Telecom Security

zhaol wants to keep up with you on Twitter

2007-12-19T09:26:00.000+08:00

To find out more about Twitter, visit the link below:

http://twitter.com/i/6bdb6f0380ccff85681d0521ed54fd438a9a7a32

Thanks,
-The Twitter Team

About Twitter

Twitter is a unique approach to communication and networking based on the simple concept of status. What are you doing? What are your friends doing—right now? With Twitter, you may answer this question over SMS, IM, or the Web and the responses are shared between contacts.

Net neutrality concerns and China's Telecommunication Act

2006-03-30T12:01:00.000+08:00

Here we saw the public, drastic debate of the Net Neutrality, and careful considerations of a bill at backside, among stakeholders. As the representatives of the new voice from internet, those giants, Google, Yahoo, Microsoft criticized that the Net Neutrality bill might bring unpredicted potential demage to the internet users, while leaving a loophole to those triple-players or tradional operators who own and operate the internet transmission services. Of course, there must be a long way for the Net Neutrality into a real bill, but this kind of argument will help improve the maturity, integrity, fairness, will eventually benefit the end users.

At China, the Act of Telecommunications is not enacted yet, under longer than 25 year's tough development. The Act, at its draft stage, according to the MII, will be finalized at 2006. It was said the reason for continuously postponing was the uncertainty of the convergency of three networks (telephone, vedio, and data). Comparing to the openness and public participation reflected by the above report, we might better our legislation process to let more people and experts, enterprises involved. See more telecom, security and p2p related comments.

Technorati Tags: telecom, 3G, china, p2p, skype

Rails releases version 1.1.0

2006-03-29T16:46:00.000+08:00

At March 28, the ruby-based open source rapid application development framework - Rails released its latest version 1.1.0 with a bunch of new features and plugins. See their official site at: http://www.rubyonrails.org

Technorati Tags: Rails, RoR, Ruby, "web2.0"

Technorati Tags: Rails, RoR, Ruby, "web2.0"

Good To Great - The Flywheel and The Doom Loop

2006-03-24T16:45:00.000+08:00

The following is extracted from Good To Great by Jim Collins:

Key Points

- Good-to-great transformations often look like dramatic, revolutionary events to those observing from the outside, but they feel like organic, cumulative processes to people on the inside. The confusion of end outcomes (dramatic results) with process (organic and cumulative) skews our perception of what really works over the long haul.

- No matter how dramatic the end result, the good-to-great transformation never happened in one fell swoop. There was no single defining action, no grand program, no one killer innovation, no solitary lucky break, and no miracle moment.

- Sustainable transformations follow a predictable pattern of buildup and breakthrough. Like pushing on a giant, heavy flywheel, it takes a lot of effort to get the thing moving at all, but with persistent pushing in a consistent direction over a long period of time, the flywheel builds momentum, eventually hitting a point of breakthrough.

- The comparison companies followed a different pattern, the doom loop. Rather than accumulating momentum – turn by turn of the flywheel – they tried to skip buildup and jump immediately to breakthrough. Then with disappointing results, they'd lurch back and forth, failing to maintain a consistent direction.

- The comparison companies frequently tried to create a breakthrough with large, misguided acquisitions. The good-to-great companies, in contrast, principally used large acquisitions after breakthrough, to accelerate momentum in an already fast-spinning flywheel.

Unexpected Results

- Those inside the good-to-great companies were often unaware of the magnitude of their transformation at the time; only later, in retrospect, did it become clear. They had no name, tag line, launch event, or program to signify what they were doing at the time.

- The good-to-great leaders spent essentially no energy trying to "create alignment," "motivate the troops." Or "manage change." Under the right conditions, the problems of commitment, alignment, motivation, and change largely take care of themselves. Alignment principally follows from results and momentum, not the other way around.

- The short-term pressures of Wall Street were not inconsistent with following this model. The flywheel effect is not in conflict with those pressures. Indeed, it is the key to managing them.

- Spending time and energy trying to "motivate" people is a waste of effort. The real question is not, "How do we motivate our people?" If you have the right people, they will be self-motivated. The key is to no de-motivate them. One of the primary ways to de-motivate people is to ignore the brutal facts of reality.

