I have read the justifications for E-bay paying so much money for Skype, but was never satisfied with them. I wonder if they had any extra incentives from the government to buy Skype. The Communications Assistance for Law Enforcement Act had no jurisdiction over Skype as long as they were a foreign entity, but now that they are owned by E-Bay, they have to follow US laws, so that law enforcement would have access to the VOIP traffic of the biggest fish in the VOIP pond.

Thanks for encouraging people to read the SIP rfc -- the more people who do that, the sooner we'll get rid of it, I'm sure. As I read it I couldn't help keeping a list entitled "Some stupid things from the SIP rfc." For example: "All SIP UAs must have a means to guarantee that the Call-ID header fields they produce will not be inadvertently generated by any other UA." So now they're mandating clairvoyance, apparently. But, hey, that's not enough, because even though you've got a magically unique callid, you still need at least three other unique IDs: cseq, tag, and branch. How many IDs does one dialog need? This spec is a complete disaster -- no wonder I don't know a single person who's happy with their VOIP service.

As bad as all this sounds I have to say I'm not all that surprised. You get the bad with the good on the Internet, it seems. The problem with having the public fight these problems through normal political channels is that regulation of the bad will also mean regulation of the good, such as taxation on ecommerce, etc. (although I'm sure that's coming sooner than we think anyway). I can't think of another industry or communications medium in the U.S. that doesn't have regulation working for both ends with it winding up being a never ending tug of war.

On a lighter note, dynamic IP services have worked pretty well for me over the years. I can stick with major ISPs that provide dynamic IPs and still run non-business-related web sites from home.

I use No-IP.com that lets you run a small program to let their DNS servers know what your dynamic IP address is, thus keeping your domain name resolutions accurate. I don't work for No-IP.com nor do I know anyone personally there. It's an honest recommendation for a service that has worked well for me over the years. Ciao.

Whoa, Nellie! A very significant article, Cringe, and a very significant comment, George. Sounds like its time for Free/Libre Open Source to ride to the rescue.


I don't know of any projects for this, but what is needed is something that can encrypt my voice/data call and then pipe it into the SIP/Skype application. Or its moral equivalent. This is serious stuff and needs to be addressed quickly. I'm going to go hunting over at Fresh Meat (http://freshmeat.net/) and see what I can find.


Help me, Mr. Wizard!

Thank you, thank you, thank you.

This article sheds light on a scary dimension of our modern world. We need more protection from government from these kinds of company shenanigans. And we need a separate court for technology-related legal issues. We can't expect judges to become tech experts overnight -- to understand the subtleties of all this stuff.

I'm hoping Stanford University or some other foreward thinking institution will create a masters program in "tech law," which naturally would include a healthy dose of antitrust and intellectual property law, along with the emerging field of law protecting consumers from the practices of large (and small) companies.

Phil Shapiro
Washington DC

Back before this was a blog, Mr. X had a column on things Security, and I replied that said column implied that VoIP could be intercepted. Mr. X replied that it was too tough and nobody would bother (paraphrasing). That's not the name of that tune, no more.

Yes it's a sad state of affairs indeed. But then again the new telco reality is just replacing the old. Since the old carriers are in a pretty good position to take over mass market VoIP, one would have to expect the old mentality to remain. And the old telcos definately have zero respect for their customers.
Just this month I had to deal with:

1 business DSL that the provider keeps running in spite of numerous attempts to close it over more than a year. They are trying to pin the bill on me even though it is not in my name.

Disconnects every 15 mins on my own DSL which absolutely kills my SSH connection to the server I use.

My cable TV box crashes daily, manages to figure out the name of the current program just over 50% of the time. The service crashed once, and rebooting had no effect so they had to replace the box .... twice. To top it off they have a policy to apply new bills to the account before they send them so if you are a bit late on paying a bill chances are they will cut the line.

And the future is pretty bleak. Virgin and News Corp are lining up for a battle. Virgin has the monopoly on cable TV while News Corp has the monopoly on satelite, so the likelyhood of any real improvement is non-existant.

Phil Zimmerman is already working on encrypted VoIP with his zphone project: http://zfoneproject.com/

It's good to hear VoIP is accessible by the government. We need more intellgence gathering to prevent another 9/11 event. If the average joe doesn't like their stoopid little conversations being monitored, well tough.

coderpunk - how does it differ from pgpfone, which he did about a decade ago?

OK, ALL telcos suck. I recently talked my way out of a Verizon contract...after a year of not being able to make or recieve calls from my house. Going upstream to through the tech support finally got a "Level 3" guy to admit that it does not work in our area, so they let me out. Getting out of Comcast VoIP was easy, but they KEEP BILLING ME. So far we are on call five, with each supervisor assuring me that the problem is solved.
Alexander Bell would be horrified to see what his invention has become!

