[VOIPSEC] An issue of trust?
Andre Fucs de Miranda
afucs-listas at mandicmail.com
Sun Jun 18 13:56:33 CDT 2006
Randell,
>>First of all I would make a remark. Adding and SBC doesn't means that you
>>"add a point of failure".
>
> Even with redundancy, there are affects on the reliability, which is more
> than just failover. (Packet loss, backhoes cutting fiber, and then delay
> issues.)
LOL. You can't be serious. In the case you are providing VoIP services over
the Internet you are already using a non reliable network to reach your
customer! SBCs are no more vulnerable to a backhoe cutting fiber than any
other equipment. That's why when creating redundant networks you must always
think about at least two different network transmission medium.
I'm still trying to understand why SBCs would also insert packet loss if
correctly capacity planned.
> And that's part of why CALEA is innappropriate for technologies that don't
> fit it well. The argument on the other side is "if it doesn't fit well
> CALEA, that's too bad, don't do it" - i.e. outlaw the technology. The FCC
> in general appears fine with making rules that create defacto huge barriers
> to entry or large (in the end consumer-paid) costs - not just in this case,
> but in other cases too. And the federal law enforcement people would love
> to be able to go to one or two spots and get all the surveillance they
> want, with minimal effort. And less effort makes it easier to justify
> using the ability.
Companies and people need to be responsible for what they create. That's why
you expect the mobile manufacturers to collect their batteries after you use
them. Every time a control is imposed by a government the market takes a
while to adapt but it manages.
When the government asked companies dealing with medical records to comply
with HIPAA most Civil Rights organizations agreed that it was good. The
companies affected by HIPAA didn't like it and said that it would increase
costs, they managed. Still not perfect but they are managing.
BTW, the customer will always pay the bill since that's how the capitalist
model works. But trust me it's better to pay directly to your provider than
through the so called government subsidies and "investment".
> Actually, SBCs for IP-to-IP calls (due to CALEA) forces a (fairly high)
> lower bound on the costs for a "service provider", compared to a provider
> who basically provides a SIP server and ENUM. Skype (so far) avoids that
> cost, but if they're forced to implement CALEA (and right now due to
> SkypeIn/Out I assume they will be), they'll be forced into using them.
> However, they might be able to avoid using them for all calls due to the
> user (with a sniffer) being unable to tell if they're calls are being
> proxied by a Skype-owned SBC or a random user supernode (though if you make
> enough calls and do enough traceroutes, I'm pretty sure you could still
> figure it out).
Skype will do it because it's better for their business to comply with the
law and enter the US market than stay out of it and lose revenue. :-)
Best regards,
--
Andre Fucs
http://www.fucs.org/
More information about the Voipsec
mailing list