Home » Technology » Internet/Web (Page 6)
Category Archives: Internet/Web
The Most Versatile VoIP Provider: FREE PORTING
JUST RELEASED: Visit the Incredible PBX WikiWebRTC: Asterisk Joins the Brave New World of Real Time Communications
This week we’ll be wading into the world of real time communications and the Asterisk® 11 implementation of WebRTC, a JavaScript API that makes it easy to build click-to-call systems and softphone interfaces using nothing more than a web page. To simplify the task of creating an Asterisk 11/WebRTC platform, we’ve created a free virtual appliance for you that can be deployed in a matter of minutes on any Windows®, Mac®, Linux® or Solaris® desktop using Oracle’s VirtualBox®. In producing this WebRTC implementation, the Asterisk Dev Team has introduced an impressive new set of (stable) features formerly lacking in Asterisk: SRTP for secure communications, ICE, STUN, and TURN to allow NAT clients to better communicate with Asterisk. As the old saying goes, a picture is worth a thousand words. So let’s begin with a one-minute video that actually demonstrates Asterisk WebRTC in action. Using nothing more than a Chrome browser, we’re connecting to a web site hosted on the PBX in a Flash™ appliance to dial a news application that’s part of the included Incredible PBX™ 11 build.
Before we walk you through deploying your own WebRTC platform with Asterisk 11, let’s quickly cover some of the WebRTC basics as they apply in the Asterisk environment.
Rolling Your Own. If you’re one of the purists that prefers to roll your own server, then the starting point for your build should be the Asterisk Wiki. The other important component is sipml5, Doubango Telecom‘s terrific HTML5 SIP client. It’s the actual interface demonstrated in the YouTube video above. And this link provides a failsafe recipe for bringing up WebRTC on any Asterisk 11 server. Our appliance just saves you the one-hour hassle. We’ve chosen not to deploy WebRTC2SIP, the middleware that’s currently necessary if you want to add video support to Asterisk WebRTC. And our current build only works with the latest Chrome browser; however, WebRTC4all is available if you prefer Safari, Opera, Firefox, or Internet Explorer. All of the documentation for these components is provided in the links above for our pioneers.
Why WebRTC? Some of you may be asking, "What’s the big deal? Why would I want to deploy WebRTC?" The short answer is that it eliminates the need to install and configure a proprietary softphone on every customers’ desktop computer before they can communicate. Instead, all they need is a web browser that supports Real-Time Communications. By pointing their browser to a server address that you provide, the customer instantly gains a communications platform that’s as feature-rich as you choose to make it. And it’s comparable to the dedicated clients of old… without the cost or hassle of marrying a softphone to every customer’s particular desktop operating system! And your web page could easily provide a directory of supported contact names and numbers as part of the user interface.
http://www.youtube.com/watch?v=MsAWR_rJ5n8
The other beauty of WebRTC is it allows you to create your own (secure) Skype-like communications system without a Man in the Middle. And all you need is a browser at both ends. The WebRTC video above demonstrates a video conversation between a Chrome user at Google and a Firefox user at Mozilla.
Deploying PIAF-Green-WebRTC. So much for the theory. Let’s get your own server set up so you can experiment with this yourself. Here are the steps. It’s about a 10-minute procedure once you’ve downloaded our virtual machine appliance from SourceForge.
- Install Oracle’s VirtualBox on your Desktop computer
- Download PIAF-Green-WebRTC
- Import PIAF-Green-WebRTC into VirtualBox
- Start the PIAF-Green-WebRTC Appliance
- Using Chrome, Access the WebRTC Page Hosted on PIAF-Green-WebRTC
- Configure sipml5 to Make a Connection Using an Asterisk Extension
- Place Your First Call
1. Install Oracle’s VirtualBox. Download the VirtualBox installer for your desktop platform from VirtualBox.org. Run the installer and accept the default settings. For details, here’s a link to Oracle’s VM VirtualBox User Manual.
2. Download PIAF-Green-WebRTC. To get PIAF-Green-WebRTC installed on your desktop is quick and easy. Because the image tips the scales at over 2GB and due to the 2GB file size limit on many systems, we’ve chosen to split the download into two pieces. You need both of them! Just download them onto any flavor desktop from SourceForge. Once you’ve downloaded the two files, reassemble them into a single file known as an Open Virtualization Appliance (.ova). Then verify the checksums for the reassembled file to be sure everything is in its proper place. Finally, double-click on the .ova file which will initiate the import process into VirtualBox.
So let’s begin by downloading the two halves from SourceForge: PIAF20631aa and PIAF20631ab.
The reassembly procedure depends upon your desktop operating system. For Windows PCs, you’ll need to drop down to the Command Prompt, change to the directory in which you downloaded the two files, and type the following command:
copy /b PIAF20631aa + PIAF20631ab PIAF-Green-WebRTC.ova
To check the MD5/SHA1 checksums in Windows, download and run Microsoft’s File Checksum Integrity Verifier.
For Mac or Linux desktops, open a Terminal window, change to the directory in which you downloaded the two files, and type the following commands:
cat PIAF20631a{a..b} > PIAF-Green-WebRTC.ova
md5 PIAF-Green-WebRTC.ova (use md5sum for Linux)
openssl sha1 PIAF-Green-WebRTC.ova
The MD5 checksum for PIAF-Green-WebRTC.ova is 946c149c6adb53602ccfcd3ace10e13b. The SHA1 checksum is 285a5b999c761fcbef13d1a97b4c335a81e1cb0d. If you have a match, proceed. Otherwise, rinse and repeat.
3. Import PIAF-Green-WebRTC into VirtualBox. You only perform the import step one time. Once imported into VirtualBox, PIAF-Green-WebRTC is ready to use. There’s no further installation required, just like an OpenVZ template… only better. Double-click on the .ova file you downloaded to begin the procedure and load VirtualBox. When prompted, be sure to check the Reinitialize the Mac address of all network cards box. Read and accept the license agreement. Then click the Import button. Once the import is finished, you’ll see a new PIAF-Green-WebRTC virtual machine in your VM List on the VirtualBox Manager Window. You need to make a couple of one-time adjustments to the PIAF-Green-WebRTC Virtual Machine configuration to account for differences in sound and network cards on different host machines.
Click on PIAF-Green-WebRTC Virtual Machine in the VM List. Then click Settings -> Audio and check the Enable Audio option and choose your sound card. Save your setup by clicking the OK button. Next click Settings -> Network. For Adapter 1, check the Enable Network Adapter option. From the Attached to pull-down menu, choose Bridged Adapter. Then select your network card from the Name list. Then click OK to save your setup. Finally, click Settings -> System, uncheck Hardware clock in UTC time, and click OK. That’s all the configuration that is necessary for the PIAF-Green-WebRTC Virtual Machine. If you blinked, you probably missed it.
4. Start the PIAF-Green-WebRTC Appliance. Once you’ve imported and configured your new Virtual Machine, you’re ready to go. Highlight the appliance in the VM List on the VirtualBox Manager Window and click the Start button. The boot procedure with CentOS 6.3 will begin just as if you had installed PBX in a Flash and Incredible PBX on a standalone machine. You’ll see a couple of dialogue boxes pop up that explain the keystrokes to move back and forth between your host operating system desktop and Incredible PBX.
Here’s what you need to know. To work in the Virtual Machine, just left-click your mouse while it is positioned inside the VM window. To return to your host operating system desktop, press the right Option key on Windows machines or the left Command key on any Mac. For other operating systems, read the dialogue boxes for instructions on moving around. Always shut down your virtual machine gracefully! Click in the VM window with your mouse, log in as root, and type: shutdown -h now. Or, from the VirtualBox Manager Window, Ctl-Click on the PIAF-Green-WebRTC VM and choose Close -> ACPI Shutdown.
Always run Virtual Machines behind a hardware-based firewall with no Internet port exposure!
To begin, position your mouse over the VM window and left-click. Once the virtual machine has booted, log in as root with password as the password. Change your root password immediately by typing passwd at the command prompt. Now set up a secure maint password for FreePBX as well. Type passwd-master. If you’re not in the Eastern U.S. time zone, then you’ll want to adjust your timezone setting so that reminders and other time-sensitive events happen at the correct time. Issue the following command to pick your time zone: /root/timezone-setup. Now type status and write down the IP address of your appliance. Finally, edit /etc/asterisk/sip_custom.conf and replace the secret=8000 entry with a very secure password. This is your WebRTC extension password. Restart Asterisk: amportal restart.
5. Access WebRTC Page Hosted on PIAF-Green-WebRTC Using the latest Chrome browser from a machine on the same subnet as your appliance, point to the WebRTC web page of your appliance using the actual IP address of your virtual machine: http://192.168.0.141/myphone/call.htm.
6. Configure sipml5 to Make a Connection to Asterisk. There are two configuration steps before you can log in and start making calls through your Asterisk server. First, click on the Expert Mode button. Fill out the form as shown below using the actual IP address of your server. Click Save when you’re finished, close this browser window, and return to the main WebRTC page.
Next, fill out the Registration section using the actual IP address of your server and the extension 8000 password that you created above. Private Identity is 8000, Public Identity is sip:8000@ipaddress, Realm is Asterisk ipaddress.