Mr. Wilson,

We're glad that you approve of the monitoring of VoIP and other voice communications in order to prevent terrorism. Hopefully, this means that you won't mind that we've been monitoring your calls and internet usage for the past six months. We appreciate your support.

-Homeland Security

P.S. Your sexual proclivites will not look good to a jury - we suggest you stay off your favorite pornographic websites for a while.

I hope Al Wilson is being facetious. On the other hand, if he really believes that every government agent potentially monitoring a VoIP call is doing so with the purest of motives, and that the mechanisms that allow governments to listen will not be accessible by others with nefarious motives, then he is very naive.

Regarding e-mail reliability, I used to work for an ISP (the very first public one, as it turns out). Back in I think 1994 we were having a lot of trouble with AOL; it would take tens of attempts to get an SMTP connection to them, so we were building up crazy amounts of e-mail in queues that we couldn't get to empty because their servers were not accepting connections fast enough.

We worked out technical solutions to that such that we could usually manage to get them their mail without much delay.

One day they had a big failure in their SMTP engine and were down for most of a week. We accumulated a lot of mail for them in that time. When they came back up they were still really slow and we calculated it would be months to clear out the queue.

We got them on the phone and asked if they wanted us to send them a tape of all the mail that they could simply upload in-house. All we required was that they pay a reasonable amount of money for the time, tape, and postage (I think it was on the order of $100-200, for something like a half million messages). They said, "nope." We said, "we're going to have to drop a lot of those messages on the floor, then." They said, "That's ok, we don't care."

Business as usual. It's practices like these that made me decide that the best course of action was simply to set up my own mail server.

It seems that even the big ones like Hotmail and AT&T have constant problems with incoming mail!

Earthlink is not the exception.... unfortunately.

If someone is listening in on my phone conversations...they really need to get a life of some kind.

It certainly is frightening when one considers the possibilities of potential security risks inherent with VoIP traffic. And the SBC, a device/program that is designed to more or less defeat your routers NAT, well that just seems wrong (albeit necessary for SIP to work). I understand and applaud what all the IP network has made and continues to make possible, however there are some things it simply was not designed to do and voice is (in my opinion) one of them. Yes VoIP is typically more economical and you don’t have to deal with the behemoth Telco, but the quality of the call itself will likely never be as high as it was in the heyday of TDM. It’s really too bad that that big behemoth phone company didn’t care more about the customer as that indifference has been the biggest driver pushing consumers to VoIP and other communications methods.
By the way, there are still of few of us small operators/telcos that don’t suck. We actually still care.

Fear not. All will be explained in the spring premier of JERICHO.
Hawkins has his hands dirty.

I believe "sleeping in the buff" would be included in "cultures where pajamas are not worn", so that one's covered...er, uncovered.

My primary Internet service is a single DSL link provided by Qwest. My backup link is provided by a free nationwide wireless network called "linksys". ;-)

Interesting discussion to start off with Google then segue into. Is a mention of Google a requirement for articles these days, just to get people to pay attention?

All the bluster about VOIP security is getting old already. VOIP is another use of the network, and as such subject to the foibles of network architecture and engineering. It was similar in the pre-VOIP TDM days. Phone phreaks could do things that were scary, but the network was not exposed to John Q Public so it went largely unnoticed.

With careful design VOIP is as secure as any network traffic... if you make the effort. Vonage and the "unlimited-service-for-next-to-no-money-crowd" simply haven't bothered. Not even considered it.

Of course there are ways around the issues your present regarding SIP. These don't really apply to mom & pop Vonage user, but those so inclined can secure their VOIP sessions using common VPN technology. That presume that you are using VOIP to link end points within your control, such as company offices.

You can also use Phil Zimmermann's ZRTP to encrypt calls on the fly. A number of VOIP phones (SNOM for example) support SRTP.

It is my hope that some enterprising small ITSP will offer SRTP/TLS style connectivity for SIP users, and IAX2 user as well while they're at it. I'll sign up right away and send them my Asterisk traffic.

If interested in this stuff your readers would be well served to follow the Blue Box weekly podcast on VOIP security. http://www.blueboxpodcast.com/

If you think that this is a big problem, consider all the insecure wifi access points out there in the hands of the unsuspecting. Millions of back doors to the internet.

Way back in high school, around 2000 i was taking an ROP class and we had our own T1 line seperate from the schools. The class taught networking, specificly cisco networking. One day the internet went out. My teacher said no worries since he had gotten at&t and they guaranteed internet connection with money back if it were every down. Our internet was down for about two weeks. When my teacher called to get money back for ROP, they basicly said it was not their fault it was somone else's and that was all in the agreement. These companies have so much leverage, the only thing you can do is file a massive class action lawsuit that causes them bad PR. Even then, it is not known how it will get them to change.

