The box is a lie!

The box! What is the box? is it the teaching and constructs we’ve been taught over the years? the sum of experience and know-how? the various community or industry constraints and rules put upon us to conform? – Regardless what the box may be, everybody always tells us to “Think outside of the box”.

However, is “Thinking outside of the box” real? or is it something else? I personally believe the first element, and also the crucial part of that phrase is “Thinking”. Most people are not truly accustomed to thinking, they are mostly accustomed to “doing”, “following”, “leading” – not “thinking”. So, what am I ranting about exactly?

As a technology innovator I don’t believe the box is really there, a problem is a challenge to be resolved – it is not a box. As you can’t confine a problem/challenge to a box, it is an amorphous entity – my thinking patterns can’t be “outside of the box, simple because there is no BOX! The box is only in our mind – forcing ourselves to “Out of box” thinking is actually putting ourselves back into the confines of the box.

Solving complex challenges requires thinking first, then innovation and delivery. While thinking is something most people take for granted, as they believe they do it all the time, it’s actually a fairly complex process. Thinking involves one very special thing – that is letting go. Letting go of your own inhibitions, letting go of your own fear – and foremost, the willingness to step out of your normal comfort zone and looking at problems from a fresh new angle.

Over the course of time, I’ve been involved with multiple ventures that required this type of thinking. Some were successful, some had failed miserably – and some had went up in flames, that left the earth around its remains mostly scorched – with friends now not willing to talk to one another. Why have these companies failed? why have they gone to ashes? most of them actually had very innovative products and ideas, it can’t be that they truly went up in flames – or was actually something else that causes its demise?

Again, we come back to the box – and the realisation that the box, isn’t really a box – it’s an IKEA set of honeycombs, stacked together into a highly complex array of shelves, that are barely viable to the naked eye – but to the keen observer, will present multiple opportunities and possibilities.

Companies, regardless of their industry, are normally built of the same operational units:
1. Management
2. Marketing
3. Sales
4. Operations
5. Human Resources
6. Research and Development
7. Manufacturing

Now, normally – we would expect “out-of-box” thinking from R&D, Marketing and Sales. However, these will always be limited to the ability of Management and Operations to think “out-of-box”. If company management is limited by its thinking – that will automatically affect all operational units in the company – which will eventually bring to its slow and gruesome demise.

Another reason for untimely demise is the inability to respect the so called “Box”. It may be that you are willing to let go of the box, you are willing to say: “The box isn’t real”, but, it may be that your target market or audience is still kept in the “Box”. In such a case, taking your audience out of the “Box” is a highly challenging task – where most pioneers will fail. Why will it fail? it takes a very special individual to be able to do that. Not only he needs to be a true visionary, he needs to be able to convince other people of his belief. And most importantly, it can’t be some random hired person – it has to be a founder, a true believe of the cause, a person so capable of immersing himself in the idea – that it becomes an integral part of his being, anything else will just not work.

It takes a true genius to take an audience and shift their minds from the box, very few had succeeded. Look around you? how many people do you know of who are capable of doing that? Personally speaking, I can list a few, but counting will require less than my right hand. Steve Jobs, Elon Musk, Richard Branson, Stephen Hawking – these are all pioneers who had challenged the “box” and managed to educate the audience that the “box” isn’t really there. Was Steve Jobs a technology genius? – NO. Is Elon Musk a master electrical engineer, most probably not. They are thought leaders, mind shapers – they are the ones will look at and say: “He’s a smart guy, maybe I should listen to him”, and it’s not really because they are smart. It’s because they were able to convince us, with their own conviction and determination, that they should be listened to.

Dr. Who once said: “I’m just a mad man in a box” (Yes, I’m a moderate whovian), that is further from the truth. The tardis is always “bigger on the inside”, and thus, the “Box” isn’t limited to own physical borders, and anything always “out-of-box”.

So, next time you encounter a problem, try challanging yourself by saying: “Ok, let’s think about this from a new point of view, maybe there is another solution”. Next time when you interview someone for a position at your company, try to say: “Ok, is this guy truly what my team needs? or do I need something else?” – look at the box, shatter it to pieces and build something new from it – out of chaos comes order – out of rubble comes greatness.

Telephony Fraud – Further Analysis

Following yesterday’s post, I’ve decided to take another set of data – this time following the start of the year, with a specific data profile. What is the profile? I will describe:

  1. The honeypot server in this case was a publically accessible Kamailio server
  2. The honeypot changed its location and IP every 48 hours, over a period of 2 weeks
  3. The honeypot was always located in the same Amazon AWS region – in this case N.California
  4. All calls were replied to with a 200 OK, followed by a playback from an Asterisk server

In this specific case, I wasn’t really interested in the attempted numbers, I was more interested to figure out where attacks are coming from. The results were fairly surprising:

The above table shows a list of attacking IP numbers, the number of attempts from each IP number – and the origin country. For some weird reason, 97% of potential attacks originated in Western Europe. In past years, most of the attempts were located in Eastern European countries and the Far-East, but now this is Mainland Europe (Germany, France, Great Britain).

Can we extrapolate from it a viable security recommendation? absolutely not, it doesn’t mean anything specific – but it could mean one of the following:

  1. The number of hijacked PBX systems in mainland Europe is growing?
  2. The number of hijacked Generic services in mainland Europe is growing?
  3. European VoIP PBX integrators are doing a lousy job at securing their PBX systems?
  4. European VPS providers pay less attention to security matters?

If you pay attention to the attempts originating in France, you would notice a highly similar IP range – down right to the final Class-C network, that is no coincidence, that is negligence.

Now, let’s dig deeper into France and see where they are attempting to dial:

So, on the face of it, these guys are trying to call the US. I wonder what are these numbers for?

Ok, that’s verizon… let’s dig deeper…

Global Crossing? that is interesting… What else is in there???

 

So, all these attempts go to Landlines – which means, these attempts are being dialed most probably into another hijacked system – in order to validate success of finding a newly hijacked system.

Well, if you can give me a different explanation – I’m all open for it. Also, if any of the above carriers are reading this, I suggest you investigate these numbers.

 

 

Telephony Fraud – Still going strong

Who would believe, in the age of Skype, Whatsapp and Facebook – telephony fraud, one of the most lucrative and cleanest form of theft – is still going strong. Applications of the social nature are believed to be harming the world wide carrier market – and carrier are surely complaining to regulators – and for a legitimate reason. But having said that, looking at some alarming fraud attempt statistics, thing will show you a fairly different story.

So, analysing fraud is one of my things, I enjoy dropping honeypots around the world, let them live for a few days and then collect my data. My rig is fairly simplistic:

  1. A have a Homer (www.sipcapture.org) server to capture all my traffic
  2. A have an amazon AWS cloudformation script that launches up instances of Asterisk, FreeSwitch and Kamailio
  3. All instances are pre-configured to report anything back to Homer
  4. Upon receiving a call – it will be rejected with a 403

Why is this a good honeypot scheme? simple – it gives the remote bot a response from the server, making it keep on hitting it with different combinations. In order to make the analysis juicy, I’ve decided to concentrate on the time period between 24.12.2016 till 25.12.2016 – in other words, Christmas.

I have to admit, the results were fairly surprising:

  1. A total of 2000 attacks were registered on the honeypot server
  2. The 2 dominant fraud destinations were: The palestinian authority and the UK
  3. All attacks originated from only 5 distinct IP numbers

Are you wondering what the actual numbers are? Here is the summary:

Row Labels 185.40.4.101 185.62.38.222 195.154.181.149 209.133.210.122 35.166.87.209 Grand Total
441224928354 19         19
441873770007       204   204
76264259990     1     1
17786514103         2 2
972592315527   1774       1774
Grand Total 19 1774 1 204 2 2000

As you can see, the number 972592315527 was dailed 1774 from a single IP – 185.62.38.222. I can only assume this is a botnet of some sort, but the mix of IP numbers intrigued me. So, a fast analysis revealed the following:

Amsterdam? I wonder if it’s a coffee shop or something. The thing that also intrigued me was the phone number, why would the bot continue hitting the same mobile phone number? I couldn’t find any documentation of this number anywhere. Also, the 97259 prefix automatically suggests a mobile number in the PA, so my only conclusion would be that this is a bot looking for a “IPRN” loop hole – which is again fraudulent.

So, if this what happens in 48 hours – you can imagine what happens over a month or a year.

DISCLAIMER:

The above post contains only partial information, from a specific server on a network of worldwide deployed honeypots. The information provided as-is and you may extrapolate or hypothesize what it means – as you see fit. I have only raised some points of discussion and interest.

Should you wish to join the lively discussion on HackerNews, please follow this link: https://news.ycombinator.com/item?id=13354693 for further discussion.

 

 

 

Goodbye Elastix – we will miss you

Last week marked a sad point in the history of Open Source, the highly acclaimed and established Asterisk distribution was taken down from the Internet, leaving all of its users, followers, eco-system, resellers, integrators and more with a gigantic void to be filled.

While the void will be filled at some point, I can’t but help but observe the joy and cheerfulness of the proprietary telecommunications industry, as 3CX had rapidly taken over the Elastix business in such brutal manner. According to the various discussions in the Open Source community, the entire thing was cause by, a so called “violation of copyright” or “violation of IP” of some sort, within the Open Source communities. In the past, as far as I know, when various distributions or projects violated each other’s copyright, they would notify one another – and would ask to rectify the situation. Apparently, this hadn’t happened here – or if it happened, it wasn’t published in an open manner – as you would expect.

One of the things that the community started shouting was: “Elastix had been trixboxed”. Honestly, I don’t see the similarity between the two cases. When fonality acquired trixbox, they had a clear indication of where they are going. This is not 3CX acquired Elastix, this is 3CX obliterated Elastix. This is something completely different – and with major personas in the open source community indicating that a certain, well known and renowned, Open Source persona was involved in this happening, I can only be highly offended by the everlasting stench of people’s own ambition and personal hatred towards things that are not their own.

I admit it, I never really used Elastix in my projects, I found it to be bloated, inflated with software that shouldn’t be there, too slow for my taste and with a lack of proper project leadership, patches went in and out like crazy. Yet, I can’t argue with their success and the acceptance of the product around the world. I remember being at VoIP2Today in Madrid only a few weeks ago, and there were Elastix boxes sitting on tables. Yes, Elastix wasn’t my first choice for an Office PBX, but yes, they were a choice – the idea of a commercial company coming in and removing that choice off the table – is just annoying and troubling at the same time.

My hope is that some Elastix developers will simply post the entire source code to Github or some other public repository, slapping a BSD/MIT license on their work – telling the world: “Here is our creation, the proprietary daemons decided it should die – but no one can kill an idea!” – and Elastix will keep on living in the Open Source like other projects. If the world will forget it, then so be its fate – but if the world needs it, let the world take it in two hands and raise it up to the sky and say: “You shall not die!”

 

Where will Asterisk be in your future?

A dear friend, the CEO of fone.do, Mr. Moshe Meir had written a blog post on the fone.do blog. The title is: “Is there a future for Asterisk?

I have a different take on the thing. I think that Moshe is simply asking the wrong question. He should be asking “What is the role of Asterisk in your future?”.

I know Moshe personally, and I’m shocked by the short sighting of his question. Asterisk was born, initially as a PBX – it has evolved to much more than that. Last year, in my presentation, I showed a slide of a large elephant, with various blind people feeling it around – trying to ascertain what an elephant is. Asterisk is that elephant, it will be what you want it to be. You want it to be a PBX, so be it. You want it to be a Video gateway, so be it. You want it to be a services control point for your OTT application, so be it. You decide!

As technologists and visionaries, it is our job to look ahead into the future and think: “What is the next step? where will we be in 5 years from now, in 7 years from now?” – that is called visionary, pioneering, disrupting and most importantly, exceptional. You want to know what the future of Asterisk will be? look at what you need, that is where it will go. Was always the case, and will always be the case.

Yes, I use Kamailio, OpenSIPS, FreeSwitch and other tools. Yes, I’ve used OpenRTC, EasyRTC, Kurento and others. Yes, we still use them and YES – WE USE ASTERISK, and we will most probably keep using Asterisk for our needs – where it fits the best and assumes the task to the best of its ability. This is why every year we come to Astricon, this is why every year we join the DevCon, this is why every year we make it our business to keep track of whats going on in the core. Moshe, you are forgetting, we are not drivers, we are mechanics – we build and fix things. Tony Stark in Iron Man 3 says: “I’m a mechanic” later on the child replies “You’re a mechanic, fix it” – here’s my challenge to you – “FIX IT!” – make it better, make it stronger, make it into the thing you love and want.

One more thing Moshe, and this is something for you to think about – when you write a blog post, on a blog that has no way of allowing its readers to comment or participate in any form, you should not write opinion posts. Opinions are meant for people who can interact and respond.

** EDIT: You can comment to this post via facebook, at: http://on.fb.me/1QQQ18Q