Once you’ve completed your entries, click Login to make a connection to your Asterisk server.
7. Placing a Call with WebRTC. Once you’re logged in, it’s just as if you had registered a softphone to your Asterisk server. Calls from other extensions can reach you by dialing extension 8000. And you can place outbound calls using the Call Control panel. To demonstrate how this works, try the following. To retrieve Today’s News Headlines, enter 951. Then click the Call button. To retrieve the latest Weather Forecast for your city, dial 949 and say the city and state when prompted. You can’t enter touchtone keys so just ignore the "press pound" instruction and wait for the timeout.
We have intentionally not walked you through configuring an outbound trunk even though one can easily be used to make outbound calls. Before doing so, make very certain that your appliance is behind a hardware-based firewall with no Internet port exposure. It’s your phone bill. Enjoy!
WebRTC Conference and Expo. The 2013 WebRTC Conference and Expo is returning to Atlanta on June 25. For everything you ever wanted to know about WebRTC, that’s the place to be. You can sign up now at WebRTCWorld.com. The Half-Price Early Bird discount ends on March 1. And you can save an additional 15% by using Coupon Code: AA.
Originally published: Tuesday, February 26, 2013
Need help with Asterisk? Visit the PBX in a Flash Forum.
Some Recent Nerd Vittles Articles of Interest…
The Bluetooth Revolution: Watch What We Can Do
If ever there’s been a sleeping technology giant still worth watching, it’s got to be Bluetooth. Originally developed by Ericsson, the Swedish telecommunications company, Bluetooth is a proprietary wireless technology for exchanging data over short distances using fixed and mobile devices. If you use it at all, it’s probably to answer phone calls and play music in your car using your smartphone or to walk around looking like a lunatic talking to yourself because you have a Bluetooth headset for your cellphone hanging out of your ear. Or you may be using our Bluetooth Proximity Detection utility to automatically forward calls from your PBX in a Flash server to your cellphone when you leave the office. Well, that’s so last week!
What’s coming in tomorrow’s vehicles (unless the federal government gets too crazy) is literally a revolution in the way vehicles interact with your smartphone. Rather than buying all of your existing cellphone technology again in every car you own, Bluetooth will give you a dashboard with the rich feature set of your existing smartphone without another monthly cellphone bill. That’s right. All of the data will be delivered to your dashboard via Bluetooth using middleware that translates existing information on your cellphone to a display on your dash. And you’ll be able to control the flow and type of information using a touchscreen in your car or truck that bears an uncanny resemblance to the display on your iPad or Android Tablet. See why you might really need a quad-core processor on your next smartphone?
I’m sorry. Did we say in tomorrow’s vehicles? You actually can get it right now in the Prius V with Entune. Of course, Toyota would like to replace your cellphone carrier and charge you monthly fees for services you’re already paying for on your cellphone, but that will sort itself out shortly. Why? Because there are some new open source experiments underway using Android instead of our old friend Micro$oft.
Meet The Watch. Suppose you were a nerd and just graduated from college with nothing to do except beg for a job flipping burgers. But then you had this idea to create a Bluetooth-enabled watch that could display content from your cellphone while you were driving, or running, or swimming. Well, you’d probably turn to KickStarter and try to raise $100,000 so you could build your dream watch. That was six weeks ago. They raised nearly $1 million the first day. And, by the time the fund-raising campaign ends in mid-May, it looks like this project will have raised nearly 10 million dollars!
Nice Surprise. So now you have the background on coming attractions. But there’s more. There’s the company that inspired Steve Jobs doing what they once did better than anyone on the planet, quietly churning out incredible products while nobody was looking. Meet Sony and the SmartWatch.
If you want a glimpse at what tomorrow’s vehicles will look like, the Sony SmartWatch is the one to follow. It’s in living color. It’s feature-rich. And it just works! Released in the United States three short weeks ago, there already are nearly 50 available Android applications (mostly free) that you can display on your watch. Here’s a sampling to give you some idea of the scope. We loaded a dozen on our SmartWatch in minutes!
You actually manage and download apps for your SmartWatch using Sony’s LiveWare Manager which lives on your Android phone. And, yes, almost any Android phone will work although a higher end device with more memory is a definite plus. You won’t want just a couple of apps once you get started.
We, of course, took one look at this watch and decided it was a perfect platform on which to display network management information about your PBX in a Flash communications servers or any other server. Keep reading!
One of the terrific apps for the SmartPhone is called Traffic Cams which does just what you’d think. It displays live web cam images from traffic cameras using GPS technology to figure out which ones are closest to you. Very slick! As you can see, we have some stunning ones within a mile of our home. And if you depend upon bridges to get to where you need to go, you’ll soon learn how indispensable these traffic cams really are. The camera shown above actually faces due east. For a real treat, come visit Nerd Vittles at 6:30 a.m. EDT (this time of the year) and enjoy the sunrise. Stunning!
HINT: The image shows the local time if you are timezone-challenged. It is refreshed every 3-4 minutes during the day.
Update: Wondering why this bridge is so empty? Check our SmartWatch! Pays to use more than one traffic camera when you set this up.
A bonus from the app is the ability to display your own 200×200 images on the watch from any public web site. So we whipped together a quick-and-dirty script that extracts status information about your PBX in a Flash server and converts it with ImageMagick (Don’t Forget: yum install ImageMagick) into a couple of jpeg images. Using FTP, these images then can be uploaded to a public web server and displayed on the phone. If you like the code and want to see what else is possible using the SmartWatch, come follow our progress on the PBX in a Flash Forum. Enjoy your new watch! Here’s a short list showing where to get a great deal on one.
Originally published: Monday, April 30, 2012
Need help with Asterisk®? Visit the NEW PBX in a Flash Forum.
whos.amung.us If you’re wondering what your fellow man is reading on Nerd Vittles these days, wonder no more. Visit our new whos.amung.us statistical web site and check out what’s happening. It’s a terrific resource both for us and for you.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…
Introducing NeoRouter VPN: A Star Is Born
In our last article, we introduced PPTP VPNs for interconnecting remote users and branch offices to a central network hub. Known as a hub-and-spoke VPN, the advantage of this design is it lets remote users participate as peers in an existing home office LAN. It’s simple to set up and easy to maintain. The drawback is vulnerability to man-in-the-middle attacks.
Today, we want to turn our attention to the more traditional client-server VPN which still relies upon a central server but uses a star topology to connect remote nodes. The major difference is that only registered devices participate in the virtual private network so there is no direct access to other machines on the LANs of the registered devices. If you have servers scattered all over the countryside, this is an excellent way to manage and interconnect them. All data and communications between the nodes can then be routed through the encrypted VPN tunnel for rock-solid security.
With NeoRouter’s free software, you can set up your VPN server using a PC, a Mac, a Linux or FreeBSD machine, OpenWrt Backfire, and Tomato. VPN clients are available for PCs, Macs, Linux and FreeBSD PCs, OpenWrt, Tomato as well as Android phones and tablets. There’s even an HTML5 web application in addition to a Chrome browser plug-in. With the OpenWrt and Tomato devices or if you’re an extreme techie, you can broaden your NeoRouter star configuration to include bridging of remote LANs. See pp. 47-50 of the NeoRouter User’s Manual. And you can interconnect up to 256 devices at no cost. For $999, you can enlarge your VPN to support 1,000 devices. Screen sharing, remote desktop connections, HTTP, and SSH access all work transparently using private IP addresses of the VPN nodes which are automatically assigned to the 10.0.0.0 private network.
You may be wondering why we’ve moved on from Hamachi. Suffice it to say, LogMeIn has put the squeeze on the free version to the point that it’s now next to worthless. In fact, you’d be hard-pressed to find any mention of a free version of Hamachi (other than a trial edition) on LogMeIn’s current web site. Here’s a feature comparison which says it better than we could.
Today we are introducing the first of two NeoRouter VPN solutions. First, we have a simple installation script that works with any PBX in a Flash 2™ server. See also our more recent column for the dedicated server edition of NeoRouter VPN known as VPN in a Flash. It’s suitable for use on a dedicated server or running as a virtual machine. For smaller VPNs, we prefer the add-on module for PBX in a Flash. For larger deployments, you probably should opt for the dedicated machine. It also isolates your VPN server from your PBX which generally is the better network strategy. Regardless of the installation scenario you choose, keep in mind that neither option requires exposure of your entire server to the Internet. Only a single TCP port needs to be opened in your hardware-based firewall and IPtables Linux firewall.
NeoRouter Setup with PIAF2™. We’re assuming you already have a PBX in a Flash 2 server set up behind a hardware-based firewall. If not, start there. Next, we’ll need to download and run the installer for your new NeoRouter Server. It also installs the client. Just log into your server as root and issue the following commands:
wget http://incrediblepbx.com/install-neorouter
chmod +x install-neorouter
./install-neorouter
The installer will walk you through these five installation steps, but we’ll repeat them here so you have a ready reference down the road.
First, on your hardware-based firewall, map TCP port 32976 to the private IP address of your PIAF2 server. This tells the router to send all NeoRouter VPN traffic to your PIAF2 server when it hits your firewall. If you forget this step, your NeoRouter VPN will never work!
