Category: Internet/Web

Firewalls and Internet Security: Separating FUD and Fiction in the VoIP World

Some of us have spent years developing secure VoIP solutions for Asterisk® that protect your phone bill while bringing Cloud-based solutions within reach of virtually anyone. So it’s particularly disappointing when a hardware manufacturer spreads fear, uncertainty, and doubt in order to peddle their hardware. In this case, it happens to be Session Border Controllers (SBCs). We want you to watch this latest “infomercial” for yourself:



To hear Sangoma tell it, every VoIP server protected by merely a firewall is vulnerable to endless SIP attacks unless, of course, you purchase an SBC. And since implementation of Cloud-based servers traditionally limits the ability to deploy an SBC, most Cloud-based VoIP solutions would become vulnerable to SIP attacks. In the words of Sangoma:

And with telecom fraud and PBX hacking on the rise, it’s important to keep your network secure. For most enterprises, it’s not a matter of if-but-when their [sic] network experiences an attack, potentially costing you valuable time and money.

For the benefit of those of you considering a VoIP deployment either locally or in the Cloud using Asterisk, let’s cut to the chase and directly address some of the FUD that’s been thrown out there.

FUD #1: Internet SIP Access Exposes Asterisk to Attack

False. What is true is that unrestricted SIP access to your server from the Internet without a properly secured firewall may expose Asterisk to attack. Perhaps it’s mere coincidence but the only major Asterisk aggregation that still installs Asterisk with an unsecured firewall and no accompanying script, tutorial, or even recommendation to properly lock it down and protect against SIP attacks happens to be from the same company that now wants you to buy a session border controller.

FUD #2: Firewalls Aren’t Designed to Protect Asterisk from SIP Attacks

False. What is true is that the base firewall installation provided in the FreePBX® Distro does not protect against any attacks. In a Cloud-based environment or with local deployments directly exposed to the Internet, that could very well spell disaster. And it has on a number of occasions. The Linux IPtables firewall is perfectly capable of insulating your Asterisk server from SIP attacks when properly configured. With PBX in a Flash and its open source Travelin’ Man 3 script, anonymous SIP access is completely eliminated. The same is true using the tools provided in the latest Elastix servers. And, Incredible PBX servers have always included a secured firewall with simple tools to manage it. Of course, with local VoIP hardware and a hardware-based firewall, any Asterisk server can be totally insulated from SIP attacks whether IPtables is deployed or not. Just don’t open any ports in your firewall and register your trunks with your SIP providers. Simple as that.

FUD #3: SIP Provider Access to Asterisk Compromises Your Firewall

False. Registering a server with SIP or IAX trunk providers is all that is required to provide secure VoIP communications. Calls can flow in and out of your Asterisk PBX without compromising your server or communications in any way. Contrary to what is depicted in the infomercial, there is no need to poke a hole in your firewall to expose SIP traffic. In fact, we know of only one SIP provider that requires firewall changes in order to use their services. Simple answer: use a different provider. Consider how you access Internet sites with a browser from behind a firewall. The connection from your browser to web sites on the Internet can be totally secure without any port exposure in your firewall configuration. Registering a SIP trunk with a SIP provider accomplishes much the same thing. All modern firewalls and routers will automatically handle the opening and closing of ports to accommodate the SIP or IAX communications traffic.

FUD #4: Remote Users Can’t Access Asterisk Without SIP Exposure

False. Over the past several years, we have written about a number of methodologies which allow remote users to securely access an Asterisk server. That’s what Virtual Private Networks and Port Knocking and Remote Firewall Management are all about. All of these solutions provide access without exposing your server to any SIP vulnerabilities! We hope the authors of this infomercial will give these open source tools a careful look before tarnishing the VoIP brand by suggesting vulnerabilities which any prudent VoIP deployment can easily avoid without additional cost. Just use the right products!

Originally published: Thursday, April 23, 2015



Need help with Asterisk? Visit the PBX in a Flash Forum.


 
New Vitelity Special. Vitelity has generously offered a new discount for Incredible PBX users. You now can get an almost half-price DID from our special Vitelity sign-up link. If you’re seeking the best flexibility in choosing an area code and phone number plus the lowest entry level pricing plus high quality calls, then Vitelity is the hands-down winner. Vitelity provides Tier A DID inbound service in over 3,000 rate centers throughout the US and Canada. And, when you use our special link to sign up, the Nerd Vittles and PBX in a Flash projects get a few shekels down the road while you get an incredible signup deal as well. The going rate for Vitelity’s DID service is $7.95 a month which includes up to 4,000 incoming minutes on two simultaneous channels with terminations priced at 1.45¢ per minute. Not any more! For Incredible PBX users, here’s a deal you can’t (and shouldn’t) refuse! Sign up now, and you can purchase a Tier A DID with unlimited incoming calls for just $3.99 a month. To check availability of local numbers and tiers of service from Vitelity, click here. Do not use this link to order your DIDs, or you won’t get the special pricing! Vitelity’s rate is just 1.44¢ per minute for outbound calls in the U.S. There is a $35 prepay when you sign up. This covers future usage and any balance is fully refundable if you decide to discontinue service with Vitelity.
 


Some Recent Nerd Vittles Articles of Interest…

The Gotcha-Free PBX: Harnessing SIP URIs for Free Worldwide Calling

We continue the Incredible PBX for Asterisk-GUI adventure today with a close look at SIP URIs, those email-like addresses that are the fundamental building blocks for VoIP technology. Consider this. If everyone in the world had a SIP address instead of a phone number, every call to every person in the world via the Internet would be free. That pretty much sums up why SIP URIs are important. The syntax for SIP URIs depends a bit upon your platform. In the Asterisk® world, they look like this: SIP/somenameORnumber@FQDN.yourdomain.com. On many SIP phones, you enter SIP URIs in the following format: sip:somenameORnumber@FQDN.yourdomain.com. Others use somenameORnumber@FQDN.yourdomain.com. Assuming you have a reliable Internet connection, once you have “dialed” a SIP URI, the destination SIP device will ring just as if they had a POTS phone. And Asterisk processes SIP URIs in much the same way as other calls originating from trunks. As noted, SIP URI calls of any duration to anywhere are free. And, of course, Incredible PBX is also free with No Gotchas!

In our original articles on Incredible PBX for Asterisk-GUI, we covered outbound calls to SIP URIs, and we’ll briefly review that procedure today. Then we’ll move on to setting up one or more SIP URIs for your own server so that you can receive incoming SIP URI calls. We’ll show you how to route them to any destination you like, both internal and external. We’ll also address the security implications of enabling SIP URI calling on your server. You don’t want the whole world calling into your server to make outbound calls on your nickel. We’ll also walk you through a safer SIP methodology in which you use a service provider as a SIP intermediary to better protect the security of your server. And finally, we’ll show you how to interconnect your new SIP URIs to real telephone numbers at zero cost. Then your friends without a SIP URI still can call you from any POTS or cellphone in the world.