Your kids look cute. I guess they inherited their mothers good looks. What are the ages of your kids? Does mom & dad have matching pajama's?

Your kids are at a great age. Enjoy every moment.

It won't be long until Channing is going to kindergarten, then on to "school." Then time will really fly!

I still cannot print the article properly, the right hand side of the text gets chopped off. I liked it better before we went blogging.
Jim

Many years ago, in an attempt to stay with the small responsive company, I registered my domain name with a company other than Network Solutions. Everything was great until they were bought by Network Solutions a couple of years later. Network Solutions then proceeded to mess up the accounting paperwork accuse my domain of being unpaid and cut off the domain service. It took a month of notarized paperwork to clear up the problem. A month without my business domain name, web site or email! There was never any compensation or apology.

Bob, It's been great reading your words on a week to week basis. I love hearing what you have to say because it isn't covered with all the crap that the companies you write about give us. That's the upside to your blog, here's the downside. I can only understand ~75% of the technical jargon you use. Whenever you get into the technical information it shows your knowledge, and it instills a trust between me, the reader, and you, the writer. But that doesn't mean I know what you are saying. I wish messages like the one you wrote about in this week's blog, could appeal to a larger audience so more are aware of what is going on in the technical world. Only a small percentage of all the posssible readers in this world could understand you, and take something away from it, even if they were eager readers. The ones that leave comments here all seem to be tech savvy, (I'd put myself right between the avg. computer user and them). I'm not sure where exactly my point is, but I think the general message has gotten through. Thanks for the chance to post here.

Bob, It's been great reading your words on a week to week basis. I love hearing what you have to say because it isn't covered with all the crap that the companies you write about give us. That's the upside to your blog, here's the downside. I can only understand ~75% of the technical jargon you use. Whenever you get into the technical information it shows your knowledge, and it instills a trust between me, the reader, and you, the writer. But that doesn't mean I know what you are saying. I wish messages like the one you wrote about in this week's blog, could appeal to a larger audience so more are aware of what is going on in the technical world. Only a small percentage of all the posssible readers in this world could understand you, and take something away from it, even if they were eager readers. The ones that leave comments here all seem to be tech savvy, (I'd put myself right between the avg. computer user and them). I'm not sure where exactly my point is, but I think the general message has gotten through. Thanks for the chance to post here.

An enjoyable, if disturbing, column. As long as ISPs feel that their primary customer to satisfy are the largest investors, nothing will change.

So what is new?
Big Brother listens in if he wants to.
With or without his pajama on :-)
He reads your mail too - If he wants to.
He always could - He always will.
If you encrypt so he can't listen, then he will get really interested and put bugs under your keyboard:-) The upside is that so many hours of conversation cannot be listened to.
There simply is not enough taxdollars to pay for listening to more than a tiny fraction. If we got rid of taxation it would kill most of the problem :-) - And while I'm at it - Get rid of that spooky ISP and talk with your neighbours for WLAN to share - Sharing different unvirtual ISPs that is :-)

- Greetings
Jim Oksvold

The ISP (and cable TV) Service Level Agreement is one of those restrictively useless contracts that legitimizes theft of cable TV, Internet service, etc.

I believe that sites such as PodZinger prove that a computer system could listen to recordings and build keyword indexes rather easily.

Then all you would need to do is specify which keywords you want to look for and the system flags any suspicious calls.

As others have said, we simply encrypt the source (audio, video, etc.) before subdividing it into packets and sending it out over the internet. Heck, the packets themselves don't even need to be encrypted, everything is naked. When the feds start pointing fingers at Vonage because their recombined packets look like 6G5%4F3@, Vonage can just claim they have no idea whether a packet carries information from an encrypted or unencrypted source, and is thus unable to do anything about it.



So, the only folks breaking the law are those creating the source. That's us. And like prohibition, there ain't nothin' that's gonna stop us.

I'm using an encrypted Encrypted VoIP and Instant Messaging Software Vbuzzer

Vbuzzer claim they encrypted both voice and text messages, they even encrypted the text messages with MSN Messenger and reportedly work well in some countries where Skype is blocked.

Corporates are sometimes better than government, because they have to compete to win customers and government can just control its own people.

So good luck guys.

I submitted this comment with my GMail address, just in case you wanted to respond and actually get through to me.
Your point about how the trouble tickets worked at Megapath was a lot of a giggle for me.
I've seen how this comes about. It goes like this.
After many complaints about service quality, the company institutes a rigorous new QA system. They measure what they think are the key quality metrics (e.g. Number of open severe problem reports, rate of closure of severe problem reports etc) and then they provide staff incentives to improve these figures.
What do you think the staff are going to do?
Naturally, they close problem reports as soon as they possibly can and take the money. They are even more likely to do so for more severe problem reports because it's worth more to them.
Thus it becomes an anti-QA system.
They simply forgot that QA is about customers and if you don't measure what the customer thought, then it ain't worth squat.

Right - Anti-Quality Control. It's so common it's amazing. I'm in sales - and it so happens that senior management and I agree on one thing. That a happy customer is important. You may not believe this but we don't even have a "Quality" department...

Funny thing is that most of our competition does, and they are constantly bleeding customers to us, mostly because of customer service issues!

It seems that most of them try to close "customer complaints" as quickly as possible. Their bonus structure is partially based on keeping customer complaints low. I don't know all the details of what they are doing, but one thing that all of them seem to have in common is that they try to limit customer complaints - often by pretending that they don't exist.

When I told one new prospect that we loved complaints, because it taught us how to perform better he looked at me like I was from Mars. Two years later he's now a believer, and the company he used to buy from will NEVER hear from him again.

Wayne

While stories of bad customer service in any industry, not just telco, are more common than Paris Hilton headlines these days, you actually CAN do something about bad telco service, particularly TOS violations where credit is promised. First, document EVERYTHING in as much excruciating detail as possible. Second, ring up your local PUC/FCC office and speak with one of the chairpeople. It is their job to deal with such things. You might not get quick and favorable resolution, or any resolution, but the more people who do this, the more 'paper trail' there is when it comes time for the next request by Local Monopoly Carrier, Inc to claim more of your hard earned dollars for their revenues.

Scott is correct. Several years ago, I was billed a little over $5,000 for my phone in a month. It appears the "Devil" managed to combine my account with another. Imagine the call to customer service:

Me: "I was mistakenly billed $5000 on my phone bill."

Satan's Customer Service (SCS):"Sir, are you sure someone else at your home was not using your phone?"



After much ado, they agreed to look into it. So they put the bill "on hold" except the billing department called a few weeks later because I was past due on a "substantial sum".



Each month, for 5 months, I would go through this and each month it was "going to be fix." My favorite person was "Operator Ann" who told me I should "pay the bill and then open a customer service ticket to ensure my service is not disconnected."



I finally opened an action with the PA PUC. The very last day Satan had to respond, one of their lawyers called and wanted to know "what will it take to make you close this?"



My request:
- Make the $5000 go away

- A letter saying the $5000 was in error, just in case this ever shows up on my credit report

- Something for the 5 months of hell, and over 20 hours spend on the phone over that time.



Her response:

- The will write off the amount

- no letter - they will not admit any wrong doing

- no money for time spent



So, I asked the obvious "Do they really want it to go away? Her answer was they just need to get most of them closed and I can either take the money or not she does this every month and they do not care as long as most get closed. Of course, the threat was implied that if I did not take the deal the $5000 may be there forever.


It was refreshing to hear the truth - that they do not care - but we all know the truth - and we can thank our local PUC and the FEDs for the "protection" they have given the telcos and soon the cable companies acting as telcos.

Reminds me of the 99.999% uptimes often required by PUCs on switched circuit phone service. This is about 50 minutes per line per year of downtime. However, that just means you can get dialtone. Remember the early 90's when everyone was getting online and the phone useage models changed? Or, the famous "mother's day" outages in the 1970's? They didn't count.

It doesn't mean you can call anyone. There are also all sorts of exceptions for maintianance, damage, etc.

yeah I work at an isp and thats typical.
Customer calls, Mmm what happened to my email,it didnt arrive,.. me, it didnt.Customer,no it didnt.

me, send it again see what happens.
Customer, what hapened to my mail.
me, I dont know.

I hate waorking for an isp
goddamned mail never works,..realy bothers me

I just tell them if its critical setup some where else

I've been a Speakeasy customer for over 5 years, and I've had a trouble ticket open on this exact issue for the past two+ weeks. There have been bursts where long-lost e-mails come home to roost, moments when the e-mail seems to be working just fine, and then it goes south again. The last thing I heard from tech support was, "do you have another address we could contact you at?" ...which I took to be a sign that things are going to get worse before they get better. I'm about fed up and ready to move my custom domain mail over to TextDrive.

Which is why I set up a mail server for my family, colocated the server elsewhere...and lived happily ever after. Family can use whatever they want for connectivity, and do not have to worry about messages being lost, etc.

The support has gone downhill because large businesses hire morons to work the phones. If they hired decent intelligent IT people this wouldn't be such an issue. Instead you have Indians & Americans reading from manuals/computer screens who only know how to point and click. Its all about profit and decent support costs money.

As far as e-mail is concerned that has been an issue for quiet sometime. AOL does it all the time. Person A sends an e-mail to Person B who is using AOL. The e-mail disappears. Person A asks Person B about the e-mail and Person B responds with "What e-mail?". Person A never received a bounce back so Person A assumes Person B received the message. Its called 'the void'. And depending on the setup it could be due to any number of reasons. Bounce backs can be used for spamming so its no wonder some ISPs have them turned off. Its a catch 22 with e-mail. Just live with it. Its become one of those things that is normal in life. Just like the Postal System. I've seen a piece of postal mail (a bill actually) that was sent and not received until the following year.

Also, you failed to mention anything about having blacklisted IPs when sending mail. Which is becoming more of a common occerence due to the number of morons [read:ignorant users] using broadband. Just one more reason why some test should be taken in order to be allowed to use a PC on the internet. I would be willing to bet that viruses and worms wouldn't be able to propagate as much if people were forced to learn how to use a PC. Gee, that sounds like what we do for cars.

my .mac account tells me when and how long my email account or other service has ben out. Which i think is good costemer service.....
example:
System status (last 30 days)
12/01/06 EMail was unavailable for 1 hour(s) for some .Mac Members. 11/22/2006
4% of members experienced difficulties with .Mac Mail for 2 hours.
11/21/2006
4% of members experienced difficulties with .Mac Mail for 1.5 hours.
11/18/2006
4% of members experienced difficulties with .Mac Mail for 30 minutes.
11/13/2006
1% of members experienced difficulties with .Mac Mail for one hour.
11/10/2006
1% of members experienced difficulties with .Mac Mail for 2 hours.
11/09/06
1% of members experienced difficulties with .Mac Mail for one hour.
10/25/06
Some members were unable to send messages via .Mac Mail on the Web for 3 hours.

I think you might want to spend a few more words explaining your very pejorative comment: "And given the current management at the U.S. Department of Justice, "managed" could mean pretty much anything." If you know something we don't then please tell. But given the current management at PBS, "explain" could mean pretty much anything.

Nicole

Having not read RFC 3261 (sorry!), I was unsure what you meant by headers, ie SIP details, or TCP/IP details?

Just as a counter-point, I'd like to mention my own ISP. Place called Omsoft in Davis, California.


Like many small outfits they buy the circuits from the Big Boys (SBC, now AT&T) and provide the customer service.

A couple months ago we moved within Davis, kept our phone number. No problem there. SBC -- sorry, AT&T -- tried to convince me to buy their DSL instead of Omsoft's, but I flat turned them down. Omsoft promised the switchover the same day as the phone service. Didn't happen. Called and complained.

Well, the long and short of it was this: AT&T screwed around with the DSL switchover at their end. Omsoft gave up trying to do it right, cancelled the circuit, ordered a new one. Two weeks for that. Then they gave me a free temporary dialup account (along with their apologies) to tide me over and did not charge me for October.

Omsoft is an ISP that understands what customer service is. AT&T may be able to give me cheaper DSL, but it won't come with people who care.

Well, what is the name of your new company. We want to buy stocks...

Um, are you intentionally seeking unreliable and slow options for internet access or are you just to cheap to spring for cable broadband internet access?

Sounds like a problem I had a few months ago. I stopped receiving e-mail in my catchall account. I called my ISP (iPowerWeb) and was told first that "catchall accounts are only designed to work with e-mail accounts that you've already set up." When I tried to explain that this is the exact opposite of how a catchall was supposed to work, the Customer Service guy just didn't have a response. I called back and got a guy who had a clue. He said that they HAD turned off their catchall server because it was getting inundated with SPAM. I'd spent four years logging non-existent e-mail address on websites (e.g., when I set up my account with Discover Card, I gave my e-mail address as "discover@xyz.com". Now I keep stumbling across websites, like the aformentioned Discover card, where I haven't been getting e-mail because I never created a specific account for it.

I don't know what their other customers are doing, but I'm switching ISPs.

Hmm, wrt CALEA, seems that Skype(and any other non-carrier SIP operator) could claim to be "proxy's" for setting up a phone call. After all, they are not really carrying the call like Comcast just helping users find one another. I know, loose interpetation of 3261, but a possibility.

If I run my own trixbox server and allow freinds to use access from the Internet, do I have to provide CALEA like services? Worse yet, if I just use it on my own personal network, do I have to provide it?
The lawyers are going to get richer from this.....

In a matter of a couple months I moved from AT&T to Comcast to Google GMail in order to get all the e-mail that was being forwarded from my personal domain. Both AT&T and Comcast not only suddenly stopped delivering forwarded e-mail claiming too much spam, BUT NEITHER OF THEM NOTIFIED ME, NOR OFFERED ANY AVENUE TO RECEIVE E-MAIL THAT I WANTED TO RECEIVE. I couldn't even talk to anyone in their help departments that even seemed to understand my problem. GMail does a great job of diverting 98% of the spam to the spam folder, and only about 1% of legitimate mail is accidentally placed there. I will soon simply change my @.com name, let the mail forwarder just drop the trash, and notify my address list of my new address. This will likely make all the spam disappear for a good long while, and I'll get Thunderbird running POP3 to GMail. Since I never used my GMail address directly, I should receive few spam messages directly to it.

What I think is needed is a service to help people cleanse themselves of spam by moving to a new, relatively unknown address. Of course, I'd rather just smash spammers hands with hammers, but our legislative branch won't permit that remedy yet.

The same thing happened with me and my catch-all account at NameSecure. Both I and a friend noticed that we weren't getting near as much mail as we should have. Numerous contacts with NameSecure occasionally seemed to right things, only to have it deteriorate again. A month after moving our accounts to a different ISP, NameSecure announced that it was no longer supporting catch-all email accounts.

But dont forget we have Legal Interception in the wired and celphone area, and have had for many years. The issue with Legal Interception is the process of gaining an intercept and oversight of the process robust. Many here in europe have been dismayed at the whoscale interceptions the homeland security has been useing. The recend senate decision is some comfort but there should be a more robust oversight of this.


Then we have the ilegal interception which you are alluding to. This is not realy a signaficent threat at the moment because the SBC's carry so much traffic that finding and intercepting a specific call requires serious processing power and access to the gateway, not easly achieved at the moment.

Aggressively dropping email is not a new problem. Verizon has been doing it for some time now. I've been the victim of it. And they won't even admit to it if you ask them.

http://it.slashdot.org/article.pl?sid=06/04/24/1538205&from=rss

Quick, put on your tin foil hats and everything will be OK.

SLA's are how a lot places make and enforce (or not) their contracts. Every place I've worked (except my current one) has had an SLA and basically putting the ticket on a 'hold' status or similar stopped the clock. Even the dreaded NMCI (I was base-ops for two years in the PacNW) had similar rules and EDS got the SLA revised at least twice to help them make some money. Granted I had to do two of the following before putting it on the equivelent of 'hold', Call the user, Email the user or stop by the user's desk. Which two do you think most tech's did?




The thing is while SLA's are usually advertised to the users or 'the party recieving services' the way that the statistics to meet the goals of those SLA's usually are derived are not. Again, NMCI was the only entity that seemed to have a dialogue with the government/navy on what they could and could not do to a ticket to pause it's time.




I'm a firm believer in an SLA and openess about what counts as time against a ticket and what doesn't. I've worked in this place w/o the SLA for about a year now and I'm ready to stab out my eyes because someone's boxlight cutting off 1% of the right edge of the screen has just as much weight as the entire email system going down.




Quite frankly, I'm surprised you were told by your ISP that their common practice was to close your ticket as soon as they talked to you and told you, "Yeah we know. Thanks." That's more honesty than a situation like that warrants.

Well SIP definitely isn't optimal. It's OK if you run it in your own private VPNs, but not really secure on a larger scale.

But what are the alternatives?
Skype is an encrypted program with no way of telling what it actually does.
Analog phonelines can be listened into without any special equipment.
Digital phonelines require more sophisticated equipment, but still are unencrypted.
Cellular phones are either analog (in your country anyway) or digital and encrypted till the cell-tower. From there it's an unencrypted radio link.
The same is with ISDN or any other form of telephony.

What we'd need would be a center-less peer-to-peer telephony standard which supports end-to-end encryption for the voice and onion routing for the signaling. In an ideal case this would also support transparent proxies so a router could easily obscuficate the origin of a call to a third party.
Then the network should be more meshed with smarter routers. Look at meshed wireless networks (we are running one here in our dormatory). They allow you to cheaply build up networks that are not only rather reliably, but also are in the hands of the users. The users can decide what it does. And even if a single user is malicious, the only thing he can do is to controll the data going over his node. There is no way of listening in on the whole network unless of course, you have lots of interception points. The smarter routers could contain transparent proxies for different network protocolls. Those would not only speed up the network (a server would only need to put out it's page once), but enable a simple and efficient form of anonymity.

SIP is only the signalling for a VoIP call, and will only provide "metadata" for the actual VoIP call. SIP, as well as some other common VoIP protocols, rely on RTP to actually transmit the voice and/or video streams associated with that phone call. So while sniffing the SIP traffic of a call will provide you with information about the flow of a call, you must get the RTP to actually listen in. But I believe that what was implied was just this - that they want to/can capture the RTP stream.

The thing I like about Mr. Cringely's columns is they present several dimensions and perspectives to a story, and the responses add more. This process helps me learn more and makes me think. That's probably a good thing.

I've toyed with the idea of writing a small script that would perform a simple service test of my internet connection every 15 minutes, around the clock. I am sure it would tell me things that would either upset me, or things I don't want know. A little scientifically collected data can be a powerful thing.

The great irony is IF our ISP did some thorough monitoring of the quality of service they provide and used that information to improve their operation, we'd get great service and they would enjoy a much lower operating cost. THE BEST OF EVERYTHING.

If you need to send your help desk off shore to save money, maybe its because there are too many problems with your service. Have you thought about that?

In the end I could collect great data and prove my ISP's service is not as good as it should be. But if they don't listen or won't do anything to improve themselves, why bother?

A few weeks ago my internet service got worse. My ISP's DNS servers were having problems. I had seen this problem before and was instructed by a level-3 tech to call the help desk and instruct them to put in a service ticket to fix the DNS servers. I called but the help desk was clueless on what to do. They tried to get me to reinstall Windows. My whole subdivision suffered poor internet service and complained relentlessly until someone finally got around to fixing it.

As much as I would like a legal way to FORCE my ISP to clean up their act, I have less confidence in the USA government to do the right thing. This is after all the bunch that brought us the DMCA, a Patent system that is need of some serious revision, the Net Neutrality law, and other stuff.

I liked the idea of a field of study in Tech Law. A lawyer friend once told me -- he found the STUDY of law to be fascinating, however he found the PRACTICE of law to be REPREHENSIBLE. I found his comments to be very revealing. Think about all the problems the USA legal system has caused us. Imagine if it was technology savvy too.

Bob, how often do you get a full-body scan to check if the government has secretly implanted a GPS chip in you? In psychiatry, we call your though patterns "delusional disorder, paranoid type". You see the goverment lurking under every packet of data on the 'net.

In reality (where some of us still live), the bad guys are private entities, not associated in any way with government. Typically, they're Madison Avenue ad agency types.

Similar problems at AOL?

I have friends with AOL email accounts, and have noticed that only about 50% of the email I send to them actually gets delivered.

In reply to Jeff H:

"the bad guys are private entities, not associated in any way with government."

Jeff, this is delusional. Hopefully you'll understand how incorrect your statement is.

I had the same DSL problem with a different Devil --- Qwest. To completely bypass them I went to a fixed wireless system, which has turned out to be cheaper than DSL. The tower routes directly into a fiber system. It's been GREAT! Ever since I eliminated Qwest from the loop I have NEVER! had a problem.

John said:

A few weeks ago my internet service got worse. My ISP's DNS servers were having problems. I had seen this problem before and was instructed by a level-3 tech to call the help desk and instruct them to put in a service ticket to fix the DNS servers. I called but the help desk was clueless on what to do. They tried to get me to reinstall Windows. My whole subdivision suffered poor internet service and complained relentlessly until someone finally got around to fixing it.

Let me guess, BellSouth?



AnotherJohn

I write Earthling, EarthLink's blog. Regarding the email delivery issue, I spoke to our mail team and they provided some more information over on Earthling.

I wonder if this is related to Earthlink's ill-conceived decision to spam by using challenge/response...since more and more of us are just blocking those challenges. A sends a message to B at Earthlink; Earthlink emits a challenge; A's mail server rejects it; so B never gets the message, A never gets the challenge and the original message may well appear (from A's viewpoint) to have simply disappeared.

It might be possible to test this hypothesis.

Well, you could always do what I did when I got sick of Comcast/AT&T Broadband giving me the run around.

I was just settling in for a weeks worth of well deserved vacation and my Internet service dropped - AGAIN for about the millionth time. I had already opened enough tickets to fill a stadium, so I wasn't going that route.

What's a guy on vacation with no Internet connection to do? How about some camping!

I went to my local wal-greens, picked up some markers and a giant poster board and wrote "COMCAST RIPPED ME OFF - I AM PAYING FOR SERVICE I AM NOT RECEIVING". I then proceeded to drive down to their corporate headquarters and sat in their lobby.

Lucky for me, there was a nice big mob of people just walking in the door for an executive meeting that day. Needless to say, I had 3 Comcast trucks parked outside my house in about 15 minutes.

I hated it when I moved because my service was never down again after that!

So instead of spending 36 hours on the phone spread over weeks worth of time, maybe we should all invest 4 hours to go down and protest in your local headquarters office - bring back the 70's!

Another John -- No it wasn't Bellsouth. However I think one could look at many ISP's and find problems like this. I ran into one of my ISP's field service crews at lunch earlier this week. They confirmed what I had already suspected. They have shipped their help desk oversea's and the people answering the phone are more clueless than the team they replaced.

I did take Mr. Cringely's advice. I replaced my cheapo internet router with a ClarkConnect box. A few weeks ago I upgraded it. I bought a "newer" PC on eBay for $100 (a 1.9 ghz system) and loaded it with the latest, greatest version of ClarkConnect. The new version appears to have a DNS caching ability. Hopefully that will filter out those pesty DNS "I can't find google.com" messages. It also allows me to store LOTS of DNS servers. So I've added a few to the list.

