The rants and raves of a technogeek
Posts tagged GreenfieldTech
Can you trust your integrator with Fraud Analysis?
Nov 29th
As some of you know, over the past 9 months, I’ve been heavily involved in the establishment of Humbug. For those who may not know, Humbug is a Call Analytics and Fraud Analysis SAAS. Now, differing from many of the current telephony SAAS projects, we are not based on Amazon EC2 or some other public cloud infrastructure, we build our own cloud environment. Why do we build our own cloud? simple, we need to keep your data secured and confidential. At Humbug, we see ourselves as a cross between Google Analytics – in our ability to analyze and handle data and Verisign – in our security and confidentiality requirements and methodologies.
Question be asked, why do people trust Verisign to provide SSL certificates around the world. What makes Verisign’s CA better than a privately owned CA – the answer is simple, it’s a third party 2 entities can entrust at the same time. Humbug aims to provide the same lever of trust, simply because we regard your data as sacred and valuable.
Since about 2 months ago, we’ve been contacting various Asterisk integrators around the world, inviting them to evaluate Humbug services. Now, while some integrators and vendors were somewhat reluctant, others were more than happy to join. We now have over 250 monitored systems around the world, with system being monitored and analyzed in Israel, USA, UK, Brazil and more.
The thing that amazed me in regards to some of the integrators who decided not to participate was that they claimed: “we provide our customers our own brew of fraud analysis service, we don’t require your SAAS”. Now, while I can accept the fact that an integrator would offer such a SAAS as an in-house service, I can’t see why a customer would rely on these services. In my view, relying on your integrator to provide fraud analysis services is like relying on the integrator of your alarm system to provide hired guard services – it just doesn’t make any sense to me. Why doesn’t it make sense? in Hebrew we say: “Go prove that you have a sister”. Imagine that your PBX integrator offer you such a service, then, in some obscure manner, your PBX gets hijacked and you get slammed with 50K$ worth of phone calls to Somalia. Now, your integrator would say: “Hmmmmm… that’s odd, we didn’t even get those CDR events to our system… you really got hacked bad…” – sure, if you only rely on CDR records to do your analysis (which is what 99.9% of integrators do). There is much much much much more to fraud analysis than just CDR analysis – if it all began and finished with CDR analysis, then by far Cvidya, Verint, NICE and many others would have been made redundant.
Allowing your integrator to provide you with fraud analysis SAAS is like putting the fox to guard the hen house, when things louse up (and they may), he’s the first one to bail out saying: “It’s not my fault”.
Humbug takes a totally different approach to fraud analysis, specifically, in the way we regards the various PBX systems and integrators. We are vendor agnostic and integrator agnostic – we will provide you with the clear and concise information you require in order to make an educated decision as to how you were de-frauded (if de-frauded) and provide you a faster alerting and response time. Our recent adventures had lowered our fraud alert response time from 60 minutes, down to 14 minutes in some cases. Most fraud analysis system carry a 24-36 hour turn around time, by that time, you can be out of 50K$ – our aim is to lower that number to no more than a 100$ in the worst case. Ambitious? yes, down right crazy? probably so, but we always say: “Aim for the moon, you’ll land on a star!” – so we know we’ll get there.
Business 2.0 – Taking the leap forward…
May 11th
The following post doesn’t really fit in line with the normal spirit of the blog, simply because it’s not funny nor directly related to technology. It’s called Business 2.0, as it relates to the ever problematic question any business owner has: “When should I grow and how?”.
As you may know, I’ve been a freelance Asterisk Platform developer since early 2003, turned to freelance development (Penguin for hire) around April 2007. Since that time, I’ve built systems and platforms for some of the better known brands around the world. Be it working directly with the customer or through a 3rd party (as a sub contractor) – I can easily say that I’ve completed over 120 different large scale projects within 3 years time. Now, when I refer to projects, I’m not referring to installing PBX systems, I don’t do that at all – I’m referring to highly complex application level development, creating some of the most innovative Asterisk based systems I’ve ever seen.
Image via CrunchBase
Image via Wikipedia
Putting aside everything, finalizing a rough estimate of 40 development projects on a yearly base, most of these performed solely by myself is a fairly challenging task. Sure, at times I’ll outsource some work to other freelancers like myself, specifically in fields where I’m not all that fluent (Database, Web Development, UI) – but yet, doing that means that I’m conducting 3 – 5 projects on a monthly basis.