SIP URI Calling with Incredible PBX for Asterisk-GUI

With one line of dialplan code, you can add Speed Dials for free SIP URI calling worldwide. The dialplan code is stored in the [CallingRule_SIP_URI] context in extensions_custom.conf. Just clone one of the existing entries, designate a speed dial number to connect to the SIP URI, and enter the SIP URI for the destination. Numerous SIP providers support assignment of SIP URI’s to existing DIDs for unlimited free calling from anywhere in the world. Here’s a sample using a speed dial code of 53669 (L-E-N-N-Y). Use it for your telemarketers: exten = 53669,1,Dial(SIP/2233435945@sip2sip.info).

Choosing a SIP URI Strategy with Incredible PBX for Asterisk-GUI

Before we actually create SIP URIs on your own server to receive anonymous calls, let’s walk through the available implementation strategies so that you can make an informed choice on how best to proceed. Keeping in mind that SIP URIs consist of an identifier and a fully-qualified domain name (FQDN) or IP address, one option is to use the same domain that you use for your company. We don’t recommend this approach because it makes it easy to guess where your SIP resources reside. Another option is to use a really obscure FQDN with your SIP URIs. Something like k43X20.mycompany.com or, for dynamic addresses, something like k43X20.dyndns.org makes more sense. In the next section, we’re going to lock down SIP access to your server to this FQDN so the more obscure the FQDN the safer you will be. Security through obscurity still works wonders. A third option is to use the IP address of your server instead of an FQDN. That’s a bad choice because of programs like SIPVicious that the bad guys use to scan the Internet for potential SIP targets to be hacked.

An alternative approach worth considering is to use a provider such as VoIP.ms as a SIP intermediary. In this scenario, you create a sub-account and assign an obscure extension number to that account. This in turn generates a SIP URI that can be used to connect to that account from your server by simply registering a VoIP.ms trunk in Incredible PBX. Once the trunk is registered, incoming SIP URI calls to your VoIP.ms sub-account will be forwarded (without cost) to your server without exposing Asterisk to SIP guest access at all. The wrinkle with this option is that VoIP.ms has often indicated that they plan to charge a reduced fee for these connections at some point. However, to date, they’ve never done it. If VoIP.ms shifts gears down the road, you obviously can as well. For the time being, we would encourage you to take advantage of this free service option. It remains our first choice for SIP URI implementation because there is no need to expose SIP resources on your server at all. VoIP.ms takes care of all the SIP security headaches leaving you to enjoy free calling. In the screenshot we’ve shown above, assuming your VoIP.ms account number was 12345, the SIP URI to connect to this sub-account would be 123458005551212@houston.voip.ms assuming you registered your trunk with the houston.voip.ms server.

Creating Your Own SIP URIs with Incredible PBX for Asterisk-GUI

The procedure for creating one or more SIP URIs on your own Incredible PBX server is straight-forward:

  1. For servers behind a hardware-based firewall, map UDP 5060 (SIP) to your server
  2. Enable allowguest access in [general] context of sip.conf
  3. Create desired SIP URIs in [public] context of extensions.conf

1. Unless your server is sitting on the public Internet without a hardware-based firewall, you’ll need to map UDP port 5060 (SIP) from the firewall to the private LAN address of your server. Otherwise incoming SIP calls will never reach Incredible PBX. Most routers have a Port Forwarding tab in which you designate the port to be forwarded, the type of port, and the destination IP address. Consult the manual for your router/firewall for detailed instructions.

2. Changing the allowguest setting in the [general] context of sip.conf is mandatory since the purpose of SIP URI calling is to accept calls from unregistered users. The risk, of course, is that anyone in the world with an Internet connection can attempt to connect to your server. More on that later. For now, issue this command after logging into your server as root:

sed -i 's|allowguest=no|allowguest=yes|' /etc/asterisk/sip.conf

Once you issue this command and restart Asterisk, the setup of Incredible PBX for Asterisk-GUI is to route anonymous SIP calls to the [public] context in extensions.conf. Only extensions in this context will be exposed to anonymous callers. This is important. NEVER change the destination context for these calls to one that provides unrestricted access to the calling resources on your server. The reason should be obvious. But, in case it isn’t, this would permit anonymous callers to use all of your trunks to place outbound calls to anywhere… on your nickel. $100,000 phone bills are the usual result.

3. There are two important facets in creating your own SIP URIs for anonymous access to your server. As touched upon previously, the first is choosing an obscure FQDN for your server. This is a really important layer of security for a couple of reasons: (1) your anonymous caller has to know the actual FQDN of your server in order to reach you and (2) in the next step we’re going to lock down your server to only allow anonymous SIP access from this FQDN. So choose carefully. The second consideration is deciding which server resources you wish to expose for SIP URI access. Do you wish to permit SIP URI calls only to a specific extension or ring group, or perhaps a custom IVR just for SIP URI callers, or perhaps a conference or DISA access (very dangerous)?

You can deploy more than one SIP URI. For each one, you’ll need a destination for the incoming call and an identifier or extension. Identifiers could be numeric, alphanumeric, or pure alpha characters. For example, 8005551212, joe6001, and accounting are all perfectly acceptable. The resultant SIP URI would be something like joe6001@k43X20.mycompany.com.

As noted, for each destination on your server that you wish to enable for SIP URI access, you add a line of dialplan code to the [public] context in extensions.conf. The syntax is identical to what you’ve previously used in routing incoming trunk calls to a destination except we’ll restrict connections to those matching the identifier you’ve chosen for each SIP URI. Here are some examples to get you started.

To route SIP URI accounting@k43X20.mycompany.com to Ring Group #1:
exten = accounting,n,Goto(ringroups-custom-1,s,1)

To route SIP URI joe6001@k43X20.mycompany.com to Extension 6001:
exten = joe6001,n,Goto(default,6001,1)

To route SIP URI demo@k43X20.mycompany.com to the Nerd Vittles demo IVR:
exten = demo,n,Goto(voicemenu-custom-2,s,1)

To route SIP URI lenny@k43X20.mycompany.com to an outside SIP URI:
exten = lenny,1,Dial(SIP/2233435945@sip2sip.info)

To route SIP URI conference@k43X20.mycompany.com to the default conference at extension 2663:
exten = conference,1,Goto(conf_bridge,2663,1)

To route SIP URI weather@k43X20.mycompany.com to the Weather by ZIP Code application:
exten = weather,1,Goto(CallingRule_extensions_custom,947,1)

To route SIP URI 800directory@k43X20.mycompany.com to Directory Assistance using Google Voice trunk:
exten = 800directory,1,Dial(Motif/GoogleVoice/18005551212@voice.google.com)

Securing Your Server with SIP URI Implementations

There are two important security steps once you have enabled anonymous SIP URI calling to your server. The first line of defense is to harden the IPtables Firewall to only permit anonymous SIP access to the specific FQDN you plan to use for your SIP URI callers. The second is to harden Asterisk to disallow requests for domains not serviced by your server.

