Will you be caught short on February 1st?

This techno-centric article examines the technical elements involved in a VoIP implementation, and relates them to the legislation legalising VoIP in South Africa in Feb 2005. It links key elements in a VoIP migration such as PBX interfacing, codecs, signalling, qos etcetera. It estimates that although specific figures vary, good equipment will be paid off twice with savings during the lifetime of the equipment. Nearly all of the technical steps related to a migration can be achieved without waiting, moreover organisations that leave implementation and recruitment till 2005 stand to lose both money and valuable staff resources to competitor companies that start early.

This article is hosted on the e-secure.biz site: http://www.e-secure.biz/published/telephony/runup.html

Business opportunities galore

BY DIRK VENTER, VOIP / CISCO IP TELEPHONY CONSULTANT, E-SECURE.BIZ [3 Sep 2004 ]

The legalisation of VoIP will have profound and far-reaching financial implications for consumers and businesses alike in SA.All SA businesses ought to be costing VoIP against their commercial switched circuit telephony before the wave hits them. The implication of voice over data is that we can expect rapid reductions in the cost of international calls, and a massive increase in ADSL subscription. The drop in Telkom share price may well be lacking in foresight and understanding, since many Voice over IP calls will run through bandwidth ultimately managed by SAIX/TELKOM.However expected drops in business call costs WILL have a profound impact on the cost of ownership of international business and contact.Well done SA. Here comes something exceptional.

This comment was original published via the ITWeb site.

Follow the white rabbit

"Follow the white rabbit" is an series of articles written by Dirk Venter of e-secure, progressing in complexity, on IDS, nmap, dummy network devices, IP shielding and translation and other technologies. Progressing fairly rapidly in pace, the first week covers commands and organisations responsible for attaching use of an IP address to a particular user, and discusses ways of disguising IP addresses on the Internet. The second week covers network reconnaissance tools like nmap, their dependencies (and therefore weakpoints), and their modus operandi, via address and port scanning, and OS fingerprinting. It looks at honeypots and honeynets, and reveals where exploits are published. It looks at legal liability under SA law for various types of hacking, from simple threats, via DoS, to malicious destruction of data and systems.

VIS & e-secure.biz merge

The VIS blogs are now available here!

Links: Visit the e-secure website or email E-secure at info@e-secure.biz

Security - a nightmare for online enterprises

In the wake of reports on the apparent hacking into eBay's customer database, Dirk Venter of Venter Information Services, examines the 'security nightmare' facing online enterprises. He notes that while eBay has denied the reports, 'the fear in learning that a trusted commercial vendor might not have been trustable at all was sufficient to create widespread concern and panic around Internet security'. What ultimately defines solid security is the fact that one has not been hacked, writes Venter, what makes this possible is foresight and perception of vulnerability. In terms of section 43(5) of the Electronic Communications and Transactions Act of 2002, South African Web site owners need to 'utilise a payment system that is sufficiently secure with reference to acceptable standards at the time of the transaction'. They are 'liable for any damage to the consumer' in terms of s43(6) of the ECT Act for their failure to do so. Read the full article for details on the legal responsibilities and duties of Web site operators and network users as well as the types of hack attacks to which an online enterprise could be at risk.

Full report on the Legalbrief site:http://www.legalbrief.co.za/view_1.php?artnum=16904

VoIP - quality of VoIP versus circuit switching

In an opinion published on ITWEB's site, Venter analyses the reasoning presented on the ITWEB site in an article and its associated commentary, that VoIP quality is inferior to that on circuit switched connections. Venter explains that call clarity is essentially a function of the Quality of Service implementation between the endpoints of the conversation. Venter also explains the value commercially of using compression to place more calls over a link via codec manipulation, causing quality degradation on the associated calls, and explains that rather being a function of VoIP, this is a function of commerce. Venter illustrates encapsulation issues with packetised voice, as opposed to DS0 based voice, and also discusses why ISDN (residential 128kbps) is a poor choice for VoIP.

Online hate vs freedom of expression

In an article entitled Online hate speech vs freedom of expression published on the ITWEB site, the balance between constitutional protection and defamatory remarks is investigated by Venter within the context of applicable South African legislation and court cases. Venter also investigates the defence of Intellectual Property infringement/theft that has been claimed by allegedly defamed companies such as Sentech, suggesting that there is no basis for the claim. In the article Venter suggests recourse available under the ECT Act, the use of AUP instruments, and the anticipated Hate Speech Bill.

Credibility of BSA study questioned

The BSA sponsored IDC study supplies a lot of detail on how bad piracy is, and spends a great deal of time quoting comparative rates etc. However it does not show how this info was actually obtained short of saying that installed software value was compared with sold software value.

In an opinion published on ITWEB's site, Venter inquires into how it is possible, given the massive distribution of software, and extensive privacy protection afforded by the constitution, for even remotely accurate figures to have been obtained here.

For example the study suggests that 5,600 interviews were conducted in some 15 countries to obtain the data. Logically, what, short of indemnity from prosecution and voluntary waiver of privacy rights, would make a person declare pirated goods? And what makes an interviewed person typical of a group in a society? Given the variance in social norms from society to society, this relationship would need to be researched in every society where samples are interviewed. And as is mentioned above, this is not the sort of thing that many people would feel comfortable talking about. Obviously massive portions of society were not interviewed. And it is over this non-interviewed portion that real issues with accuracy arise.

Furthermore, logic applied based on statistics of alleged piracy can be questioned. For example, the study suggests that once piracy is eliminated, pirates will purchase software they otherwise would have stolen. An important aspect of piracy that needs to be remembered is that in many cases it seems that pirates do not regard the software they steal to be worth what is asked for it. To recover market from pirates therefore does not suggest that pirates will then purchase the software that they otherwise may have stolen or for that matter follow any retail software market trend.

Venter concludes in the article suggesting that the BSA has a tough job to do, but that they stand to lose a lot of credibility by glossing over the data acquisition process which forms the crux of their study.

These opinions were published here.

Voice over IP and the Law

Dirk Venter, a Cyberlaw consultant at Venter Information Services and specialist in IP telephony and network security infrastructures, examines a number of issues related to Voice over IP in an article on the Legalbrief site. Given the illegality of VoIP in terms of the Telecommunications Act, Venter notes that there appears to be limited knowledge on how the technology operates or whether Internet Protocol is even necessary for it to operate. Venter demystifies the technology and methods of enforcing the legislation. He notes that bizarrely, given the ban on the technology, no real incentives exist for enforcement. In conclusion, Venter writes: 'It appears to be common cause amongst the commercial and technological sectors that a result of legalisation of Voice over IP would be to enhance and improve the South African economy. It is tragic and pretentious that the Telecommunications Act of 1996, which espouses such philanthropic values and ideology in section 2 should also include the likes of section 40(3).'

Full article on the Legalbrief site: http://www.legalbrief.co.za/view_1.php?artnum=16405