Second, we’re going to use your server’s public IP address as the destination for incoming traffic to your NeoRouter VPN. If this is a dynamic IP address, you’ll need an FQDN that’s kept current by a service such as DynDNS.com.
Third, each administrator and user is going to need a username to access your NeoRouter VPN. You can use the same credentials to log in from multiple client machines, something you may or may not want to do. We’re going to set up credentials for one administrator as part of the install. You can add extra ones by adding entries with one of the following commands using the keyword admin or user. Don’t use any special characters in the username and password!
nrserver -adduser username password admin
nrserver -adduser username password user
Fourth, make up a very secure password to access your NeoRouter VPN. No special characters.
You’re done. Review your entries very carefully. If all is well, press Enter. If you blink, you may miss the completion of the install process. It’s that quick.
Fifth, after your NeoRouter VPN is installed, you can optionally go to the NeoRouter web site and register your new VPN by clicking Create Standalone Domain. Make up a name you can easily remember with no periods or spaces. You’ll be prompted for the IP address of your server in the second screen. FQDNs are NOT permitted.
When a VPN client attempts to login to your server, the server address is always checked against this NeoRouter database first before any attempt is made to resolve an IP address or FQDN using DNS. If no matching entry is found, it will register directly to your server using a DNS lookup of the FQDN. Whether to register your VPN is totally up to you. Logins obviously occur quicker using this registered VPN name, but logins won’t happen at all if your server’s dynamic IP address changes and you’ve hard-coded a different IP address into your registration at neorouter.com.
Setting Up a NeoRouter Client. As mentioned previously, there are NeoRouter clients available for almost every platform imaginable, except iPhones and iPads. Hopefully, they’re in the works. So Step #1 is to download whatever clients are appropriate to meet your requirements. Here’s the NeoRouter Download Link. Make sure you choose a client for the Free version of NeoRouter. And make sure it is a version 1.7 client! Obviously, the computing platform needs to match your client device. The clients can be installed in the traditional way with Windows machines, Macs, etc.
CentOS NeoRouter Client. As part of the installation above, we have automatically installed the NeoRouter client for your particular flavor of CentOS 6, 32-bit or 64-bit. In order to access resources on your NeoRouter server from other clients, you will need to activate the client on your server as well. This gets the server a private IP address in the 10.0.0.0 network.
To activate the client, type: nrclientcmd. You’ll be prompted for your Domain, Username, and Password. You can use the registered domain name from neorouter.com if you completed step #5. Or you can use the private IP address of your server. If your router supports hairpin NAT, you can use the public IP address or server’s FQDN, if you have one.
To exit from NeoRouter Explorer, type: quit. The NeoRouter client will continue to run so you can use the displayed private IP addresses to connect to any other online devices in your NeoRouter VPN. All traffic from connections to devices in the 10.0.0.0 network will flow through NeoRouter’s encrypted VPN tunnel. This includes inter-office SIP and IAX communications between Asterisk® endpoints.
Admin Tools for NeoRouter. Here are a few helpful commands for monitoring and managing your NeoRouter VPN.
Browser access to NeoRouter Configuration Explorer (requires user with Admin privileges)
Browser access to NeoRouter Network Explorer (user with Admin or User privileges)
To access your NeoRouter Linux client: nrclientcmd
To restart NeoRouter Linux client: /etc/rc.d/init.d/nrservice.sh restart
To restart NeoRouter Linux server: /etc/rc.d/init.d/nrserver.sh restart
To set domain: nrserver -setdomain YOUR-VPN-NAME domainpassword
For a list of client devices: nrserver -showcomputers
For a list of existing user accounts: nrserver -showusers
For the settings of your NeoRouter VPN: nrserver -showsettings
To add a user account: nrserver -adduser username password user
To add admin account: nrserver -adduser username password admin
Test VPN access: http://www.neorouter.com/checkport.php
For a complete list of commands: nrserver –help
To change client name from default pbx.local1:
- Edit /etc/hosts
- Edit /etc/sysconfig/network
- Edit /etc/sysconfig/network-scripts/ifcfg-eth0
- Edit /etc/asterisk/vm_general.inc
- reboot
For the latest NeoRouter happenings, follow the NeoRouter blog on WordPress.com.
GPL2 License. The install-neorouter application is open source software licensed under GPL2. The NeoRouter Server and Client software is freeware but not open source. This installer has been specifically tailored for use on PBX in a Flash 2 servers, but it can easily be adjusted to work with virtually any Linux-based Asterisk system. If you make additions or changes, we hope you’ll share them on our forums for the benefit of the entire VoIP community. Enjoy!
Originally published: Wednesday, April 18, 2012
Need help with Asterisk? Visit the NEW PBX in a Flash Forum.
whos.amung.us If you’re wondering what your fellow man is reading on Nerd Vittles these days, wonder no more. Visit our new whos.amung.us statistical web site and check out what’s happening. It’s a terrific resource both for us and for you.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…
Travelin’ Man 3: Securing a PBX in a Flash or VoIP in the Cloud Server
UPDATE: Be sure to read about the latest enhancement to Travelin' Man 3 here.
We're big fans of playing with our own VoIP hardware. It has the advantage of allowing the installation of everything behind a secure, hardware-based firewall thereby eliminating almost all of the security issues associated with VoIP telephony. With PBX in a Flash™ and its Zero Internet Footprint™, you can run a secure VoIP server in your home or office with no port exposure to the Internet. This setup, of course, assumes that you have the necessary bandwidth to support Internet telephony and that you possess the necessary skill set to maintain your own Linux® server running Asterisk®, FreePBX®, Apache®, SendMail®, PHP®, and on and on. Not everyone does. And, of course, there are thousands of organizations in which employees and their phones are not colocated with the home office VoIP communications server. And, believe it or not, there are folks that run their VoIP server on the public Internet without any firewall protection. For all of you, today's your lucky day.
Lest you think that we've bitten off more than we can chew, we want to acknowledge the dozens of thought-provoking comments on the PIAF Forums that ultimately led to today's new release. That is the hidden beauty of open source development. So, thank you dad311, atsak, tbrummell, Hyksos, markieb, Ramblin, darmock, lowno, blanchae, bmore, vcallaway, jroper, mag, briankelly63, mbellot, phonebuff, The Deacon, Astrosmurfer, frontline, ou812, LostTrunk, lgaetz, kh40s, rossiv, and all of our other gurus that make the PIAF Forums a great place to learn something new every day.
Thanks to our good friends at RentPBX, who provide terrific technical and financial support to both Nerd Vittles and the PBX in a Flash project, you don't have to roll your own. And your phones can be anywhere because your communications server sits on the public Internet. If cost is a factor or for those outside the United States that need a U.S. presence to take advantage of services such as Google Voice, the $15 a month price point using the PIAF2012 coupon code makes RentPBX more than competitive with what it would cost you in electricity, Internet bandwidth, and hardware resources to do it yourself... minus the headaches. You get a stable PBX in a Flash or Incredible PBX platform from the git-go. In addition, issues of jitter and latency all but disappear from the VoIP equation because you can choose the site of your hosted PBX from a worldwide list of Internet POPs including five regions in the U.S. as well as Canada and Europe. Many sit within a few milliseconds of the Internet backbone.
What you don't have with a hosted PBX solution is a hardware-based firewall sitting between your server and the Big, Bad Internet. With PBX in a Flash, the risk is lessened because the IPtables Linux Firewall is baked into the fabric of PBX in a Flash. For a comprehensive overview of how IPtables works, read this article. It explains IPtables better than any book you could buy.
Today we're pleased to introduce Travelin' Man 3™, a completely new security methodology based upon FQDN Whitelists and DDNS. In a nutshell, you get set-it-and-forget-it convenience and rock-solid VoIP security for your Cloud-based PBX or any PBX in a Flash server that's lacking a hardware-based firewall and you get both transparent connectivity and security for your mobile or remote workforce. We'll quickly cover the mechanics of this new IPtables methodology that allows you to secure your hosted PBX without compromising flexibility. The nitty gritty details of IPtables and firewalls we'll leave for you to explore at your leisure.
And, speaking of leisure, we always get the question: "Have you tested it?" For frequent readers of Nerd Vittles, you already know the answer. We eat our own dog food! In the case of Travelin' Man 3, we gave it a healthy workout just last week from the deck of the Carnival Fantasy as we passed by Cape Canaveral and in Key West with 4G service, and finally in several ports with WiFi access in the Bahamas. The beauty of the new design is you'll know instantly if it's not working because you'll never get your VoIP SIP phone to connect back to your VoIP server. We had zero problems using nothing more than an Android phone for both DynDNS updates and Bria SIP phone service. Being a pioneer isn't always easy, but... Somebody's gotta do it™. 😉
Unlike previous iterations of Travelin' Man, version 3 lets you configure remote phone access from the server and keep one or hundreds of phones in sync even with changing IP addresses using dynamic DNS update software at the sites of the remote phones. Whether the site is a remote office or a floating hotel room, any PC or Mac whether it's a desktop or netbook can automatically manage the dynamic DNS updates while keeping all of the local phones securely connected to the VoIP Cloud. And any jail-broken iPhone can manage the updates as well. With Android phones, it's even better. You have your pick of several great apps: DynDNS Client, Dynamic DNS Client, or Dynamic DNS Updater. We've found the DynDNS Client to be nearly perfect. As we'll explain in a minute, this version of Travelin' Man is not compatible with prior versions so you'll need to choose either the manual methodology of previous iterations or version 3 which does it automagically.
A New Approach to WhiteLists. Our new approach to IPtables is to lock down your server using a WhiteList of safe IP addresses and fully-qualified domain names (FQDNs) that should be given access to your hosted VoIP server. Then we'll periodically check to see if the IP addresses associated with the FQDNs have changed and make the necessary adjustments automatically. If any intruder attempts to access any port on your PBX, their packets are simply discarded by IPtables so the bad guys never know your server exists.
We've experimented with BlackLists for VoIP security, and the bottom line is they just don't work because of inherent problems with reliability and completeness. You spend your entire day updating lists of the bad guys only to discover that they've morphed to thousands of new IP addresses. Think Whack-A-Mole. IP addresses can easily be changed, and zombies have made attacks from third-party PCs a daily occurrence. Earlier this month, Nerd Vittles was hit with a denial of service attack from 30,000+ zombie PCs. This was in spite of the fact that we already block well over 100,000 IP addresses with the world's finest blacklists. Now it's 130,000. 🙄 Of course, none of the owners of these PCs had any idea how their computers were being used. I'm reminded of a famous judge's secretary who received a knock at her door one Sunday morning from the FBI. They informed her that she was using her computer to host porno movie downloads. I won't offend your tender sensibilities by repeating what she actually told those "young men."
There's also the problem of dynamic IP addresses which means an address that was used by a bad guy yesterday may be handed out by the same ISP to your grandma tomorrow. And it didn't take the bad guys long to poison blacklists with IP addresses that you actually need for services such as DNS or network time services. If you've ever had an IP address that ended up on one of the major blacklists, you know what a hassle it is to get your IP address unBlacklisted. The Soup Nazi has nothing on these folks.
Bottom Line: Public web sites are pretty much forced to use BlackLists because they want their sites to be generally accessible. With a VoIP server, we have the luxury of choice, and WhiteLists are much more effective for server security.
Overview. Our recommended design works like this. Block everything. Then permit packets from known hosts and non-routable IP addresses only, and limit known hosts to only the services they actually need. For example, a VoIP provider such as Vitelity that is providing a DID for your inbound calls doesn't need web access to your server. They need SIP and RTP access. Nothing more. The same goes for a remote user: SIP and RTP access so their SIP phone works. Nothing more. You, as Administrator, need complete access to the server but only from a specific, defined IP address. We, of course, don't want IPtables to have to inspect and filter every single packet flowing into and out of your server because that would bog things down. And we don't want users on your private LAN and remote users with dynamic IP addresses to have to wrestle with updating their phones just to stay connected. So, we've opened up all non-routable IP addresses and, once we've verified that a remote site is authorized access, then subsequent packets flowing into and out of the server for that IP address will be passed along without additional packet inspection. And once we set up the FQDN for a remote user, local dynamic DNS update clients can be used to automate the process of keeping IP addresses current. Then, every few minutes, we'll let your server check whether there's been a change in any users' dynamic IP addresses. If so, we'll simply refresh the IP addresses of all FQDNs using an IPtables restart to bring the phones back to life. To end users, The Phones Just Work™.
Finally, a word about security for VoIP in the Cloud servers. If you run a virtual machine from any hosting provider with wide open access to SIP, IAX, and web services, it's just a matter of time before your server is going to be compromised, period! If you foolishly use credit card auto-replenishment for one or more of your hosting providers then you might as well mail a blank check to the bad guys and wait for them to cash it. Today's tools will take you less than a minute to permanently lock down your server. So... JUST DO IT™.
To give you some idea of how far the Android platform has come, here are a couple screenshots of our Samsung 4G Skyrocket smartphone running three simultaneous VoIP apps all day, every day: Bria SIP extension to our PIAF2 server in Charleston, CSipSimple extension to our RentPBX VM in California, and GrooveIP session with Google Voice. Try that on your 3G iPhone 4S. 😉
We're officially releasing this for RentPBX users running PBX in a Flash or Incredible PBX 3™. These folks have been our pioneers for a very long time, and we like to take care of them first. Properly installed, Travelin' Man 3 should work fine on any PIAF™ or Incredible PBX system. We'll make a backup of /etc/sysconfig/iptables before replacing your IPtables setup with the PIAF default setup. It assumes ALL of your traffic is flowing on eth0. If that's not the case, don't use it without major modifications! We would hasten to add that Travelin' Man 3 is licensed as GPL2 open source software. So it's available NOW to everyone to use or to embellish as they see fit. We hope every provider of VoIP services offering virtual machines in the cloud as well as those without a hardware-based firewall to protect your Asterisk server will take advantage of the opportunity to customize and deploy this code for their particular IPtables environment. To paraphrase Bill Clinton: "It's your phone bill, stupid!"
Deploying Travelin' Man 3. Here's how to deploy Travelin' Man 3 on your server. In Step #1, we run secure-iptables. This locks down virtually all IP ports and services in the original IPtables configuration for PBX in a Flash to either the IP address or the FQDN of the administrator. Be advised that this setup uses the default ports for all PIAF services, e.g. SSH, WebMin, HTTP, etc. If you use custom ports, you'll need to modify the script accordingly. If the administrator is on the move or has a dynamic IP address on his or her desktop or notebook PC/Mac that will be used to administer the cloud server, then use an FQDN, not a static IP address, when you run secure-iptables.
Step #2 is automatic and is part of secure-iptables. It opens SIP and IAX port access for "trusted providers" such as Google, Vitelity, etc. This is covered in detail below. We also open accessibility from non-routable IP addresses. You obviously can close or limit private LAN access, if desired. We included it for the benefit of those running and administering PBX in a Flash on private LANs where internal security is not a concern.
In Step #3, we'll let you set up additional access for other providers, users, and phones. You get your choice of up to 9 separate services in addition to the whole enchilada, and each account gets a name and a file to keep track of the latest IP address entry: somename.iptables. These are stored in /root. Don't delete them! New accounts can be added using either a static IP address (add-ip) or an FQDN (add-fqdn). These accounts also can be deleted whenever necessary (del-acct). You can rerun secure-iptables whenever you like, but it automatically deletes all custom user accounts. Here's the list of services from which to choose. Mix and match as desired to meet your own requirements.
0 - All Services
1 - SIP (UDP)
2 - SIP (TCP)
3 - IAX
4 - Web
5 - WebMin
6 - FTP
7 - TFTP
8 - SSH
9 - FOP
Just a word of caution. IPtables stores its setup in /etc/sysconfig/iptables, but it actually runs from an image in memory on your Linux server. As part of the load process, IPtables converts all FQDNs stored on disk to static IP addresses. This speeds up firewall processing enormously. While it's possible to add IPtables rules in memory without writing them to disk (as in the original Travelin' Man design), don't do it with Travelin' Man 3! You will lose these settings whenever IPtables is restarted by running any of the above scripts or whenever a refresh of FQDN IP addresses becomes necessary. Whatever you do, never ever run the command: service iptables save. This command is used to write the IPtables entries in memory to disk. In doing so it writes only static IP addresses to disk. This will erase (a.k.a. ruin) your Travelin' Man 3 FQDN setup and force you to start over with Step #1. Otherwise, none of your FQDN's would ever get refreshed because they've all disappeared and become static IP addresses.
IPtables also has a major shortcoming IMHO. We support FQDNs in IPtables to make it more flexible. However, a failed FQDN during an IPtables restart will cause IPtables not to load at all. We have worked around this by adding our own restart command which you should always use: iptables-restart. You've been warned.
Locking Down Your Server. While there's still time, let's spend a minute and lock down your server to the public IP address of the PC that you use to administer the system. If you don't know the public IP address of the desktop machine you use to manage your server, then click on this link using a browser on that machine, and our web site will tell you the IP address.
Now log into your virtual machine as root using SSH and issue the following commands:
cd /root
wget http://incrediblepbx.com/travelinman3.tar.gz
tar zxvf travelinman3.tar.gz
yum -y install bind-utils
./secure-iptables
When prompted for the FQDN or IP address of your Administrator PC, use the FQDN if you have one. Otherwise, type in the IP address and press the Enter key. Agree to the terms of service and license agreement by pressing Enter. When the IPtables file displays, verify that you have typed your FQDN or IP address correctly, or you will lock yourself out of your own server. Press Ctrl-X to exit the editor, and then press Enter to update IPtables and save your new configuration.
NOTE: If you are running PBX in a Flash in a cloud environment, be sure to add an entry to Travelin' Man 3 with the IP address of your cloud server. ifconfig will tell you what the IP address is. To add the entry, issue the command: /root/add-ip cloud 12.34.56.78 using your actual cloud IP address.
WARNING: If you use an FQDN for your Administrator PC and it points to a dynamic IP address, be sure to also add this same FQDN using add-fqdn. Otherwise, IP address changes will not be detected, and you may lock yourself out of your own server.
Nobody can access your server except someone seated at your PC or on your private LAN with your login credentials. You can repeat this process as often as you like because each time the script is run, it automatically restores your original IPtables configuration. Now let's grant access to your SIP providers and those using remote SIP or IAX phones.
Using DynDNS to Manage FQDNs. The key ingredient with Travelin' Man 3 is automatic management of dynamic IP addresses. When a user or even the administrator moves to a different location or IP address, we don't want to have to manually adjust anything. So what you'll first need is a DynDNS account. For $20 a year, you can set up 30 FQDNs and keep the IP addresses for these hostnames current 24-7. For $30 a year, you can manage 75 hostnames using your own domain and execute up to 600,000 queries a month. That's more than ample for almost any small business but, if you need more horsepower, DynDNS.com can handle it. What we recommend is setting up a separate FQDN for each phone on your system that uses a dynamic IP address. This can include the administrator account if desired because it works in exactly the same way. When the administrator extension drops off the radar, a refresh of IPtables will bring all FQDNs back to life including the administrator's account. Sounds simple? It is.
Preparation. Before we make further modifications to IPtables in Step #3, let's make a list of all the folks that will need access to your VoIP Server in the Cloud. For each entry, write down the name of the person, server, or phone as well as the type of entity which needs server access. Then provide either the static IP address or FQDN for each entry. If one or more of your IP addresses are dynamic (meaning the ISP changes them from time to time), we'll cover managing dynamic IP addresses in a minute. For now, just make up a fully-qualified domain name (FQDN) for each dynamic IP address using one of the available DynDNS domains. For static IP addresses, use the FQDN or the IP address. HINT: FQDNs make it easy to remember which entry goes with which provider.
Make a list of your providers NOT in this list: Vitelity (outbound1.vitelity.net and inbound1.vitelity.net), Google Voice (talk.google.com), VoIP.ms (city.voip.ms), DIDforsale (209.216.2.211), CallCentric (callcentric.com), and also VoIPStreet.com (chi-out.voipstreet.com plus chi-in.voipstreet.com), Les.net (did.voip.les.net), Future-Nine, AxVoice (magnum.axvoice.com), SIP2SIP (proxy.sipthor.net), VoIPMyWay (sip.voipwelcome.com), Obivoice/Vestalink (sms.intelafone.com), Teliax, and IPkall. The providers listed above are already enabled in the secure-iptables setup script. We call them Trusted Providers only because we trust them and have personally used all of them. We consider them reliable folks with whom to do business. It doesn't mean others aren't. It simply means these are ones we have tested with good results over the years. The only providers you'll need to add are ones we haven't provided. Also be sure to check whether the FQDNs of the providers above cover the server for your account. If not, you'll need to manually add those FQDNs as well. Keep in mind that trusted providers will have full SIP and IAX access to your server so stick with tried-and-true providers for your own safety. The PBX in a Flash Forum and DSL Reports are good sources of information on The Good, The Bad, and The Ugly.
Finally, list with a name each phone that will be connected to an extension on your server. If you have 10 traveling salesmen, then you might want to name them all by last name and also provide FQDNs with their last names, e.g. smith.dyndns.org and jones.dyndns.org. No spaces or punctuation in names or FQDNs! We strongly recommend using FQDNs wherever you can because it means zero work for you when a provider changes an IP address. Here's the table we use:
Name
Type: Person, Provider, Server, Phone
IP Address Type: Static or Dynamic
FQDN or IP Address
Services Desired: SIP, IAX, Web, FTP, SSH, etc.
Step #3: Adding Authorized Users. Now take your list and add each account to your server while logged in as root and positioned in the /root directory. For static IP addresses, use add-ip. For dynamic IP addresses and FQDNs, run add-fqdn and plug in the FQDN for each account. When one of your accounts needs to be removed, just run del-acct from the /root folder on your server and plug in the name of the account to delete. If a user changes from a static IP address to a dynamic IP address or vice versa, just delete the user and then add them again with the new IP address or FQDN. All of the accounts are stored in /root and have names like this: name.iptables.
Step #4: Setting Up DynDNS Client Updates. There are actually two pieces in the Dynamic DNS update puzzle. At the end-user side, you need to deploy a DynDNS update client on the same subnet as the phone of your user. See the links above to download the update software you prefer. In the case of cellphones with SIP phone capability, this could be as simple as installing the DynDNS update client directly on the phone itself. Plug in your DynDNS credentials as well as the FQDN associated with the particular phone, and the rest is automatic.
Step #5: Setting Up IPtables Auto-Refresh. Finally, we need a way for your server to discover when a refresh of FQDNs becomes necessary because someone's IP address has changed. The simplest way to do this is to automatically run a simple script (ipchecker) that polls the DNS authoritative server to determine whether the dynamic IP address associated with an FQDN has changed. If so, we'll update the account.iptables file to reflect the new IP address and then restart IPtables. This will refresh all IP addresses associated with FQDNs. If all or most of your users spend time sleeping each day, you may wish to run the script only during certain (waking) hours of the day so your server has less of a load. The other consideration is how often to check. The guideline here is how long can any user live without their SIP phone being connected to your server. 10 minutes may be reasonable for some. 60 minutes may suffice for others. For us, it's 3 minutes. It's your choice. The way Travelin' Man 3 works is, whenever at least one account has an IP address change, it will trigger a restart of IPtables to do an IP address refresh for all of the FQDNs.
The top of the ipchecker script in /root looks like this:
#!/bin/bash
# Insert the account filenames to be checked below
# Remember to increment the account[#] for new entriesaccount[0]=larry.iptables
account[1]=curly.iptables
account[2]=moe.iptables
# ipchecker (c) Copyright 2012, Ward Mundy & Associates LLC.
You'll need to edit the script (nano -w /root/ipchecker) and modify the section in bold to reflect the actual FQDN account names you've created on your server that are associated with dynamic IP addresses only. You don't want to monitor accounts with static IP addresses or FQDNs that never get updated. When those extensions are off-line, it's not because their IP address changed, and restarting IPtables won't really help to improve the situation. Be sure to increment the account[n] array for each new account that you want to monitor and use the exact format shown in the example above. Before you enter an account in the script, display the contents of the file using cat /root/accountname.iptables. Make certain that the file includes BOTH an FQDN, then a space, and then an IP address. If not, delete the account (del-acct) and add it again using add-fqdn.
Once you've entered all of your accounts with dynamic IP addresses, save the script: Ctl-X, Y, then Enter. Run the script manually now to be sure it works as you intended: /root/ipchecker. Be advised that typos that list accounts that don't exist will cause problems. Error checking consumes processing cycles by requiring additional queries so we've left it out. That means it's solely up to you to check your account names for accuracy. And, remember, only include accounts that have dynamic IP addresses with FQDNs.
Step #6: Automating FQDN Refreshes with Cron. Finally, you'll need to add an entry to the bottom of /etc/crontab using nano. If you wanted the script to run 24 hours a day at 10 minute intervals, here's the command:
If you wanted the script to only run between the hours of 8 a.m. and 9 p.m. (server time zone) at 10 minute intervals, then you'd use something like this:
On our RentPBX complimentary account which we use while traveling, we actually set the interval to 3 minutes. Since the DNS lookups use dig, changes on Android phones using the DynDNS client are almost instantaneous even with automatic switching between WiFi and cellular service. Finally, be sure to type date on your server and verify which time zone your cloud server thinks it's in! Adjust the times in /etc/crontab accordingly.
Be sure to check back here periodically for updates and follow the latest happenings about Travelin' Man 3 in this thread on the PIAF Forums. Enjoy!
Originally published: Thursday, March 29, 2012 Updated: April 19, 2014
UNLESS YOU DISCONTINUE USING FQDN'S WITH IPTABLES, IT IS ABSOLUTELY ESSENTIAL THAT YOU MONITOR YOUR SERVER DAILY IF YOU ARE RELYING EXCLUSIVELY UPON IPTABLES AS YOUR FIREWALL PROTECTION MECHANISM AND YOU ARE USING FQDN'S AS PART OF YOUR CENTOS SECURITY METHODOLOGY!
Need help with Asterisk? Visit the NEW PBX in a Flash Forum.
whos.amung.us If you're wondering what your fellow man is reading on Nerd Vittles these days, wonder no more. Visit our new whos.amung.us statistical web site and check out what's happening. It's a terrific resource both for us and for you.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest...
Open Source Development and the Patent Trolls
If you’re wondering why software development in the United States is coming to a screeching halt, look no further than software patents. Here’s the way it works. All of your favorite technology companies now have stacks of software, business method, and design patents for things as obvious as the shape of a cellphone or a tablet computer that you could have seen on Star Trek in the 1960’s. And then there’s the slide to unlock "invention" that could be found 40 years ago in almost every apartment in the United States and was shown in The Predator movie in 1987, decades before the geniuses at Apple invented it. The list is endless, of course, because the U.S. Patent and Trademark Office now issues software and design patents with about the same scrutiny that a kindergarten teacher employs in deciding whether kids can have permission to go to the bathroom.
So now that you have your software patent arsenal, what do you do with it? In the case of most companies, they quietly reach cross-licensing agreements with other companies which permit others to use their patents so long as the other company reciprocates. Who gets screwed in this arrangement? Startup companies and open source developers!