1. Edit the IPv4 rules for your operating system. On the CentOS-compatible platforms, it’s /etc/sysconfig/iptables. On the Debian/Ubuntu/Raspbian platforms, it’s /etc/iptables/rules.v4. Toward the end of the file and just above the final fail2ban entries, insert the following code using your actual FQDN in the first line:

-A INPUT -p udp --dport 5060 -m string --string "@k43X20.mycompany.com" --algo bm -j ACCEPT
-A INPUT -p udp --dport 5060 -m string --string "REGISTER sip:" --algo bm -j DROP
-A INPUT -p udp --dport 5060 -m string --string "OPTIONS sip:" --algo bm -j DROP
-A INPUT -p udp -m udp --dport 5060 -j DROP

2. Run the following commands substituting your actual FQDN in the first line to lock down Asterisk to only your FQDN for anonymous SIP connections:

sed -i '/\[general\]/a ;domain=k43X20.mycompany.com' /etc/asterisk/sip.conf
sed -i '0,/;domain/s/;domain/domain/' /etc/asterisk/sip.conf
sed -i '0,/;allowtransfer=no/s/;allowtransfer=no/allowtransfer=no/' /etc/asterisk/sip.conf
sed -i '0,/; allowexternaldomains=no/s/; allowexternaldomains=no/allowexternaldomains=no/' /etc/asterisk/sip.conf

3. Restart your firewall: iptables-restart

4. Restart Asterisk: asterisk-restart

5. Done!

Interconnecting a SIP URI with a Free PSTN Phone Number

Wouldn’t it be nice if all your friends and business associates without SIP URI capability could still call you using a traditional PSTN number? Well, it’s your lucky day because www.ipkall.com provides just what you need, a free phone number in the Seattle area that you can connect to an existing SIP URI on your server.

When folks call the Seattle number, they will be connected to your server using whatever routing you chose for the SIP URI in the previous section. So sign up for a number, enter your email address and the SIP URI for the calls, and wait for the confirmation email identifying your new telephone number. The only catch is that you need to receive at least one call a month to keep the number. Aside from that, there are no restrictions on use of the PSTN numbers. Enjoy!


Don’t forget to List Yourself in Directory Assistance with your new IPkall PSTN number so everyone can find you by dialing 411. And be sure to add your new number to the Do Not Call Registry to block telemarketing calls.

Originally published: Wednesday, March 25, 2015


Support Issues. With any application as sophisticated as this one, you’re bound to have questions. Blog comments are a terrible place to handle support issues although we welcome general comments about our articles and software. If you have particular support issues, we encourage you to get actively involved in the PBX in a Flash Forums. It’s the best Asterisk tech support site in the business, and it’s all free! Please have a look and post your support questions there. Unlike some forums, ours is extremely friendly and is supported by literally hundreds of Asterisk gurus and thousands of users just like you. You won’t have to wait long for an answer to your question.



Need help with Asterisk? Visit the PBX in a Flash Forum.


 
New Vitelity Special. Vitelity has generously offered a new discount for Incredible PBX users. You now can get an almost half-price DID from our special Vitelity sign-up link. If you’re seeking the best flexibility in choosing an area code and phone number plus the lowest entry level pricing plus high quality calls, then Vitelity is the hands-down winner. Vitelity provides Tier A DID inbound service in over 3,000 rate centers throughout the US and Canada. And, when you use our special link to sign up, the Nerd Vittles and PBX in a Flash projects get a few shekels down the road while you get an incredible signup deal as well. The going rate for Vitelity’s DID service is $7.95 a month which includes up to 4,000 incoming minutes on two simultaneous channels with terminations priced at 1.45¢ per minute. Not any more! For Incredible PBX users, here’s a deal you can’t (and shouldn’t) refuse! Sign up now, and you can purchase a Tier A DID with unlimited incoming calls for just $3.99 a month. To check availability of local numbers and tiers of service from Vitelity, click here. Do not use this link to order your DIDs, or you won’t get the special pricing! Vitelity’s rate is just 1.44¢ per minute for outbound calls in the U.S. There is a $35 prepay when you sign up. This covers future usage and any balance is fully refundable if you decide to discontinue service with Vitelity.
 


Some Recent Nerd Vittles Articles of Interest…

Santa’s Technology Roundup: The Best Products of 2014 with Some Surprises

Once a year we like to pause and take a look back at 10 technology products that really grabbed our attention. 2014 will be remembered as a spectacular year. So here’s what made the Nerd Vittles short list for 2014…

Smartphone of the Year: It’s a 5-Way Tie

And the winners in no particular order… Galaxy Note 4, iPhone 6+, LG G3, HTC One M8, and Moto X.1 So which should you choose if you can only have one? Visit AndroidHeadlines.com for a detailed feature comparison. You can’t go wrong with any of them. In our family, there’s one of almost all of them.

Desktop Computer of the Year: Apple’s 27‑inch iMac with Retina 5K display

If you work with a computer for a living, there is no competition. It scales to any feature set you may need. Run, don’t walk, to your nearest Apple Store and get in line. We waited two months for ours!

Portable Computer of the Year: Apple’s MacBook Air with Retina Display

Hah. Just kidding. It would have been the hands-down favorite in 2014 except for one minor detail. It hasn’t been released… yet. If you absolutely have to have a retina display-quality notebook, then you’ll have to settle for the slightly thicker Macbook Pro this Christmas. For us, we’re waiting for 2015 and what will surely be the MacBook Air with Retina Display.

Tablet of the Year: iPad Air 2

If you’re starting to think we’re charter members of the Apple FanBoy Club, then you haven’t been following Nerd Vittles for very long. We can be one of their harshest critics. But the bottom line is that Apple products are compelling because of their tight integration to Apple’s closed society. If you’re a member of that club, then you’ll want the iPad Air 2 to add to your collection. It’s a terrific tablet at a compelling price.

Multimedia Device of the Year: Roku 3

If you’re into Netflix and Amazon Prime and movies, nobody needs to tell you that the streaming device hardware market is a crowded place. The Roku 3 isn’t the cheapest device in the market, but it’s still the one we always drop into our suitcase when we hit the road. It’s simple to configure and supports WiFi almost anywhere. It just works!

