Forgot your password?
typodupeerror
This discussion has been archived. No new comments can be posted.

GNU Free Call Announced, SIP-based VoIP

Comments Filter:
  • It will allow the government to track you.

    • Re:Unfortuantly... (Score:5, Insightful)

      by cognoscentus (1628459) on Tuesday March 15, 2011 @12:36PM (#35493040)
      Well, they certainly seem to have thought about that aspect:

      "This project’s definition of secure media is similar to Zimmermann’s work on ZRTP, in that we assure there is no forwarding knowledge by using uniquely generated keys for each communication session. Furthermore, we will use GNU Privacy Guard (GPG) to fully automate session validation. This will be done by extending the SIP protocol to exchange public keys for establishing secure media sessions that will be created by each instance of SIP Witch operating at the end points on behalf of local SIP user agents, and then verifying there is no man-in-the-middle by exchanging GPG signed hashes of the session keys that were visible at each end."

      So there are encryption measures in hand. Even vanilla VoIP has SIP over TLS and SRTP to work with. ZRTP is reasonably well supported too. It also employs a Skype-style P2P routing system, which should help provide a comparable degree of anonymisation: "Our goal is to make GNU Free Call ubiquitous in a manner and level of usability similar to Skype, that is, usable on all platforms, and directly by the general public for all manner of secure communication between known and anonymous parties, but without requiring a central service provider to register with, without using insecure source secret binary protocols that may have back-doors, and without having network control points of any kind that can be exploited or abused by external parties. By doing so as a self organizing meshed calling network, we further eliminate potential service control points such as through explicit routing peers even if networks are isolated in civil emergencies."

      So, which is preferable, transparency wise, a technology provided by a publicly traded company, or an open-source technology which can be administered by the end users if they so wish?

      • by shic (309152)

        The problem I foresee with a distributed system (as I understand Freecall is intended to be) is nuisance calls - the so-called SPIT (SPam over Internet Telephony...)

        Traditional phones mainly relied upon cost - and the likes of Skype have the benefit of infrastructure under their control.

        Are there any plans to address this (orthogonal) issue, I wonder?

        • Re:Unfortuantly... (Score:4, Interesting)

          by WaywardGeek (1480513) on Tuesday March 15, 2011 @04:37PM (#35496132) Journal

          Well, I can think of various technical solutions. For one, you only know the person on the other end based on their gpg public key, which is probably registered somewhere you reasonably trust if you want to accept the call. We could show you the registration info for the caller, and after answering you will find if the person on the other end claims to be the same person or organization. If the call turns out to be illegal spam (based on the national do-not-call list?), we could have buttons in the app to report the caller to both the registry where they published there public gpg key, and with federal authorities who may be able to look into major offenders.

          Another part of the solution could be the whole web of trust thing, which is a great idea that never seemed to pan out. In theory, if you are trying to call me, some non-spammer I know should be able to vouch for you. Somewhere out there should be someone willing to identifying all real people on the net. In fact, maybe I would pay this organization a few bucks to somewhat verify that I'm a real person, and not a robot, someone unlikely to spread spam. If we automated black-listing spammers so fast that they didn't get to make many calls with that few bucks they paid to get white-listed, it wouldn't be profitable for them.

          Another possibility is that for callers not on my white list, I demand some electronic cash for the call to go through, maybe something like a buck. If I accept the call and don't black list you afterwards, your white listed and your cash is refunded. If I blacklist you, I keep the buck. I'd love to do that one to my ex-wife if she ever calls :-)

          • All these have already failed when applied to mail - what makes you think they'll work for telephony?
            • No, they haven't been tried for e-mail, and they would work if put into common use.

              If we were willing to upgrade e-mail protocols, we could beat spam. How dumb is it that we allow any person in the world to trivially claim to be any other person when sending you an e-mail? Imagine what a pain it would be if Google and Facebook leak e-mails of all their users and their contact lists? Heck, we don't even have the will shift to secure DNS. Like the shift to IPv6, the world wont willing move forward unless

          • by shic (309152)

            While I commend the effort to find a way around the inevitable onslaught of spit, I note that there are technical drawbacks. The web of trust sounds like a great idea - until you try to use it... then most people find themselves ham-strung by human nature which finds 'vouching' to be an onerous responsibility - especially when the full implications of making errors is not understood. Conversely, a centralised directory almost completely undermines the value of using a decentralised mesh network over conve

      • by F.Ultra (1673484)
        That prevents eavesdropping but not the tracking, i.e traffic analysis and the creation of sociograms which today looks like the preferred model by the authorities. They are no longer that interested in what you say as much as who you are communicating with.
    • It will allow the government to track you.

      _newsflash_

      And other "services" do not ? Look at skype for example you have to connect to other nodes to open a call it is not a direct connection. Who is to say that some rogue node is in between ? SIP can be 2 way and not multi node.

      With GNU Free Call everything is open sourced. It would be a whole hell of a lot easier to find out and eventually block bad nodes, MitM, etc. Also not to mention some people who like to use OSS and operating systems will finally have a decent service/client to use on multiple

      • by hedwards (940851)

        If it's that big of a concern, one really ought to be tunneling the SIP connection directly to the machine that they want to connect to anyways. That way you mostly have to worry about the end points and less so about the intermediaries.

    • Re:Unfortuantly... (Score:5, Insightful)

      by 0100010001010011 (652467) on Tuesday March 15, 2011 @12:54PM (#35493282)

      Oooo. Wire tapping. Waste as many CPU cycles as you want intercepting my calls about grocery shopping, how your day went and what time we're meeting at the bar.

      If I *really* wanted to kill the president, start thermonuclear war, blow up dirty bomb in New York City, funnel money to Al Qaeda, etc. I'd find much better means of communication.

      There are dozens of 'free image sharing' websites. Pair that up with craigslist, steganography and some pgp and best of luck tracking all of that. If for nothing else the noise ratio is way too high.

      So I plan on blowing something up. I take a stock photograph of a car and dump a pgp message into it. I post it to craigslist under something that doesn't exist. Like "Rare 1963 Ford Mustang" My friends know what to look for and maybe an area.

      For example this image: http://img842.imageshack.us/img842/5563/steghide.jpg [imageshack.us]
      Download, then run it through:
      steghide --extract -sf steghide.jpg -xf message.txt -p bomb

      Or there's python-stepic. http://img687.imageshack.us/img687/4907/stepic.png [imageshack.us]
      stepic -d -i stepic.png -o jnk

      And you can embed more than just short messages. I tested out a 20 paragraph ipsum.
      http://img153.imageshack.us/img153/4911/ipsum.jpg [imageshack.us]
      steghide, password 'slashdot'.

      It's only the dumb criminals/terrorists that get caught. If people WANT to hide messages, it's not that hard.

      • by AJH16 (940784) *
        You assume that the government doesn't have efficient means of detecting stenography. I know some people that were doing doctoral work on the subject and suddenly they were working for the government and most of their research became classified.
        • Well, either the government is expecting everybody to put stenographyc data at images and text at sites, or it is overwelmed trying to extract noise from every non-mainstream torrent out there. Either way, they'll only catch stupid people (if there is any stupid people that knows how to do stenography).

          Ok, the alternative is sane intelligency based filtering. Now, some governemnts may be able to do that, but it doesn't look mainstream.

      • Perhaps we need to add steganographic noise to the other elements on your photo-sharing sites, just so that your messages don't stick out like a sore thumb.

    • by shish (588640) on Tuesday March 15, 2011 @12:48PM (#35493214) Homepage
      What are you suggesting? That there's some sort of secret conspiracy, planning to take over the world by posting an unusually high number of phone-related news articles on a tech news site?
      • by slim (1652)

        He's suggesting that there might be some synergy between RMS talking about how cellphones provide a way for The Man to track you, and a GNU project popping it that aims to route voice communications through a P2P mesh with privacy features.

        Ya reckon?

  • Its aims are going to be crushed by its terrible name. GNU Free Call is a mouthful that even I, knowing what the acronym means, don't like the sound of. If they want adoption they should quit their self-promotion-in-the-name and re-brand, even "GFC" would be a million times better.

    • Re:Drop the GNU. (Score:4, Insightful)

      by Nerdfest (867930) on Tuesday March 15, 2011 @12:33PM (#35492986)
      I hate to upset RMS again, but dropping the GNU and just calling it FreeCall would be fine.
      • by Shikaku (1129753)

        GNUCostCall (pronounced nu cost call) would kind of work...

        • by hedwards (940851)

          Actually, you're doing it wrong. That's pronounced. Neek. Cost Call.

          If you do that again I shall say neek to you, good sir.

      • by StikyPad (445176)

        Or coming up with an actual fscking name. Why is this so difficult for OSS? Free Call is uninspired and reminiscent of both built-in Windows card games and, not coincidentally, "fecal." Here's a few alternatives off the top of my head:

        VoCall, SyndiCall, CryptologiCall, UnequivoCall, etc...
        Banter
        Speakeasy
        Clarity
        Teleport
        Switchboard
        SPL (pronounced "spiel")
        Freq. In/Out
        Streaming Telephony Framing Utility
        uPhone (greek mu, pronounced "microphone" by geeks; "you phone" by idiots; "lawsuit" by Apple)

        Really though

    • It'll probably be a command line tool or library that nobody will use in its pure form; instead, they'll use a GUI frontend with a completely different name. I expect it'll eventually be built into Pidgin and other chat programs.

      Of course, I didn't read the article so it's all a mystery! I love surprises.

      • It'll probably be a command line tool or library that nobody will use in its pure form; instead, they'll use a GUI frontend with a completely different name. I expect it'll eventually be built into Pidgin and other chat programs.

        Of course, I didn't read the article so it's all a mystery! I love surprises.

        And finally one IM/SIP/irc/etc Client for all your needs .

      • by radtea (464814)

        It'll probably be a command line tool or library that nobody will use in its pure form; instead, they'll use a GUI frontend with a completely different name.

        No, they'll use 12 different GUIs that depend on a hundred different libs and apps on different platforms. You'll go to the "gnufreecall" website and get a list of links to FTP sites that contain different and incompatible versions of various backend tools and GUIs, with "installation instructions" that start with, "To install from github..."

        • by Korin43 (881732)

          No, they'll use 12 different GUIs that depend on a hundred different libs and apps on different platforms. You'll go to the "gnufreecall" website and get a list of links to FTP sites that contain different and incompatible versions of various backend tools and GUIs, with "installation instructions" that start with, "To install from github..."

          Oh no! Not multiple programs using the same library! Then we'll get terrible confusion like how end-users want to download Webkit, but it's a huge pain because they have to find their own Javascript library and network stack and everything, and then do a bunch of programming, then compile it themselves. It would be really helpful if normal users didn't know what libraries are, and always looked for an actual program instead of library -- like Safari, Chrome or Konquerer, but average people are way too inter

      • by slim (1652)

        It looks like what they're doing is using SIP Witch [gnu.org] as a basis. As far as I can tell, SIP Witch just connects endpoints to each other, allowing those endpoints to negotiate a protocol for what they're streaming to each other independently. I think the new thing here is that it'll be able to route through a P2P/mesh type arrangement, for privacy and independence from a single central service provider -- but everything else is existing code. ... and SIP Witch has the GUI separated from the daemon, as any sane

    • I'm not sure I agree, the GNU in the name commands seriousness, and dedication of the project.
      From it people immediately understand, that there are some technical hard-hitters behind it, and that it won't suddenly turn into a free (but you need to pay) kind of thing, that happens to most of these so called "free" things.
      Without it, what's to differentiate the project from all the googles, voddlers, moogles, twitters, flickrs and all other stupid names that one can't even remember the difference of?

      • by surgen (1145449)

        I'm not sure I agree, the GNU in the name commands seriousness, and dedication of the project.

        Like the dedication to GNU/Hurd where they'll give up as soon as something better comes along?

        It doesn't command seriousness or respect. gcc and linux both have gnu in their name, but most common users never see it. When I see GNU in a name, I don't think there are smart people are behind it because of the name, there are smart people behind plenty of non-gnu open source projects too, I just see shameless self promotion.

        Frankly, outside of Free software communities, the GNU folks are acknowledged to do go

      • OMG, I LOL'd, you are so right! :D
    • Meh, personally, I hope it goes through, because if you ever have to support it, you'll be in the Gnu Free Call Information Technology group, and get to say to people...

      GNU -- FC IT, but how can I help you anyway?

    • by bieber (998013)
      Gnu Free Call would be a pain to say every time...which is probably why it will be commonly referred to as GFC if it acquires a significant userbase...
      • Gnu Free Call is only 3 syllables, so is GFC, equally pronounceable. Unless you pronounce the "G".

    • Agreed. I'm grateful for all the tools that have been published under the GNU name, but it's PR poison. Let me count the ways:

      1. People who read it for the first time will pronounce it "new".
      2. Other people who talk to them will look for "New Free Call".
      3. Geeks who talk to them will give them the "it's pronounced guh-noo" speech, which sounds dumb.
      4. People will inevitably want to know what the acronym stands for. When they find out, it will sound like Dadaist word salad and they will wonder why it is so damned impo
    • It would be pronounced "New Free Call" . People would wonder about the "Old Free Call"

  • In case you're not aware, Ekiga already exists and is a free-software SIP client implementation. See http://ekiga.org/ [ekiga.org] . At best this should be an extension for Ekiga, not an entirely new project.

    -molo

    • by Ephemeriis (315124) on Tuesday March 15, 2011 @12:35PM (#35493028)

      In case you're not aware, Ekiga already exists and is a free-software SIP client implementation. See http://ekiga.org/ [ekiga.org] . At best this should be an extension for Ekiga, not an entirely new project.

      -molo

      Ekiga is a softphone client, not secure self-organized communication services.

      This project aims to implement the entire VOIP network back-end, vaguely similar to how Skype does it (largely P2P).

      • by cpghost (719344)

        This project aims to implement the entire VOIP network back-end, vaguely similar to how Skype does it (largely P2P).

        I sure hope they won't need any central servers, including DNS, that could be used as choke points by any entity (commercial or government) to shut off the network.

        • by Anonymous Coward

          Yeah. I'm also hoping they route all internet traffic by satellite, otherwise the government could use routers as choke points to shut off the network.

        • by F.Ultra (1673484)
          Well you have to bootstrap the clients somehow, and think about NAT, or even worse, the coming carrier grade NAT. But it sure can be made in a far more distributed way than Skype.
    • by Anonymous Coward

      What are you talking about? This is free, open-source software, where fragmentation and throwing a hissy fit by starting your own fork are the first steps to the path of failure and obscurity.

  • by Anonymous Coward

    Oh oh! Being GNU, does that mean that my conversations become open sourced by purely communicating over this service? I'm wondering this because technically my voice is being de-compiled into a byte stream and then re-compiled on the other end. Doesn't that make all my conversations bound to the terms in GPL? And how would I attach the source code of my conversation? Would I have to have some sort of text-to-speech implemented (non-proprietary of course) to facilitate this? And if I am discussing somet

  • Erm... (Score:4, Informative)

    by shellster_dude (1261444) on Tuesday March 15, 2011 @12:36PM (#35493046)
    Empathy, Ekiga, Twinkle... the list goes on. Even pidgin has SIP plugins. Why is this project special or needed?
    • Re:Erm... (Score:5, Funny)

      by cobrausn (1915176) on Tuesday March 15, 2011 @12:38PM (#35493072)
      None of those have GNU in the name.
    • Oh and if you say that the new application will implement the entire VOIP backend, then have you heard of Asterisk?
      • by LWATCDR (28044)

        This is supposed to be a peer to peer system. Which makes me wonder how will it interface with POTS or will it just be an internet only system.
        In which case why not just use voice chat over any number of jabber clients?
        Of course you are correct in one really important way. It would be dumb to not develop a plug in for Asterisk for this. You can buy a Skype gateway for Asterisk now.

        • This is supposed to be a peer to peer system. Which makes me wonder how will it interface with POTS or will it just be an internet only system.

          I'm not sure they're thinking that far ahead, but perhaps the POTS gateways would just be "peers?"

          • by LWATCDR (28044)

            Who will pay for the pots interface? Will they create a billing system so people can add a POTS interface to their system and make some cash?
            That is the issue. It takes money to interface to POTS. That is why Skype charges for it.

            • Who will pay for the pots interface? Will they create a billing system so people can add a POTS interface to their system and make some cash? That is the issue. It takes money to interface to POTS. That is why Skype charges for it.

              Short answer: the users of the gateway will pay for it, just as they do now.

              Long answer: SIP gateways that charge for their services exist already. They are not necessarily connected with the suppliers of the SIP clients. Generally, they are separate business that happen to have a customer-facing SIP service. Currently, you log into the SIP service and they route your call to the land-lines via the internet. What would change with the new protocol is the routing between your client and the SIP-to-POTS g

              • by LWATCDR (28044)

                If you are going to contract with a sip provider then why have this project?
                If you really want to do computer to computer communications why not use Jabber? It is already an open standard and has been adopted by both Google and Facebook. There are a large number of Jabber servers that are open to the public as well.

    • Empathy, Ekiga, Twinkle... the list goes on. Even pidgin has SIP plugins. Why is this project special or needed?

      As I understand it, the crucial difference here is that their objective is to implement the VOIP back-end as a P2P service. Something like what Skype does now, but without being evil.

  • by Anonymous Coward

    Summary:

    • They are taking SIP Witch and adding GPG integration.
    • Each device that wishes to communicate will run its own SIP Witch instance....
    • ... though you can still run a central SIP Witch instance like today.
    • The modified SIP Witch will initially rely on host caches for P2P connection...
    • ... and in the future will move away from that to Some Sort Of Magic for node discovery and connection.
  • SIP doesn't even traverse NAT firewalls without help from outside, and even then, barely.
    SIP is also too verbose, and therefore it's hard to tweak the network to avoid jitter. (This is a huge problem currently)

    A large reason why Skype became so popular is, that it didn't have the same problems as SIP.

    IAX2 has none of these problems, supports multiple line trunking, and, it's already supported by lots of software and hardware.

    IAX2 was developed out of a need for an efficient call trunking protocol for the fr

    • by Superken7 (893292)

      "SIP doesn't even traverse NAT firewalls without help from outside, and even then, barely."
      Yep, thats what ICE is for.

      What do you mean, if it traverses NAT, then only barely? I didn't know you could barely send an IP packet. is there anything like an O_BARELY flag? ;)

      • ;)

        Depending on the type of NAT and the SIP implementation, it either works or it doesn't.
        Also I don't want to reconfigure my client each time I change network.

        In my view, this is the *main* reason for the weak adoption of SIP, it's also getting way too complicated.

    • SIP doesn't even traverse NAT firewalls without help from outside, and even then, barely

      The problem here is NAT, not SIP. The solution is IPv6 and reintroducing end-to-end connectivity. SIP is also only the signalling protocol. The actual multimedia streams are usually RTP, so the jitter you refer to is nothing to do with SIP.

  • A last moment request to the developers: Please make exiting of the reference client the key sequence ESC:wq\n and not Ctr-X Ctrl-C. Please?!
  • Congress passed a law requiring US based ITSP's to provide E911 support. If this idea ever went live it would require the same connections to E911. This connection costs money, its not free...

    GNU VoIP would have to pay Verizon/Comcast/et cetera to connect to E911 and who is going to pay for that?

    Unless congress provides an exemption.. (pfft, yahh)

    • by h4rr4r (612664)

      So don't base it in the USA. That does not mean folks in the USA can't use it.

      • First implication that comes to mind is...

        If you want to get sued when someone picks up your phone and dials 911 during an emergency.. Does a sticker really prevent liability (this phone isn't connected to 911)?

        • If you want to get sued when someone picks up your phone and dials 911 during an emergency.

          Um, what? I know you guys are pretty trigger-happy when it comes to lawsuits, but could some Joe really sue you because a random device isn't what they thought it was?

  • Seriously, I tried sipwitch on my laptop, and quickly removed it when I realized that it was often using 100% of my CPU. Bad experience. I hope they will improve, because I, too, need a free software alternative to Skype.
  • Steve Ballmer intimates this is infringing on Microsoft patents; then I'll know it's real.
  • I miss read the summary at first and thought they are aiming for it to be as stable as Skype, I thought can't you aim a little higher than that guys.

    Reminds me of someone talking about how they got 5 nines uptime with Windows, some else asked if they were aiming for 10% next year

  • by Anonymous Coward

    Think it will ever happen? Or is this just more GNU vaporware

  • by DaMattster (977781) on Tuesday March 15, 2011 @02:42PM (#35494758)
    As others noted, it bears some remote resemblence to skype. I wonder why they chose GNU Free Call and decided to go the peer to peer route. I would think having a community hosted, distributed PBX would be a much better solution. I happen to really like SIPXECS at http://www.sipxecs.org./ [www.sipxecs.org] It lends itself to distribution quite well. Plus, SIPXECS is quite mature as a platform. I cannot help but cast a somewhat dubious eye at GNU Sip Witch.
    • by F.Ultra (1673484)
      Beacause with the BW involved you have to go the P2P route. FSF is not going to shell out massive amounts of cash for fat pipes.
  • I was all excited to see what a VoIP program that distinguishes itself as being "free of GNU" really meant. Come to find out, it is just a GNU project with a terrible name.

  • Whether you like Stallman's politics or not (i think he's a bit of a zealot, but I'm sure he'd agree and think as a compliment) there's a decent history of projects launched and ending up in some kind of Limbo someplace. Even emacs, his pet project, got forked into xemacs because of inactivity. The hurd has gone through many iterations, many underlying microkernels, and seems irrelevant. Even gcc, probably the best known and used FSF project, was forked by the egcs team and moved so much quicker than main

  • the op obviously hasn't tried the "latest" 2.1 beta of skype for linux - i expect he's been using skype 5 on windows/osx.

  • The one feature I have not seen on ANY of the VoIP programs, game, phone, or otherwise, is a nifty little system called JACK. To have a VoIP client with the ability to connect with other JACK clients would be downright awesome; this would especially be the case for broadcasters, podcasters, and other types of people who work with sound for a living.

There are running jobs. Why don't you go chase them?

Working...