And then, of course, there are the companies that have convinced themselves that they really did invent all of these things they saw in the movies or saw at Xerox PARC or Wang Labs. Just like the politicians with their unaffiliated super PACs, these companies don’t want to be tarnished by daily headlines showing them suing every Tom, Dick, and Harry that now wants to create a mouse or a new piece of software. Instead, they license or sell their patents to patent trolls, shell companies whose only reason for being is to enforce patents and extract licensing fees with no fingerprints back to the original patent holder. And, what a coincidence. They’ve all set up shop in Texas where they at least believe they have found a sympathetic judiciary to hear their cases. In short, patent trolls provide the original patent holder with deniability (think Mitt Romney and Newt Gingrich) while decimating the competition, a.k.a. young companies without a patent portfolio. It also, of course, has a chilling effect on open source development. Can you guess who reaps the financial rewards from patent trolls?
In fact, the situation has gotten so extreme that patent trolls now are a serious threat to the once blossoming open source development community. Here are a couple of examples. One of the most fertile areas for the patent trolls these days is robocalling software. In a nutshell, you have a database with people’s phone numbers, and a computer is used to dial the numbers and then play a recorded message. One of the key defenses to patent claims is "prior use" which means someone else thought of it before you got your patent.
Here’s the actual history of robocalling from our first-hand experience. In the late 1970’s, I was working with a federal court in Washington, D.C., and we were developing a case management system using Wang VS minicomputers, one of the first computers that bridged the gap between the data processing and text processing worlds. This led to all sorts of creative new uses for computers, and a group of us that were application developers using these computers met regularly to compare notes. I recall specifically making several visits to the Republican National Committee in Washington. They were developing, you guessed it, a robocalling system to deliver campaign messages using a Wang VS computer. If you flip to page 1-4 in this Wang VS Data Communications Guide, you’ll find a discussion (in 1979!) of what Wang called Automatic Calling Units. These were the hardware add-ons designed specifically by Wang to let VS computers do robocalling. And the Republican National Committee was hard at work writing code to do just that. It was used extensively in the 1980 election cycle, 31 years ago! No one at the time had ever heard of software patents. And yet there are software patents granted years later for the identical and obvious methodology employed by the Republicans long before Newt. Crazy!
Another example is speech-to-text software. Typically a recorded voice message is passed to a computer, and the computer transcribes the spoken words into plain text. While the technology to translate spoken language into text would certainly warrant a patent, the obvious ideas on how to use speech-to-text technology are dubious insofar as patents are concerned. For example, some obvious uses include transcribing and delivery of voicemails via email and text messaging or Twitter, transcribing dictation, language translation, and automatically placing phone calls by looking up a spoken name in a directory. The list goes on and on. These apps are trivial to build and obvious to anyone that has used computers over the last 40 years. The only real value-add in these apps is the inclusion of speech-to-text translation which Google is giving away at no cost. Delivery of voicemails via email or SMS, for example, has been an integral part of every PBX and virtually every cordless phone system since the telecommunications industry began. If there still is a valid patent for this (and we haven’t researched it), then perhaps a different delivery mechanism such as Twitter or Google+ might be options worth considering. See this transcription of Andrew Tridgell’s talk on Patent Defenses for some ideas. The problem is that nothing apparently is obvious to the patent examiners working in the U.S. Patent & Trademark Office. Nor has USPTO been vigilant in enforcing the requirement that those applying for a patent disclose prior art. And, remember the old adage that you can’t patent an idea? Wrong again! There are thousands of them, and the list is growing.
I know many of you are sitting back thinking you’re immune from a shakedown and believing this only applies to businesses. Got a Wi-Fi router in your home? Then think again. As recently reported by ZDnet:
Innovatio IP, a new company that exists solely to shake money down for its Wi-Fi patents, is targeting individual branches of hotel, coffee shops and restaurant chains. You, with your home Wi-Fi access point, may be next.
A new open source tool for Asterisk to take advantage of the speech-to-text engine now incorporated into Google’s Chrome browser was released this week by Lefteris Zafiris. You can read all about it and download a free copy of the code from GitHub. It works on any Asterisk-based system. So what now? Is it patent infringement to use Google’s publicly-accessible technology to build yourself an app that handles the obvious and now trivial tasks we’ve outlined above? Is it "legal" to use Google’s publicly-accessible speech-to-text engine to do things other than those that Google itself designed? Your guess is as good as mine. Unfortunately, most users aren’t lawyers and aren’t prepared to spend their life fortune litigating the legal nuances of prior use, obviousness, and whether a patent should be reexamined because it merely covered an idea.
For those that want to experiment at your own risk in this legal minefield, we’ve assembled two hours’ worth of publicly available information on the topic. It shows just how trivial it is to put these freely available components together to do literally hundreds of useful tasks. And when you have a few spare minutes, do us all a favor. Contact your Congressional representatives and urge them to put a stop to this nonsense and restore some sanity to the patent process. Little wonder that the United States has fewer and fewer students interested in pursuing a career in software development. That’s a very sad day for the U.S.A.
Originally published: Friday, January 13, 2012
Need help with Asterisk? Visit the PBX in a Flash Forum.
Or Try the New, Free PBX in a Flash Conference Bridge.
whos.amung.us If you’re wondering what your fellow man is reading on Nerd Vittles these days, wonder no more. Visit our new whos.amung.us statistical web site and check out what’s happening. It’s a terrific resource both for us and for you.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…
Picking the Best (and worst) Cellphone and Provider for 2012
We’ve delayed chiming in on favorite cellphones for the past six months because, quite frankly, we were on the fence about which way to jump. We still are. But we do have some things for you to consider now that we’ve tested and used three of the world’s best available cellphones. Along the way, we’ve also encountered more than a few roadblocks that we also want to warn you about.
Like many of you, we were eagerly anticipating the arrival of the iPhone 5. We hadn’t used an iPhone since the original was released, and this seemed like a good time to make the switch. Unfortunately, that was not to be, and we shared the disappointment of many others when the iPhone 4S was released. But read on. Our situation may not be unlike many of you. We travel about once month. It’s typically by car on the interstates. And our destinations are big cities in the U.S. such as Atlanta and Washington, D.C. But just as often our final destination is our beach house at Pawleys Island, South Carolina or our cabin in Balsam Mountain Preserve in the Smoky Mountains of North Carolina.
We have been generally thrilled with the Virgin Mobile Android and Blackberry offerings which provide excellent value (originally $25 $35 for 300 minutes and an unlimited text and data plan with no contract) and rock-solid Sprint service when you’re in a populated area or traveling down the interstate. Unlike normal Sprint phones which roam on Verizon when you enter an area without Sprint coverage, neither Boost Mobile nor Virgin Mobile has this option. So, once you enter a little beach town or the Smoky Mountains, all bets are off. In fact, you might as well turn your cellphone off. It’s not going to work.
Our solution was to acquire an ObiHai device (a link to Amazon appears in the right column) which provides Google Voice service in your choice of area codes and free calling in the U.S. and Canada for an investment of $50. The monthly cost: $0. You can configure your Google Voice account to also ring your cellphone, your home phone and a vacation home or two simultaneously so that you never miss a call. The only thing it won’t do is ring an extension in a hotel. But that’s what cellphones are for. This worked extremely well for us, but we still missed having a functioning cellphone when we were driving. We decided to leave the family phones on these inexpensive, contract-free plans and acquire one or more of the newer cellphones for business use and testing. By the way, if you root the LG Optimus V phone, you also can add free WiFi tethering for those road trips. So long as you don’t abuse it, Sprint doesn’t seem to mind. So… what to buy?
There have been dozens of good reviews of the best new phones, and we pretty much narrowed down the field to the iPhone 4S, the Samsung Galaxy Nexus, and the Samsung Galaxy S II Skyrocket from AT&T. If you haven’t used Siri, suffice it to say that it catapults the iPhone into a league of its own. The same holds true for the camera comparison. And, with a simple patch of an unrooted iPhone 4S, the camera even supports Panoramic mode.
<rant> We’ve never actually used Verizon, and their service is especially good at our remote sites so we began our quest by ordering an iPhone 4S on release day with a phone call to Verizon. Stacy was extremely helpful in outlining the various plans and indicated that they had a special underway for new iPhone 4S activations. She indicated that the $35 activation fee would be waived. She also provided her personal number (813-410-4413) so that we could contact her for assistance once the phone arrived. We were in a bit of a crunch because we were headed out of town on the same day the phone was supposed to arrive. She assured us the phone would ship overnight and arrive via FedEx before 2 p.m. You can guess the rest of the story. Rather than FedEx, UPS actually attempted to deliver the phone at 6:30 p.m. that evening, well after we had left town. No special handling had been requested by Verizon which meant end-of-day delivery was good enough in the eyes of UPS. Four days later we picked the phone up at UPS which had refused to reschedule delivery for a specific date without payment of an additional special handling charge. By letting them attempt delivery while we were out of town for four days would have meant the phone would have been returned to Verizon.
Setup of the iPhone 4S was uneventful although a call to Verizon was necessary to activate the data service. Two days use around our home office where 3G service was nowhere to be found, and we decided to return the phone. We still were within our 14-day return window without any cancellation penalty. Let the nightmare begin. The phone was returned using a shipping label included in the box, and it arrived back at Verizon within a couple days. We had prepaid for the phone by credit card to the tune of $433.99 so the only charges due were for two days of usage on a $100 a month plan. The first bill arrived before the phone had actually been received. It showed a balance of $134.65 due within 25 days. It included an activation fee. Upon calling Verizon, we were told to disregard the bill and wait on the next one which would clear everything up and remove the activation fee. Four days later, we received the new bill for $464.81 and a notice that payment was now "Past Due" despite the previous bill which indicated that payment was due within 25 days. The entire previous balance was on the bill including the activation fee. In addition, there was a $350 early termination fee and over $39 in fees and taxes. So, yes, they got the phone back. Another call to Verizon, and this time, of course, they could find no record of previous discussions or agreed terms with their sales agent. An hour later a supervisor agreed to take my word for it and, you guessed it, another bill would fix everything. A month later, the third bill arrived with most of the charges removed including a credit for the $74 payment I had made to protect my credit. Another $38 of fees had been added. Call #5 to Verizon, and they agreed to waive the balance due. We’ll see. That was 25 days ago. Bottom line: 11 minutes of rounded up test phone calls and 5 minutes of data usage rounded up to one gigabyte. Cost: $74 so far. Verizon did refund the cost of the phone. Nice!
To suggest that the design of Verizon’s ordering and billing system borders on fraudulent is about the kindest adjective we can muster. Not only is there no paper record of your order to review, but Verizon internally knew the phone had been returned within the 14-day, no termination fee window. And yet their billing system generated a $350 early termination fee in addition to other bogus charges. It’s hard to believe that any of this was accidental given the volume of customers that Verizon handles. And what do folks without a law degree do? Our guess is that more than a few may just pay the charges fearing that their credit will be ruined if they balk. By the third bill, no mortal could decipher the charges and fees including Verizon’s own agents. And, at least to us, that appears to be by design. Our advice is simple. Steer clear of Verizon until they either clean up their act or the Federal Trade Commission does it for them. </rant>
Our next adventure was an iPhone 4S for AT&T which we ordered from our local Apple store. While AT&T has a well earned reputation that’s not far off the Verizon mark, this time around it’s been a pleasant surprise. Apple handled all of the phone setup in minutes. To obtain a credit authorization from AT&T, an agent requested much of the same information you used to provide in buying your first home. Where do you live? How long have you lived there? What was the cost of your home? Where did you live before that? For how long, etc.? We passed.
We already had an AT&T Microcell device which provides AT&T cell access through your local area network. A quick call to AT&T support, and the device was reactivated. AT&T has gotten a bit greedy since we last had service with them. Not only is the unlimited data plan a thing of the past, but, unlike Verizon, your only text messaging option is all-you-can-eat for $20 a month or pay-as-you-go for 20¢ text and 30¢ photo per message. You’re well advised to choose the $20 plan at least for the first month until you’re sure the former owner of your phone number didn’t spend all day and night texting with 100 friends. There’s now a fee to change your phone number, too.
We really can’t say enough good things about the iPhone 4S. I tell folks that it’s like comparing your favorite pair of old shoes to a shiny new pair of boots. It may not be the latest and greatest, but it’s comfortable to use and reliable. If you don’t mind holding your nose because of Apple’s Soup Nazi mentality, then the iPhone 4S is hard to beat. Antennagate appears to be a thing of the past, the screen is spectacular, the camera is awesome (click on the image above and judge for yourself), and Siri is in a league of its own. Just after acquiring the phone, my mother-in-law came to visit. And, of course, I wanted to impress her with Siri by showing how quickly I could figure out my wife’s birthday. So I held the phone up to my ear and said, "When is Mary’s birthday?" Siri promptly responded, "I found six entries for Mary. Which one did you want?" Not cool, Siri. Mental note: Be careful what you ask.
Our adventure continued with the recent release of the new Google phone, Samsung’s Galaxy Nexus. Using a Micro SIM Adapter, we were able to quickly get the Galaxy Nexus up and running on AT&T’s network. We let the phone charge overnight with a WiFi connection to get all of our Google data migrated. The following day, we unplugged the phone and began using it in much the same way as our iPhone 4S: checking emails periodically, reviewing our Twitter stream, and snapping an occasional photo which gets uploaded to Picasa automatically. To make a long story short, the phone blazed through half of its battery life in about 2-1/2 hours. You can read our complete review of the phone on Google+. Suffice it to say, we weren’t impressed. The 5 megapixel camera is 2-year-old technology, the battery cover is not what you’d expect in a $500+ phone, and the face unlocking feature qualifies as gee-whiz stuff, but we unlocked the phone by displaying our own photo from an iPhone 4S. The real dealbreaker for us was the 16GB internal storage limitation on AT&T-compatible phones coupled with the absence of a microSD expansion slot. In short, this new Google phone is anything but state-of-the-art despite the addition of the Ice Cream Sandwich OS which was not that different than existing Android builds.
We’re a big believer in the open source Android platform. So we didn’t give up. AT&T had also announced a new version of Samsung’s Galaxy S II known as Skyrocket. In the past, we’ve been hesitant to try AT&T branded phones because of our experience with the original Samsung Galaxy Tab which was crippled in about every way a provider could cripple an Android device. The most serious limitation was that AT&T locked the device so that apps could only be downloaded from the Android Market. This meant downloads from Amazon’s App Store were barred which in some cases meant higher prices for identical software.
Unlike the Galaxy Nexus, Samsung’s Galaxy S II Skyrocket includes an 8 megapixel camera which rivals the iPhone 4S. See the link above for a photo comparison. We’ve had excellent results with both the iPhone 4S and the Skyrocket. And unlike AT&T’s Galaxy Tab, the Skyrocket was not crippled except insofar as tethering without a 4GB data plan is concerned. For those that can’t live without a rooted phone, this was a 5-minute operation on the Skyrocket device. And, unlike the Galaxy Nexus, we haven’t seen the extreme battery depletion. We easily get a full day’s use out of the Skyrocket.
The only wrinkle with the Galaxy Skyrocket was that the iPhone 4S data plan didn’t work at all with the device. Unlike some other features, this isn’t one you can change yourself using AT&T’s web portal. But a quick call to AT&T will get you switched to the DataPro for Smartphone 4G LTE Plan which is similarly priced. Be sure to follow up by checking their changes on the web portal. In our case, we were switched to the Enterprise version which added an additional $20 a month to already exorbitant data plan charges. Once a Bell Sister, always a Bell Sister. But at least we expect it.
The correct plan is identical to the iPhone 4S offerings except you also get access to AT&T’s new 4G network. Even in the hybrid 4G network areas (aka HSPA+) which roughly doubles 3G performance, the speeds are quite remarkable. The other good news is that, once you’re on the 4G LTE data plan, you can swap back and forth between the Skyrocket phone and 3G service with the iPhone 4S without another phone call since the 4G LTE plan is downward compatible with the 3G network supported by the iPhone 4S. So we’re happy campers at the moment. Both phones work for calling, data, and texting. Switching from one to the other is as easy as swapping the SIM card between the devices. When we’re in a real 4G metropolitan area (which AT&T expanded to 11 new markets today), the Skyrocket device will be our phone of choice. Its speed, performance, huge screen, and gorgeous display are second to none. Coupled with the $5 Groove IP app, you’ll have a perfect Google Voice experience using WiFi with or without a SIM card. In the meantime, we’re still enjoying our old pair of shoes.
Originally published: Thursday, January 5, 2012
Need help with Asterisk? Visit the PBX in a Flash Forum.
Or Try the New, Free PBX in a Flash Conference Bridge.
whos.amung.us If you’re wondering what your fellow man is reading on Nerd Vittles these days, wonder no more. Visit our new whos.amung.us statistical web site and check out what’s happening. It’s a terrific resource both for us and for you.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…
The Googlifier: WordPress Widget Alternative for Google+
Nerd Vittles has been not only a fan but also a user of WordPress for the better part of this century. So it only made sense to contribute a little something back once the opportunity presented itself. Now that Google Plus has released the first iteration of an API, it became fairly easy to extract all of your Google+ content and import it into any current WordPress blog. Rather than offering a plugin or widget that requires constant maintenance, today we’re providing an open source toolkit that lets you automatically and regularly grab your public Google+ content and add it to your new or existing WordPress 3.2.1 blog. Here’s a screenshot of our sample blog using the WordPress twentyten template. We set this up in less than an hour on a hosted platform using cPanel with Fantastico, an application installer which is available on thousands of hosted platforms around the world. Our favorite for new bloggers is Lunarpages for as little as $4.95 a month.
The hidden beauty of this project is that others can take our open source code and transform the same Google+ content into other templates as well. For example, it would be pretty simple to turn your Google Plus feed into something that looked more like the new Facebook Timeline Layout:
Or you might prefer something more like Flipboard or Google’s new secret project that transforms Twitter content into a customized social news magazine:
But, for today, we want to concentrate on WordPress and show you how easy it is to assimilate your Google+ content into a new or existing blog. Down the road, it would be pretty easy to use The Googlifier to grab the public feeds of your Favorite Google+ Circle and assimilate all of that content into a Best of Google+ Blog. But let’s save that project for another day.
