash From Late Arriving SIP ACK With SDP, has this description:

A remotely exploitable crash vulnerability exists in the SIP channel driver if an ACK with SDP is received after the channel has been terminated. The handling code incorrectly assumes that the channel will always be present.

The second, AST-2013-005, Remote Crash when Invalid SDP is sent in SIP Request, has this description:

A remotely exploitable crash vulnerability exists in the SIP channel driver if an invalid SDP is sent in a SIP request that defines media descriptions before connection information. The handling code incorrectly attempts to reference the socket address information even though that information has not yet been set.

My one critique of the security advisories is that they don’t contain any “mitigating circumstances” that explain the circumstances under which the vulnerabilities could be exploited. For instance, it would seem from reading the documents that at least in the first case there would need to be a successful SIP connection established first – and then ended – before the packet could be received that would cause the crash. Unfortunately I don’t personally know Asterisk’s internals well enough to comment on that.

Regardless, the fix here is to upgrade to the latest versions of Asterisk as documented in the security advisories.

Kudos to the Digium folks for issuing these advisories and continuing their clear process of letting people know about security within Asterisk.

50% Off All O’Reilly Ebooks Through Sept 10, 2013

The good folks at O’Reilly let me know that you can now get 50% off the purchase of “Migrating Applications to IPv6” (and all other O’Reilly ebooks) through September 10, 2013, simply by using the discount code “B2S3″ when you are checking out. The sale page has more information:

Back to school sale

I would definitely encourage you to buy my book directly through O’Reilly when you can because you get:

  • DRM-free – you can put it on as many devices as you want, and it’s yours.
  • As many formats as you want – EPUB, Mobi, PDF, whatever…
  • Notification of (free) updates – and, as I noted, I’m working on some updates now.

It’s well worth it… I’m buying my tech ebooks directly from O’Reilly whenever I can now, simply because of these three points!

Thank you for considering the purchase of this book – and please do let me know if you have any suggestions or feedback to help make it better. The entire point of the book was to help application developers be able to make their application work over IPv6… so I want to hear from you about how this book can help!

Blog Chronicles A Couple’s Automation Of Their Home Using IPv6

Interested in how IPv6 could be used in home automation? Nathalie Trenaman and her soon-to-be-husband have started a blog at http://ipv6athome.blogspot.nl/ where they are documenting their work automating their home with IPv6:

Our adventures in IPv6 home automation

Nathalie, an IPv6 trainer, wrote back in April about why she was starting upon this path. It has been fun to read about their adventures, and hey, wouldn’t we all like to ping our front door over IPv6? (Okay, we would!)

We wish them all the best on this journey and look forward to reading future updates about more IPv6 automation in their home!

Fun Tool To Learn More About Git Branching And Merging

Want to learn more about how to work with branches in git? Confused about what “git rebase” does? By way of a post on Google+ I learned about this great tutorial site at: http://pcottle.github.io/learnGitBranching/

Learn git branching

You can step through a whole series of guided lessons (type “levels”) that walk you through all different aspects of using git – or you can type “sandbox” and go into a private area to play. All from the comfort of your own web browser.

More information (and the source code) can be found on Github at https://github.com/pcottle/learnGitBranching. There is a neat aspect of this where people can (and I guess have) contribute additional tutorial levels.

Very cool tool!

"It’s all content! It’s just story!… They want stories! They are dying for them." – Kevin Spacey’s Brilliant Speech

Kevin spaceyDo you want to understand the future of television? of online video? of the future of creating video content? Actor Kevin Spacey really nails it in this speech at the Edinburgh International Television Festival.

If you have 45 minutes, the entire speech can be found on YouTube:
 

Some of the key points I enjoyed were around the 39-minute mark, but the whole piece is a brilliant look at where online video and television is at right now.

If you only have a few minutes, someone at the Telegraph in the UK made a 5-minute edited version that hits many of Spacey's key points:

It truly is a great analysis of where we are today... and where the opportunities are...

I loved, too, that Spacey said something very close to what I wrote here back in January 2012 about the key to reducing piracy: give the people the content they want in the channel they want at a reasonable cost. It really is that simple.

I do hope that people in leadership positions within the media industry will watch / listen to this speech... if they want their businesses to survive and thrive in our new world, I believe many of the keys can be found here in this talk.

What do you think? Do you agree with Kevin Spacey?


If you found this post interesting or useful, please consider either: