P2P, SIP and Security

For the past couple of days, Erik has posted discussions on SIP based P2P and security issues. These discussions are in audio format and are really interviews with Cullen Jennings, Rohan Mahy and Erik's interview to Voxilla. The following is a quick summary and my thoughts. But it is different to summarize an audio portion compare to a written one; it is easier to go back to a written page; it is easier to search for a segment. This is to suggest that I might not have fully got the points made by the speakers. If you have not already heard these pieces, you may do well to give a listen. Erik and Cullen talk about an ad-hoc meeting of people interested in SIP based P2P system at the recent IETF meeting. It really looks like this meeting was a big "tent"; because it included people who are interested in this technology for different applications. For more, click P2P, SIP and Security.

Security SNR (Signal Noise Ratio)

At the security information management area, the concept of SNR is often used to describe the performance of a SIM tool. But, what’s SNR? what impact the security SNR output? I hope this diagram help.

Mini-Microsoft

An interesting blog entry at: minimsft.blogspot.com Microsoft: reorg, reshuffle, consolidation? Thank goodness, I felt like we've at least been thrown a bone. Microsoft certainly needed a reorg - something like a good, vigorous shaking of one of those snow-globes. Now, how it's all going to play remains to be seen. But I hope that as part of the good shaking that some of the cruft breaks off and gets swept out and some of the cream rises to the top. ....

Ajax is a famous football club?

A friend told me: which will dorminate the desktop? the thin client, or the fat client? No, they are not. The most glamorous technology in current web applications is Ajax.

Ajax is not the name of the famous football club at Netherland. It's a series of technologies which incorporates:

# Standards-based presentation using XHTML and CSS;
# Dynamic display and interaction using the DOM;
# Data interchange and manipulation using XML and XSLT;
# Asynchronous data retrieval using XMLHttpRequest;
# and JavaScript binding everything together.

Tapping the Matrix, Part 1

Tapping into the Matrix, Part 1 by Carlos Justiniano -- In this first article of a two-part series on harnessing the idle processing power of distributed machines, Carlos Justiniano explains the current trends in this exciting technology area, then drills down into specifics such as client/server communication, protocols, server design, databases, and testing.

What's P2P?

There are many definitions to peer to peer technology. The following is some characteristics of P2P:

Everything except the client/server model
可以认为除了C/S架构之外的所有东西都是P2P架构的，实际上C/S才是特殊的，而P2P则是普遍的。
Network of nodes with equivalent capabilities/responsibilities (symmetrical)
P2P网络中的节点具有对等的能力和责任，是对称的。
Nodes are both Servers and clients called “Servents”
P2P网络中的节点同时即是服务器，也是客户端。

Security Management, OR Infrastracture Management

运营商（也包括广电运营商和数据中心等）总是不断地寻求新的技术手段以最大限度地挖掘网络潜力、提高每用户营收、提高单位带宽的营收、寻找新的利润增长 点、开发新的业务组合、降低客户流失。这些新的措施包括控制P2P业务流、对家庭和SOHO用户提供等级化（差异化）服务以替代当前施行中的大包月资费、 对商业客户提供服务质量保障（SLA）、提升自身在未来话音、视频和数据三重业务（Triple Play）市场的竞争力。

所以，对网络中的IP分组数据除了保证其可达性、延时、安全性等之外，对其有效的监视、分类和控制是运营商能够立足于3G/NGN年代的基础能力。

Security management is having a much wide meaning to those telecommunication carriers, bandwidth mangement, performance management, traffic shaping, identity and accounting.... I am fraid that you can not find out what's not security related.

"Proprietary" crypto of Skype

At the message of VOIPsa mailing list, Robert Moskowitz said:

"Some time ago, on the user forum I and another pushed for information on the skype crypto and beyond 'AES 256', we were told that information is proprietary.

Sorry, I cannot accept proprietary cyrpto. I can understand 'patent pending' or such. But not silence. "

I agree. If Skype insist on its "proprietary" crypto, those enterprises and professional users, i am afraid, will hesitate to adopt it as their primary communication tools.

P2P and Instant Message

IM(Instant Message) and P2P(Peer to Peer) are two of the most popular terms at Internet. This diagram depicts the relationship between them with examples. What they are bring to end users, software vendors and the internet service providers? business opportunities, security threats. what's your opinion? Enjoy.

eBay bought Skype with 2.4B$

Oops, the emerging virtual carrier giant - Skype is being bought by eBay, a world famous e-commerce operator. Can you imagine what will happen with eBay + Skype?

Oracle Agrees to buy Siebel

This morning I read the news from my mobile phone. It's astonishing that such a short time after Oracle's acquisition of Peoplesoft. I am afraid most of end users would not like to see the monopoly or oligarch at the application software market. SAP, Oracle, Microsoft, where are others?

Skype Protocol Reverse-Engineering

Do you believe that a researcher from China claimed that he has broken into the protocol used by Skype, ie. he can open skypenet without the skype client. In fact, a mini-skype is under developing with his own code.

 
http://publishblog.blogchina.com/blog/tb.b?diaryID=1546484

Might you want to skype him at: callto://shreksz/

Google与微软eBay等全面开战 到底想干什么

An interesting blog entry at:

http://blog.sina.com.cn/u/3fe543b00100001n

Just as what I comment a few days ago: while Microsoft dorminate the desktop operating systems, Google will dorminate the desktop information.

M2M-X by NTT

I run into a document by NTT, which described a platform based on P2P and IPv6.

M2M-X means "Machine to Machine for any[thing|place|time]", where the "m2m-x Management Server" functions as:
- Authentication
- Access control
- Issuance/distribution of encryption keys
- Visible only for authorized peers
- Firewall control

Oops, do you have any comments on it?

Skype Journal

Skype Journal is a portal to skype technologies, for those who care / like / are using skype. While skype is entering and booming all over the world, but due to the legal limitation, Tom and Skype can not do the same way as in other regions. I wonder why not they co-venture a company with those Railcom or other carriers with licenses...

Google Talk vs Skype

I installed Google Talk and uninstalled it today. ie. I choose Skype instead of GT. Skype encrypts its traffic while GT not.