The good folks at ClarkConnect have done a wonderful job assembling some complicated internet services into a self installing and configuring, almost turnkey distribution. I am geniunely impressed with their packaging and QA skills. I strongly recommend to everyone, take the extra effort and add a more industrial strength router, firewall, gateway to your internet connection. Once you see what it can, you will never go back to those retail store appliances.

On the Earthlink problem. That is not all that is going on. Sometimes, I get email delivered to my email box that is not for me and does not have my email address in the headers.

This happened to me. I have all my email forwarded to my Earthlink account and I was missing mail. I called my domain registrar who handles forwarding the email and they said everything looked fine and suddenly I got a flood a mail from the past few days. I told them and they said they did change anything that it looked like earthlink was just delaying them. I never contacted Earthlink.

At the risk of taking this conversation too far. In an email system it is very easy to set things up to send a test email from one postoffice to another. It is easy to set a test email account to auto-reply or auto-forward. These are very simple things found in most email server software. You can set up a test to run every 15 minutes, or so, that can test your whole email network. If something stops working, its easy to spot, then fix. Since email systems are good at communicating, your test could even send out a page to your support staff. A more evolved test can measure how long it takes each server to do something. With that data you can spot the beginnings of many other problems. The point of this discussion is that with a little experience and a little scripting, you can create some tools that will allow you to keep your email system in a very good working condition for a very long time. The same thing can be done with networks and other computer applications. The really sad part of this discussion is the realization most computer support people can not write a program or use a scripting language. They don't have any idea how to install an application well and in a way that it can run most reliably. When you can detect and recognize common problems, its only one more step to eliminate them or automate their correction. It makes me sick. A computer is a powerful tool and with a tiny bit of skill and vision, you can make a big difference in how it works.

A friend once told me most companies with big problems, were their own worst enenmy. They did more damage to themselves than their competition could ever do. Why should a business care about the quality of their IT talent? If you can install services that run reliably, can spot problems quickly, can fix problems quickly, etc. You will eliminate a lot of problems and ongoing support costs. You won't need to offshore your help desk. You will have a great service, low operating costs, and happy customers. The ISP service problems we've discussed, things like offshoring are the symptoms. The real problem is how we set up and operate our IT services in the first place; and the caliber of the people we have doing the work.

Someday soon someone is going to figure this out and take a lot of business away from people like EDS, CSC, IBM, HP, and others.

Sean, are those spam/bulk email or obviously person-to-person email that was mis-delivered? Spammers frequently forge headers and you'll get email that is not addresses to you.

To the poster John above:
"You can set up a test to run every 15 minutes, or so, that can test your whole email network."

Does that test forwards? Aliases? Inclusion on RBLs? Queue size? DNS resolution? Network link?

The fact is there is a *lot* that can go wrong in email. The fact that you think it is simple proves you've not run a complex email system in a production environment.

"Since email systems are good at communicating, your test could even send out a page to your support staff."

What a great idea- email someone to let them know email isn't working!

"The really sad part of this discussion is the realization most computer support people can not write a program or use a scripting language."

Why should they? They aren't programmers or admins.

"You will have a great service, low operating costs, and happy customers. The ISP service problems we've discussed, things like offshoring are the symptoms. The real problem is how we set up and operate our IT services in the first place; and the caliber of the people we have doing the work."

You can have it done(or fixed) fast, right, or cheap- pick two. While most consumers think providing internet access is easy or wildly profitable, it is neither. Especially when you start dealing with systems that process mail for hundreds of thousands of customers across thousands of domains. Scaling to a large size complexifies *everything*. As an example, my trimmed down mail logs and my trimmed down DSL/dialup authentication logs on my primary cluster total about 18G of text data every day. When you are dealing with high-end gear you are talking about hundreds of thousands of dollars of investment, not counting support contracts, electricity, A/C(purchase, maintenance, and operation), replacement parts, bandwidth, telco circuits, and a thousand other expenditures.

"Someday soon someone is going to figure this out and take a lot of business away from people like EDS, CSC, IBM, HP, and others."

Go ahead and build the better mousetrap, then come back and let us know how it worked out for you.

'You can have it done(or fixed) fast, right, or cheap- pick two.'

No. Those are not mutually exclusive.

Otherwise, no argument from me.

I am curious - i have friends who have not been receiving email sent to their juno account, and have not been able to send email to friends (delivery not made, but it seems to "send"). Is this another example of the email overload? I think i will run my own tests....

Yes, Earthlink seems to have lost some of my emails the past month or so. My email seems to break down and I am guided by a tech to try to repair it. Sometimes it takes an hour. Sometimes 2 or 3 days. Some email are not accounted for when the service comes back.
Strange. Earthlink (dial up) used to be so reliable.