SOC at China

2006-03-20T16:07:00.000+08:00

After 2003 in China, SOC (Securit Operations Center) keeps abuzz security market. To be lucky, I attained the opportunity to manage the first SOC project at China. That's Nov. 2002, I kicked off the first SOC project internally, when I worked for iS-One as the Chief Strategy Office. After the project initiation, I digged a lot of web information related to SOC.

At that period of time, SOC were mainly built and operated for MSS (Managed Security Service) providers, e.g ISS had six SOC globally. I tried to transfer the concept of SOC from MSS to enterprise security operations and was lucky to win the customer’s buy-in. Then we don’t have such product or even Proof of Concept (PoC) platform at all. We negotiated with eSecurity and made the final decision to build our first SOC upon it.

The first SOC project was finished at about June 2003 and thereafter SOC became a warming-up security market opportunity. Today most of the major players at China security market claim to have their own SOC platforms and solutions, while many of enterprises are starting to plan and build their own SOC. To be mentioned, most of these SOC projects don’t reach their initial expectation. While SOC was becoming popular at enterprise security management area, a few pioneer security companies in China began to make their fortune at MSS market with SOC. 263.com, Unihub, Beijing Capital Information Co. and etc. tasted this market at early to around 2002, but they found it difficult to make profit. A major security vendor - Topsec rolled out their SOC to provide MSS servcies at 2004, built on SOC product from ArcSight, while MSS is one of meaning that another major security vendor Venustech interprets their M2S vision. To be optimistic, SOC has been entering a new stage where SOC serves for enterprise internal security operations and MSS providers.

Technorati Tags: SOC, Security, MSS,Audit,

"Common Weakness Enumeration" Added to CVE Web Site

2006-03-16T17:42:00.000+08:00

March 15, 2006, according to the official news from mitre.org, a new effort leveraging CVE entitled the "Common Weakness Enumeration (CWE)" has been added to the GET CVE page on the CVE Web site.

CWE is a community-developed formal list of common software weaknesses, idiosyncrasies, faults, and flaws. The intention of CWE is to serve as a common language for describing software security vulnerabilities, a standard measuring stick for software security tools targeting these vulnerabilities, and as a baseline standard for vulnerability identification, mitigation, and prevention efforts. Leveraging the diverse thinking on this topic from academia, the commercial sector, and government, CWE unites the most valuable breadth and depth of content and structure to serve as a unified standard. Our objective is to help shape and mature the code security assessment industry and also dramatically accelerate the use and utility of software assurance capabilities for organizations in reviewing the software systems they acquire or develop.
Based in part on the CVE List's 15,000 plus CVE names—but also including detail and scope from a diverse set of other industry and academic sources and examples including the McGraw/Fortify "Kingdoms" taxonomy; Howard, LeBlanc Viega's 19 Deadly Sins; and Secure Software's CLASP project; among others—CWE's definitions and descriptions support the finding of common types of software security flaws in code prior to fielding. This means both users and developers now have a mechanism for ensuring that the software products they acquire and develop are free of known types of security flaws by describing their code and assessment capabilities in terms of their coverage of the different CWEs.
The new section includes the CWE List, offered in a detailed Taxonomy view and a high-level Dictionary view; an About section describing the overall CWE effort and process in more detail; a Compatibility page; a Community Participation page; and list of Sources.

Technorati Tags: CVE, Security, Vulnerability

Technorati Tags: CVE, Security, Vulnerability

OSVDB say no to Mitre

2006-03-13T18:03:00.000+08:00

How about the status of current vulnerability management market? Is CVE enough? Do you agree that Mitre control your vulnerabilities? OSVDB say no to Mitre. See comment from OSVDB (Open Source Vulnerability Data Base):

Vulnerability research is straight forward. There isn't a lot of black magic and secret arts when it comes to finding vulnerabilities. For the most part, 99% of vulnerabilites are very well documented (even if the 'researcher' doesn't document it), easy to understand by others in the field, and leave little to imagination. It has been years since we've seen a truly new class of vulnerability surface. If I post details of an overflow of *any kind* to this list, there are a hundred folks that can digest what I post in seconds, then go to town on me for not going into details, not looking at VectorX, FunctionY or Z.c =) The other side of vulnerability disclosure is the human element. The sociology and mindset behind what we do, and why we do it. This is the angle that has interested me for years, and the type of book I will grab before any 'technical' (generous term usually) security/hacking book. Not only are there dozens of questions that can be asked of the researcher about his mindset and ethical views, there are countless other people involved in the process. Does the researcher have partners? Is he an employee of a security company? What vendor is he dealing with? Which vendor is it? How many people is he dealing with on the vendor side?

Click to see the original post.

Keep an eye on what those providers' men doing

2006-02-27T14:23:00.000+08:00

According to a news from com.com, an auditor of McAfee from Deloitte Touche USA losed the information CD where contains much of privacy information of McAfee's employees. It's a security incident happening outside of cyber space security.

Another news reported that an engineer from UTstarcom intruded into the deposit card system of Beijing Mobile, which is the baby company of China Mobile. The intruder stole cards and numbers with value of up to millions of RMB for personal reason. That's a security incident happening at the cyber space security.

Both of them are done by the employees from the providers, which we should pay more attention. In order to magnify their core value and competitiveness, the telco companies are outsourcing more and more business to the partners, for product implementation, optimization, maintenance, auditing and etc. That means more and more 3rd part engineers are working tegather with their own employees, sharing the same internal networks and some other resources. It must be becoming a great challenge for security management in the recent years. The IT managers should keep an eye on what those providers' men are doing at your territory.

Netclarity's VQS and FirewallBooster

2006-02-27T10:59:00.000+08:00

Auditor is a vulnerability management product by Netclarity. It helps security administrators manage vulnerabilities based on its database which is synchonized with CVE remotely. VQS and Firewallbooster are highlights of this product.
/>VQS(Vulnerability Quarantine System) is a sort of clientless (agentless) vulnerability management tech. It uses technology-mapping to identify the OS and applications of the target of protection. If some vulnerabilities of higher priority are found with a host, then it can notify the firewalls (or routers, swithces) to filter out the corresponding networking communication related to those vulnerabilities or even the whole host. Netclarity calls it "Firewallbooster" technology. Although "Firewallbooster" is policy based, I am afraid it will scare the administrators away by high "false positive", especially for those mission critical back-end servers.

Compared with CA's eTrust Vulnerability Manager, Auditor doesn't provide any advantages to the customer, while it lackes auto inventory and built-in risk model.

Pasted from Telecom,Security and P2P.

Wordpress.com blocked at China ！

2006-02-22T10:05:00.000+08:00

At these two weeks, I found I could not access my blog at wordpress.com from the network at China, neither from the access of CNC and CMCC. If I configure my browser to use anonymous proxies at abroad, then it’s ok. So I believe wordpress.com is blocked at China just as other blog service site.

Currently, most of the free or commercial blog sites are blocked at China, e.g, typepad, blogger and others. Due to the good relationship between Microsoft and Chinese government, MSN spaces are operating well and acquiring booming blogger users.

I wish WP would be opened as soon as possible.

My photos

2006-02-21T14:56:00.000+08:00

Welcome to my album at flickr.com, most of them are scenes where i was feeling well. Currently, I use a digital camera of Kodak v550:

http://www.flickr.com/photos/zhaol

See my comments and articles, please visit: http://blog.zhaol.cn.

Programming RSS with Ruby

2006-01-16T17:50:00.000+08:00

A good tutorial on Programming RSS with Ruby with rich examples and explanation.

Security Technology Hype - 2006

2006-01-16T15:37:00.000+08:00

Refering to the Garter's Hype circle for new technologies, I position most of traditional and buzz security technologies as the below diagram:

where SVM stands for security vulnerability management, SOC for security operations center, Id Mgmt. for identity management, UTM for unified threats management, App. Sec. for application security, SKM for security knowledge management and SMW for security middleware. See original post (Chinese) at Telecom,Security and P2P.

Skype Based Remote Desktop & Netmeeting

2006-01-16T13:48:00.000+08:00

Skype has been providing us an transparent overlay network that can bypass firewalls and NATs. The most attractive point is its opening of its API, the Web2.0 style of interoperability. So numerous novel applications are invented at the SkypeNet. This time I was surprised by one "share" application named Unyte by webdialogs.com.

Unyte brings us Skype based remote desktop and netmeeting capability to "share documents, presentations, applications or even your entire desktop in real time with anyone, anywhere, anytime". It help reflect the concept of virtual office and real-time remote collaboration. Though Microsoft's Windows Live Messenger is rolling out the similar features, Unyte will succeed in fighting for its living space with Skype base.

At China, Dianji, founded by the famous Internet pioneer, Mr. Wang Zhidong, is a software company focusing on collaborative tools. Their GeneKing series products have been serving for a lot of Chinese customers. They released their multimedia commnication software Lava-Lava a few months ago. It's a full-fledged IM software wich audio/video talk and conference functionality. However, Dianji has a relatively weak brand and install base at the IM market. Joint-venture or some styles of collaborations with those big players might be a good way for their Lava-Lava.

How to secure the enterprise's network perimeter eroded by numerous IM/P2P applications always are the top considerations of IT managers. The acquisition of IMLogic by Symantec reflects the trends and potential, with higher recognition by those security and infrastructure management software vendors, such as Computer Associates, IBM, HP and McAfee.

Although the encrytion algorithm used by Skype, AES, is strong enough for personal and common enterprise users. However, the lack of management interface and tools will be the obstruct to its adoption at EIM market. Alternatively, considering the openness and extensibility of Jingle/Jabber, It's easy to predict that there will be a series of collaborative tools or platform based on Jingle/Jabber that will be emerging at 2006 to meet the demands from SOHO/SMB.

See orginal post at: Telecom, Security and P2P.

Download My Posts Collection (before 2006-1-11)

2006-01-16T13:45:00.000+08:00

I compiled most of the interesting posts before 2006-1-11 of my blog into one RAR compressed mht documents for downloading, so that you can read them off-line. Click to download.

I use Netsnippet to collect my posts and create the final collection. Netsnippet is a good web collection and knowledge management tool.The installation is really straightforward, followed by a sidebar appeared at the IE browser. Then you can copy/insert/edit conveniently what you are interested to save for further use. See the little screenshot.

A good tutorial on RSS

2006-01-16T13:32:00.000+08:00

A good tutorial on RSS at MNOT, which describes the definition, the howto of generating and some tips on the usage.

First post published via Flock!

2005-10-26T13:02:00.000+08:00

Do you flock today? Wow, download it and try. Let's flock.

BS7799, ISO17799, ISO27000 Series

2005-10-23T23:35:00.000+08:00

Refer to the post at 17799.com forum , the following information is summarized "as is":

ISO27001 is to be the replacement for BS7799-2 by the end of year 2005
ISO 17799:2005 will be renamed in year 2006 or 2007 as ISO/IEC 27002

A new standard for BS7799 series:

BS 7799-3:2005 - information security management systems - guidelines for information security risk management" is a new British Standard due for release in December 2005

The new ISO27000 series will have five parts:

ISO 27000 will formally define the specific technical vocabulary used in these standards;
ISO 27001 will be the ISO version of BS 7799-2, the certification standard (due for full release in November 2005, already available as a final draft);
ISO 27002 will be the renamed and updated version of ISO 17799:2005 (to be released in 2006 or 2007);
ISO 27003 will contain guidance for those implementing the ISO 27000-series standards;
ISO 27004 will be a new Information Security Management Metrics and Measurement standard to help measure the effectiveness of information security management system implementations (currently in draft);
ISO 27005 will be the ISO version of BS 7799-3

See more information about telecom, security and p2p, please go to: http://hi2005.wordpress.com

Ten-year Evolvement of China Telecom Industry

2005-10-23T23:34:00.000+08:00

1994 is a special year for telecom enterprises at China. Before that year, telecom is a function of the state government, no commercial services and operations. At that year, China Telecom was split off into an enterprise to provide all-telecom-services to the whole country. And at that year, China Unicom was founded to lead in market competition.

2nd year of milestone is 1997. At that year, China Telecom was further split into two parts: China Posts and China Telecom. And at that year, I graduated from Peking University and began to work for China Telecom, Data Communiction Bureau (DCB).

3rd year worthy of attention is 1999, when China Mobile was spin off to a stand alone company. Telecom industry entered into a new era. (BTW, I left DCB at 2000 to find my fortune).

4th year to be mentioned is 2002, when China Telecom was further splitted into two parts: China Netcom (10 provinces at north china) and China Telecom (21 provinces at South China)

Click to see the diagram to depict the ten-year evolvement of china telecom industry.

Top Ten Concerns to Skype Security

2005-10-18T09:36:00.000+08:00

As a security professional, I adopt Skype as my primary IM due to its encryption and firewall bypass. Although firewall bypass is the direct experience, encryption is just claimed by Skype. Nothing more about the encryption mechanism, such as the key generation, management and etc. The following is the Top Ten Questions I want to know about Skype security issues:

0 does Skype company de-encrypt/record my talk/chat?
1 besides the parties of the talk/chat, any body else can read/hear the content?
2 how to process the talk/chat traffic along the internet route?
3 is the talk/chat content stored at somewhere else at the internet?
4 how to negotiate the session-key used to encrypt the traffic?
5 how to encrypt the talk/chat traffic?
6 how to store the public/private key pairs of skype client?
7 is there any means to identify the traffic at network layer? (though Verso has succeeded in it)
8 is there any existing mechanism to account/audit the activities of the skype client, or recommendation from Skype?
9 is there any country agents involved at the key management?

What's yours most of concern questions? want to know from Skype?
Most update version, please click to http://blog.zhaol.cn

Advice for US Companies in China by Kaifu Lee

2005-10-18T09:21:00.000+08:00

China economy and IT market are exciting and attrative. It's lucrative to some multi-natioinal companies, while a waterloo to many of them and their SVP/EVP/MD/GMs. Why? A good slides by Kaifu Lee disclose his findings at China. Click to download.

Build strong government relationships
Play by China's market rules
Make a long-term commitment
The local economy is the top priority
Nurture local people
Build trust, not PRUnique power of government
Relationships required at all levels
The spirit of the law matters more
China's culture is built on trust, relationships, mutual respect.
The concept of "face" is very important.
Avoid sensitivities and find every opportunity to make China look good
Negotiations are bottom-up and informal.
…

Thanks to Dr.Lee's excellent summary. It's very valuable to read.

My Blog at Wordpress.com

2005-10-08T13:33:00.000+08:00

Hello, because blogspot.com is not accessible at China, so I moved my blog to: http://hi2005.wordpress.com The topic keeps the same: Telecom, Security and P2P. You can reach that site through my permenant personal domain name: http://blog.zhaol.cn Thanks for visiting and comments.

P2P, SIP and Security

2005-09-22T16:25:00.000+08:00

For the past couple of days, Erik has posted discussions on SIP based P2P and security issues. These discussions are in audio format and are really interviews with Cullen Jennings, Rohan Mahy and Erik's interview to Voxilla. The following is a quick summary and my thoughts. But it is different to summarize an audio portion compare to a written one; it is easier to go back to a written page; it is easier to search for a segment. This is to suggest that I might not have fully got the points made by the speakers. If you have not already heard these pieces, you may do well to give a listen. Erik and Cullen talk about an ad-hoc meeting of people interested in SIP based P2P system at the recent IETF meeting. It really looks like this meeting was a big "tent"; because it included people who are interested in this technology for different applications. For more, click P2P, SIP and Security.

Security SNR (Signal Noise Ratio)

2005-09-22T11:54:00.000+08:00

At the security information management area, the concept of SNR is often used to describe the performance of a SIM tool. But, what’s SNR? what impact the security SNR output? I hope this diagram help.

Mini-Microsoft

2005-09-21T14:47:00.000+08:00

An interesting blog entry at: minimsft.blogspot.com Microsoft: reorg, reshuffle, consolidation? Thank goodness, I felt like we've at least been thrown a bone. Microsoft certainly needed a reorg - something like a good, vigorous shaking of one of those snow-globes. Now, how it's all going to play remains to be seen. But I hope that as part of the good shaking that some of the cruft breaks off and gets swept out and some of the cream rises to the top. ....

Ajax is a famous football club?

2005-09-20T14:19:00.000+08:00

A friend told me: which will dorminate the desktop? the thin client, or the fat client? No, they are not. The most glamorous technology in current web applications is Ajax.

Ajax is not the name of the famous football club at Netherland. It's a series of technologies which incorporates:

# Standards-based presentation using XHTML and CSS;
# Dynamic display and interaction using the DOM;
# Data interchange and manipulation using XML and XSLT;
# Asynchronous data retrieval using XMLHttpRequest;
# and JavaScript binding everything together.

Tapping the Matrix, Part 1

2005-09-16T15:58:00.000+08:00

Tapping into the Matrix, Part 1 by Carlos Justiniano -- In this first article of a two-part series on harnessing the idle processing power of distributed machines, Carlos Justiniano explains the current trends in this exciting technology area, then drills down into specifics such as client/server communication, protocols, server design, databases, and testing.

What's P2P?

