May 31, 2006 | Comments: (0)
Is the Internet a public utility? Or is it an agglomeration of profit-making businesses that have unfettered rights to change, price, and allocate their product?
I believe how you answer this question (and belive me, both answers have some validity) is quite telling as to your view of marketplaces in general.
The public utility folks (a long list of folks including the EFF) believe unequivocally that all traffic should be treated the same. The 'greedy' providers claim that this is merely a QOS issue -- ensuring equal access to Internet resources requires that heavy users pay more.
The "Internet should be free, unfettered, blah blah blah.." folks are ignoring the most powerful lever that can tame the AT&T's and Verizons of the world -- user choice. There's a reason that we are all not stuck on AOL in the old walled garden -- alternatives became more attractive, and AOL got caught in the classic innovator's dilemma.
The big providers are ignoring the fact that any change in the terms and conditions is basically a price increase (which nobody likes). And the Internet crowd (Yahoo!, Google, etc.) don't want to share their advertising shekels with mere pipe providers.
This is basically much ado about nothing, and an exercise in feel-good populism. The first ISP to start any form of content discrimination will find out very quickly how easy it is to change ISPs. And the Internet crowd should realize that playing ball with the major ISPs (to a certain extent) is just smart business -- somebody has to pay for all of the bandwidth required for widespread video distribution, VOIP, etc. It might as well be Google (they seem to have a few dollars lying around) -- especially since Google has been threatening to Wi-Fi the world, and make the traditional ISPs moot. Hey -- folks like Yahoo! already pay Akamai to distribute their content more efficiently across the ISP networks. What's the difference?
Posted by Paul T. Ryan on May 31, 2006 07:03 PM
April 06, 2006 | Comments: (0)
In another misguided attempt to stop some dubious behavior, the House of Representatives is trying to outlaw caller ID spoofing. This is another example of legislation that will not achieve the desired outcome (i.e. getting the baddies to stop using spoofing techniques in their social engineering games), and could possibly hurt unsuspecting companies.
Why? It is a trivial task to change your caller id these days to be any arbitrary value that you want. With the advent of widespread VOIP providers that actually let you do this explicitly, even the script kiddies can do this. Those savvier folks can either reprogram their phone switch (with VOIP switches like the NBX 3000 from 3com at less than $2k these days), or program their Asterisk switch (open source -- free) to present any caller ID you want to.
Caller ID should never be used as a form of security. For example, there is a HUGE security loophole for most people's cell phone voicemail. I've tested both Cingular and T-Mobile -- both of these providers at least in southern California use caller ID as an authentication mechanism for voicemail. What does this mean? If you set your call ID to be somebody's cell number, then dial that cell number, you get thrown into voicemail without any authentication. Wow. What a security problem. The easy work-around is to put a password on your cell phone voice mail (how many of us do that?)
My point is that the easier the work-around/hack to let you do something, the more silly/infeasible/stupid a legal remedy becomes. It's reminds me of the issues with copyright and shared music -- if the workaround is trivial, then the legal remedy is foolish and irrelevant (but more on that for a later entry).
The danger here is that certain company practices might fall afoul of this new law. Say, for example, that I am selling products to people in San Diego. I might want the caller ID presentation to my company's outbound calls to be a local San Diego number (that forwards to the main company number). Is this spoofing? Who knows? With telephony advances (and commoditzation of 800 numbers and local number call forwarding), these types of practices will become more common. They are beneficial to the consumer/customer (they get to call a local number), as well as the business (you have a local presence).
So stop using caller id for any form of security authentication, and put a password on your cell voicemail. And merely use caller ID as a suggested number that you might call back on. You've been warned.
Posted by Paul T. Ryan on April 6, 2006 05:03 PM
TOP STORIES
ADDITIONAL RESOURCES
- Virtualization: A Step by Step Approach to Success
- Dialing up Agility with Business Transformation
- 5 Things You Need to Know About Storage Virtualization
- Is your smaller organization ready for High Availability?
- Is system maintenance doing more harm than good?
- Virtual Test Lab Automation: Manage development infrastructure