VoIP Product of the Year: Vitelity’s vMobile

It’s taken a few starts and stops to get the kinks out, but Vitelity’s vMobile smartphone is a truly revolutionary offering. It provides seamless integration of the smartphone into your PBX infrastructure. The phone becomes “just another extension” on your PBX except the device is 100% mobile which means it works with WiFi or it works anywhere Sprint has a tower. For any organization with staff that travels, this is a must-have device. Anything you can do with a traditional PBX extension, you can do with your smartphone using the vMobile technology. It’s the hands-down winner as VoIP Product of the Year. Use our special signup link and help support the Nerd Vittles, PBX in a Flash, and Incredible PBX projects.

VoIP SOHO Hardware of the Year: CuBox-i

We’ve tested lots of small footprint hardware in search of the perfect VOIP platform for the home or SOHO office. The search is over. The hands-down winner is the CuBox-i. It’s tiny, powerful, quiet, and has every feature you could possibly want in a VoIP server. Read our full review here. They’re 25% at NewEgg if you hurry.

VoIP Deal of the Year: $15 Pogoplug with Incredible PBX

If there’s one thing all of us have in common, it’s a burning desire to find the best bargain on the planet. In the VoIP marketplace, look no further than here. Repurposing a PogoPlug for less than $20 (and some of them went for $5), is the perfect way to learn about VoIP without breaking the bank. Our tutorial on the VoIP Deal of the Year will tell you everything you need to know to get started.

Must-Have Product of the Year: Amazon Echo

The Amazon Echo is still an invitation-only device, but you need to get in line NOW. During the introduction, Amazon is selling them for $99. Or you can get one on eBay for about triple that amount. It’s money well spent. Think of it as a desktop version of Siri. But it’s so much more. With Amazon Prime and Prime Music accounts plus a free iHeartRadio account, you get access to a collection of over a million songs just by saying the name of the artist or song or playlist or radio station of interest. You also can upload 250 of your own songs not purchased through Amazon Music at no charge. Or, for $25 a year, you can upload up to 250,000 tracks much like iTunes Match. The sound quality of the device is nothing short of spectacular. My teenage daughter and I spent over two hours playing with it the first night it arrived. And the excitement hasn’t waned. It’s the go-to device for all of our visitors to explore new and old music. And, yes, Amazon Echo knows the weather, the time, and just about anything else you care to ask about. You’ll have it in your living room in no time. Not only will it speak the results while playing your favorite song, it’ll send the results and to-do list to your smartphone.

2014: Cloud Computing Reinvented

Over the past few years, we’ve seen a gradual migration of server platforms to the cloud thanks in large part to ever falling prices on the Amazon EC2 platform. But 2014 saw some new cloud strategies. First came the pay-once-use-it-forever platform of CloudAtCost.com. Wait for the next sale and save half on almost any of their server platforms. If you follow us on Twitter, we’ll let you know when it happens. We’ve had several servers for almost a year with no hiccups. In fact, we now keep backup images of the Nerd Vittles, PBX in a Flash, and Incredible PBX web sites running 24/7 on these Canadian servers. Check out the performance for yourself.

Then there was Digital Ocean with its pay-by-the-hour pricing coupled with the ability to create virtual machines for almost any platform in under a minute. It truly is a developer’s dream come true. Frankly, it’s our platform of choice for development of all the great software you read about here. Use our signup link and get a $10 credit to try things out. The beauty of the technology is you can create a server with 512MB of RAM and a 20GB drive, work for a half a day, take a snapshot of your project, and then delete the server until you feel like working again. Total cost for use of the platform and storage of your snapshot: about 2¢.

With any great new technology, of course, competition is not far behind. Meet Vultr, the Digital Ocean knock-off promising more memory, more server locations, and more features for less money. Is Vultr really better? We’ll let you know after we’ve had more time to play. Our first look uncovered a few wrinkles. First, you had to request enabling of port 25 for outbound SMTP mail support. Not a big deal if it were documented that you had to request it, but it isn’t mentioned anywhere on the site. Second, virtual machines take a bit longer to create and much longer to become fully functional on Vultr. We got spoiled by the one-minute spin up at Digital Ocean. But, the good news is a penny-an-hour server gets you a gig of RAM, 20 gigs of storage, and 2 terabytes of data transfer a month for $7. And it is fast! So stay tuned for a full review and…

Merry Christmas!

Originally published: Monday, December 22, 2014



Need help with Asterisk? Visit the PBX in a Flash Forum.


 
New Vitelity Special. Vitelity has generously offered a new discount for PBX in a Flash users. You now can get an almost half-price DID from our special Vitelity sign-up link. If you’re seeking the best flexibility in choosing an area code and phone number plus the lowest entry level pricing plus high quality calls, then Vitelity is the hands-down winner. Vitelity provides Tier A DID inbound service in over 3,000 rate centers throughout the US and Canada. And, when you use our special link to sign up, the Nerd Vittles and PBX in a Flash projects get a few shekels down the road while you get an incredible signup deal as well. The going rate for Vitelity’s DID service is $7.95 a month which includes up to 4,000 incoming minutes on two simultaneous channels with terminations priced at 1.45¢ per minute. Not any more! For PBX in a Flash users, here’s a deal you can’t (and shouldn’t) refuse! Sign up now, and you can purchase a Tier A DID with unlimited incoming calls for just $3.99 a month. To check availability of local numbers and tiers of service from Vitelity, click here. Do not use this link to order your DIDs, or you won’t get the special pricing! Vitelity’s rate is just 1.44¢ per minute for outbound calls in the U.S. There is a $35 prepay when you sign up. This covers future usage and any balance is fully refundable if you decide to discontinue service with Vitelity.
 


Some Recent Nerd Vittles Articles of Interest…

  1. Some of our purchase links refer users to Amazon and other sites when we find their prices are competitive for the recommended products. Nerd Vittles receives a small referral fee from merchants to help cover the costs of our blog. We never recommend particular products solely to generate commissions. However, when pricing is comparable or availability is favorable, we support Amazon and other merchants because they support us. []

The Disappointing iPhone 6: Eight Generations of iOS and Bluetooth Still Sucks

Our technology reviews are a little different than the dozens of reviews you’ve probably already seen that read more like Apple press releases. First of all, we typically buy products to actually use. And second, we base our smartphone evaluations on real-world requirements rather than best case scenarios that you’re unlikely to ever experience in the real world.

So we begin our review of the iPhone 6 with the simple question: “Can it make calls?” Funny as this sounds, it’s been a huge problem with previous iPhone models if you planned to use a reasonably priced provider such as StraightTalk instead of one of America’s “Big Four.” To Apple’s credit, they finally got it right in the AT&T model of the iPhone 6. StraightTalk works out of the box, something Android mastered years ago. You still cannot manually configure the cellphone provider specs, but at least it now works.

We’re not going to spend a lot of time on Apple’s continuing push to lock users into the Apple universe. Suffice it to say, the lock in marches on with each new release. To some it’s a good thing. To others, it’s not. If you’re going to fork over $1,0001 for an iPhone 6 in order to use StraightTalk for $45 a month, then you’re probably committed to and comfortable with Apple’s ways of doing things. We’re pretty much an observer of the iPhone cosmos except to assure that our VoIP products still work reliably on the platform. On the other hand, our teenager and all of her teenage friends have iPhones, period. Just the mention of Android conjures up visions of nerds hanging from trees to hear them tell it. In other words, lock in is a good thing in their view. All of their apps work exactly the same on every person’s smartphone. All of their emojis are compatible for texting. And messaging is pure Apple with no worries whether SMS and MMS work or not. By the way, messaging is still a mess if you switch between Apple and Android with your SIM card without first disabling iMessage on the iPhone. It’s almost as if Apple likes it this way. 😉

Did we mention that the iPhone 6 is gorgeous? Hands down, it is the best looking smartphone ever. We won’t get into whether it bends or not. Ours didn’t, and we carry it in our pocket like every other guy on the planet. Not sure I’d do it if I rode on a tractor all day but in typical everyday use, it holds it’s own.

We were especially curious about the camera given the numerous reviews documenting that the iPhone 6 is not the megapixel wonder you’ve come to expect with Android phones. We’ve typically been able to take much better real-world photos using Samsung’s Galaxy S4. So we’re including two marsh photos taken with a Galaxy S4 as well as iPhone 5c and iPhone 6 portrait shots to let you judge the quality for yourself. Keep in mind that all four of the images below are screen captures rather than the actual photographs. We came away from the experiment very impressed that the newer iPhones can hold their own against the Android devices with far better technical specs. While it’s still a bit of a knuckle drill to export a photo from your photo stream to iPhoto to email to a download to your desktop, it’s at least intuitive. Bottom Line: We no longer worry about photo quality when we don’t have an Android phone along for a trip.

With the camera testing behind us, that left us with two burning questions: how’s the WiFI and how’s the Bluetooth connectivity with cars?

Not to beat a dead horse, but WiFi typically hasn’t been Apple’s strong suit unless you happen to be using their access points. That seems to be resolved with iOS 8. 5G WiFi connectivity worked great with download and upload speeds matching the limits of our broadband service. That’s the good news.

The bad news is that Bluetooth is still a mess after years and years of problem reports. If anything, iOS 8 is a step backwards judging from the reports on Apple’s own support forum. Our results with one of the latest General Motors vehicles were terrible. While the iPhone 6 could be paired with the vehicle, nothing worked afterwards. No calls, no Pandora, nothing! When every $100 Android smartphone can pair with almost any vehicle and work, we get back to our initial question: “Can it make calls?” Unfortunately, unless you want to step back in time and hold your shiny, new iPhone 6 next to your ear, the answer is a resounding NO. And, yes, we jumped through all of the Apple hoops attempting to resolve the Bluetooth problems even though nobody should ever have to endure that! For $1,000, one would expect all of the basics on a smartphone to function correctly just as you expect your brakes and windshield wipers to work when you buy a new car. The fact that Apple has dropped the ball on Bluetooth for years is yet another reason we won’t be switching from Android anytime soon. In fact, the Bluetooth problem is a deal breaker for us so we’re returning the phone.

Finally, a word to the Apple fanboys. Don’t post comments. We won’t publish them. We are not Apple haters. Quite the contrary, we have more Apple hardware under our roof than any other brand. What Apple has done in the educational arena and to foster the image of technical support as a good thing is legendary. But you can’t drop the ball on the basics and expect people that depend upon technology to be impressed. Drop everything that deals with the shiny new watch for a few days and fix Bluetooth. It’s that important!

Originally published: Monday, October 13, 2014



Need help with Asterisk? Visit the PBX in a Flash Forum.


 
New Vitelity Special. Vitelity has generously offered a new discount for PBX in a Flash users. You now can get an almost half-price DID from our special Vitelity sign-up link. If you’re seeking the best flexibility in choosing an area code and phone number plus the lowest entry level pricing plus high quality calls, then Vitelity is the hands-down winner. Vitelity provides Tier A DID inbound service in over 3,000 rate centers throughout the US and Canada. And, when you use our special link to sign up, the Nerd Vittles and PBX in a Flash projects get a few shekels down the road while you get an incredible signup deal as well. The going rate for Vitelity’s DID service is $7.95 a month which includes up to 4,000 incoming minutes on two simultaneous channels with terminations priced at 1.45¢ per minute. Not any more! For PBX in a Flash users, here’s a deal you can’t (and shouldn’t) refuse! Sign up now, and you can purchase a Tier A DID with unlimited incoming calls for just $3.99 a month. To check availability of local numbers and tiers of service from Vitelity, click here. Do not use this link to order your DIDs, or you won’t get the special pricing! Vitelity’s rate is just 1.44¢ per minute for outbound calls in the U.S. There is a $35 prepay when you sign up. This covers future usage and any balance is fully refundable if you decide to discontinue service with Vitelity.
 


Some Recent Nerd Vittles Articles of Interest…

  1. Actually, the sales price for the 128GB iPhone 6 with AppleCare+ and sales tax came to a whopping $1,028.59 []

FMC: The Future of Telephony with Vitelity’s vMobile and Asterisk in the Cloud




If making phone calls from a web browser is what you’ve always longed for, then you’re in good company with Google and its future direction in the telephony space. Call us old fashioned but this strikes us as a solution in desperate need of a problem. What’s wrong with a Plain Old Telephone or a smartphone for making connections with friends and business associates? The real head scratcher is the fact that the WebRTC and Hangouts push demonstrates that the wizards at Google are seriously out of touch with the next generation. Will our 14-year-old daughter use Skype or Hangouts or FaceTime? Sure. About once a month to chat with Grandma or to interact with cousins scattered around the country, it’s a terrific option. And the same is true in the business community. When you need to collaborate with a half dozen colleagues, conferencing applications are invaluable. But to meet 95% of day in and day out business requirements, a telephone or smartphone is the clear device of choice. So join us today in celebrating the end of Google Voice XMPP service and the beginning of a new and even more exciting VoIP era… sans Google.


Of course, if it were up to the next generation, telephone calls might completely disappear in favor of text messaging, Snapchat, Instagram, and any other platform that includes recorded photos or videos. Note the subtle difference. Kids really are not interested in live video interaction. They find posed images that tell a story much more appealing. Why? Because recorded photos and videos let users present their best face, their movie star pose, and their expression of what they want others to perceive they’re really like. In short, live video is too much like real life. Our conclusion for those targeting the next generation is you’d better come up with something better and quite different than Skype, Hangouts, and FaceTime.

It’s Fixed-Mobile Convergence, Stupid!

Now let’s return to our primary focus for today, the current business community. Suffice it to say, there are a dwindling number of what we used to call “desk jobs” where an employee arrives at his or her desk at 9 a.m. and leaves at 5 p.m. As more and more jobs are headed off shore, the telephone and smartphone have replaced the corporate desk as the most indispensable corporate fixture. Particularly in the American marketplace, what we see with most businesses is a management layer and an (upwardly) mobile force of salespeople, consultants, and implementers that interact primarily through PBXs in an office headquarters or home office together with smartphones for those that generally are on the road. Many of these Road Warriors don’t even have a home phone any longer.


The telephony Holy Grail for this new business model is Fixed-Mobile Convergence (FMC). It’s the ability to transparently move from place to place while retaining your corporate identity. Every employee from the night watchman in Miami to the salesperson making calls from a Starbucks in California to the CEO in New York has an extension on a PBX in the cloud together with the ability to accept and place calls using the company’s CallerID name and number, transfer calls, and participate in conference calls regardless of whether the phone instrument happens to be a desktop phone or a smartphone. Is this even possible? Well, as of last week, the answer is ABSOLUTELY.

Vitelity has been a long-time corporate sponsor of both the Nerd Vittles and PBX in a Flash open source projects so we were thrilled when we were offered a free, Samsung Galaxy S III to try out the new (live) vMobile service that took Best in Show honors at ITEXPO Miami in January. As Vitelity’s Chris Brown would probably tell you, it’s one thing to demonstrate a new technology at a trade show and quite another to bring it into production. But Vitelity did it:



What we want to stress up front is that we’ve received no special treatment in getting this to work. We received the phone, opened a support ticket to register the phone on Vitelity’s vMobile network, and plugged our new credentials into the phone so that it could be integrated into our PBX in a Flash server. Once the smartphone became an extension on our PBX, we could place calls through our PBX with the S3 using both WiFi and Sprint 3G/4G service. Switching between WiFi and cellular is totally transparent. The CallerID for all outbound calls was our standard PBX CallerID. We also could place calls to other extensions on the PBX by dialing a 4-digit extension while connected to WiFi or the Sprint network virtually anywhere. If you have 3-digit extensions, those are a problem over the Sprint network but we’ll show you a little trick to get them working as well.

Keep in mind that every call from the S3 goes out through the PBX just as if you were using a standard desktop phone as a hardwired extension. And it really doesn’t matter whether the S3 has a WiFi connection or a pure cellular connection on Sprint’s network. You receive calls on the S3 in much the same way. It’s just another extension on your PBX. If you want to add it to a ring group to process incoming calls, that works. If other users on your PBX wish to call the S3 directly using the extension number, that works as well. If you want to transfer a call, pressing ## on the S3 initiates the transfer just as if you were using a phone on your desk. When we say transparent convergence, we really do mean transparent. No recipient of a call from the vMobile S3 would have any idea whether you were sitting at a desk in the corporate headquarters in New York or in a seat on a Delta jet after landing in San Francisco. Both the call quality and the corporate CallerID would be identical. And your secretary on maternity leave at Grandma’s house still could reach you using her vMobile S3 by simply dialing your corporate extension.

So that’s the Fortune 500 view of the new VoIP universe. How about the little guy with a $15 a month PBX in a Flash server in the RentPBX cloud1, a couple mobile sales people, and a handful of construction workers that build swimming pools for a living? It works identically. Each has an S3 connected as an extension on the PIAF cloud server. And calls can be managed in exactly the same way they would be handled if everyone were sitting side-by-side at desks in an office headquarters somewhere. The silver lining of cloud computing is that it serves as the Great Equalizer between SOHO businesses and Fortune 500 companies. Asterisk® paired with inexpensive cloud hosting services such as RentPBX lets you mimic the Big Boys for pennies on the dollar. We think Vitelity has hit a bases loaded, home run with vMobile.


vMobile Pricing

We know what you’re thinking. “Since you got yours for free, what does it really cost??” The Galaxy S3 (or S4) is proprietary running Trebuchet 1.0, a (rooted) CyanogenMod version of Android’s KitKat. You can purchase these devices directly from the Vitelity Store. Currently, you can’t bring your own device. The refurbished S3 is $189 including warranty. Works perfectly! That’s what we’re using. Next, you’ll need a vMobile account for each phone. Unless you’re a Nerd Vittles reader, it’s $9.95 per month. That gets you free WiFi calling and data usage anywhere you can find an available WiFi hotspot. And text messaging is free. For calls and data using Sprint’s nationwide network, the calls are 2¢ a minute and the data is 2¢ per megabyte ($20 per gigabyte). For us, a typical day of data usage with an email account and light web use costs about a quarter. YMMV! So long as you configure Android to download application updates when connected to WiFi, data usage should not be a problem unless you’re into photos and streaming video. Android includes excellent tools for monitoring and even curbing your data usage if this is a concern.

vMobile Gotchas

Before we walk you through the setup process, let’s cover the gotchas. The list is short. First, we don’t recommend connecting vMobile devices to a PBX sitting behind a NAT-based firewall, or you may end up with some calls missing audio. The reason is NAT and quirky residential routers. If you think about it, when your S3 is inside the firewall and connected to WiFi, it will have an IP address on your private LAN just like your Asterisk server. When your S3 is outside your firewall on either a cellular connection or someone else’s WiFi network, it will have an IP address that is not on your private LAN. Others may be smarter than we are, but we couldn’t figure a way to have connections work reliably in both scenarios using most residential routers. You can configure your S3’s PBX extension for NAT=No or NAT=yes, but you can’t tell Asterisk how to change it depending upon where you are. One simple solution is to deploy these phones with a VPN connection to your Asterisk server sitting behind a NAT-based firewall. The more reliable solution is to build your PBX in a Flash server in the cloud with no NAT-based firewall. Then use an IPtables WhiteList (aka Travelin’ Man 3) to protect your server. From there, you can either interconnect the cloud-based server with a second PBX behind your firewall, or you can dispense with the local PBX entirely. Either way will eliminate the NAT issues with missing audio. In both cases, use NAT=yes for the vMobile extension.

Another wrinkle involves text messaging. Traditional text messages work fine; however, MMS still is problematic unless you initiate the outbound MMS session with the other recipient. It’s probably worth noting that Google Voice never got MMS working at all despite years of promises. This wasn’t a deal breaker for us, but it’s a bug that still is being worked on.

Finally, there’s Sprint. You either love ’em or hate ’em. We really haven’t used Sprint service in about eight years. In the Charleston area, the barely 3G service still is just as lousy as it was eight years ago. But, if you live in an area with good Sprint coverage and performance, this shouldn’t be an issue for you. And vMobile works fine in Charleston. You just won’t be surfing the web very often unless you have hours to kill… waiting. Additionally, dialing numbers with less than 4 numbers is a non-starter with Sprint, but we’ll show you a simple workaround to reach 3-digit local extensions from your vMobile device below.