After doing so for 3 years now, I can’t help but start thinking about expanding my business, taking it to the next level by hiring more people and building it up to a new level. Question remains for this: “How? What is the natural track of expanding your business?” – of course the simple answer would be: “Just hire another developer or two, and start doing more sales” – it’s not as simple as it sounds. After thinking about it for some time, I’ve concluded there are a few models of expansion:
Model 1: Organic Growth
Organic growth can be described as the simplest way of growth: “Hire a new guy and get more work in”. The problem with this model that it is fully reliant on your ability to sell more. However, as you concentrate on sales more, you take time from the development and delivery process – thus, the addition of the new developer is not a 100% addition, it’s actually 100% (developer) minus 40% (you) – so you are not at 200% capacity, you are 160% capacity. Surely 160 is 100, however, for the initial 6 months, till the guy learns the ropes, you are not at 160, you are actually at 80 – can you and your business sustain that?
Thus, the main issue with Organic growth is cash flow, can your business sustain the elevated expenses with less income for the period of transition? If the answer is NO, then you need a different method. If the answer is YES, then you are in the best place in the world, however, bear in mind that taking someone to work for you is a responsibility – people are not resources, they are human beings, with families and children – taking someone to work for you is like taking responsibility for their lives.
Model 2: The Partner
- Image by thinkpanama via Flickr
A partnership with a person who is equally matched to you is always a good option. Technically speaking, it means that you are teaming with someone who generates as much work as you do and is capable of finalizing the work as fast and as good as you can. Yet, taking a partner doesn’t negate the requirement for a new employee or two. In this case, you may end up with too much sales with too little staff to deliver – that is a big problem.
Another issue with partners is the issue of trust. While most partners tend to rely on each other and trust each other, that trust can easily be broken (in most cases by stupid things). It’s enough for one partner to now carry its weight in sales/development to initiate a chain reaction, shortly ending in the partnership dissolving.
So, the partner is a good option, however, may prove to be problematic if the wrong partner is chosen – in addition, dissolving a partnership solely on these issues isn’t all that simple – and usually ends up in litigation and other judicial issues – YUCK!
Model 3: Un-intrusive Angel
Some people ragard Un-intrusive Angels as “Stupid Money” – an Angel investor that doesn’t interfere in your company business model and operations. In many cases, this is how start-up companies start – someone gives them a lump sum of money to start their business, signing off to own a portion of the new company.
An un-intrusive investor usually gives you the money and pays you a visit once every few months to see how his money is spent. Don’t expect to raise a whole lot from these people, usually you will get anything from 25K$ to around 250K$ – tops. If you are getting an investment from an Angel, make sure you plan your business carefully – and make sure your investor knows what he is getting into. The Angel is not a found piggy bank, he is a business man looking for profit – if you make sure his expectations of profits (time frame, amount, percentage, etc) are kept within the reason of your business – he will make an educated decision and invest accordingly. Promises like: “you’ll double your money in 3 years” are stupid – make sure it’s realistic and to the point. If you promise the moon, and reach a star – that’s a problem, if you promise the skies and hit a start – that’s wonderful.
Model 4: The Strategic-Intrusive Angel
Image by TheFemGeek via Flickr
A strategic angel is similar to the previous one in terms of funds, however, he is more capable in assisting your business meet its goals. Usually, it would be someone who is already a well established figure in your business sector, had made his money from previous companies and is now looking for new ideas and businesses. I call him an intrusive Angel, as sometimes he may have ideas as to where your business should go – and he will make sure you hear his ideas. You may regard it as annoying, but you should still listen to your Angel and pay him the respect he deserves.
Sometimes this Angel may invest in your business due to the fact that he has a hidden agenda. An agenda can be: The angel looks at your business and see a certain potential you are not planning, he’ll invest and try to re-direct your company to the agenda he sees. This is usually the case when your angel is invested into several endeavours that is either parallel to each other or may have orthogonal intersection points. These angels can be the builders of your business or the destroyers, it is up to you to make sure the latter doesn’t happen.
Prolog:
So, which model did I choose? – I didn’t choose yet, I’m still figuring it out myself. What ever the model may be, the choice isn’t simple nor straight forward. At best, whatever choice I’ll take will have a profound impact on my business and me – so I’ll need to weigh my options carefully. If you can think of an additional model, I’d love to hear about it – so just comment on this post.
![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_e.png?x-id=57eab5ba-a057-413e-ac36-9a6edf23a538)
Open Source, Philanthropy and Asterisk
Apr 16th
Image via Wikipedia
When I started using Open Source software, it seemed like all Open Source projects are driven by philanthropic agendas. We were all focused on “sticking it to the man” – showing all these would be software vendors that community driven projects can do just as well – if not better.
"When I was a child I spoke as a child I understood as a child I thought as a child; but when I became a man I put away childish things." - I Cor. xiii. 11.
Well, I’m not claiming that Open Source is childish – absolutely not, however, when you are a student you tend to look at things in one way, when you have a family to care for – you start looking at things differently. You remember these days in life when your dad said: “When you’ll have children you will understand” – well, now I do.
So, what am I rambling about exactly? I’ll tell you. The day before Passover I attended several meetings, which when I came back home had pissed me off immensely. I feel an urge to write all about these meetings, including who I met exactly, however – I won’t do that. However, I will give a rough idea of these.
Meeting 1 : A world recognized Mobile application player
I came into the meeting with this company, where the CTO of the company explained to me that they are looking to create an Asterisk based solution for their application’s users. My initial question was: how many users? what is your concurrency level? – The answer that I got was: “Oh, we don’t need something major, just a few lines of configurations in Asterisk config files in order to make this work”.
I left the meeting slightly pissed off, thinking to myself: “You bloody inconsiderate prick! You bring me to a meeting, spend my time – and then telling me that this is just a few lines of configuration. If it is that simple, why don’t you do it yourself? you have 20 developers in there, 4 IT people and god knows how many outsourced workers off-shore – if it was that simple, you would have done it already – so probably it isn’t – right?”
Meeting 2 : A well established IVR services vendor
The second meeting was with a well established IVR content vendor, this company runs around 16M minutes of inbound IVR traffic every month. They invited me in order to talk about expanding into new countries, wishing to get premium based access numbers in various countries. So, we started talking, and the guy indicates that he wants a certain kick-back payout, which I know is impossible – at least without charging the user more. Actually, the guy indicated that out of the interconnect fee, he wants to get almost 90% as a kick back.
Meeting 3 : A start up rendering IVR content
The third meeting was the most amazing one – these guys wanted to build an Asterisk system to server around 4000 concurrent channels – outsource the entire development to my company – and pay as a revenue share. When I asked for their business model, marketing plan, investors, profiles – I got a response of – we don’t yet have all of these, we only have an idea at this point that we want to implement.
Garage based companies are built by people who can do the work themselves, not the other way around.
- Image via Wikipedia
At this point, you are probably asking yourself: “What does this have to do with the title?” – Well, all of these meetings had one thing in common. The people I met were under the impression that Open Source is some form of philanthropy. Or to be more exact, people who deal with the Open Source market are philanthropists. My question is this: “Why are we perceived as philanthropists? don’t we have families to care for? don’t we need to pay mortgages and bills just like everybody else?”. I guess when people read about the various Open Source entrepreneurs, such as Mark Shuttleworth – the immediately associate Open Source with Big Exists – this is not the case.
At some level, this is purely our fault – we educated people that Open Source is a highly economical methodology of solving technical challenges. No where along the way, had we educated the public that behind the model there are people, people who need to make a living.
If you are an Open Source consultant, developer, evangelist or just someone who may have an opinion on this, I’d love to read what you say.
![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_e.png?x-id=0d6b720b-e2bc-4e1f-bf59-7f5ce2ce1615)
Call Analytics – Closed Alpha testing group
Mar 14th
Well, it’s been almost a month since I’ve started writing about the humbug project. Now, it’s time to actually get you people involved, at least in the initial levels. We are looking to add 10 additional members into the humbug call analytics suite. Currently available analytics during the alpha testing is inbound call analytics.
Our aim is to gather as much information as we can and as much user requests as we can, humbug is a community oriented project, thus it relies on community oriented input and feature requests. Participating members will be granted access to the humbug analytics portal, allowing them to gather statistical information regarding their inbound call hits and their top ten DID numbers – we are working on additional statistics. As new stats will become available, we’ll role those out into the service as soon as possible.
In order to participate in the closed alpha testing, please send an email to alphatest at humbuglabs.org, and we’ll send you a short piece of dialplan code to insert into your Asterisk server. Technically speaking, we’ll send you a short AGI command that looks like this:
exten => _X.,n,AGI(agi://somehost/DataReceiver,some_unique_ident)
The above line needs to be inserted into any place you would like to generate call analytics from. We’ll also enclose configuration steps for FreePBX (and other FreePBX compatible distributions). We are hard at work for creating a FreePBX integrated module, so you can do a one-click install.
![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_e.png?x-id=30a0c292-bf3e-4955-a2cb-865340d13569)
Chinese Domain Scam Alert!
Jan 21st
Over the years I’ve seen many scams running on the net. Ranging from the ever annoying chain mails to the ever popular Nigerian Sting – Internet fraud is all around us. Lately, I’ve been hit by a new type of fraud attack, a domain registration fraud attack – mainly located in China and Hong-Kong.
As you may know, I’m the owner and CEO of a company called GreenfieldTech, dealing with Asterisk and VoIP application and platform development. Now, we operate world wide and render services to some of the world biggest brand in the telecom industry. So, we take our copyright and brand very seriously, when we receive an indication that someone is or may be infringing our copyright or brand, we take a stand for it.
So, today I’ve received this email:
Dear CEO, We are a domain name registrar centre in HongKong,and in charge of the registeration in Asia, We have something important need to confirm through your company. We received a formal application from a company called "Hempus International Holdings Ltd" applying to register Internet keyword : greenfieldtech Domain names : greenfieldtech.asia greenfieldtech.cn greenfieldtech.com.cn greenfieldtech.hk greenfieldtech.in greenfieldtech.mobi greenfieldtech.net.cn greenfieldtech.tw In China and also in Asia on January 21 2010. During our auditing procedure we find out that the alleged "Hempus International Holdings Ltd" has no trade mark,Intellectual property, nor patent even similar to that word. As authorized anti-cybersquatting organization we hereby suspect the alleged "Hempus International Holdings Ltd" to be a domain grabber. Hence we need you confirmation for two things: First of all, whether this alleged "Hempus International Holdings Ltd" is your business partner or distributor in China. Secondly, Whether do you need to protect the intellectual property right which should have belonged to you?. (The alleged "Hempus International Holdings Ltd" will be entitled to obtain a domain not needed by original trademark owner.) If you are not in charge of this please transfer this email to appropriate dept.in order to deal with this issue better, please let someone who is responsible for trademark or domain name contact me as soon as possible. _____________________________________________________________________________________________ Confidentiality Notice: This is a letter for confirmation. If the mentioned third party is your business partner or distributor in China please DO NOT reply. We will automatically confirm application from your business partner after this audit procedure.we have to notify you,and our registration organization are not responsible for any dispute questions about trade mark,intellectual property nor patent after they succeed in registration.hope you can understand.thank you. ____________________________________________________________________________________________ Sincerely, kaka.xu Sponsoring Registrar:sk holdings company ltd Web:www.sk-dns.org/www.asia-gov.com Tel:00852-95660489 / 00852-95660103 Fax:00852-30696940 Email:kaka.xu@skdns.org/ Address: 3A, Units 20/F, Far East Consortium Bldg, 121 Des Voeux Road, Central, Hong Kong
kaka.xu 2010.01.21
So, this is obviously a scam, as when I searched the alleged company, I couldn’t find anything. However, the term “International Holdings Ltd.” had produced many scam alerts and related information popped up everywhere. Now, bear in mind that this is the 10th time them past 2 months that I’m receiving such emails. So, I’ve formulated the following response to them, and you are welcome to use it:
Dear Kaka, Thank you for contacting us in regards to this matter, to be completely frank with you, we’ve received over the past 2 months a similar request/demand from various Asian registrars in China/Hong-Kong. Through our contacts in the far-east, we’ve concluded that your request/demand is fraudulent, and that the company you indicated doesn’t even exist. Please note that your approach to us claiming that someone wants to infringe our copyright and brand had been noted and passed to our legal department. In addition, we’ve forwarded your email and general company information to various SPAM, Abuse and Security teams that are in contact with us around the world (mainly, [Mention your really BIG business partners and large customers here - also through in some ISPs in the far-east, specifically China). Should your company register ANY of the below mentioned domain names or keywords, following this email, we shall be forced to follow legal actions in accordance to the laws of the state of [Put your country here] and other countries where our company has representatives or local business engaged partners. P.S. [Always add a personal note - and refer to something in the mail they sent, for example] On a personal note, when sending emails to anyone in Israel, I would suggest that you choose a different name, other than Kaka. Kaka in Hebrew is directly related to the bodily function of purging waste – also known as taking a dump in the toilet.
![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_e.png?x-id=a560a1db-6ebb-4ce0-bed4-ea99007b4c10)
Picasa
Twitter
Facebook
LinkedIn
wikipedia
Youtube
RSS