VoIP’s Best News, Ever
Since I’ve been in the telephony space I’ve noticed a huge change in myself: I went from being a passionate dreamer to a cranky cynic in a very short time. Although I no longer consider myself a part of the telephony industry, I like to follow where it’s going and occasionally pontificate. My Twitter account has killed my blogging to a large extent but I recently tweeted about something worthy of this full blog post.
Last week the blogosphere went abuzz reporting that a very widely-used algorithm used to encrypt cell phones’ audio has been cracked. I’m not a cryptogeek so my original reaction was basically “Fun! Go hackers!” After all, it was just like that scene from the hacker movie Takedown when Tsutomu Shimomura, the guy credited with catching Kevin Mitnick, is sitting in front of a congressional panel with a phone in his hand actively eavesdropping in on surrounding phone calls. Cool, right???
After looking into the details of how the hack works, I find it warranting much more seriousness than a flippant dismissal. This isn’t a cryptogeek issue. This is a real exploit warranting real concern and offering the fortuitous potential to bare a new industry and cripple another. Enter VoIP.
What happened to VoIP?
In my dreamer days, I expected VoIP’s merits to have fatefully forced Big Telecom’s capitalistic abdication by now. Today, in a new decade even, I don’t see much of any progress at all in the VoIP industry by anyone besides Skype. Instead of residential users switching from landlines to VoIP, they’re switching from landlines to a cell phone. Makes sense; modern cell phones are the perfect candidate for truly “personal” computing demands. The PC at home is for less “personal” stuff.
You might think that’d be the end of the story. VoIP stays the solution for business desk phones and backend infrastructure. Maybe not. Compounding the cell phone vulnerability news, AT&T now loosely forbids sale of iPhones to customers living in New York City due to chronic network congestion. This is yet another reminder why we’ve culturally accepted the screaming of profanity at phone companies like we do the government. My own city of San Francisco is often cited as the 2nd worst place for cell phones after New York City (but we’re #1 for cursing about the government!) and I can wholeheartedly testify to how miserable, often useless, the reception is here.
VoIP as a solution
At the risk of seeming melodramatic, let me pose two totally plausible anecdotes to make my point:
Before: Imagine taking a business trip to New York City in the near future. You’re walking to your customer’s office while talking on your Google phone with a business associate back home. Somewhat frighteningly, you can scarcely hear your partner discussing details about the meeting you’ll soon attend. When you get to the lobby of your customer’s skyscraper, you notice the signal strength is fantastic and call your associate back with little concern about further drops. Unbeknownst to you, however, a device about the size of a chair is servicing your phone call in a small office in the building rented indirectly by a hacker. Every phone call and text message in the skyscraper are being systematically recorded, decrypted, annotated with metadata, and sold on the information black market. No one in the skyscraper has suspected that their cell phone provider of all things is the enabler of their identity theft and espionage against their employer.
After: On your way to the customer’s office, you and your associate are intensely discussing the meeting you’ll soon attend. You’re using the cell towers but, hey, you have five bars. As you walk into the skyscraper’s office, you notice a brief hiccup in the audio and suddenly the call is in wide-band “high definition” audio. To prevent others in the lobby from overhearing your sensitive conversation, you walk to a more private area near the elevators. After a few minutes, a women steps out of the closest elevator and looks at you for a moment, perplexed. She asks “How do you cell reception here? My calls always drop near the elevators.” You reply “My phone switched over to wifi when I walked into the building.” The hacker won’t be selling your calls’ audio to anyone. Your high-definition calls are fully encrypted by your VoIP provider, whom you use for the phone at home, at the office on your desk, and on all domestic and international business trips (with no roaming fees).
Put simply, I think mobile VoIP can solve NYC’s congestion problems and solve the impending cell phone privacy crisis in one stroke. Mobile VoIP providers have existed for several years now. Skype, Truphone, and Fring all fight over this space. Truphone has even had the seamless carrier to wifi transitioning since early 2007. (Disclaimer: I was a Truphone consultant a few years ago.) The reasons I think mobile VoIP hasn’t caught on are threefold:
- Until very recently, carriers have been forbidding VoIP. That’s changing. Because of this, however, …
- Consumers haven’t demanded mobile VoIP, therefore …
- Most mobile phone platforms don’t support the features in my example that would make it convenient.
I refer to news about GSM being cracked as “VoIP’s Best News, Ever” because, finally, VoIP gets a new selling point that everyone can understand: security. If I ran a mobile or residential VoIP company, I’d do everything I could to assist the commoditization of GSM cracking tools, especially for A5/3, the encryption algorithm to which carriers have begun switching. Not because I enjoy Schadenfreude as the world laments but because it’s the quickest way to solve the problem: motivate the movement of control away from the oligopoly to the innovative market.
The last mile now requires iPhone and Android to follow Symbian’s lead by baking VoIP stacks into their platforms with encryption support. Like with Symbian, applications must be able to mimic an incoming call and intercept the default phone applications’ “Dial” button to launch VoIP calls. Android is far more prepared to do this than the iPhone is. In light of rumors about Google Voice’s iPhone and Android apps having built-in outbound VoIP, I think it’s only a matter of time before Google offers something just like the service in my anecdote above (sans inquisitive businesswomen).
One question, which WiFi network did you switch over to once you walked into the skyscraper? Seems to me, it would be a high expectation to think you have open and free access to WiFi.
Jason
4 Jan 10 at 10:18 pm
Jason, I assumed the businessman in the anecdote had been to the customer’s office prior days or prior business trips and got the key then.
Jay Phillips
4 Jan 10 at 10:42 pm
WiFi is not a panacea for this exact reason. Rarely does one have access to WiFi in the way presumed. Most corporations keep their WiFi under lock and key, not granting guest access. And when they do have guest access, many times you have to accept a TOS via a webpage to get access each new session (think iPhones on Starbucks networks). Even at major hotels you are still required to sign-up and pay for access on a website. All of this creates friction in terms of seamless use of VoIP over WiFi when out in the wild.
Someone has to build a reliable global network that is uniformly accessible. The closest effort I know of is Fon with their Foneros (http://www.fon.com/en/), but simply not pervasive enough.
Where WiFi/VoIP may help offload network traffic is to allow VoIP on the handset within your own home or office WiFi network. But this is pretty much an iPhone/AT&T issue, as with the likes of Android and others you may already do this.
Where there is room for improvement for carriers is a seamless hand-off between Mobile and WiFi/VoIP. As who wants to really buy a Femtocell?
Jason
5 Jan 10 at 6:22 am
Have you looked into UMA technology? T-Mobile currently provides unlimited UMA/VoIP calling as an add-on to their plans.
Brian
5 Jan 10 at 6:55 am
@Jason, a few things….
Although I haven’t kept up with where it’s went, Truphone had integrated a feature into their mobile application which used another company who automated connection to networks with the awkward connection policies you described. It was a data collection nightmare but that was their job. Since they should cover most of the companies who sell off-the-shelf wifi protection systems like that to corporations, it should work pretty well once you’ve entered your username/password and accepted the EULA on a previous trip. For premium networks I think it could automatically deduct money from your Truphone balance to pay for it or give you a much nicer prompt to enter the information. Don’t quote me on the last part though since it’s been a while.
Jason, I don’t envision all the cell phones of the world seamlessly switching to wifi anytime there’s any accessible network available. A good chunk of the workforce in a place like NYC is white-collar workers who either already have wifi at work and home or whose employers would put in wifi in a heartbeat it if meant that their calls got the added benefit of encryption during a time when cell phone calls are generally distrusted by everyone.
@Brian UMA is basically what Truphone does although they don’t obviously own the carrier’s radio access network. Instead they own the phone number and proxy calls back-to-back to you. Cool stuff, though.
Jay Phillips
5 Jan 10 at 4:38 pm
Tsutomu Shimomura did that in the day of Analog Cell phones… its not possible to do this now without extensive crypto gear.
/b
Brian West
16 Feb 10 at 1:55 pm
It sounds a bit lame to say, but I don’t think VoIP is disruptive for consumers in the way that most users currently purchase it.
Specific products are: Skype is disruptive. Google Voice/Grand Central is disruptive. VoIP is very disruptive in the wholesale world (SIP/all-IP transport, softswitches).
But hosted SIP PBXes/phones as provided by Vonage, Speakeasy VoIP, and the like are just cheaper (and sometimes a little more convenient) than landlines.
It’s not a Clayton Christensen-style disruptive innovation that would be evaluated on totally different merits. Customers evaluate it against cell phones and landlines, and like you said, cell often wins.
Many hosted PBX vendors even disable the knobs that might be disruptive (or at least uniquely appealing), like by disallowing devices other than their own.
As a service, pure VoIP will never turn the consumer phone industry on its head. On the upside, at least SIP is finally easy to setup…
Troy Davis
8 Apr 10 at 8:20 am