With a service as revolutionary as vMobile with Sprint’s new FMC architecture, we can’t help thinking there may be other cellular carriers with an interest in deploying this technology sooner rather than later. But, given the vMobile feature set, Sprint is good enough for now especially when WiFi connectivity is available almost everywhere.




vMobile Configuration at Vitelity

For the Vitelity side of the setup, you first configure your smartphone using the (included) My Phone app. When the application is run, your cellphone number will be shown. Tapping the display about a dozen times will cause the phone’s setup to be reconfigured. Vitelity will provide you the secret key to activate your account. Next, you’ll log into the Vitelity portal and choose vMobile -> My Devices under My Products and Services. The account for your vMobile device will already exist. Clicking on the pull-down menu beside your vMobile device will let you create your SIP account on Vitelity’s server. Enter the IP address or FQDN of your Asterisk server and set up a very secure password. Your username will be the 10-digit phone number assigned to your vMobile phone. Save your settings and then choose the Edit option to view your setup. The portal will display your Username, Password, and FreePBX/Asterisk Connect Host name. Write them down for use when you configure your new extension using FreePBX®.




vMobile Configuration for Asterisk and PBX in a Flash

On the PBX in a Flash server, use a browser to open FreePBX. Choose Applications -> Extensions and add a new generic SIP device. For Display Name and User Extension, enter the 10-digit phone number assigned to your vMobile device. Under Secret, enter the password you assigned in Vitelity’s vMobile portal. Click Submit and reload FreePBX when prompted. Then edit the extension you just created. Set NAT=yes and change the Host entry from dynamic to the FQDN entry that was shown in Vitelity’s vMobile portal, e.g. 7209876542.mobilet103.sipclient.org. Update your configuration and restart FreePBX once again. Finally, from the Linux command prompt, restart Asterisk: amportal restart. If you’re using a WhiteList with IPtables such as Travelin’ Man 3, be sure to add a new WhiteList entry for your vMobile Host entry. Finally, add your vMobile extension to any desired Inbound Routes to make certain your vMobile device rings when desired.

You now should be able to place and receive calls on your vMobile device. If you want to be able to call 3-digit Asterisk extensions on both WiFi and while roaming on the Sprint cellular network, then you’ll need to add a little dialplan code since Sprint reserves 3-digit numbers for emergency services and will reject other calls with numbers of less than 4 digits. Here’s the simple fix. Always dial 3-digit extensions with a leading 0, e.g. 0701 to reach extension 701. We’ll strip off the leading zero before routing the call. The dialplan code below works whether you’re calling a local 3-digit extension or a 3-digit extension on an interconnected remote Asterisk server. Simply edit extensions_custom.conf in /etc/asterisk and insert the following code at the top of the [from-internal-custom] context. Then restart Asterisk: amportal restart. Note that we’ve set this up so that, if you have an extension 701 on both the local server and a remote server, the call will be connected to the local 701 extension. If you have different extension prefixes for different branch offices (e.g. 7XX in Atlanta and 8XX in Dallas), then this dialplan code will route the calls properly assuming you’ve configured an outbound route with the appropriate dial pattern for each branch office.

exten => _0XXX,1,Answer
exten => _0XXX,n,Wait(1)
exten => _0XXX,n,Set(NUM2CALL=${CALLERID(dnid):1})
exten => _0XXX,n,Dial(sip/${NUM2CALL})
exten => _0XXX,n,Dial(local/${NUM2CALL}@from-internal)
exten => _0XXX,n,Hangup

Vitelity vMobile Special for Nerd Vittles Readers

Now for the icing on the cake… We asked Vitelity if they would consider offering special pricing to Nerd Vittles readers and PBX in a Flash users. We’re pleased to report that Vitelity agreed. By using this special link when you sign up, the vMobile monthly fee will be $8.99 instead of $9.95. In addition, your first month is free with no activation fee. We told you last week that there was a very good reason for choosing Vitelity as your SIP provider. Now you know why.

And, if you’re new to Cloud Computing, take advantage of the RentPBX special for Nerd Vittles readers. $15 a month gets you your very own PBX in a Flash server in the Cloud. Just use this coupon code: PIAF2012. Enjoy!

Originally published: Thursday, May 15, 2014





Need help with Asterisk? Visit the PBX in a Flash Forum.


 
New Vitelity Special. Vitelity has generously offered a new discount for PBX in a Flash users. You now can get an almost half-price DID from our special Vitelity sign-up link. If you’re seeking the best flexibility in choosing an area code and phone number plus the lowest entry level pricing plus high quality calls, then Vitelity is the hands-down winner. Vitelity provides Tier A DID inbound service in over 3,000 rate centers throughout the US and Canada. And, when you use our special link to sign up, the Nerd Vittles and PBX in a Flash projects get a few shekels down the road while you get an incredible signup deal as well. The going rate for Vitelity’s DID service is $7.95 a month which includes up to 4,000 incoming minutes on two simultaneous channels with terminations priced at 1.45¢ per minute. Not any more! For PBX in a Flash users, here’s a deal you can’t (and shouldn’t) refuse! Sign up now, and you can purchase a Tier A DID with unlimited incoming calls for just $3.99 a month. To check availability of local numbers and tiers of service from Vitelity, click here. Do not use this link to order your DIDs, or you won’t get the special pricing! Vitelity’s rate is just 1.44¢ per minute for outbound calls in the U.S. There is a $35 prepay when you sign up. This covers future usage and any balance is fully refundable if you decide to discontinue service with Vitelity.
 


Some Recent Nerd Vittles Articles of Interest…

  1. RentPBX also is a corporate sponsor of the Nerd Vittles and PBX in a Flash projects. []

Putting the Genie Back in the Bottle: More RedHat Legal Shenanigans with CentOS


As we celebrate the 10th anniversary of CentOS, the Community Enterprise Operating System, all is not well in Open Source Land. If you haven’t heard, CentOS “joined forces” with Red Hat while you were enjoying the Christmas holiday. And RedHat wasted little time attempting to morph CentOS into a Trademark Minefield much as RedHat has done with its other “open source” projects. If you look at the new CentOS.org web site, RedHat proclaims a New Look and New CentOS. New, indeed. You won’t see many changes other than a healthy mention of RedHat and a vast new Legal section proclaiming RedHat’s ownership of the CentOS trademark and severely restricting acceptable use of the CentOS product. It’s more than a little ironic that RedHat actually pulled off a similar stunt against CentOS back in 2005. The initial problem this time around is that RedHat doesn’t actually own the trademark, nor has RedHat attempted to register it. There are some good reasons why, and we’ll get to those in a minute.

The RedHat Legal Theory of Trademarks goes something like this. We just don’t want people to confuse other products with our brand even though we all use the same, freely available open source brands. Get it? Well let’s try again. RedHat doesn’t mind using Apache’s brand name, and SendMail’s, and MySQL’s, and about 40,000 other trademarked and copyrighted products of open source developers. But God help you if the word “RedHat” appears anywhere in your open source software aggregation.

