*scottstuff*

It’s amazing the ways that people can find to steal money. The latest scam goes like this:

1. Set up the local equivalent of a CLEC in some third-world country.
2. Publish exorbitant rates for a block of numbers (say, $5/minute).
3. Sign up with a US-based VoIP provider using a freshly-stolen credit-card number.
4. Verify that the VoIP provider doesn’t know about your rates, and only charges a small fee to dial the country in question (say, $0.10/minute).
5. Have a SIP auto-dialer call your numbers via the VoIP provider until the CC is declined or the account’s balance limit is hit.
6. Repeat.
7. At some point in the future, the VoIP provider will receive a massive bill from their upstream provider, while the Telco in whatever third-world country you’re using will hand you a big check.

This is just a twist on the old “modem dialer” scam, but it’s been costing VoIP providers big money. NuFone has apparently lost $400,000 recently, and other providers are reporting huge fraud rates–according to Teliax, roughly 1/3 of their new customer signups are fraudulent.

There’s a long thread following this on Digium’s list server.

It looks like this has helped kill at least one VoIP provider: LiveVoIP has declared bankruptcy, although they had a spotty reputation to start with.

CNet just posted an interview with Mark Spencer, the guy behind Asterisk. There aren’t a huge number of details, except for this one:

[Digium] has something that eluded many a Silicon Valley wannabee during the bubble: real revenues. The company pulls in about $10 million a year

Zing! Way to go Digium.

Since I’ve been having problems with my Verizon POTS line, I decided that it’s finally time to look into porting my main home phone number to a VoIP service. Right now, I’m using call forwarding on the line, so all incoming calls come in via VoIP anyway; using local number portability (LNP) to move the number directly onto a VoIP service won’t really make things any less reliable, but it will save me $15 or $20 per month.

I’ve been using NuFone for most of my VoIP traffic for over a year, but they only provide local numbers in Michigan; I’m in Washington, so that’s not very useful to me. I did a bit of research, and Teliax comes highly recommended on the Asterisk-Users mailing list and they’re able to do LNP ports in my rate center. Teliax seems to be sort of a cross between full-service VoIP providers like Vonage and pre-paid wholesale providers like NuFone–they have both prepaid by-the-minute plans and monthly minutes-included plans. Even the prepaid plans include the option of having them provide voicemail; it’s not very useful to me when I have my own Asterisk server, but I like the idea of having a provider that I use that I can recommend to non-Asterisk users.

Since Teliax can provide the service that I need, I went ahead and signed up. It only took a couple minutes to enter all of my data on their website, and my new incoming number was active immediately. Their support website includes Asterisk configuration snippets, dynamically-generated with my username and password, so all I had to do was paste them into my Asterisk config files and everything worked.

The one thing that I noticed immediately was that Teliax calls sounded a lot better then NuFone calls. By default Teliax uses the GSM codec, while I had NuFone set up for ILBC. By most accounts, ILBC should sound slightly better then GSM, so I’m not really sure what’s up. I changed my NuFone settings to use GSM, and suddenly the slightly swimmy sound that I’d been hearing on NuFone calls for the past few weeks went away. I suspect that my Asterisk build has a slightly-broken ILBC codec, but I wouldn’t have noticed this if I hadn’t added a Teliax account. Since this isn’t the first time that I’ve had ILBC problems, I’m going to drop it and stick with GSM for now. If it starts bothering me too much, then I’ll consider paying $10 and licensing G.729 from Digium, but I doubt there’s any purpose in doing that.

So far, I’ve only used Teliax for about 12 hours, and I haven’t ran more then a handful of calls through them, but so far them seem great. I have Asterisk set to reject them and log a message if their ping time rises over 400ms, but it didn’t trigger overnight. If it can make it a couple days without 400ms worth of network problems, then I’ll start the process of porting my home phone number to Teliax. For now, I’m going to change the forwarding on my Verizon POTS line to point to Teliax instead of NuFone.

Yikes, Digium has announced a DS3 card for Asterisk. So, the next time you need 672 channels of voice data all on a single PC, you know where to go.

It’ll be interesting to see what they’ve done with this–their current T1 cards have compatibility problems with some motherboards and have extremely tight timing requirements. In general, you don’t want to try running more then one of their 4-port T1 cards on a single PC. Since a DS3 carries 28 T1s worth of traffic, they must have done something to clean up their designs, or there’s no way it’ll be able to keep up with the load.

From looking back over my phone records, it looks like today marks the beginning of my second year of VoIP. I’m not sure which day I actually set up my Asterisk server, but I signed up with NuFone on March 23, 2004, one year ago today. At the time, I paid them $30 for pre-paid long-distance service, and have been chiseling away at that ever since. This morning, I still had $3.423 left of the original $30.

Since my monthly long-distance bill was around $20 before I started sending long-distance calls out over VoIP, I’m feeling pretty good about this. Of course, it’s probably best to ignore the $600 or so in VoIP hardware that I’ve purchased over the past year–it sort of screws up the cost-benefit equation.

Asterisk has grown a lot in the last 12 months–it’s reached version 1.0, and is rapidly approaching v1.1. Asterisk itself is very usable as a corporate PBX, and with tools like the Asterisk Management Portal and Asterisk@Home, it’s starting to be usable by people without a deep understanding of Linux, networking, and phone systems.

On the other hand, some problems still haven’t went away–it’s still really hard to find decent providers that sell local numbers across the country at decent rates. A year ago, good DID providers were almost completely nonexistent. Now there are a half-dozen or so companies that sell DIDs for Asterisk, but most of them are flaky in one way or another–they have bad support, or their terms of service are bizarre, or they don’t actually have any numbers in my local calling area. Hopefully a handful of solid providers will pop up this year, and I’ll actually be able to recommend them to people without any disclaimers.

I ordered a Sipura SPA-841 SIP phone from VoIPSupply.com last week, and it arrived last night. I haven’t had enough time with it yet to write a really comprehensive review, but I’d like to share a couple first impressions.

First–the SPA-841 is a lot smaller then I’d expected. It’s under half the volume of my Cisco 7940. It fit into a 2” tall FedEx mailing box, which I didn’t expect at all. Even though the base is small, it’s not very light–it feels like a real office phone, even if it’s a lot smaller then most of the office phones that I’ve used. It doesn’t seem to slide around too much on my desk.

Once I plugged it in, it booted very quickly. The Cisco phone takes around 30 seconds to boot, while the Sipura is ready for use in under 10 seconds.

The SPA-841 comes in a box with no documentation. Once you plug it in, you can configure it via HTTP using a web interface that the phone provides. Supposedly it’s also possible to feed it a configuration file, but Sipura only gives out the configuration file documentation and tools to VoIP service providers, not end-users. Personally, I’d rather edit text configuration files on a server and upload them to the phone then fiddle with the hundreds of settings that Sipura provides on their web interface, but if I’m only dealing with one phone, it isn’t a big difference. If I end up buying another couple SPA-841s for around the house, I’ll probably start agitating for open provisioning tools.

Even though there isn’t a whole lot of documentation, the phone isn’t too hard to configure. I spent about 15 minutes with it and had it accepting incoming calls, dialing out, and handling voice mail. The voice mail light (Message Waiting Indicator, or MWI) is just a dinky red LED sitting in the middle of the phone; I really like Cisco’s MWI a lot better. The Sipura also provides a MWI stutter dial tone, and it’s hard to miss that, even if you don’t see the tiny LED shining at you.

At this point, it seems to work, but I’m not completely happy with the way it’s configured. Once I’ve finished tweaking the config, I’ll write up a full review with pictures comparing it with the Cisco phone and provide a few configuration recommendations.

Update: I haven’t had time to finish the review yet, but I wanted to add a couple quick notes:

• The phone does come with a getting-started flyer, a glossy 8.5x11 mini-booklet with directions for plugging it in, connecting it to the network, and configuring it to talk to a few different SIP providers. It doesn’t come with anything more substantial. Sipura’s website has had a 71-page PDF Users’ Guide for a while, and just recently added a 79-page PDF Admin Guide. I haven’t had time to read the admin guide yet.

• The audio quality seems perfect. I’ve only spent a half-hour or so on the phone, but I haven’t noticed any dropouts. The handset is pleasantly loud.

• The latest firmware release, 3.1.1 (the update from last week’s 0.9.5–nice version number jump) includes support for “SIP-B,” which is apparently a standard being pushed by a few phone and softswitch vendors that make it easier to add PBX-like features to SIP phones. This includes bridged line appearances, shared missed-call DBs, called-number ID (the opposite of caller ID–it shows the name that goes with the number that you dialed), standardized call park/pickup support, and a few other useful features. Unfortunately, the SIP-B spec doesn’t appear to be public right now, even though the vendors involved have made some attempts at running pieces of it through the IETF’s standardization process. I suspect that SIP-B is really just a blanket name that covers a bunch of small, independent SIP enhancements that will be pushed through the I-D/RFC process one at a time, but for now there’s no real documentation available. Hopefully that will change soon so Asterisk can better support SIP-B hardware. (Micro-update: Sylantro has sent me a pile of documentation on SIP-B. I’m not sure that it’s complete, but there’s quite a bit of it, and they’re getting ready to put it on their website. So I’m mentally adding them to the “good guys” list when it comes to standards compliance and promotion)

• Several people have mentioned that they’ve had problems with the rubbery phone buttons on the SPA-841 sticking. I suspect that they’ve fixed this with more recent phones, as mine has been perfect. I wouldn’t say that the buttons are as nice as Cisco’s, but I don’t have any complaints.

I guess that’s a good summary of the phone–it’s not as nice as Cisco’s phones, but I have no complaints about it, either. It seems to work well enough, it has a decent feature set, and it’s cheap. I’d love to see them add PoE support, a ‘SPA-842’ model with a built-in Ethernet switch, a backlight for the LCD and buttons, and some way of supporting external dialing directories, but none of these are really critical–as it is, the phone works quite nicely, and I’ll probably order 2-3 more SPA-841s over the next few months.

How to get decent-quality sound recordings into Asterisk from a Mac without a ton of work:

1. Record with GarageBand. Use a real microphone, not the one built into the Mac. If your Mac doesn’t have a microphone jack, consider buying a Griffin iMic.
2. Export to iTunes. With GarageBand 1.0, this seems to be the only export option available.
3. Find the track in iTunes and convert it to an MP3. This shouldn’t be necessary (or really even a good idea), but my copy of sox (below) couldn’t handle the AIFF file that GarageBand produced.
4. Run sox with these options: sox recording.mp3 -r 8000 -w -s -c 1 recording.wav resample -ql
5. Verify that the WAV file sounds okay.
6. Copy the WAV file into /var/lib/asterisk/sounds. You can now use it with Asterisk’s Playback application.

The WAV file produced is sampled at 8 kHz, with 1 channel of 16-bit signed linear audio. This seems to be the best format for Asterisk, assuming that you don’t mind using around 16 KB/sec for audio files.

It all started on Wednesday night, when I discovered that my Asterisk VoIP server couldn’t make long-distance phone calls any more. I could dial, and the phone would ring, but as soon as the other end answered, the line went dead and the logs started filling up with error messages:

Feb  2 20:24:03 WARNING[-1250968656]: Huh?  An ilbc frame that isn't a multiple of 50 bytes long from IAX2 (16)?

That’s kind of weird looking. Google wasn’t particularly helpful, so I decided that this was probably a VoIP provider problem and sent mail to NuFone’s support people. Historically, NuFone’s support department has a reputation of being a bit spotty–either they handle your problem right off the bat, or you never hear from them again, but that was probably a combination of broken email servers and staffing shortages due to rapid growth. In this case, I got a response back from NuFone’s president first thing in the morning. We’ve exchanged a bit of mail in the past, and in this case he agreed that it was a weird error, and the first thing to try was upgrading. I was running Asterisk 1.0.2, while the current version is 1.0.5. He suggested that I might be happier with checking a development version of out CVS–they’ve been more stable for him, anyway, and there are a ton of new features and bug fixes that aren’t in 1.0.5.

What the heck, I said. Sounds like fun.

So, I checked a copy of Asterisk and several of its supporting libraries and drivers out of CVS, built them, installed them, and tried restarting Asterisk. First problem: I’d built my kernel without support for module unloading, somehow. So, I had to reboot to upgrade the drivers for my two PCI VoIP cards. Grumble, grumble. Oh well, I’d been meaning to shut it down and add more RAM anyway; the RAM was sitting right there, and it shouldn’t take long to slide the server out from under its desk and install the RAM. Five minutes later, the box was booting back up with the new drivers and twice as much memory.

Problem 2: As soon as I started Asterisk, I discovered that the X101P PCI card that handles my regular POTS line was reporting a ‘red alarm’ on the line, suggesting that it wasn’t connected right. I crawled under the desk, unplugged the phone line, wiggled connectors, and tested it with a $10 phone that I keep on hand for situations like this. I got a dial tone just fine with the phone, so I plugged the line back into the PC and crawled back out from under the desk to discover…

Problem 3: the server locked up while I was fiddling with the phone line. So I rebooted it, only to discover…

Problem 4: it couldn’t load the drivers for the PCI card anymore. The driver spit out a number of weird errors:

kernel: wcfxo: Out of space to write register 06 with e0
kernel: wcfxo: Out of space to write register 0f with 00

That’s ugly. I developed a new theory: the card wasn’t getting reset right on reboot. So, I powered the box completely down, pulled the power cord for a minute, and then tried again. It worked this time; everything came up right, and I was able to verify that everything was working correctly. Incoming calls worked right, and outgoing calls worked, via both POTS and VoIP.

So fast-forward a few hours. I try to call out, and nothing happens–I just get a dead line. Checking Asterisk’s console, it looks like it dialed out on the POTS line, but I wasn’t hearing ringing or anything. The driver for the X101P PCI card had apparently choked again. I tried stopping and restarting Asterisk, but it didn’t help. I didn’t worry too much, though–incoming calls on my POTS line get forwarded to VoIP after about 15 seconds worth of ringing. Somewhere in the middle of this, a couple calls came in from family members, but I wasn’t close enough to a phone to answer them, so I let them go to voice mail. Except neither call left a message. That seemed strange (my family is big on leaving messages), so I called back, and they said that the line had went dead right after it answered–they never heard the “leave a message” message.

Problem 5: incoming VoIP calls weren’t working, either. The connection died in the middle of a Playback instruction. I tried changing codecs, restarting Asterisk, and even rebooting, all without success. My frustration level was rising. Quickly. At this point, almost nothing was working right–POTS was dead, and incoming VoIP calls only worked right if I answered the phone. I took a break, put the kids to bed, and resisted the urge to scream. I mean, I debug problems like this for a living, which means that I really hate to do it at home.

So I spent a minute thinking–it was really weird that rebooting didn’t fix the VoIP Voicemail problem. I’d tested it earlier in the day, and it had worked after the upgrade to CVS Asterisk. And I hadn’t changed any other software since then. I rebooted again, and this time the X101P PCI VoIP card disappeared completely. Asterisk wouldn’t even start now–my config files are sprinkled with references to this card, and Asterisk was aborting with “can’t find card” errors. So I thought a bit more and came up with a new theory–when I’d pulled the box out to install more RAM, maybe I’d pulled on the phone cable that goes into the X101P a bit too hard, and the card had popped partway out of the slot. It’s easy to test, so I shut the server down again, slid it out from under the desk, popped the PCI card out, checked it for obvious problems, and put it back in firmly. I then plugged everything back in, rebooted, and discovered that everything was working perfectly. POTS worked, incoming voicemail worked via POTS or VoIP, outgoing VoIP calls worked.

