The issues between DevOps and General Enterprise Technology

In the Facebook outage, it reminded people that you can’t trust a company which thinks they have only a few million users, when they don’t accept they work for a trillion dollar enterprise. This meaning that Facebook’s servers and services are more consumer-class than enterprise class or worse the braintrust is very weak.

It’s important to note, that even though the Internet Protocol is in itself a software stack (think of this as an “extension” or “driver”), but software engineering, web apps, etc., is in itself a different skillset. People who have used Microsoft’s Windows Server solutions really do not know much about IP networking. For many years, the Server editions came with a DHCP server, how many of the Microsoft certified admins know more about DHCP other than it gives IP address at the local level to get out onto “the Internet? I have suspected about VOIP deployments in the past, where NT admins didn’t understand “DHCP options” and alike because you know it’s more important to manage an Active Directory.

Look at Microsoft’s own VOIP systems, it fell shorter beyond Cisco’s Unified Call Manager, and obviously the Avaya, Nortel, Mitel or Shortels of the world. It’s sad when a Cisco can do better. This has a lot to do with Microsoft’s DNA of everything being software and talking to Microsoft’s own blueprint. Anything that routes outside a data center of an in house, on prem Microsoft solution is something Microsoft doesn’t get, and their software shows it. If it has to hit a Cisco, or needs to interact with a Cisco IOS, well good luck to that.

The Session Initiation Protocol part of Voice over IP was yet another rip-off from the traditional telephony, and was created by application people, since SIP was based off the Web standards or HTTP technically speaking if it’s a device talking to another machine. In a lot of ways SIP was designed almost like cell phones because a telephone number is basically a URL, and when you hear the “dial tone” it’s a fake noise to assure the user to replicate it’s a phone. Because the people who developed SIP didn’t understand enterprise voice systems, its basically like a landline with all the 19 potential features you could add on to your home hardwired or broadband phone service, because the people who likely created it looked at their POTS phone and assumed the same.

What a bunch of assholes to make an ass out of themselves.

Understanding software and an imaginary world is the worst thing to have in DevOps, of which is the new IT department fusing move-fast-and-break things punky coders, and wife beating sysadmins who hate change, but preach it to their “end users” or “lusers”. It’s kinda ironic that either type of man typically lacks software of another sorts, people. Understanding people. The IT world needs to be reformed to really not be the evil world to their fellow employees, and they need to stop jacking off to the C-suite, to help them save money by cutting jobs to their own people. This kinda goes full circle of the way money and influence is killing society with Facebook and their technical approach. If you are building a social network, that isn’t based on empathy, you are certainly going to cause rift amongst the people who are using your service.

Techie No-Nos – On DNS…

For security purposes and ensuring you’re not clogging your own low voltage pipes, your “DNS address” should be local. If you use Google or your ISP’s DNS address any connection to your local devices can only be accessed by IP addresses because you have no way to have a DNS point to a name to a host with an numeric IP address.

Local IP addresses are kinda like the FRS radio bands, ones that ISPs are expected to not route for the purposes of having a local area networks routable.

Anything from:

  • 10.0.0.0 to 10.0.0.255
  • 172.16.0.0. 172.24.255.255
  • And 192.168.1.0 192.168.254.255

The local DNS address should point out to the firewall or wireless router. Many smaller end devices have the ability to basic DNS if you have a few devices where you want to connect them by domain-name.

With all these cyber attacks, it’s best to separate what’s exposed to the overall Internet, and what should be local. Computing devices should be connected with a local IP and DNS address and appliances that help route local devices to the overall Internet should be the ones with the most exposure like having the Google DNS address.

Just do the right thing, and keep your devices protected with a better structured local network

#

On Outside Broadcast Trailers… IT’S SUPER BOWL SUNDAY!

Today is a big day here in America, where the most popular final playoff game for the NFL ends today. Ironically one of the winning conferences will be playing in their home turf – a tradition that rarely happens (if at all.) Will I be rooting for the Bucs? Maybe not. I think it’s time for Tom to retire. I also do not have much faith with Rob Gronkowski; who like to play when he feels like it. I can say this cuz I watched many of the Tampa Bay games this season. (And I really don’t care for Fox’s coverage of the NFC games… leave it at that.)

But anyways… CBS is touting a lot of fancy hardware for this year’s Super Bowl. This year, they’re playing on the cinema route, making use of 4K and 8K… quoting TV Technology

“In total, CBS says that it will have more than 120 cameras placed throughout the stadium, including 12 4K and 8K cameras to capture close-up shots during the game. The 4K cameras will be controlled robotically from the stadium concourse levels, while two Sony 8K cameras will be fixed on robotic gimbals from the lower field.”

Citing COVID-19 as the reason where “alternative production facilities” will be the method in producing the event; which means there will be many sterilized spaces  on West 57th St. in Manhattan at the CBS Broadcast Center… which tells me a lot of things. I have 3 points to make:

Continue reading

The Lack of Joy with Email

I used to love email. I seriously thought it was more professional, more methodological and more formal and more meaningful than text/SMS or chat/IM, etc.

Other groups of people who either do not respect the medium or have given email a bad name.

I thought owning a BlackBerry was cool, but one of the big flaws was I couldn’t have full IMAP email, then I went onto the iPhone in December 2011 and realized how cool it was to have an entire inbox on the palm of my hand like I could on my desktop. (POP3 is perfect for small email servers or the ol days of dialup, where once it downloads onto the client, it “pops” away off the server, is the non technical way to describe it.

But with everything, joy disappears. The alleged honeymoon period lasted a decade plus.

It wasn’t necessarily the tech, but the people on the other end. Apparently I showed too much love to email that people took advantage of it.

In the last year it got worse. People in professional circles would send me longwinded emails with up to twenty sentences per paragraph. The biggest pet-peeve was the excessive, liberal use of High Priority, and was used completely indiscriminately. It was more of “Look At Me, Smell my ugly Pits! I am so great you must drop everything and you’ll get back to me!” Worse was professionals would accidentally send out emails; with the failed attempt to recall emails –  assuming I am an Exchange shop (of which I am not), and that the email would magically disappear. Do these people realize no one is using Outlook in the masses as much?  In fact I haven’t used Outlook in years! I still liked the overall Outlook interface; but do not support the O365 approach.

I also had clashed with the millennials, and intra-generation fights.  One former professional was so overwhelmed of a 2 page email, despite it being properly written with appropriate sentences per graphs and it being outlined. Younger people today treat email like SMS or chats; I find that alarming because this leads to a culture of inappropriate communications and if you mix Slack-talk in email, it can really bite you if a discovery is required. I think chat-like emails are more apparent then than back in the 90s or early 00s by boomers and Gen Xers.

The biggest pet-peeve was the excessive, liberal use of High Priority, and was used completely indiscriminately. It was more of “Look At Me, Smell my ugly Pits! I am so great you must drop everything and you’ll get back to me!”

Oh the multi-thread replies… that was the worse. If developments occurred over the weekend, I had “professionals”; would literally react to every reply. If say there was an instance where I had  threads, both were responsive replies, one was a correction to the other, the person would still react to all three and personalize each one. This individual was under high stress and was known in circles for being a chain-smoker. The job didn’t need to be high-stress to begin with.

The joy is no longer. There is no sense of happiness as much as I used to. This isn’t because my responsibilities changed; it’s the other groups of people who either do not respect the medium or have given it a bad name.

Introducing… The Spokesman Podcast

If anyone who knows the history of telephony, the brand name of a loudspeaker tided to an ole Ma Bell phone was called the Spokesman. And unlike a Polycom, the quality may had been suspicious. It was designed to listen in to “morning calls” from Wall Street firms. In fact groups of people would huddle to what was nicknamed “the squawk box”…

This ol device was what inspired CNBC to introduce a “pre game show” in 1995.

25 years later, your’s truly wants to record about 5 minutes of hard-news plus no-so real time quotes and numbers and snatch that degraded brand that is like chewing gum for day traders into ear candy for people who live to crunch numbers… and no I am not talking about the ol Macintosh kids game. I love using that as an idiom.

If I learned anything during COVID19, there is not enough analysis; likewise there is not enough information. Back when Squawk aired on CNBC, it was in the early days of the web; and not everyone had access to the overall Internet. Today it’s so efffing hard to find detailed market information that The Wall Street Journal used to put in the C-section. Our Presidant doesn’t care about the more long term indicies that are measured like a pool; all he cares about is the market of public opinion – The Dow.

Once a week, on my YouTube, my SoundCloud, etc, you’ll hear roughly 5 minutes of reading stories of the previous night’s earnings reports; before the opening bell market reports; and little on politics. Tech stories may dominate the lead.

The audience is for people who follow markets, understand business; understand the over-zealous “profit” culture of todays corporate governance, and trying to put a news story one reads on the web into something that’s broadcast-able; and covering beats that the traditional cable business channels left behind ages ago.

I don’t want to be your daily teacher. I want help you be informed on weekly and daily basis.

Our principal sponsor is Techie Crafts

*

“Monopolies” Then vs. Now

“Monopoly” basically means a company owns one sector and sniffles any other company getting involved. In the early 1900s, Standard Oil used to own 90% of the country’s gas and oil distribution. Now basically many of those descendants had merged and some sold to global entities.

By the 1950s, the American Telephone and Telegraph company owned 90% of the US telephone lines and interconnects. AT&T was the Department of Justice’s top enemy. That same decade, they were ordered to sell off their Canadian and Asian arm; and in 1956, they were ordered not go into the data processing business (“computers”) despite Bell Labs inventing the transistor that would be the key component in all computers by the 1960s.

Continue reading

VOIP Security in 2020 – More Concerning Than Ever Before

I don’t intend to scare any potential readers with my written work, however it’s something people need to be on alert. Particularly on a specific technology, not the protocol/service itself.

Voice over IP or VOIP (sometimes spelled with the tacky “VoIP”, pronounced as Vo-eye-pee) is a technology that puts mostly telephony over the open Internet Protocol (hence the IP part of the acronym.)

IP dates back to the early 1980s and it’s offspring to the original DARPAnet that began as a Defense Department project in 1969 to have some form of a communications network in case the Soviets or some other rouge country had bad intentions against America.

Oh this phone is so sexy… and cheap! (And perhaps a bit insecure for our 300 lines we will be acquiring?)

IP then and now is a fragmented protocol, with billions of devices traditionally tied to firewall or Network Address Translation, that is better known as a “router”, so on the wild Net, what it sees is mostly machines and rarely users; except at the application level of the OSI Layer. In reality TCP/IP is your device’s driver to interconnect with other devices like the sound driver enables you to hear things on your machines. 

VOIP is mostly an application, and the IP Phones are really desktop sized streaming devices that replicate that ol telephone that was invented by either Alexander Graham Bell, or Elisha Grey or Thomas Edison.

When VOIP became popular in the enterprise in the early 2000s, the security and reliability had been a concern. “Pure IP” vendors like Cisco came from data point of view so  they felt routing telephony should be routing like accessing the Web. Early on some large-scale implementations had some major failures. Some were bone-headed from the phone guy’s point of view, and some were reliant on Microsoft Windows Server (other vendors probably laughed at Cisco.)

The issue then was a lack of encryption, lack of basic controls such as binding IP addresses for specific services, etc. Earlier versions of VOIP used proprietary protocols, and vendors like Avaya, Nortel and Mitel implemented their hard-wired telephony protocols on top of the “IP stack” (again like a plugin to that driver metaphor”.) VLANs along with firewall policies ensured that VOIP networks would be seen by the IT or phone guy and not a co-worker in accounting.