Now RedHat would like to extend this philosophy to CentOS for the betterment of the community, of course. If successful, RedHat bullying would wipe out virtually all of the current CentOS packages available from the following providers, and thousands more would disappear as well. Here’s the list from CentOS’ own web site, but don’t expect the list to remain around very long. The mere existence of this list proves CentOS acquiescence in the development methodology employed by Amazon Linux AMIs that include CentOS as part of the AMI, AsteriskNOW, BlueOnyx, BlueQuartz, CactiEZ, CentServer, ClarkConnect, ClearOS, Elastix, FAN, FreePBX Distro, OpenNode, OpenVZ, OS Office, OVH, Parallels Virtuozzo Containers, PBX in a Flash, Proxmox images that include CentOS, SipX, SME Server, Snaplogic, trixbox, trixswitch, VicidialNOW, most of the Virtual Machines and hosted platforms that rely upon CentOS with any other included application. And the list goes on. To give you some idea of how pervasive CentOS is in the products of other developers, try Googling: built atop centos. It returns over 21 million results.

In a nutshell, the new RedHat Terms of Service outlaw use of CentOS in any productunless the combined distribution is an official CentOS distribution.” In short, the open source community would be transformed into the functional equivalent of the Windows and Mac platforms. End-users could independently install CentOS and then acquire apps to run under CentOS, but CentOS could no longer be included with the application itself. Well, not so fast, Mr. RedHat.

Even though the evidence trail is quickly disappearing, there’s still plenty of CentOS history that suggests things may not work out quite as well for RedHat this time around. First, there is the CentOS “Social Contract” with the Open Source Software Community and The cAos Foundation’s Open Source Software Guidelines, both of which have conveniently disappeared from the CentOS web site. For history buffs, the cAos Foundation was the developer of the CentOS aggregation. If there’s one overriding principle in both trademark law and open source software development under the GPL, it’s this: YOU CAN’T UNRING A BELL. A license once given cannot be withdrawn at the whim of a new owner, even RedHat. Here’s an excerpt from their “Social Contract.” Pay particular attention to the last paragraph:

Another problematic issue is ownership of the trademark itself. You can certainly own a trademark without registering it with the U.S. Patent & Trademark Office. But… since inception, the cAos Foundation has gone to great lengths not to ever enforce, proclaim™, or protect its trademark in CentOS. The reason is simple. They viewed CentOS as a community project which was free for everyone in the community to use and integrate as they saw fit. Thus it is more than a little puzzling that a single developer would finally file a USPTO trademark application for “CENTOS” (note the capitalization and compare to RedHat’s view of the universe) six months ago claiming that he individually owned the mark. Quite the contrary, the cAos Foundation referenced its CentOS brand as early as 2004.

This, of course, raises some additional problems with RedHat’s claim of CentOS trademark and service mark ownership. From a legal standpoint, owners of trademarks are obligated to police the use of their marks to avoid Dilution either by third parties or by tarnishment. Without delving too deeply in the legal weeds, suffice it to say the CentOS mark suffers from dilution on both counts over a period of almost 10 years! This is as it should be actually. CentOS was intended to be a community resource for everyone in the community to be able to use, integrate, and build upon. Because of its inherent non-commercial character, it was never intended to be a brand for independent marketing.

A third trademark infirmity for the CentOS brand is the fact that it’s suffering from genericide. In Plain English, CentOS has become a household word. In the Linux community, it signifies a generic open source Linux operating system. Just as with aspirin and thermos bottles, “a majority of the relevant public [has] appropriated the name of the product… [and, in essence,] the owners are victims of their own success.”

And then there’s the matter of licensing. In addition to the “Social Contract” referenced above and upon which many developers relied, there’s also a financial angle. Individual developers reportedly have been given either express or implied authorization to integrate CentOS into their software products in exchange for financial contributions to the “CentOS project.” We’ll have more to say about that in our Petition for Cancellation and Opposition to Registration of the CentOS trademark, if the trademark is ever approved for publication. We trust many other developers will file petitions as well. You can review the procedure here. You can follow the CentOS trademark saga here. Be advised that an Opposition to Registration (section 202) must be filed with the Trademark Trial and Appeal Board within 30 days of the date a mark is approved for publication in the USPTO’s Official Gazette. A sample Petition for Cancellation (section 307) is available here. You do not have to be a lawyer to file it. You do have to pay the $300 filing fee. The safest way to monitor approval is by regularly checking the Status of the CENTOS Trademark and Service Mark Application.

Licensing issues aside, there’s a more serious issue moving forward. Most companies used CentOS so they wouldn’t have to pay for Red Hat Enterprise Linux. Now Red Hat has bought CentOS. Guess what? Is it just a matter of time until CentOS is crippled so that it cannot serve as a drop-in replacement for Red Hat’s Cash Cow? Duh! Did the CentOS development team care about this? Probably not. Might not have even considered it. They got money and cushy jobs out of the deal. But, just because Red Hat offers financial rewards to a handful of CentOS developers is no reason to scuttle the development efforts of thousands of independent developers over the last decade. Better think twice, RedHat. The open source community will be watching.

Originally published: Monday, January 20, 2014




Need help with Asterisk? Visit the PBX in a Flash Forum.


whos.amung.us If you’re wondering what your fellow man is reading on Nerd Vittles these days, wonder no more. Visit our whos.amung.us statistical web site and check out what’s happening. It’s a terrific resource both for all of us.


 
New Vitelity Special. Vitelity has generously offered a new discount for PBX in a Flash users. You now can get an almost half-price DID from our special Vitelity sign-up link. If you’re seeking the best flexibility in choosing an area code and phone number plus the lowest entry level pricing plus high quality calls, then Vitelity is the hands-down winner. Vitelity provides Tier A DID inbound service in over 3,000 rate centers throughout the US and Canada. And, when you use our special link to sign up, the Nerd Vittles and PBX in a Flash projects get a few shekels down the road while you get an incredible signup deal as well. The going rate for Vitelity’s DID service is $7.95 a month which includes up to 4,000 incoming minutes on two simultaneous channels with terminations priced at 1.45¢ per minute. Not any more! For PBX in a Flash users, here’s a deal you can’t (and shouldn’t) refuse! Sign up now, and you can purchase a Tier A DID with unlimited incoming calls for just $3.99 a month. To check availability of local numbers and tiers of service from Vitelity, click here. Do not use this link to order your DIDs, or you won’t get the special pricing! Vitelity’s rate is just 1.44¢ per minute for outbound calls in the U.S. There is a $35 prepay when you sign up. This covers future usage and any balance is fully refundable if you decide to discontinue service with Vitelity. 


Some Recent Nerd Vittles Articles of Interest…

Ringbinder theme by Themocracy