Last week I attended Astricon 2017, in Orlando, FL. I’ve attended every Astricon since 2007, each time as a speaker – and last week was the first time as a sponsor. People normally believe that companies sponsor things in trade shows according to the exposure they want to get, that is normally true. However, for Greenfield, sponsorship meant something else. We wanted to sponsor something that meant something for us, which means, an event within the conference we feel close to and see a value to the community. As a result, we’ve decided to sponsor Dangerous Demos, which had become during the past few years one of the highlights of the show. To those who are not familiar, Dangerous Demos is a section of the show, where talented developers/makers/inventors will come up on stage, showing off a cool thing they created – preferably, during the course of the conference or demoing a cool proof of concept. Why does Greenfield have an affinity to Dangerous Demos? Simple, as the makers of we see ourselves and makers and innovators, thus, we felt that putting our name on this section would best represent the things we believe in.

Now, while most of the demos that were presented indeed showed original work and high level of talent, I can’t stress out how disgusted I was with “false dangerous demos” that came on stage. With all due respect, going on the stage and showing off a feature of a commercial product is simply not the spirit of dangerous demos. This is all about being original, being cheeky, walking on the bleeding edge willing to fail publicly and having a good laugh about it. For me, Dangerous Demos is very much like climbing Mt. Everest – We climb it because it’s there and its a challenge. We want to climb it with our feet and grit, not reach the top of the mountain with a helicopter. Yes, indeed the feature shown by company X or Y had talented people work on it, but there is no risk associated with it – as the feature simply works.

This years’ Astricon marked a special occasion, this was the first time that all leading Open Source VoIP projects participated in the show: Asterisk, Freeswitch, Kamailio, OpenSIPS and Homer. Now, for those who are new to this community, this would seem like something trivial and meaningless. For someone like me, who had been with these projects for over a decade, it’s nothing short than a miracle for something like this to happen. Some may not know this, but Freeswitch developer were originally working on the Asterisk project, while OpenSIPS developers were originally working on the Kamailio (OpenSER) project. The projects branched off due to differences of opinions between people, hence the splits. For example, while Freeswitch people were a little fed-up with the methodology with which Digium was accepting patches to the project, the OpenSIPS project people wanted to go to a more “market oriented” product, while the original OpenSER was fairly “Academic” in nature. The diversity of people and diversity of opinions is the thing that drove all these projects to their success. Nonetheless, when the projects split, some invisible “bad-blood” could have been sensed. Since the various splits, over a decade passed and I believe that the various projects had come to accept one another. Where one project took one path, the other took another, eventually turning each project into its own unique being, instead of being a mere competitive clone. I’ve known most of the people involved in these projects and their creation over the years and during previous years, it was always hard to get them to talk, due to these feelings. Last week was the first time that some of them met face-to-face in over 12 years, which was impressive. I’m not sure exactly who is the person behind this “summit of the minds”, but who ever they are, they need to keep this up and make sure that the projects keep on innovating and succeeding.

Now, let’s talk content. The overall panel of talks and presentations that Astricon boasts is nothing short of amazing. The sheer number of speakers and subjects turns the event to something that is sometimes confusing and hard to attend. Multiple talks at the same time, on 4-5 different tracks, with multiple points of interest always pose a hard choice – “What should I attend?”. However, this year was one of the most packed ones. For example, during the pre-conference day (AKA: DevCon), RedHat held a “NFV Track” which I really wanted to attend, but couldn’t, as I was attending DevCon. I wanted to attend some of the container talks, but couldn’t, as I was either talking at the same time – or was attending a different talk as well. In other words, I really hope the Video’s are good, as I would be truly disappointed. In this respect, I really like KamailioWorld. This one has one track, mostly technical in nature – and you can attend all the talks. It’s not because there aren’t enough speakers, I’m confident that many people answer the call-for-papers, it’s simply a choice of the organizers. In the past, Astricon used to have 3 tracks, thus the choice was simpler. I believe that maybe adding another day to the conference, or changing the format a little bit will enable people to get more from the conference.

I have other thoughts, but I believe these are the primary ones. C’ya all again next year @Astricon 2018.


Recently, a friend sent me a link to the TED talk appearing below:

I found the talk not only interesting, but also it made me think about the Open Source world, trying to apply the same concepts and thinking. I rapidly realised that the Open Source world also has its own set of Takers, Givers and Matchers.