I checked again this morning, and everything’s still working fine.

So, did I really pull the card halfway out, or was yesterday’s Asterisk CVS tree just really unstable? And what sort of person goes through this just to save $15 per month on phone calls? And speaking of that–if I’d had a second VoIP provider set up, then I could have shunted calls to them when outgoing calls to NuFone failed, and I would have been able to avoid part of the mess. Hey, yeah, and I still need to finish the Asterisk-caller-ID-on-MythTV project, so I can see who’s calling on the TV while I’m watching movies. Oohh, and my shiny new internal PCI ADSL card is supposed to ship soon. And I need to mod an Xbox so I can run MythTV on it downstairs…

I guess that should answer the “what sort of person” question. A person with incurable gadget lust. I’m getting better. Really.

I am swimming in spam. Every where I go, every direction I look, every medium I deal with, I am being spammed. Spam in my email box I can handle–my spam filter manages that well enough that I can ignore the problem. It’s all of the other spam that is driving me insane.

Let’s start with blog spam. I run Movable Type, and I have a PageRank of 6 or so, so like everyone else with a good PageRank, I’m being bombarded with blog comment spam. It’s not uncommon to wake up in the morning and find that 100 ads for Viagra or online poker or something less savory have managed to make it through my filters and pollute my blog. From looking at my logs, I’ve been had over 7,000 comments posted on this blog, with only 150 or so being legitimate, and around 6,000 blocked by MT-Blacklist.

Then there’s phone spam–the Do Not Call list has actually worked pretty well for my home phone number, but I’ve been besieged by calls from (905)-482-1663 for the past couple weeks. I assume that they’re a telemarketer, but I’ve never been able to figure out what they want–even when I’ve picked the phone up on the first ring, they just hang up on me. Google suggests that that number has done work for Bank of America and the Kerry campaign and pissed off a number of other people; it’s not just me. After a week of this, I had Asterisk blacklist them, so I don’t have to listen to them hang up on me 2 or 3 times per day. Yesterday, they escalated–they called my cell phone 3 times last night. I sent a Do Not Call list complaint today, but I doubt it’ll take. I’d probably be better off using one of the other laws on the books regarding telemarketing calls to cell phones or percentages of hangups, but it’s probably not worth the hassle.

My work phone isn’t immune, either–I’ve been getting 2 or 3 calls per week from random business magazines, wanting to give me free subscriptions or renewals. Frankly, I receive so many magazines that I can’t keep track of which ones I’m already getting–95% of them go straight into the recycling bin without ever being opened. I really don’t want more–my mailbox is too full as it is. Last week, I got two calls from Information Week and had to hang up on them–they wouldn’t take “no” for an answer. The week before, it was a call, a fax, and two emails from Network World. This morning, it was eWeek.

Thinking about all of these–the blog spam, the telemarketer spam, and the magazine renewal spam–the common thread is that none of them are actually trying to sell me anything. The blog spam is trying to increase their own PageRank. The magazine spam is trying to increase their circulation size and advertising rates. The telemarketer might be trying to sell me something, but since they refuse to actually talk to me, I can’t really tell. Largely, they’re all bothering me because they can sell something that I have (eyeballs, highly ranked blog) to others, and they don’t care that they’re wasting my time and money in the process.

According to The Register, Cisco is currently adding encryption abilities into their phones and call manager software. The article’s kind of hard to follow–it claims that the 7960G currently has encryption support, which is news to me–but the general gist is that they’re planning on adding some sort of direct VPN support into most of their phones via software upgrades.

Knowing Cisco, the feature will be implemented in some odd manner (L2TP+1DES IPsec in the phone?) and will only work with the CallManager-specific SCCP image for the phones, not the SIP image.

On the other hand, if they actually added TLS/SSL support for SIP and SRTP, then that’d be a huge motivation for getting encryption in Asterisk.