2005-09-16T13:54:00.000+08:00

There are many definitions to peer to peer technology. The following is some characteristics of P2P:

Everything except the client/server model
可以认为除了C/S架构之外的所有东西都是P2P架构的，实际上C/S才是特殊的，而P2P则是普遍的。
Network of nodes with equivalent capabilities/responsibilities (symmetrical)
P2P网络中的节点具有对等的能力和责任，是对称的。
Nodes are both Servers and clients called “Servents”
P2P网络中的节点同时即是服务器，也是客户端。

Security Management, OR Infrastracture Management

2005-09-15T12:35:00.000+08:00

运营商（也包括广电运营商和数据中心等）总是不断地寻求新的技术手段以最大限度地挖掘网络潜力、提高每用户营收、提高单位带宽的营收、寻找新的利润增长点、开发新的业务组合、降低客户流失。这些新的措施包括控制P2P业务流、对家庭和SOHO用户提供等级化（差异化）服务以替代当前施行中的大包月资费、对商业客户提供服务质量保障（SLA）、提升自身在未来话音、视频和数据三重业务（Triple Play）市场的竞争力。

所以，对网络中的IP分组数据除了保证其可达性、延时、安全性等之外，对其有效的监视、分类和控制是运营商能够立足于3G/NGN年代的基础能力。

Security management is having a much wide meaning to those telecommunication carriers, bandwidth mangement, performance management, traffic shaping, identity and accounting.... I am fraid that you can not find out what's not security related.

"Proprietary" crypto of Skype

2005-09-14T08:44:00.000+08:00

At the message of VOIPsa mailing list, Robert Moskowitz said:

"Some time ago, on the user forum I and another pushed for information on the skype crypto and beyond 'AES 256', we were told that information is proprietary.

Sorry, I cannot accept proprietary cyrpto. I can understand 'patent pending' or such. But not silence. "

I agree. If Skype insist on its "proprietary" crypto, those enterprises and professional users, i am afraid, will hesitate to adopt it as their primary communication tools.

P2P and Instant Message

2005-09-13T15:48:00.000+08:00

IM(Instant Message) and P2P(Peer to Peer) are two of the most popular terms at Internet. This diagram depicts the relationship between them with examples. What they are bring to end users, software vendors and the internet service providers? business opportunities, security threats. what's your opinion? Enjoy.

eBay bought Skype with 2.4B$

2005-09-13T14:13:00.000+08:00

Oops, the emerging virtual carrier giant - Skype is being bought by eBay, a world famous e-commerce operator. Can you imagine what will happen with eBay + Skype?

Oracle Agrees to buy Siebel

2005-09-13T09:09:00.000+08:00

This morning I read the news from my mobile phone. It's astonishing that such a short time after Oracle's acquisition of Peoplesoft. I am afraid most of end users would not like to see the monopoly or oligarch at the application software market. SAP, Oracle, Microsoft, where are others?

Skype Protocol Reverse-Engineering

2005-09-12T17:30:00.000+08:00

Do you believe that a researcher from China claimed that he has broken into the protocol used by Skype, ie. he can open skypenet without the skype client. In fact, a mini-skype is under developing with his own code.

http://publishblog.blogchina.com/blog/tb.b?diaryID=1546484

Might you want to skype him at: callto://shreksz/

Google与微软eBay等全面开战到底想干什么

2005-09-12T16:48:00.000+08:00

An interesting blog entry at:

http://blog.sina.com.cn/u/3fe543b00100001n

Just as what I comment a few days ago: while Microsoft dorminate the desktop operating systems, Google will dorminate the desktop information.

M2M-X by NTT

2005-09-12T13:57:00.000+08:00

I run into a document by NTT, which described a platform based on P2P and IPv6.

M2M-X means "Machine to Machine for any[thing|place|time]", where the "m2m-x Management Server" functions as:
- Authentication
- Access control
- Issuance/distribution of encryption keys
- Visible only for authorized peers
- Firewall control

Oops, do you have any comments on it?

Skype Journal

2005-09-12T12:13:00.000+08:00

Skype Journal is a portal to skype technologies, for those who care / like / are using skype. While skype is entering and booming all over the world, but due to the legal limitation, Tom and Skype can not do the same way as in other regions. I wonder why not they co-venture a company with those Railcom or other carriers with licenses...

Google Talk vs Skype

2005-09-12T11:18:00.000+08:00

I installed Google Talk and uninstalled it today. ie. I choose Skype instead of GT. Skype encrypts its traffic while GT not.