If a bad guy wanted to get into the phone system, s/he would needed to know the IP address of the server, or gateways, and manipulate the system at that point.

Problem Met Another Problem Without a Simpler Solution

Within the VOIP ecosystem, there was that proprietary way known as H323 (this is a signaling protocol of how the VOIP sets talked to the routers and servers) and then there was Session Initiation Protocol or SIP.

SIP decentralized the telephony networks by putting a switching like system on every device; and took the Web playbook for signaling the servers and gateways, and streaming audio and even video through the hand or headsets. Even that, it could support instant messaging or chat services, since the devices were chatting to each other via text, why can users?

The one thing I left out with H323 vs SIP, was, either a hostname or an IP address with H323, and with SIP it requires a server for authentication, another server for “proxy” another one for an emergency (ala 9-1-1), and another for time of day, and another set of IP addresses or Domain Names for “provisioning” to send all those stuff to the sets.

It also enabled the customer to the standard 19 Custom Calling Services features that in the old consumer landline world would cost a fortune. Any “PBX” type of features has to be “extended” from the vendor, say a Cisco, or Avaya.

SIP was great for long haul trunking between the phone company and the customer, or even inter site linking, since SIP did Caller ID well, if you had played around the graphically enhanced distro of Asterisk, Free PBX, the phrase is used very liberally.

As with any technology or service, without any baseline of historical context, the only thing SIP could relate was the unrelated H323 standard. SIP is open, meaning any vendor that adheres to the Request for Comment/RFC for SIP could theoretically work. Early on in the development of the endpoints (the “phones”) the prediction was you could go to BestBuy or RadioShack and buy a phone off the shelf and bring into the office. While those places did (or does not) carry them per se, but any eBay or Amazon store you could buy a $59 single line set and plug it into a SIP controller in the office and hello to BYOD.

Improper SIP Deployments can be a Threat to Small Businesses 

The issues in the early 2000s involved H323 and proprietary software and servers. A lot of what caused H323 issues then were taught later (such as admin web pages to stay local and not be exposed to the open Internet, or remote users requiring log in through VPN compared SIP could be logged in from anywhere; which is why it’s successful)

Many traditional Nortel, Avaya small end systems that serviced customers less than 30 stations have been replaced Key Phone Systems  “for a little more” or “better off” going a cheaper path to “Cloud PBX” systems. Most small businesses are using store bought technology (which is a whole other issue that would be beating a dead horse); worse is that these devices, Polycoms, Grandstreams, alike are likely directly connected to the Open and Wild Interwebz. If you work in an office with over 255 PCs, typically the DNS address is going to be something like a 172.16.1.x or 10.0.x.x) and not an 8.8.8.8 because if every PC and every device had that; it would stress out the network with every device pinging Google to get onto Facebook.com that then turns into Facebook’s public IP address when using browsers or apps.

For SIP deployments, these devices are going directly on the Internet and not some middleman in the datacenter or server closet. This is how many of the VOIP Phone Spam or Prank calls on steroids occur. There needs to be some device at where the Wide Area Network, WAN or “the Internet comes in” such a enterprise class firewall or a proxy server. All SIP calls would “originate” from this box. Unlike H323 or the traditional phone system, it’s not “the brain” per se, but it controls the quality, security and the “noise” that SIP devices would talk to each other if it’s going to Comcast Business or RingCentral. These things are called SIP Proxy Servers or firewalls, they aren’t “private” per se, it’s a hybrid of a multi line phone system meets the customer premise equipment like those T1-landline adaptors, or straight up modems. They can come in various shapes and sizes. You may need more servers/devices for redundancy. Cisco’s IOS routers have some level of support. If you have virtualization like VMware, you could run this as an instance, or if you have PFsense firewall, there is built in packages to do that.

In 2020, you wouldn’t plug your computer into a modem like you used to in 2002, so why would you do this to an IP enabled phone?

#