Prerequisites. There are some basic components of both Google+ and WordPress that you’ll need to have in place before using The Googlifier. On the Google front, for openers you’ll obviously need a Google+ account. You no longer need an invitation. Just sign up here. You’ll also need your Google+ account ID which is the long string of numbers displayed in the web link when you access your Google+ Profile:
Last, but not least, you’ll need a free Google+ API key. This lets you grab a JSON feed of your Google+ public posts up to 1,000 times per day. You do NOT need an OAuth Token to download your public Google+ content!
On the WordPress side, The Googlifier is expecting to find a working WordPress 3.2.1 blog. You also need command-line access to run The Googlifier scripts. This can also be done using cPanel. Be advised that we have not tested this application with prior releases of WordPress! We would caution you to be very careful doing so if you have a working live blog. As frequent readers of Nerd Vittles already know, we provide the same advice on introducing new software as we do for those contemplating a new marine aquarium. Always have two platforms: one for display and one to test whether your new fish have cooties. If you choose the all-in-one approach, sooner or later you’ll probably end up with a bunch of dead fish. You’ve been warned. 😉
The good news is that, once you have obtained your Google+ credentials and have the proper WordPress platform in place, using The Googlifier requires zero technical skills. Set a few defaults once, run a couple scripts at regular intervals, and you’re done. If you’d like to add Categories to each of your blog posts, that is easily accomplished after you import your Google+ content by simply editing your posts while logged into WordPress with your admin credentials.
Getting Started. Now we’re ready to download the software. If you have SSH access to your WordPress blog, log in and change directories to the default directory for your blog. Then issue the following commands:
wget http://mundy.org/googleplus/googlifier.zip
unzip googlifier.zip
rm googlifier.zip
Next, you need to insert your Google+ credentials in wm-getfeed.sh. Edit the file using the command: nano -w wm-getfeed.sh. Near the top of the script, you’ll see the following two lines:
acctid="12345″
apikey="67890″
Replace 12345 with your Google+ Account ID. Replace 67890 with your Google+ API Key. Be careful to preserve the quotes on each side of the two entries. Once you’re finished, save the file: Ctrl-X, Y, and Enter.
Now make sure your credentials work by running the app and agreeing to the license: ./wm-getfeed.sh. If you see ERROR 400: Bad Request, then there’s an error in your credentials.
Next, you need to edit wm-readfeed.php using the same extended nano syntax shown above. On line #15, insert your blog URL in place of ours. Be sure to preserve the trailing /. Save the file and then run the script to populate your blog with your latest Google+ public postings: ./wm-readfeed.php.
Finally, access your blog using a web browser and make certain the content looks right. If the images are too large, you can adjust them in the settings section at the top of wm-readfeed.php. Make certain to preserve the correct proportions between the width and height entries. As installed, your Google+ posts will only be imported once into WordPress. If you’d prefer to overwrite your entries each time you run the PHP script, then set the variable $overwriteposts to true. Be aware that this may cause issues with search engines because the links to your posts will change each time you rerun the PHP script and delete the previously imported posts.
We also recommend you install the free (for non-business use) FancyZoom app for WordPress. This lets users click on images in your blog to enlarge them automatically. You can try it out here or in our Demo Google+ Blog. If you decide not to use FancyZoom, then you may wish to set $click2photoalbum to true. This will allow users to access the Google+ photo album associated with certain posts by clicking on the displayed image.
Automating The Googlifier Imports. Once you’re satisfied that the imports are working correctly, it’s simple to automate the process so that it runs regularly to gobble up your Google+ content. For those using cPanel, you’ll find a Cron Jobs option on the main screen. What we want to do is schedule the wm-getfeed.sh script to run every hour at one minute after the hour. And then schedule the wm-readfeed.php script to run every hour at three minutes after the hour. That way you’ll always have the latest content on your blog. Here’s the way a sample cron entry should look. Just substitute your account name on your cPanel host for ward, and you’re all set. Unless you want to be bombarded hourly with email confirmations, add > /dev/null to the end of the commands (not shown in the sample below).
And One More Thing… We saved the best for last. One of the drawbacks of Google+ has been the lack of support for in-line images such as you see in this blog posting. With The Googlifier, it’s now a thing of the past. You can embed as many images as you like in any posting at any place you like except in the first line of the posting. Just enclose image links in {curly braces} within your Google+ posting, and The Googlifier will handle the rest. Here’s a quick sample:
A Word About Open Source Development. The real beauty of open source code is that you have an opportunity to improve what’s been provided. We hope you not only will do so but also will share your improvements with the rest of us. Just post a comment below using your real email address which won’t be published. We will contact you to obtain your code which we’ll be happy to host on Nerd Vittles for everyone to enjoy.
A Word About Versions. This is version 1.0 software so don’t assume it’s finished or error-free. Check this post regularly to download new updates as they are finished. The comments below or update notices appearing just below here will attempt to explain what has been added, changed, or improved. Enjoy!
Originally published: Monday, October 24, 2011
Need help with Asterisk? Visit the PBX in a Flash Forum.
Or Try the New, Free PBX in a Flash Conference Bridge.
whos.amung.us If you’re wondering what your fellow man is reading on Nerd Vittles these days, wonder no more. Visit our new whos.amung.us statistical web site and check out what’s happening. It’s a terrific resource both for us and for you.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…
Android 3 Deal of the Year: Acer Tab for Under $300
We’ve never done back-to-back reviews of similar devices, but this week’s Target ad changes all of that. As you might expect, Acer has covered all of the bases with their entry into the dual-core Android 3 tablet sweepstakes. You may recall that we weren’t huge fans of the Motorola Xoom which promised a lot and delivered a boatload of vaporware. The Acer Iconia Tab A500 is not the Xoom. You not only get a microSD slot and Flash that actually work, but Acer has thrown in an HDMI port that can output 1080p video as well as a USB port that lets you connect your favorite USB devices including external hard disks. It performs this magic with an 8-10 hour battery life. And this week (only at Target) you can pick up this WiFi-only device for half the cost of the Motorola Xoom. In fact, after the gift card, it’s only a dollar more than the single-core Vizio Tablet that we reviewed last week.
Update: See the comments for equivalent deals just announced at NewEgg and CompUSA.
It’s difficult to describe the feel of the Acer Tab. Suffice it to say, it’s dimensions coupled with its sleek and sculpted design put it in the league with the iPad2 unlike the Xoom which felt chunky and clunky despite being an ounce lighter than the Acer.
As we mentioned last week, we don’t dive too deeply into the technical weeds in our reviews. If you want the technical assessment, check out this PC World review. What we prefer to evaluate is real-world usage of these devices. The Acer Tab has stunning performance. In addition to reading email and browsing the web, here’s the suite of applications which we think matter to most folks. We want to watch videos from YouTube and NetFlix. We want to stream music from Google Music and Spotify and read our Kindle books. We like to use Skype. And, yes, we also like Flash video support which works perfectly on the Acer tablet.
In addition to running Android 3, the Acer Tab boasts impressive hardware specs running a 1GHz Nvidia Tegra 250 dual-core processor with 1GB of RAM and 16GB of ROM. Add another 32GB easily with the microSD slot. The 10.1-inch tablet has a 1280-by-800 pixel display with a 16:10 aspect ratio that’s perfect for HD video content. We always prefer testing devices with real-world video content that we’ve shot so we can compare it to performance on other devices. Our Pawleys Island Parade video didn’t disappoint. It’s performance and color were as good or better on the Acer Tab than on Apple’s top-of-the-line 27″ iMac featuring a quad-core 2.93 GHz Core i7 processor with 8GB of RAM plus L2 and L3 cache. The same can be said with playback of complex Flash video. Netflix unfortunately is still a few weeks off although rooted Acer devices reportedly run it just fine.
On the music front, it doesn’t get much better than the Acer Tab. With Google Music or Spotify, the music world is your oyster. And the silver lining is that the Acer Tab is the one and only device that includes Dolby Mobile audio. Once you adjust the equalizer to match your taste in music, you’ll have sound quality to match that 20-pound boombox gathering dust in your basement.
In the communications department, Skype performed well although video calls are not yet supported. That’s unfortunate given the impressive specs on the Acer Tab’s two cameras. The Iconia Tab has a 5-megapixel rear-facing camera with flash in addition to a 2-megapixel front-facing camera for video conferencing. Finally, making and receiving free phone calls using either an Asterisk® server with CSipSimple or Google Voice using a $50 Obihai device and the free ObiON client for Android both worked great.
There’s only one word you’ll need to remember to take advantage of this Target deal: H-U-R-R-Y! This is a one-week only special, and Target offers no rainschecks. So call around until you find one. You won’t be sorry. And, as usual, Target offers a 90-day, no questions asked return policy which is second to none.
Google+ Invites Still Available. Need a Google+ invite? Drop us a note and include the word "Google+" and we’ll get one off to you. Come join the fun!
Our Favorite Android Apps. We’ve listed a few of our favorite apps below for those just getting started with Android. Enjoy!
Originally published: Tuesday, August 16, 2011
Need help with Asterisk? Visit the PBX in a Flash Forum.
Or Try the New, Free PBX in a Flash Conference Bridge.
whos.amung.us If you’re wondering what your fellow man is reading on Nerd Vittles these days, wonder no more. Visit our new whos.amung.us statistical web site and check out what’s happening. It’s a terrific resource both for us and for you.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…
Free Asterisk Solutions