So, let’s talk a little bit about Open Source Givers. The givers will be those who either initiate in open source project, constantly contribute to open source projects, preach and promote the usage of open source as a way of life and most importantly – they do so not because of a commercial or financial agenda – they do so because that’s what they believe in. These include people like John “Maddog” Hall, Linux Torvalds, Richard Stallman, Brian Kernighan, Dennis Ritchie and many others. These people operate under a premise that their work is vitally important, not the world, to mankind and the well being of others.

So, who are our Open Source takers? sorry to say, the number of Open Source takers is far greater than that of the givers. The takers are your “Script kiddies” or “Closed integrators”. Those people who use and abuse Open Source without acknowledging its existence.  In Israel, as an example, when Open Source was still in its infancy stage – people were roaming about claiming that they created a specific project or other. For example, I recall that in 2006, a company in Israel claimed it was the creator of Asterisk – and that their AMP based PBX system is their own creation. How Rude!

Who are your Open Source matchers? matchers are people who jump from being a giver and a taker according to their requirements. These people utilize open source projects, contribute code from time to time, promote the project – nominally due to a business reasoning – and these constitute a slightly bigger portion than the givers. While Open Source innovation relies on Givers, it’s progress into the business world and adaptation to the enterprise relies mostly on Matchers. Takers do not promote the Open Source industry, in some extreme cases, the actually harm the industry.

So, are you a giver, matcher or a taker?

Who would believe, in the age of Skype, Whatsapp and Facebook – telephony fraud, one of the most lucrative and cleanest form of theft – is still going strong. Applications of the social nature are believed to be harming the world wide carrier market – and carrier are surely complaining to regulators – and for a legitimate reason. But having said that, looking at some alarming fraud attempt statistics, thing will show you a fairly different story.

So, analysing fraud is one of my things, I enjoy dropping honeypots around the world, let them live for a few days and then collect my data. My rig is fairly simplistic:

  1. A have a Homer ( server to capture all my traffic
  2. A have an amazon AWS cloudformation script that launches up instances of Asterisk, FreeSwitch and Kamailio
  3. All instances are pre-configured to report anything back to Homer
  4. Upon receiving a call – it will be rejected with a 403

Why is this a good honeypot scheme? simple – it gives the remote bot a response from the server, making it keep on hitting it with different combinations. In order to make the analysis juicy, I’ve decided to concentrate on the time period between 24.12.2016 till 25.12.2016 – in other words, Christmas.

I have to admit, the results were fairly surprising:

  1. A total of 2000 attacks were registered on the honeypot server
  2. The 2 dominant fraud destinations were: The palestinian authority and the UK
  3. All attacks originated from only 5 distinct IP numbers

Are you wondering what the actual numbers are? Here is the summary:

Row Labels Grand Total
441224928354 19         19
441873770007       204   204
76264259990     1     1
17786514103         2 2
972592315527   1774       1774
Grand Total 19 1774 1 204 2 2000

As you can see, the number 972592315527 was dailed 1774 from a single IP – I can only assume this is a botnet of some sort, but the mix of IP numbers intrigued me. So, a fast analysis revealed the following:

Amsterdam? I wonder if it’s a coffee shop or something. The thing that also intrigued me was the phone number, why would the bot continue hitting the same mobile phone number? I couldn’t find any documentation of this number anywhere. Also, the 97259 prefix automatically suggests a mobile number in the PA, so my only conclusion would be that this is a bot looking for a “IPRN” loop hole – which is again fraudulent.

So, if this what happens in 48 hours – you can imagine what happens over a month or a year.


The above post contains only partial information, from a specific server on a network of worldwide deployed honeypots. The information provided as-is and you may extrapolate or hypothesize what it means – as you see fit. I have only raised some points of discussion and interest.

Should you wish to join the lively discussion on HackerNews, please follow this link: for further discussion.




Last week marked a sad point in the history of Open Source, the highly acclaimed and established Asterisk distribution was taken down from the Internet, leaving all of its users, followers, eco-system, resellers, integrators and more with a gigantic void to be filled.

While the void will be filled at some point, I can’t but help but observe the joy and cheerfulness of the proprietary telecommunications industry, as 3CX had rapidly taken over the Elastix business in such brutal manner. According to the various discussions in the Open Source community, the entire thing was cause by, a so called “violation of copyright” or “violation of IP” of some sort, within the Open Source communities. In the past, as far as I know, when various distributions or projects violated each other’s copyright, they would notify one another – and would ask to rectify the situation. Apparently, this hadn’t happened here – or if it happened, it wasn’t published in an open manner – as you would expect.

One of the things that the community started shouting was: “Elastix had been trixboxed”. Honestly, I don’t see the similarity between the two cases. When fonality acquired trixbox, they had a clear indication of where they are going. This is not 3CX acquired Elastix, this is 3CX obliterated Elastix. This is something completely different – and with major personas in the open source community indicating that a certain, well known and renowned, Open Source persona was involved in this happening, I can only be highly offended by the everlasting stench of people’s own ambition and personal hatred towards things that are not their own.

I admit it, I never really used Elastix in my projects, I found it to be bloated, inflated with software that shouldn’t be there, too slow for my taste and with a lack of proper project leadership, patches went in and out like crazy. Yet, I can’t argue with their success and the acceptance of the product around the world. I remember being at VoIP2Today in Madrid only a few weeks ago, and there were Elastix boxes sitting on tables. Yes, Elastix wasn’t my first choice for an Office PBX, but yes, they were a choice – the idea of a commercial company coming in and removing that choice off the table – is just annoying and troubling at the same time.

My hope is that some Elastix developers will simply post the entire source code to Github or some other public repository, slapping a BSD/MIT license on their work – telling the world: “Here is our creation, the proprietary daemons decided it should die – but no one can kill an idea!” – and Elastix will keep on living in the Open Source like other projects. If the world will forget it, then so be its fate – but if the world needs it, let the world take it in two hands and raise it up to the sky and say: “You shall not die!”


Recently, I can’t but escape the feeling that a great portion of the high tech industry is taking crazy pills, as part of its morning diet. Seriously, if we are not taking crazy pills, you can’t explain the overload of Legacy Tech that is rapidly making a comeback – under a new name and flag. Yes, buzz-words were always a thing of this industry, but seriously, don’t you feel this is getting a little over-done lately?

What am I talking about? Well, let’s take a look at some recent buzz-words and go through them:

IoT – Internet of Things

If you lookup the term in Google, you will surely find the following on Wikipedia:

The Internet of Things (IoT) is the network of physical objects—devices, 
vehicles, buildings and other items—embedded with electronics, software, 
sensors, and network connectivity that enables these objects to collect 
and exchange data. The IoT allows objects to be sensed and controlled 
remotely across existing network infrastructure, creating opportunities 
for more direct integration of the physical world into computer-based 
systems, and resulting in improved efficiency, accuracy and economic 
benefit; when IoT is augmented with sensors and actuators, 
the technology becomes an instance of the more general class of 
cyber-physical systems, which also encompasses technologies such as smart 
grids, smart homes, intelligent transportation and smart cities. Each thing 
is uniquely identifiable through its embedded computing system but is able 
to interoperate within the existing Internet infrastructure. Experts estimate 
that the IoT will consist of almost 50 billion objects by 2020.
<sup id="cite_ref-9" class="reference"></sup>

Cool – isn’t it? Well, the Internet of Things existed far before the term was invented. It simply looked a little different. We had devices with SIM cards or devices with some other form of interaction technology – and we didn’t use IP, we used something else. But the minute it used IP, it got the name “Internet of Things”, simply due to the relation to the IP protocol. Almost 10 years ago, an Asterisk based plant irrigation project was shown on the web. Is that IoT? maybe not, but the overall result is similar. Actually, it is exactly the same, 10 years before IoT – but if you can’t see that it is the same, you are taking crazy pills.

Contextual/Task Oriented Chat Bots

Oh my god – when people showed me slack for the first time, I really didn’t understand why they are so excited about it. To me it looked mostly like a glorified mash-up between IRC, EggDrop and fancy Pseudo-Agile management system.

Chat bots that do stuff? really? In 2001 I worked at a company where I had to monitor and
control a set of servers, interconnected with 6 different SMS connections to various carriers. In order to get this stuff working and also get it working from my mobile phone, I used a combination of Nagios, Kannel, EggDrop and IRC. I used the IRC server as my command and control interface, EggDrop carried commands from the IRC server over to the Kannel Server and the Nagios servers, to run remote tasks and test various elements.

In 1999, I consulted a company that was called eNow (back then, ChatScan). They were scanning thousands of IRC channels to Internet trend analysis. Now, think about it, we scanned these IRC channels using EggDrop. Simple, TCL based, IRC Bots that would roam the IRC networks in search of interesting things.

If you are wondering what EggDrop is, check out:

Over Virtualising

Can someone please explain me the following scenario: You lease a cloud based, small foot print server from any of the cloud companies, you then run Docker it and create additional virtual machines on the VM instance.

Dude, might as well just have your own server with Proxmox, KVM or some other virtualisation container. I just don’t get it, the fact that you can do something, doesn’t always mean that this is what it is meant for.

The following video just shows this is the funniest way ever: